Risk Register

Click here to go directly to information on The Risk Register Process , Key Definitions or Risk Management Responsibilities.

The Risk Register Process

What is a Strategic Risk Register?

A Risk Register is a tool to support the risk framework that captures strategic institutional risks. It will include detailed descriptions of the key risks faced by UVic as well as the various strategies in place to mitigate each risk. It is envisaged that the register will become a "living" document and will be utilized as a management tool to inform planning and improve decision making within UVic.

What is the Goal of having a Strategic Risk Register?

Develop and promote a risk management culture within the University focusing on areas of risk
To provide a "living" document that will be utilized as a management tool to assist in achieving the University's strategic objectives
To assist UVic toward the development of a long-term sustainable, and comprehensive approach to support the identification and management of risks across UVic; and
To provide the Board of Governors and senior management with a more comprehensive understanding of the risks faced by UVic, including an assessment of the risks and the activities that have been undertaken to manage the risks facing UVic.

Key Definitions

The following definitions apply to this policy:

Risk

A chance of something occurring that may impede the University from achieving its objectives. The concept of risk has two elements; the likelihood of a risk happening and the consequence if it happens.

Risk Management

The application of management policies and processes to enable the systematic identification, analysis, mitigation and monitoring of risk.

Risk Management Plan

A documented list of risk mitigation strategies/actions, timelines and accountabilities.

Risk Mitigation

Involves identifying the range of options for treating risk, evaluating those options, selecting the preferred treatment strategy, preparing risk mitigation plans and implementing them.

Inherent Risk

Refers to risk considered without any assessment of controls.

Residual Risk

The level of risk that remains after all risk treatment measures have been taken.

Risk Management Responsibility

Risk management is everyone's responsibility and therefore this document will be a useful reference for all University employees. It has been designed for use by departments within the University as well as the Senior Management Group, Audit Committee, Line Management and those employees involved in the formal application of the risk management process.

Risk Mitigation Owners:

Identify and control risks in his/her area of responsibility
Continually reviews risks and controls of their operations to ensure effective management
Update the status on the risk mitigation plans on a regular basis

Risk and Insurance Analyst:

Ensures the risk management plan is monitored and updated regularly
Monitoring risks to ensure University objectives are achieved
Conduct or arrange appropriate risk management training where necessary
Provide policy and framework to departments to identify, analyses and manage risks
Produce and provide the management relevant and timely user reports.

Risk Management Steering Committee

Monitor risk management plans and ensure the timeliness of their actions
Assurance of risk control and compliance
Monitor the cost effectiveness of the risk management plan.

Click on Risk Management Process Stages to view process stages diagram

Click on Risk Management Process Stages Expanded to view an expanded process stages diagram

Back to Navigation

Top