University Risk Management

Process

Brown University’s Enterprise Risk Management (ERM) process is designed to provide a structured environment and organization that is risk aware and focused on the achievement of our risk objectives defined above and communicated to all levels of the organization.

The foundation of our ERM process is effective communications which we rely on to ensure that all information about risks and risk events and related responsibilities are shared with the personnel responsible for the effective management of our key risks.

University Risk Management Approach

Brown University’s ERM approach is, by design, dynamic inasmuch as any lessons learned in the course of our operation will be used to adapt and improve risk management processes across the organization.  Therefore, communication is central and critical to the adaptability and effectiveness of our ERM approach.  Any material changes to the ERM process may be proposed by management but will require approval by the Chief Risk Officer.

The challenge for any organization to achieve effective ERM is to provide a framework which ensures that the right people have the information they need, when they need it, to determine the appropriate measures to take under the circumstances, obtain necessary authorization and resources to proceed, and take appropriate action in a timely manner.  Our approach is designed to meet this challenge.

Our approach is comprised of periodic, event driven and ongoing processes (more detail is available in procedures prepared for each of the component activities indicated) effected and managed by the organization described below.

University Risk Management Communications

Communication within Brown University about risk issues is important to ensure that:

  • Each employee understands what Brown University’s risk strategy is, what the key risk priorities are, and how their particular responsibilities fit into the University’s URM framework,
  • Transferable lessons are learned and communicated to those who can benefit from them, and
  • Each level of management receives regular assurance about the management of key risks within their area of control.
  • Copies of this policy statement should be issued to all new employees as part of the orientation process.