The purpose of risk management is not to manage risks per se. The purpose of risk management is actually to help you achieve your strategic objectives. Therefore, having clarity of strategic objectives is a pre-requisite for effective risk management.
The Risks of Risk Management
The Office of the Treasurer is leading the effort to identify and manage enterprise level risks that could jeopardize the University's abilities to meet its overarching strategic and operational objectives.
The Risk Management Council (RMC) facilitates Enterprise Risk Management (ERM) at the University. Comprised of representatives from Internal Audit, Compliance and leaders from the Academic Division and Health System, the RMC serves a critical role between elevating enterprise-level risks to senior leaders and identifying and cultivating risk management activities at the department level.
The RMC works with the University's ERM Risk Management Networks (RMN) to connect major operating areas of each division and to establish a conduit for identifying and gathering key risk data.
Read the University of Virginia Enterprise Risk Management Charter here.