The Importance of Enterprise Risk Management
CENTRAL ARIZONA COLLEGE (the DISTRITCT) through its leadership, administrators, faculty & staff are committed to fostering an environment of support that will encourage risk-informed decision-making balanced with innovation as we explore and develop opportunities, resolve issues, and improve the way we work to achieve our business objectives. All employees should incorporate risk management into governance, decision making, and key business and operational processes as set out in this framework. All existing and new risk management activities will align to this framework.
Governance Oversights, and Leadership:
The OFFICE OF ENTERPRISE RISK MANAGEMENT in collaboration with the working group is responsible for implementing ERM, which includes drafting policies and developing tools, resources, and training on ERM. This group oversees the identification and assessment of risk to operations and strategy and the management and communication of risk information. The working group is responsible for tracking overlapping risks, reporting on risks that are not being appropriately managed and monitoring for emerging risks. The Working Group will meet at least quarterly.
Currently the ERM Working Group members are represented by the following CAC business units:
- Director of Facilities
- Student Services
- Athletic Department
- Academic Affairs
- Information Technology
- Business Finance
- Police
- Human Resources
Step 1: Identify Exposures to Loss
Prevent and/or Reduce Exposure
To prepare for or prevent exposure at your institution, leadership must identify the many ways the institution could be negatively affected by specific circumstances.
Risk identification
The purpose of risk identification is to find, recognize and describe risks that might help or prevent you from achieving your objectives. Identifying risk enables uncertainty to be explicitly considered. All sources of uncertainty and both beneficial and detrimental effects might be relevant, depending on the context and scope of the assessment.
Step 2: Analyze Exposures & Explore Mitigation Techniques
Assess the impact and probability of occurrence of each potential risk. Develop risk control policies, procedures, and practices to reduce the probability of loss to the institution. Approaches may include risk financing, risk transfer, and risk control measures.
Step 3: Select Appropriate Techniques to Address Exposures
Choose approaches (treatment) that best fit your institution.
Techniques employed vary by risk and with each risk analysis. Risk treatment: The purpose of risk treatment is to select and implement options for addressing risk. Having completed a risk assessment, treating a risk involves selecting and implementing one or more treatment options that will change the likelihood of occurrence, the consequences of the risk, or both.
Risk treatment involves an iterative process of:
• formulating and selecting risk treatment options.
• planning and implementing risk treatment.
• assessing the effectiveness of that treatment.
• deciding whether the remaining risk is acceptable; and
• if not acceptable, taking further treatment.
Step 4: Implement the Chosen Techniques
Consider the efficiency and cost effectiveness of the applied risk management techniques within your organization.
Consideration of the Context of Operations:
Consideration of the college’s unique environmental context is important to review before beginning a risk assessment process. It helps articulate objectives, clarify the scope, decide upon appropriate participants before beginning.
These are the key external factors that influence and shape operations:
| External Factors | Local, Regional, National & International Environment |
| Social & cultural |
|
| Legal & regulatory |
|
| Technological |
|