- Academic Affairs
- Administration and Finance
- Center for Health and Homeland Security
- Center for Information Technology Services
- Communications and Public Affairs
- Community Engagement
- Government Affairs
- Human Resource Services
- Office of Philanthropy
- Operations and Planning
- Police and Public Safety
- President's Office
- Research and Development
- University Counsel
Definitions and Common Terms
An approach of enterprise risk management as an ongoing structured process for identification, prioritization, mitigation, management, and monitoring of risks and analysis of opportunities
An ongoing process to inculcate a risk-aware culture across an organization and establish a holistic approach to risk management, which identifies and prioritizes risks and creates informed and strategic responses in an effort to achieve institutional goals and objectives and maximize opportunity, based on a foundation of ownership, accountability, and transparency
A senior-level committee appointed by the UMB president, composed of a broad cross-section of individuals familiar with the varied aspects of the University’s operations, charged with general management and implementation of the UMB ERM program.
Workgroups, each with a specific area of focus (e.g., human resources, financial and internal controls), composed of individual subject experts from across the campus, that identify risks, risk consequences and rankings; work with risk owners to develop risk mitigation plans; and monitor and report on implementation of the risk mitigation plans.
Prevention of and from events that could endanger the safety of the campus community and the general public from significant danger, injury/harm, or damage, such as crimes or disasters.
The combination of the possibility of an action or event occurring and the consequences of that act or event on the institution, its people, and the achievement of its goals and objectives.
The tolerance for risk.
Financial: A consequence that impacts financial condition or well-being.
Strategic: A consequence that may create a lasting impact or change on a fundamental objective or mission.
Operational: A consequence that impacts day-to-day activities.
Compliance: A consequence that constitutes a violation of a law or regulation or an institutional policy or requirement.
Opportunity: The loss of a benefit or advantage caused by not pursuing a course of action.
Reputational: A consequence that impacts image, standing, or character.
Mega: A consequence of enormous measure that threatens the existence of an organization or institution.
The likelihood that a specific risk will occur and reoccur.
Actions that reduce the consequences of a risk.
An individual within an organization familiar with an identified risk and responsible for understanding and managing the risk.
A measurement of the combination of risk frequency and risk severity using an established algorithm.
A process to identify and measure the risks and benefits of an action or decision in order to act in an informed manner.
The extent of the damage to the institution, its people, and its goals and objectives resulting from a risk occurring.
Individual schools, departments, programs, centers, institutes, offices, or areas of an institution.
Another term for risk.
An existing committee composed of the deans and vice presidents of UMB, this senior leadership group is charged with implementing ERM goals and objectives established by the president and making recommendations to the president regarding the ERM program.