UVM’s ERM program is designed to use existing management processes, reporting and approval channels, and organizational structures; to be linked to strategic planning and budgeting; to build on the University’s current risk management activities and practices; and to create a more risk-aware community and institutional culture.

Program Goals and Objectives

The purpose of UVM’s ERM program is to enhance the University’s ability to achieve its mission, vision, and strategic objectives and strengthen its competitive position by fostering an institution-wide culture of risk and opportunity awareness and providing a structured, consistent, and continuous process for the early and proactive identification and reporting of material risks and opportunities to senior management and trustees.

In support of this overall purpose, the University has established the following goals and objectives for UVM’s ERM program:

  1. Create a culture of risk awareness where all employees understand and consider risk in decision-making:
    • Ensure that all UVM employees are aware of the risks related to their roles and activities and understand their responsibilities for identifying, managing, and reporting on risk and opportunities in a systematic and timely way
    • Provide best practice information, education, training, and facilitation resources to the University community.
    • Build on the University’s current risk management activities and practices.
  2. Reduce operational surprises and losses.
  3. Increase capacity to identify and seize opportunities by facilitating greater transparency and openness regarding risk.
  4. Enhance institutional decision-making by providing senior management and trustees with timely and robust information that improves their understanding of enterprise-level risks and opportunities.
    • Assess risks in the context of strategic objectives
    • Identify inter-relations of risk factors across the institution
    • Anticipate and respond to changing social, financial, economic, environmental, and legal/regulatory conditions
    • Assist management in safeguarding University assets, including people, financial resources, property, and reputation.
    • Assist management in optimizing the use of institutional resources by aligning resource allocations with the areas of highest risk and the greatest impact on the institution’s strategy.
  5. Improve the efficiency and effectiveness of institutional risk management efforts.
    • Provide the University community with a common language, framework, and set of procedures for identifying, assessing, responding to, and reporting on risk posed in new and ongoing endeavors across the organization’s entire range of assets and operations.
    • Provide enterprise-level coordination of existing institutional functions for identifying, assessing, and reporting on risk.
    • Integrate risk ownership and management activities at all levels of the institution.
    • Where possible, use and strengthen existing management processes, reporting and approval channels, and organizational structures.
    • Establish and maintain an institutional risk register that allows for the tracking and reporting of risk trends and of risk response plans.
    • Review the effectiveness of risk management practices regularly.

Guiding Principles

The University of Vermont seeks to establish a risk-aware institutional culture where consideration of both upside and downside risk is integrated into decision-making at all levels of the organization. The purpose of these guiding principles is to support that culture and set expectations for the behavior of University employees and administrators regarding risks and opportunities.

  • All individuals, regardless of their role at the University, are empowered and expected to report early on to senior management any perceived risks or opportunities and any near misses or failures of existing control measures, without fear of retribution.
  • Risk management is integral to the management and future direction of the University and is a shared responsibility at all levels of the University.
  • Ownership and management of risk will be retained within the University function, department, or unit that creates the risk or is best capable of responding to it.
  • The University’s risk philosophy will guide strategic and operational decisions at all levels.
  • UVM encourages an open and honest discussion of the institution’s environment, strategy, risks, opportunities, and actions taken in pursuit of its objectives.
  • All credible reports of risks or opportunities are responded to promptly, incomplete reports are investigated with integrity by the responsible University official, and information about risks or opportunities is shared promptly with senior management and other key stakeholders.