Risk Assessments
There are various types of Risk Assessment Activities that are regularly conducted throughout organizations. The ERM group should become familiar with and support the various assessments conducted and use the results of these assessments in developing and maturing their ERM Program.
Your ERM group may want to consider identifying Risk Assessments that have already been completed and then work with the key owner's for the risk to develop and assist with improving the control activities, information and communication and monitoring (in other words fill in the rest of the COSO model).
If your ERM group is looking to develop new risk assessments, there are two types of templates available:
- ERMIS Dashboard-Ready Risk Assessments
The UCOP Office of Risk Services now offers four Excel based workbooks intended to support ERMIS Dashboard users in their assessment of risks related activities. These tools have been designed to provide insight from multiple perspectives, including:
- A budget change perspective
- A control perspective
- A key risk and mitigation perspective for new programs or initiatives
- A program risk review perspective
Once populated, the data from each of these tools can be exported and integrated directly into the ERMIS for future reference and historical trend analysis.
UCRS will continue to develop Risk Assessment Tools that are compatible with the ERMIS to address various risks and areas of operation. If there is a particular type of risk assessment template you would like to see, please tell us at erm@ucop.edu.
- Standard Risk Assessment Templates
In addition to the "Dashboard-Ready" Risk Assessment Templates, there are several other templates available. These include:
ERM Maturity Levels Framework
- Guide to using the UC ERM Maturity Levels Framework (pdf)
- UC ERM Maturity Level Framework (pdf)
- Sample ERM Maturity Framework Plan (pdf)
- ERM Maturity Framework Plan (docx)