Enterprise Risk Management

I. Introduction and Purpose:

Enterprise Risk Management (ERM) is a coordinated approach to assessing and responding to all risks that affect the achievement of the University’s strategic and financial objectives.   ERM is defined as any significant event or circumstance that could impact the achievement of the University's vision and mission, including strategic, operational, financial, and compliance risks.   Therefore, in conjunction with the University System of Georgia Board of Regents policy 7.15 Risk Management, Georgia College & State University has established an Enterprise Risk Management (ERM) framework.  

The purpose of ERM is to provide management, oversight, assessment, monitoring, and control of the various risks.  By creating a comprehensive approach to anticipate, identify, prioritize, and manage material risks, ERM helps achieve the University's vision and mission.  The purpose of the ERM framework at Georgia College is to identify, evaluate, and manage a full range of risks that the University faces.  The successful implementation of an ERM process will help ensure that the decisions that evaluate value and risk will be made on an informed basis and will be aligned with our risk tolerance and strategy.  The Georgia College framework includes an ERM Task Force and Steering Committee represented by delegates of the major operational functions of the University that will help ensure that risk management decisions are aligned with our strategies, made on an informed basis, and shared across our organization.  This will also create greater transparency for our stakeholders.  This Charter serves to outline the roles and responsibilities of risk management at Georgia College. 

II. Membership

  • ERM Project Champion – President
  • ERM Steering Committee - President’s Cabinet
  • ERM Task Force – University-wide representatives
  • ERM Risk Owners – Periodically identified by Project Champion
  • ERM Coordinator – Chief Audit Officer

III. Committees and Responsibilities

Project Champion:

  • Reports major risks (if any) to USG BOR when they are identified
  • Prioritizes top objectives, as necessary
  • Assign enterprise risk owners to address all key institutional risks
  • Monitors the institution’s progress in mitigating risks at an acceptable tolerance level
  • Provides guidance to the ERM Coordinator, Steering Committee, and Task Force

Steering Committee:

  • Validates and recommends priorities of key risks identified by Task Force
  • Recommends Risk Owners to the Project Champion
  • Approves the risk tolerance associated with each key risk
  • Works closely with risk owners to review current mitigation plans pertaining to key risks and to determine the effectiveness of controls
  • Reviews mitigation plans from risk owners provided to the Champion
  • Monitors progress of controls designed to mitigate risks to an acceptable level

Task Force:

The ERM Task Force has no executive powers or supervisory functions. Rather, it will function in a review and recommendation role to the President and Steering Committee on behalf of the entire University.

  • Brainstorms on key risks for the institution based on the university’s objectives
  • Scores risks and provides to the Steering Committee on an annual basis
  • Determines and implements communication channels to enhance the ERM process

ERM Risk Owners:

  • Researches and documents key risks and underlying risk components
  • Delegates authority to establish and implement risk mitigation plans
  • Tracks and periodically reports to the Steering Committee and Project Champion the progress of the controls designed to mitigate risks

ERM Coordinator:

  • Maintains ERM framework records
  • Facilitates meetings and leads discussions
  • Reports significant risks to the USG BOR on a periodic basis as determined by the USG Office of Risk Management ERM reporting process

IV. Annual Charter Review and Evaluation

The Steering Committee and Task Force shall assess annually its activities with respect to the responsibilities outlined in this Charter and shall take action, as needed, in response to this assessment.  This assessment shall include a review of the adequacy of the ERM Charter.  Recommended revisions to the Charter shall be submitted for approval to the President.