2022-2023 Administrative Policy Manual Published September 2, 2022 
    
    Nov 23, 2024  
2022-2023 Administrative Policy Manual Published September 2, 2022 [ARCHIVED COPY]

Risk Management


Policy Number: 7.15
Effective Date: March 14, 2023
Revision History: September 12, 2019
Policy Contact: Auditor

I. Purpose

The purpose of this policy is to assign the management of risk as a core leadership function that must be practiced at Georgia Gwinnett College. Enterprise Risk Management (“ERM”) is a process-driven tool that enables management to visualize, assess, and manage major risks that may adversely impact the attainment of key organization objectives.

II. Scope

This policy is applicable to the campus community.

III. Definitions

Enterprise Risk Management (“ERM”): Efforts intended to maximize GGC’s ability to achieve its stated priorities or other objectives as identified by the ERM committee as being critical to achievement of those goals.

Priorities: Those high-level objectives identified as guiding principles for the GGC Strategic Plan.

Risk: Refers to the probability of an event and potential consequences to GGC associated with that event’s occurrence. Risk is inherent to any activity and it is neither possible nor advantageous to entirely eliminate risk from an activity without ceasing that activity.

Risks are defined broadly, are not limited to traditional risks, and include:

  1. Strategic risks, which affect the ability to carry out goals and objectives as articulated in the GGC Strategic Plan;
  2. Compliance risks, which affect compliance with laws and regulations and student, faculty, and staff safety, environmental issues, litigation, conflicts of interest, and related matters;
  3. Reputational risks, which affect reputation, public perception, political issues, and related matters;
  4. Financial risks, which affect loss of or ability to acquire assets, technology, and related matters; and,
  5. Operational risks, which affect on-going management processes and procedures.

Risk management policy coordinator: Assists campus administrators in maintaining the campus risk management framework and procedures. The risk management policy coordinator is designated by the President per USG policy, and will have sufficient authority to ensure high-level management of the institution’s risk management efforts.

IV. Management of Risk
  1. Management of risk at GGC is a leadership responsibility. The Cabinet and the President will define the College’s ability (risk tolerance) and willingness (risk appetite) to absorb the impact of certain risks. The President, through senior staff and vice presidents, will make sure that GGC’s risks are effectively managed.
  2. Certain institutional risks rise to a level such that the President will make the Chancellor and the appropriate University System Office department aware of the risk. Acceptance of those risks are at the discretion of the Board of Regents and the Chancellor. Risks rising to this level includes those where the combination of an event’s probability and the potential consequences is likely to:
    1. Impair the achievement of a GGC priority;
    2. Result in substantial financial costs either in excess of GGC’s ability to pay or in an amount that may jeopardize the institution’s core mission;
    3. Create significant damage to GGC’s reputation or damage to the University System of Georgia’s (“USG”) reputation; or,
    4. Require intervention in operations by the Board of Regents or an external body.
  3. Some level of risk is expected in normal everyday activities. However, acceptance of risk shall not include:
    1. Willful exposure of students, employees, or others to unsafe environments or activities;
    2. Intentional violation of federal, state, or local laws;
    3. Willful violation of contractual obligations; or,
    4. Unethical behavior.
V. Implementation of Risk Management Procedures
  1. Georgia Gwinnett College has adopted an institution-wide approach to risk management and will embed this approach into GGC’s management systems and processes. All risk management efforts will be focused on supporting GGC’s key institutional objectives. The President will develop a campus risk management framework and associated procedures that include:
    1. Formal and ongoing identification of risks that impact the institution’s goals;
    2. Development of risk management plans;
    3. Monitoring the progress of managing risks;
    4. Periodic updates of risk management plans; and,
    5. Reporting of significant risks to the Chancellor and appropriate University System offices or departments.
  2. The Enterprise Risk Management framework and procedures shall be reviewed annually. Periodic reviews for compliance with the system-wide guidelines shall also be conducted by internal audit or a similar accountability function. Additional procedures for risk management policy reporting and implementation shall be established in a GGC procedures manual.
VI. Related Regulations, Statutes, Policies, and Procedures
BOR Policy Manual 7.11 Risk Management