ERM Framework

The ERM framework implemented by the University of Illinois System (University System) is based on the widely employed framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Modified to incorporate the unique environment at the University System, it defines essential components, suggests a common language, and provides clear direction and guidance for risk management.

ERM Process

All the activities presented here might be performed sequentially or simultaneously, as the need arises, and are augmented by a strong risk culture that promotes the efficacy of these actions.

Diagram with the five actions that make up the ERM Process: Internal Environment and Objective Setting, Event/Risk Identification, Risk assessment and Measurement, Risk Response and Action, and Communication and Monitoring.

ERM Stakeholder Roles

Everyone in the University System has a role in ERM. Leveraging leadership and expertise provides an effective means to engage the right people across the enterprise, including significant participation by the universities.

ERM Stakeholder Roles
Risk Stakeholder Role
Board of Trustees Set tone, approve risk appetite levels
President Provide risk oversight and direction
System Executive Risk Management Council Approve and endorse risk strategy, ensure risks are effectively managed
Chancellors and Senior Leaders Review and implement risk mitigation plans
System & University Work Groups (SMEs) Advise and propose risk mitigation plans
University Audits Provide independent assurance
University Ethics & Compliance Ensure compliance with laws & regulations
ERM Program Coordinate/ facilitate ERM process & reporting
University Units/ Departments Take and manage risks

The System Executive Risk Management Council

The System Executive Risk Management Council (Risk Council), was created in 2016 to approve risk strategy and confirm that key enterprise risks are effectively managed and mitigated. Increasing the focus on risk at the executive levels results in more discussion of risk at all levels. The Risk Council provides a balanced view of risk and emphasizes collaboration among the universities to provide collective impact.
Membership is listed below.

  • Timothy Killeen, President and chair of the Risk Council
  • Barbara Wilson, Executive Vice President & Vice President of Academic Affairs
  • Avijit Ghosh, CFO and Vice President
  • Edward Seidel, Vice President of Economic Development & Innovation
  • Robert Jones, Chancellors UIUC & Vice President
  • Michael Amiridis, Chancellor UIC & Vice President
  • Susan Koch, Chancellor UIS & Vice President
  • Laura Clower, Chief of Staff, President’s Office
  • Michael Bass, Special Advisor to the President
  • Thomas Bearrows, University Council
  • Thomas Hardy, Executive Director of University Relations
  • Joda Morton, Associate Director of Enterprise Risk Management
  • Julie Zemaitis, Executive Director of University Audits
  • Donna McNeely, Executive Director of University Ethics and Compliance

Why Have Executive Level Risk Discussions?

four icons next to the words, Risk Aware Culture, Collective Impact, Action Agenda, and Reduce Risk.

Last Updated: March 6, 2020