Insights

Insights

  •    

    Filter by



    avatar

    Share This:

    • Share on Facebook
    • Share on Google Plus
    • Share on Linkedin
    • RSS
    « Back to Blogs

    Strategies to Treat and Mitigate Risks Effectively

    Practical guidance for implementing Step 3 of the ERM process

    Once your institution has selected which institutional risks it will tackle this year in Step 2 of the enterprise risk management (ERM) process, manage them collaboratively in Step 3.

    Your ERM committee might start by assigning risk owners to oversee risk management efforts for each institutional risk. The committee will work with risk owners to set goals and track progress. The risk owner will further break down the institutional risk into more manageable sub-risks, tasks, or projects and assign task owners to oversee those more specific risk management efforts.

    The risk owner is also responsible for tracking all efforts related to this risk in a risk treatment plan and will share this plan and status updates with the committee chair regularly. Ultimately, the ERM committee chair will compile the information from all risk owners for incorporation in the Step 4: Risk Summary Report.

    To bring this step to life, consider the following example: An institution identifies workplace harassment as an institutional risk. As a result, the committee assigns the Human Resources (HR) Director as the risk owner to set goals and identify specific tasks or projects to enable managing this risk or perhaps start a workplace harassment working group to ensure a cross-functional approach. The HR Director assigns additional task owners to implement these specific strategies, like establishing a policy, facilitating training, or purchasing additional insurance. The HR Director also tracks all efforts related to this risk in a risk treatment plan and regularly shares this plan and status updates with the ERM committee.

    To succeed, the ERM committee and risk and task owners must understand the options available for managing risks, which include risk treatment and mitigation strategies.

    Select Risk Treatment Strategies

    Risk owners should determine which treatment strategies apply, such as whether to avoid, transfer, mitigate, accept, and/or exploit a risk.

    Consider the following strategies:

    • Avoid: Reject the risk.
    • Transfer: Shift responsibility to another party, such as through contracting or insurance.
    • Mitigate: Implement measures to reduce the risk.
    • Accept: Take no further action and agree to the consequences of the risk occurring.
    • Exploit: Pursue opportunities related to this risk.

    You may combine these strategies. For example, for study abroad programs, your K-12 school, college, or university may transfer a portion of the risk to a third-party transportation vendor with a contract and third-party insurance, and also may mitigate risks by crafting safety policies and training faculty and students. Your institution also may exploit opportunities related to this risk through a marketing strategy given that the unique nature or location of study abroad programs may attract students to your institution.

    Select Risk Mitigation Strategies

    Next, risk owners will work with task owners to identify and lead more concrete risk mitigation strategies, such as updating policies or overseeing training efforts.

    Consider these risk mitigation strategies:

    Strategies Examples
    Policies and Procedures Student and employee handbooks, grievance complaint procedures, safety standards, and investigation policies
    People Training, awareness campaigns and posters, updated job descriptions and responsibilities, personnel experience, expertise, and time
    Property Facility upgrades, new equipment, maintenance schedules, and inspections
    Processes Incident reporting and tracking, reference checks, contracting, insurance, or technology platforms
    Practice Lockdown testing, evacuation drills, crisis response, and tabletop exercises

    By combining risk mitigation strategies, you ensure they will be most effective.

    For example, the Counseling Services Director overseeing the institutional risk of student mental health also might be the task owner for implementing a wellness initiative and training. The director may assign general counsel to implement a telehealth process and may partner with Communications and Admissions to communicate about your institution’s wellness goals to manage prospective student and parents’ expectations.

    Define Goals, Set Deadlines, and Share Status Updates

    Throughout the year, risk owners should define goals and set deadlines for all risk strategies. Additionally, risk owners are responsible for reporting status updates, progress, and next steps to the ERM committee.

    Continue onto UE’s blog Report on Risks to Set Goals, Gain Buy-In, and Document Efforts or use our ERM Process Tracker to track risk management efforts. View UE’s vast library of risk management resources to inform your risk treatment and mitigation plans, including some suggested resources below to assist leaders with implementing policies, training and other activities for some institutional risks institutions may face.

    More From UE

    Establishing an Office of Diversity and Inclusion on Campus
    COVID-19 Response Resources
    Workplace Harassment
    Review Your K-12 School’s Performance Management System
    Title IX and VAWA-Campus SaVE Act Resources
    Employee Sexual Misconduct: Higher Ed
    Educator Sexual Misconduct: K-12 Schools
    Student Mental Health on Campus: A Review of Claims
    Online training courses
    ERM Topic Page

    By Liza Kabanova, Risk Management Consultant

    March 2021