Purpose and Objectives

The purpose of the Enterprise Risk Management (ERM) initiative at the University of Maryland (UM) is to provide a proactive and comprehensive program for entitywide risk identification, prioritization of key exposures, and development of operational responses to potential adverse events and outcomes, based on a foundation of accountability and transparency. ERM will promote an ongoing, integrated risk-aware culture across our organization so that we act with full knowledge of the implications of our decisions and actions, and we include a balanced risk-reward analysis in evaluating potential opportunities available to us, in pursuing the mission and goals of our institution.

ERM does not replace or subordinate our current programs and activities to manage potential risks and opportunities in our everyday actions. Each of us remains responsible to identify and control threats and analyze opportunities within our areas of responsibility and to report concerns to our supervisors. Instead, ERM is intended to permit a proactive, comprehensive framework for entitywide identification and management of potential risks and opportunities.

The objectives of ERM include:

  • identifying and managing a broad array of threats and risks to the achievement of our institutional goals and objectives in an informed and strategic manner within an accepted tolerance level
  • establishing a program structure that engages functional leaders (e.g., research, clinical, facilities, etc.) across the campus to identify and prioritize risks
  • providing senior leadership with key information for risk-related decisions and allocation of resources
  • developing and implementing appropriate risk mitigation plans through assigned risk owners
  • encouraging responsibility of all faculty, staff, and students to incorporate a balanced risk-reward analysis in everyday activities 
  • maximizing opportunities
  • protecting and fostering a collaborative and entrepreneurial environment