Enterprise Risk Management

Program History

President Fogel approves ERM program and appoints the Vice President for Finance & Administration as UVM’s Chief Risk Officer
Board of Trustees Audit Committee forms an ERM Working Group

1st ERM Advisory Committee drafts ERM program, process/timeline, risk assessment tool
Board of Trustees calls for external consultant review of ERM implementation plans
Consultant Arthur J. Gallagher issues independent report of UVM’s ERM efforts to date
President’s Advisory Committee on ERM established
Additional ERM research conducted using resources from internal audit, internal control, board governance, and higher education perspectives and review of ERM programs at 29 institutions

ERM Advisory Committee Co-Chairs and Deputy Compliance Officer interview senior UVM officials to identify risks and opportunities facing UVM
ERM program purpose and goals, guiding principles, framework, roles and responsibilities, and institutional risk philosophy statement approved by Board of Trustees ERM Working Group, Audit Committee, and Committee of the Whole

UVM’s first version of the “Guide to Risk Assessment & Response (PDF)” (including assessment scales and heat map) developed and piloted with Provost-requested risk assessment of “International Enrollment” initiative.
ERM staff prepare UVM Preliminary Risk Inventory
ERM Advisory Committee reestablished

ERM becomes part of the University’s Office of Compliance and Privacy Services with the Director of Compliance Services and Chief Privacy Officer taking over the day-to-day oversight and management of the ERM program.
Enterprise Risk Management Advisory Committee (ERMAC) merges with the Operational Compliance and Privacy Committee and changes its name to form the Enterprise Risk Management and Operational Compliance Committee (ERMOCC).

The ERM program is given a “re-boot” that includes updated reference materials, an updated Guide to Risk Assessment & Response (PDF) (including assessment scales and heat map) and a biennial project plan.