Enterprise Risk Management

What is Enterprise Risk Management?

Enterprise Risk Management (ERM) is a more holistic approach to traditional risk management which identifies and organizes risks across all levels of the institution, allowing for more streamlined and efficient risk mitigation decisions.  Risks identified in each department are captured in a risk register. Risks are managed and monitored by the department, with support from Risk Management. High frequency and/or severity risks are organized within risk categories to identify trends and opportunities for improvement and then reported to the Executive and the Board of Governors to ensure compliance with the University's risk tolerance.

ERM Process

MRU's Risk Management uses the ISO 31000 standard as a guide to develop and implement ERM processes. These processes enable the University to identify, assess, evaluate, and treat institutional risks and opportunities, which then can be used as a basis for decision making and accountability.
Operational Risk : Impact to internal facilities, systems, and processes.
Reputational Risk : Impact to the perception of Mount Royal University within the community.
Financial Risk : Impact of financial risk exposures.
Health and Safety Risk : Impacts to public health, injury, illness, or death.
Environmental Risk : Impacts to the natural environment.
Data and Privacy : Impacts to confidentiality, integrity and/or availability of data.
Strategic Risk : Failure or delays in capitalizing on opportunities and meeting our strategic objectives.
Contact us! We want to ensure that all risks are being captured and evaluated on an ongoing basis.