About Enterprise Risk Management

What is Risk Management at the University of Iowa?

Throughout the University of Iowa, the process of risk management is practiced on a daily basis by faculty, staff and administration. Risk management is not limited to a specific group of individuals, but rather it is a culture within the organization. Whether you're an employee who manages budgets or provides customer care, you are an integral component of managing risks at the University of Iowa.

What is Risk?

Simply stated, a risk is anything that may impact the university's ability to accomplish its mission and goals, either positively or negatively. For example, risks include driving a University vehicle or failing to maintain internal controls.

What is Risk Management?

Risk Management is the principals, framework and process for managing risk effectively. Risk management involves identifying and understanding risks, and then using smart strategies to best handle them. For example: when you perform your work, you analyze potential risks and then establish policies, processes or procedures to manage the risks and prevent a potential loss. The loss may be an immediate direct financial loss or an indirect loss such as failure to meet a project deadline.

Enterprise Risk Management (ERM)

Enterprise Risk Management broadens the scope of risk management to include all areas or aspects of a university, concentrating especially on enterprise-wide risks. Examples of enterprise risks include reputational risks or strategic risk. Currently, the University has implemented initiatives to address the enterprise risks associated with international travel, minors on campus and emergency planning for the University.

Last updated 12/10/2012