ERM – Enterprise Risk Management, a process used by organizations to identify and manage the most important risks and opportunities they face. The process is collaborative, creative and designed to focus attention on key issues. It is an ongoing process rather than a one-time event.
ERM Committee – A committee of Georgetown University executives that reviews the risk inventory and identifies Tier 1 risks. The Senior Vice President and Chief Operating Officer chairs the ERM Committee and reports to the President on the Committee’s work.
Functional area – One of the ten units into which Georgetown University is grouped for the ERM process. The functional areas are (in alphabetical order): academic affairs; athletics; finance & operations; globalization; health & safety; information technology; infrastructure; legal, regulatory & compliance; mission advancement; and research.
Impact – An estimate of the severity of the effect of a risk’s occurrence. The potential impact of a risk may be high, medium or low.
Risk assessment process – An annual process that identifies risks in ten key functional areas.
Likelihood – An estimate of the probability that a risk will occur. The likelihood is described as a low, medium or high probability of occurring in a given timeframe.
Risk inventory – The initial list of risks developed by risk owners from ten functional areas across Georgetown University. The risk inventory is organized into three tiers.
Risk owner – The senior leader from a functional area who has direct responsibility for managing a risk.
Tier 1 risk – Tier 1 risks are strategic or insitution-wide and would have a high impact on the University. In the risk assessment process, the ERM Committee proposes items for the Tier 1 list.
Tier 2 risk – A campus-level risk that may involve infrastructure systems or processes.
Tier 3 risk – A department-level risk that may involve specific internal controls and infrastructure elements.
Velocity – The speed with which a risk may occur.