Enterprise Risk Management in Higher Education, and How Internal Audit Can Help

Recent history indicates that the pace of change in Higher Education is unprecedented; however, institutions are only seeing a modest increase in the use of risk-based decision making. The COSO “Enterprise Risk Management - Integrated Framework” defines ERM as “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”

Value in ERM

The value of ERM lies in understanding risk, and appropriately allocating an organization’s resources to business activities that present high risk and exposure to its strategic purpose and its ability to prosper. ERM offers a framework for effectively managing uncertainty, responding to risk and harnessing opportunities as they arise. By focusing on, dedicating resources to, and continuously monitoring these business activities, an institution can continuously improve its operations and its value.

ERM in Higher Education

In the current highly competitive environment, colleges and universities are under intense pressure to attract and retain faculty and students and maximize their assets – something that cannot be achieved without tight control of risks across the board. ERM can assist in uncovering both downside risks and upside opportunities for institutions to achieve their objectives. Focused attention on key business, using activities such as, but not limited to, the following will aid in achieving an institution’s goals.

  • Enrollment and admissions
  • Construction and facilities management
  • Campus safety and business continuity
  • Faculty and curriculum management
  • Data privacy and security
  • Registrar and degree conferral
  • Tuition billing and financial aid
  • Grant management

How Internal Audit Can Help?

ERM is a business process led by senior leadership that extends the concept of risk management and includes conducting an enterprise risk assessment. Internal Audit can assist with this ERM in the following ways:

  • Identifying risks and opportunities across the entire institution;
  • Assessing the impact of risks and opportunities to the operations, mission and objectives of the institution;
  • Developing and practicing response or mitigation plans; and
  • Monitoring the identified risks, holding the risk owner accountable, and consistently scanning for emerging risks and opportunities.

Visit Schneider Downs Risk Advisory’s Services webpage https://www.schneiderdowns.com/risk-advisory-services.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2023 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
What are the OCC’s Key Areas of Focus for Fiscal Year 2024?
Gainful Employment Disclosures in Higher Education
Protect Your Students, Faculty and Staff: 3 Common Cyber Attack Methods to Watch Out for in 2023
Key Takeaways from the 2023 CUPA-HR Higher Education Employee Retention Survey
The Latest on the NCAA's National NIL Proposal
Single Audit Reporting Reminders
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us
Pittsburgh

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.

×