ERM Framework

The Enterprise Risk Management (ERM) Framework implemented by the University of Minnesota system is based on the widely employed Committee of Sponsoring Organizations of the Treadway Commission (COSO) ERM Framework. The COSO ERM framework has been adapted in order to incorporate the unique environment at the University of Minnesota as it defines essential components, suggests common language, and provides clear direction and guidance for risk management. The adoption of the COSO ERM Framework aligns with and compliments the institution’s adoption of the COSO Integrated Framework of Internal Controls as established by the Board of Regent’s Policy: Internal Controls.  

ERM Process

All the activities presented here may be performed sequentially or simultaneously, as the need arises, and are augmented by a strong culture that promotes the efficacy of these actions.

ERM process diagram showing mission and strategic objectives, risk and opportunity identification, risk evaluation and measurement, risk response and action, and monitoring and communication

ERM Stakeholder Roles

Everyone in the University system has a role in ERM. Leveraging leadership experience provides an effective means to engage the right people across the University.

 

Risk Stakeholder

Responsibility

Board of RegentsSet tone for risk culture and inform and prioritize ERM activities
Executive Oversight Compliance CommitteeApprove and endorse risk strategy, ensure risks are effectively managed
ERM Working GroupSubject matter experts convened to address specific enterprise risks
Enterprise Risk ManagementFacilitate ERM process and drive work plans
Internal AuditEvaluate effectiveness of controls
University ComplianceFacilitate compliance with laws and regulations
University Units / DepartmentsTake and Manage Risks

Why Have Executive Level Risk Discussions?

Create a Risk Aware Culture

Produce an Action Agenda

Achieve Collective Impact

Obtain a Reduction in Risk