Vice President    Finance    Operations    Reports    Committees    
HOME
Vice-President
About the VPFO
Contact Us
Operations
Campus Security
Computing & System Services
Facilities Management
Human Resources
Internal Audit
Finance
Financial Services

Financial Planning & Operations
About the AVP
Budget
Capital & Space Planning
Pension & Investments
Risk & Insurance
Campus Planning & Sustainability

Committees
Campus Planning Ctte.
Risk Management
Important Links
Campus Plan
Construction
Neptune
Venus

    
VP Finance and Operations » 

Risk Mitigation

Risk Mitigation

Risks that are not subject to effective mitigation activity may cause adverse impacts.

For each risk, you should first document the applicable list of mitigation activities. When thinking about what risk mitigation activity is in place (or should be in place) it is useful to think of the following three things:

  • Prevention - What is in place that will attempt to stop the risk happening in the first place? (eg: security, awareness & training programs, qualified staff, planning, and/or procedures);
  • Detection - What is in place that will let me know if and when the risk does happen? (staff / customer reporting mechanisms, financial reconciliation, fire alarms, audits); and
  • Response - If the risk happens anyway, what measures do we have in place to lessen the impact? (eg: contingency plans, back ups, insurance, resolution processes).

 

Once documented, the list of mitigation activity should be assessed as to how well the group of mitigation activity address the risk.

To assess mitigation strategy effectiveness consideration should be given to the following questions:

  • Do the group of mitigation activity address the risk effectively?
  • Are the mitigation activity officially documented and communicated?
  • Are the mitigation activity in operation and applied consistently?

Answers to these questions are scored and the results tallied as per the Table below.

Thought processes underpinning this decision are also summarized below.

Mitigation Table


Development / Implementation

To ensure that mitigation plans are actioned requires management of the process by relevant senior staff. This management planning process should include:

  • Allocation of risk mitigation responsibilities;
  • Approval or allocation of resources required;
  • Establishment of deadlines;
  • Report back agreed actions and dates to the Risk Coordinators and Manager-Risk Compliance;
  • An Escalation process;

All risks identified as requiring further mitigation should be considered in the context of the options available. These options should be considered weighing the cost of implementing each option against the potential benefits. In some cases a cost-benefit analysis may be required to assist in the selection process.

When assessing risk mitigation options, it is important to understand that it will often be most appropriate to combine several mitigation options. Risk responses may be specific to one risk or they might address a range of risks.

By completing a risk mitigation plan, relevant University staff can establish accountability, and ensure that risk management is seen as part of each staff member's responsibility.

Risk mitigation plans act as a reporting mechanism to the relevant user groups. These plans are flexible, allowing for continual updating and reassessment as risks confronting the University change or the likelihood and consequences change.

 

    

Risk Mgmnt

Risk Management Steering Committee

Risk Framework

Risk Register

- Risk Identification

- Risk Assessment

- Risk Ranking (Heat Map)

- Risk Mitigation

- Risk Reporting
 
 
Back to Navigation
TopTop of Page
Official UVic Web site · Copyright © 2004, University of Victoria · Legal Notices
Contact us · Updated 31 October, 2011 by Vice-President Finance and Operations