Association of Governing Boards Report

Excerpts from

The State of Enterprise Risk Management at Colleges and Universities Today

Association of Governing Boards of Colleges and Universities (AGB)
United Educators (UE)


AGB and UE partnered in a June 2008 national survey of best practices in ERM. There were more than 600 responses, with 77 percent from private institutions and 23 percent from public. The UW Enterprise Risk Management program participated in the survey, provided content, and offered editorial input for the report, a full version of which is available on the AGB site.

Significant Conclusions

  • “Sixty percent of respondents said their institutions do not use comprehensive, strategic risk assessment to identify major risks to mission success.”
  • “Fewer than half of the respondents said they ‘mostly agree’ with the statement, ‘Board members and senior administrators actively engage in discussions regarding institutional risks.’”

Best Practices

  1. Define risk broadly.
  2. Recognize both the opportunities and downside of risk.
  3. Develop a culture of evaluating and identifying risk at multiple levels.
  4. Look at the total cost of risk.
  5. Boards and presidents should collaborate.

Action Steps

  1. Develop a disciplined process to consider risk in strategic discussions.
  2. Designate an owner of the risk identification process.
  3. Require all top administrators to prioritize risk.
  4. Sift through the prioritized risks to decide which ones warrant attention at the highest level.
  5. Require annual written reports on each high-priority risk being monitored.
  6. Re-assess priority risks at the board level at least once a year.
  7. Look for blind spots.
  8. Move risk identification deeper into the institution each year.
  9. Keep repeating the process.

Report Appendix

Materials developed by the UW ERM program were quoted or referenced in two areas of the appendix of this report:

© 2009 Finance & Facilities, University of Washington