Enterprise Risk Management

I. Introduction and Purpose:

Enterprise Risk Management (ERM) is a coordinated approach to assessing and responding to all risks that affect the achievement of the University’s strategic and financial objectives.   ERM is defined as any significant event or circumstance which could impact the achievement of the University vision and mission, including strategic, operational, financial, and compliance risks.   Therefore, in conjunction with the University System of Georgia Board of Regents policy 7.15 Risk Management, Georgia College & State University has established an Enterprise Risk Management (ERM) framework.  

The purpose of ERM is to provide management, oversight, assessment, monitoring and control of the various risks.  By creating a comprehensive approach to anticipate, identify, prioritize and manage material risks, ERM helps achieve the University vision and mission.  The purpose of the ERM framework at Georgia College is to identify, evaluate and manage a full range of risks that the University faces.  The successful implementation of an ERM process will help ensure that the decisions which evaluate value and risk will be made on an informed basis and will be aligned with our risk tolerance and strategy.  The Georgia College framework includes an ERM Task Force and Steering Committee represented by delegates of the major operational functions of the University that will help assure that risk management decisions are aligned with our strategies, made on an informed basis and shared across our organization.  This will also create greater transparency to our stakeholders.  This Charter serves to outline the roles and responsibilities of risk management at Georgia College. 

II. Membership

  • ERM Project Champion – President
  • ERM Steering Committee - President’s Cabinet
  • ERM Task Force – University wide representatives
  • ERM Risk Owners – Periodically identified by Project Champion
  • ERM Coordinator – Internal Audit Director

III. Committees and Responsibilities

Project Champion:

  • Reports major risks (if any) to USG BOR when they are identified
  • Prioritizes top objectives, as necessary
  • Assigns enterprise risk owners to address all key institutional risks
  • Monitors institution’s progress of mitigating risks at an acceptable tolerance level
  • Provides guidance to the ERM Coordinator, Steering Committee, and Task Force

Steering Committee:

  • Validates and recommends priorities of key risks identified by Task Force
  • Recommends Risk Owners to the Project Champion
  • Approves the risk tolerance associated with each key risk
  • Works closely with risk owners to review current mitigation plans pertaining to key risks and to determine the effectiveness of controls
  • Reviews mitigation plans from risk owners provided to the Champion
  • Monitors progress of controls designed to mitigate risks to an acceptable level

Task Force:

The ERM Task Force has no executive powers or supervisory functions. Rather, it will function in a review and recommendation role to the President and Steering Committee on behalf of the entire University.

  • Brainstorms on key risks for the institution based on university’s objectives
  • Scores risks and provides to Steering Committee on an annual basis
  • Determines and implements communication channels to enhance the ERM process

ERM Risk Owners:

  • Researches and document key risks and underlying risk components
  • Delegates authority to establish and implement risk mitigation plans
  • Tracks and periodically reports to the Steering Committee and Project Champion the progress of the controls designed to mitigation risks

ERM Coordinator:

  • Maintains ERM framework records
  • Facilitates meetings and lead discussions
  • Reports significant risks to the USG BOR on a periodic basis as determined by the USG Office of Risk Management ERM reporting process

IV. Annual Charter Review and Evaluation

The Steering Committee and Task Force shall assess annually its activities with respect to the responsibilities outlined in this Charter and shall take action, as needed, in response to this assessment.  This assessment shall include a review of the adequacy of the ERM Charter.  Recommended revisions to the Charter shall be submitted for approval to the President.