The Enterprise Risk Management (ERM) Framework implemented by the University of Minnesota system is based on the widely employed Committee of Sponsoring Organizations of the Treadway Commission (COSO) ERM Framework. The COSO ERM framework has been adapted in order to incorporate the unique environment at the University of Minnesota as it defines essential components, suggests common language, and provides clear direction and guidance for risk management. The adoption of the COSO ERM Framework aligns with and compliments the institution’s adoption of the COSO Integrated Framework of Internal Controls as established by the Board of Regent’s Policy: Internal Controls.
ERM Process
All the activities presented here may be performed sequentially or simultaneously, as the need arises, and are augmented by a strong culture that promotes the efficacy of these actions.
ERM Stakeholder Roles
Everyone in the University system has a role in ERM. Leveraging leadership experience provides an effective means to engage the right people across the University.
Risk Stakeholder | Responsibility |
---|---|
Board of Regents | Set tone for risk culture and inform and prioritize ERM activities |
Executive Oversight Compliance Committee | Approve and endorse risk strategy, ensure risks are effectively managed |
ERM Working Group | Subject matter experts convened to address specific enterprise risks |
Enterprise Risk Management | Facilitate ERM process and drive work plans |
Internal Audit | Evaluate effectiveness of controls |
University Compliance | Facilitate compliance with laws and regulations |
University Units / Departments | Take and Manage Risks |