Enterprise risk management

The Enterprise Risk Management (ERM) function coordinates the University’s organizational risk management efforts. It provides a framework and processes for the identification, assessment, mitigation and monitoring of risks to the achievement of the University’s mission and goals.

ERM fosters a continuous, risk-conscious atmosphere across uOttawa, allowing decision-makers to conduct risk-opportunities analysis and make informed decisions while pursuing the university's mission and objectives. ERM is a resource for leadership to manage both existing and emerging risks within their range of responsibilities.

Vision and objectives

We aim to deliver a sustainable Enterprise Risk Management framework and capabilities to enable uOttawa to identify, assess, and manage risk and embrace opportunities related to the achievement of strategic and operational objectives.

  • Develop and maintain an enhanced ERM program embedded across uOttawa.
  • Provide risk advisory on strategic initiatives and operational activities, including governance, risk management, issue management and controls.
  • Develop enhanced partnership with departments and faculties and be seen as a trusted business partner.
  • Ensure corporate risks are factored into strategic management decisions.
  • Develop an environment where faculty and staff feel empowered to take responsibility for managing risks.
chess-umbrella-risk-protection

ERM Principles, framework and process

Enterprise Risk Management (ERM) is a continuous business process, led by the CRO, that extends the concepts of risk management and includes:

  • Identifying risks across our institution;
  • Analyzing the impact of risks to the operations and mission;
  • Evaluating risks to determine the appropriate treatment and priorities;
  • Determining a risk treatment strategy;
  • Monitoring the identified risks, holding the risk owner accountable, and consistently examining emerging risks;
  • Maintaining continuous consultation and communication efforts with the relevant stakeholders throughout all steps of the ERM process.
erm-ISO31000-2018
ERM Principles, framework and process (ISO 31000:2018)