Recent history indicates that the pace of change in Higher Education is unprecedented; however, institutions are only seeing a modest increase in the use of risk-based decision making. The COSO “Enterprise Risk Management - Integrated Framework” defines ERM as “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
Value in ERM
The value of ERM lies in understanding risk, and appropriately allocating an organization’s resources to business activities that present high risk and exposure to its strategic purpose and its ability to prosper. ERM offers a framework for effectively managing uncertainty, responding to risk and harnessing opportunities as they arise. By focusing on, dedicating resources to, and continuously monitoring these business activities, an institution can continuously improve its operations and its value.
ERM in Higher Education
In the current highly competitive environment, colleges and universities are under intense pressure to attract and retain faculty and students and maximize their assets – something that cannot be achieved without tight control of risks across the board. ERM can assist in uncovering both downside risks and upside opportunities for institutions to achieve their objectives. Focused attention on key business, using activities such as, but not limited to, the following will aid in achieving an institution’s goals.
Enrollment and admissions
Construction and facilities management
Campus safety and business continuity
Faculty and curriculum management
Data privacy and security
Registrar and degree conferral
Tuition billing and financial aid
How Internal Audit Can Help?
ERM is a business process led by senior leadership that extends the concept of risk management and includes conducting an enterprise risk assessment. Internal Audit can assist with this ERM in the following ways:
Identifying risks and opportunities across the entire institution;
Assessing the impact of risks and opportunities to the operations, mission and objectives of the institution;
Developing and practicing response or mitigation plans; and
Monitoring the identified risks, holding the risk owner accountable, and consistently scanning for emerging risks and opportunities.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at contactSD@schneiderdowns.com.
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.