What is Enterprise Risk Management?
Enterprise Risk Management (ERM) is a framework for managing risks within an organization. The ERM approach is similar to traditional risk management but ERM incorporates all risks institution-wide. Risks identified in each department (referred to as the risk owner) are captured in a risk register and then managed and monitored by the risk owner, with support from Risk Management. High frequency, high severity risks are reported to the Executive and the Board of Governors to ensure that they are consistent with the risks the institution is willing to take.
ERM framework includes:
- identifying risks relevant to the organization's objectives (risks and opportunities),
- assessing those objectives in terms of frequency and severity against defined risk tolerance statements,
- determining a response strategy, and
- monitoring progress.
Financial Risk: managing financial risk exposures
Reputational Risk: the image of Mount Royal University in the community
Operational Risk: the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events
Hazard Risk: injury, illness, death or property damage.
Strategic Risk: uncertainties and untapped opportunities based on strategic planning and execution.