The Enterprise Risk Management (ERM) Framework implemented by the University of Minnesota system is based on the widely employed Committee of Sponsoring Organizations of the Treadway Commission (COSO) ERM Framework. The COSO ERM framework has been adapted in order to incorporate the unique environment at the University of Minnesota as it defines essential components, suggests common language, and provides clear direction and guidance for risk management. The adoption of the COSO ERM Framework aligns with and compliments the institution’s adoption of the COSO Integrated Framework of Internal Controls as established by the Board of Regent’s Policy: Internal Controls. Â
ERM Process
All the activities presented here may be performed sequentially or simultaneously, as the need arises, and are augmented by a strong culture that promotes the efficacy of these actions.
ERM Stakeholder Roles
Everyone in the University system has a role in ERM. Leveraging leadership experience provides an effective means to engage the right people across the University.
Â
Risk Stakeholder | Responsibility |
|---|---|
Board of Regents | Set tone for risk culture and inform and prioritize ERM activities |
Executive Oversight Compliance Committee | Approve and endorse risk strategy, ensure risks are effectively managed |
ERM Working Group | Subject matter experts convened to address specific enterprise risks |
Enterprise Risk Management | Facilitate ERM process and drive work plans |
Internal Audit | Evaluate effectiveness of controls |
University Compliance | Facilitate compliance with laws and regulations |
University Units / Departments | Take and Manage Risks |
The Executive Oversight Compliance Committee
The Executive Oversight Compliance Committee (EOCC) oversees the University’s Compliance and Enterprise Risk Management programs. The EOCC approves the risk strategy and confirms that key enterprise risks are effectively managed and mitigated. The EOCC increased the focus on risk at the executive levels resulting in more discussion of risk at all levels. The EOCC provides a balanced view of risk and emphasizes collaboration across the University system to achieve a collective impact. EOCC membership includes:Â
- Associate Vice President Health, Safety, & Risk Management
- Chief Auditor
- Chief Compliance Officer
- Chief Information Officer
- Executive Vice President & Provost
- General Counsel
- President's Chief of Staff
- Senior Vice President Finance & Operations
- Senior Vice President for Health Sciences
- System Chancellors
- Vice President for Equity & Diversity
- Vice President for Human Resources
- Vice President for Research
- Vice President for University Services