The Two-Headed Monster of Risk:

What Higher Ed Traditional Risk Managers and Enterprise Risk Managers Can Learn from Each Other

Hans Gude, ARM-E, Enterprise Risk Director, UC Berkeley

Andy Goldblatt, RISK MANAGER, UC BERKELEY

STARRING!

Today’s Agenda

1. Define traditional and enterprise risk management

2. List useful skills for each

3. Describe how enterprise risk helps the traditional risk manager

4. Describe how traditional risk helps the enterprise risk manager

5. Explore three risks and whether they are traditional, enterprise, or both

What is Traditional Risk Management?

Focused principally on operations and insurable risks.

Loss prevention

Claim and lawsuit handling

Traditional Risk Manager’s Skill Set

1. Knowledge of:– Insurance– Law– Loss prevention

2. Appetite for action

3. Crisis management

4. Comfort in gray areas

5. Ability to communicate to a broad audience

6. Ability to negotiate

What is Enterprise Risk Management?

ERM ERM ERMERM

ERMERM

? ? ? ??

?

FORGET ABOUT ‘ERM’ !We’ll remember it back in a minute....

The ‘Business’Problem!

The business problem:

What are our opportunities?

Where are our greatest threats?

Where should we focus our finite resources to mitigate threats and maximize opportunities?

Given my organization’s strategic objectives...

“ERM” refers to two things:

“ERM” refers to two things:

First, a perspective on how to think about risk in your organization...

What is that perspective?

Insurable Risk

>Financial

>Reputation>Operational

STRATEGIC OBJECTIVES

>Strategic>Health-Safety

“ERM” refers to two things:

Second, a toolbox for how to solve“the business problem”...

• COSO• ISO 31000• Et al.

“Frameworks”

How do you DO that?

Enterprise Risk Manager’s Skill Set

3. Networking & sales

4. Willing to roll up your sleeves and help with the work

5. Communicate with leadership

6. Comfort in gray areas

1. Creative thinking: Figuring out how to take concepts and make them operational

2. Consulting, including organizational change and process improvement

7. Patience to accept slow, incremental change

How Enterprise Risk Helps the Traditional Risk Manager

How Enterprise Risk Helps the Traditional Risk Manager

Broadens perspective.

How Enterprise Risk Helps the Traditional Risk Manager

Provides basis for prioritizing tasks based on mission.

How Enterprise Risk Helps the Traditional Risk Manager

Provides a governance structure for bringing risk trends to senior management.

How Traditional Risk Helps the Enterprise Risk Manager

What are you nuts!

We don’t say ‘No.’ We say ‘How.’

Financial risk

Operational risk

Reputational risk

Health–safety risk

Strategic risk

How Traditional Risk Helps the Enterprise Risk Manager

Makes ERM pragmatic: It has to make a difference ‘on the ground.’

How Traditional Risk Helps the Enterprise Risk Manager

Clarifies that activities are the point of entry for assessing ‘enterprise’ risks, because that’s where the risks “live.”

UC Berkeley tabletop fault model

How Traditional Risk Helps the Enterprise Risk Manager

Clarifies the day-to-day risks that impact the campus.

Traditional or Enterprise Risk?

Student Alcohol Abuse

Traditional or Enterprise Risk?

Reliable Source of Campus Energy

Traditional or Enterprise Risk?

The Demand for “Safe Space”

In conclusion...

1. Allies, not rivals.

2. Traditional risk manager becomes more strategically savvy.

3. Enterprise risk manager becomes more operationally savvy.

4. Increased individual effectiveness.

5. More effective at reducing the campus’s overall risk.

Enterprise Risk Services, UC Berkeley

36