2009

  • President Fogel approves ERM program and appoints the Vice President for Finance & Administration as ̽̽’s Chief Risk Officer
  • Board of Trustees Audit Committee forms an ERM Working Group

2010

  • 1st ERM Advisory Committee drafts ERM program, process/timeline, risk assessment tool
  • Board of Trustees calls for external consultant review of ERM implementation plans
  • Consultant Arthur J. Gallagher issues independent report of ̽̽’s ERM efforts to date
  • President’s Advisory Committee on ERM established
  • Additional ERM research conducted using resources from internal audit, internal control, board governance, and higher education perspectives and review of ERM programs at 29 institutions

2011

  • ERM Advisory Committee Co-Chairs and Deputy Compliance Officer interview senior ̽̽ officials to identify risks and opportunities facing ̽̽
  • ERM program purpose and goals, guiding principles, framework, roles and responsibilities, and institutional risk philosophy statement approved by Board of Trustees ERM Working Group, Audit Committee, and Committee of the Whole

2012

2019

  • ERM Risk Assessment moves to a biennial cycle.

2021

  • ERM becomes part of the University’s Office of Compliance and Privacy Services with the Director of Compliance Services and Chief Privacy Officer taking over the day-to-day oversight and management of the ERM program.
  • Enterprise Risk Management Advisory Committee (ERMAC) merges with the Operational Compliance and Privacy Committee and changes its name to form the Enterprise Risk Management and Operational Compliance Committee (ERMOCC).

2022

  • The ERM program is given a “re-boot” that includes updated reference materials, an updated Guide to Risk Assessment & Response (PDF) (including assessment scales and heat map) and a biennial project plan.