Purpose and Objectives

“There are risks and costs to a program of action. But they are far less than the long-range risks and costs of comfortable inaction.”

— President John F. Kennedy


The mission of UMB’s Enterprise Risk Management (ERM) program is to embed, sustain, and support a culture of responsible risk-taking and opportunity identification across the University.

Main Objectives

UMB’s ERM objectives are to:

  • Foster an enterprising spirit (consistent with UMB’s core values of Innovation and Discovery)
  • Gain the benefits of a systematic risk evaluation approach in a meaningful yet streamlined manner — i.e., better organizational performance
  • Protect UMB’s most vital assets and resources
  • Analyze what potential issues or scenarios pose the highest barriers to achieving UMB’s strategic goals, then work collaboratively to address them
  • Proactively identify emerging risks to prepare for future challenges and seize opportunities

Priority Objectives

  1. Improve organizational performance and decision-making at UMB 
  2. Embed a culture of responsible risk-taking at UMB 
  3. Improve UMB’s ability to understand and manage the University’s risk exposures
  4. Proactively identify emerging opportunities and risks to prepare for future innovations and challenges
  5. Incorporate opportunity & risk assessment analysis into UMB’s periodic planning processes (strategic planning, annual budget cycle, etc.)
  6. Improve UMB’s ability to identify its most vital assets and implement actions to sustain and strengthen them (CALIBRATE Committee only)
  7. Support UMB’s ability to meet its legal, regulatory, and policy compliance obligations
  8. Satisfy the need of the Board of Regents, executive leadership, and external shareholders for an auditable and documented process for managing risk exposure at UMB

Measuring Success

The success of UMB’s ERM program will be measured in three primary ways: (1) risk vigilance and culture, (2) risk identification and action, and (3) risk calibration.

  1. Risk vigilance and culture: Embed a responsible risk-taking and opportunity-seeking approach in UMB’s culture at all levels.
  2. Risk identification and action: Implement systems to scan for emerging risks and opportunities, and alert and advise relevant stakeholders. ERM will ensure that schools and units take action on a regular schedule to monitor and address identified risks. That is, we want risk-related actions to be mapped onto existing governing structures, so that decision-making and risks are considered contemporaneously through typical processes that engage individuals throughout UMB. As examples, we expect that risk will be systematically incorporated into strategic, operational, and budget planning processes.
  3. Risk calibration: ERM will develop a mix of qualitative and quantitative measures to guide decision-makers as to the general risk tolerance of the organization, without dictating specific decisions.

The ERM program will address the two broad risk types found at UMB: institutional risks and functional risks. Institutional risks are those strategic and sector-level risks that could have a major influence on UMB’s mission or vision, one of its core functions or strategic themes, or high-value cross-functional processes. In contrast, functional risks affect ongoing management or administrative processes, which are often confined to one or a limited number of functions at the University. Differentiating between these two “risk altitudes” is important to streamlining the ERM process.