Enterprise Risk Management

Royal Roads University Policy

Policy Number: 
First implemented: 
May 27, 2005
Approved By: 
Board of Governors
Office of Oversight: 
President's Office

Board Policy Statement

The Board of Governors, having the responsibility for the management and control of the University and ensuring accountability to stakeholders, is committed to ensuring that the University manages its significant risks efficiently and effectively through an Enterprise Risk Management System.


Royal Roads University recognizes that while risk management has traditionally been the responsibility of an audit committee, there is a growing need to expand the scope of risks to the enterprise to address a full spectrum, including, but not limited to: financial, reputation, human resource, governance, physical plant, environmental stewardship, knowledge, and quality of education risks.

Role of the Board of Governors

It is the responsibility of the Board of Governors to:

  • Assess best practices in Enterprise Risk Management.
  • Assess whether the University has an ongoing, appropriate and effective risk management process in relation to its capacity to accept risk, and whether the organization's procedures for management of risk are being adhered to.
  • Understand the significant risks to which the University is exposed and provide strategic direction.
  • Review an Annual Plan for addressing all significant risks.

President's Responsibilities

It is the responsibility of the President to:

  • Ensure that procedures, processes, and resources are in place to effect this Policy.
  • Direct the preparation of an Annual Plan for addressing significant risks.

Information, Action and Monitoring Requirements for the Board

By September each year the President will report on progress towards the policy objectives and ensure that the Annual Plan is made available to the Board.


25.5.2005 Board Approval
27.5.2005 Implementation
27.5.2008 Review Due