Purpose:

The purpose of this strategy is to provide a comprehensive framework for identifying, assessing, mitigating, and monitoring risks that may impact Rockhurst University's reputation, financial health, and operations. The strategy aims to promote a culture of risk management throughout the University, to enable the University to respond effectively to risks as they arise, and to ensure the University's resilience and sustainability.

Policy Statement:

Rockhurst University is committed to identifying, assessing, mitigating, and monitoring risks that may impact the University's reputation, financial health, and operations. The University will establish and maintain a risk management framework that supports this commitment and promotes a culture of risk management throughout the University.

Scope:

This strategy applies to all departments and units of Rockhurst University, including faculty, staff, students, and third-party contractors.

Risk Management Framework:

Rockhurst University will establish and maintain a risk management framework that includes the following components:

  1. Risk Identification: Rockhurst University will identify potential risks that may impact the University's reputation, financial health, and operations. The University will use a range of methods to identify risks, including but not limited to:
  • Risk assessments
  • Incident reporting
  • Internal audits
  • External audits
  • Environmental scans
  • Regulatory compliance reviews
  • Business continuity planning
  1. Risk Assessment: Rockhurst University will assess the likelihood and potential impact of identified risks using a consistent and systematic approach. The University will prioritize risks based on their likelihood and potential impact.
  2. Risk Mitigation: Rockhurst University will develop and implement risk mitigation plans that include specific measures to reduce the likelihood and impact of identified risks. The University will ensure that risk mitigation plans are aligned with the University's strategic goals and objectives and are regularly reviewed and updated as necessary.
  3. Risk Monitoring: Rockhurst University will monitor identified risks and the effectiveness of risk mitigation measures on an ongoing basis. The University will use a range of methods to monitor risks, including but not limited to:

 

  • Regular reporting to senior leadership and the Board of Trustees
  • Key performance indicators and metrics
  • Incident management and response protocols
  • Business continuity testing and exercises
  • Compliance monitoring and reporting
  1. Risk Communication: Rockhurst University will ensure that all relevant stakeholders are informed about identified risks and risk mitigation measures. The University will use a range of methods to communicate risks, including but not limited to:
  • Internal memos and announcements
  • Training and education programs
  • Risk management reports
  • Incident reports
  • Compliance reports
  • Business continuity plans and protocols

Policy Review:

This strategy shall be reviewed annually by the Risk Management Office in consultation with the University's senior leadership team to ensure that it remains current and effective in addressing the University's risk management needs.

Conclusion:

By implementing this risk management strategy, Rockhurst University aims to promote a culture of risk management that enables the University to identify potential risks and take appropriate measures to mitigate them. The strategy ensures that the University's operations are resilient, sustainable, and aligned with its strategic goals and objectives.