Does ERM Fall Apart in Volatile Times?
Today’s headlines in higher education report high uncertainty and rapid change. Campus controversies erupt over free speech, prospective foreign students express newfound reluctance to study in the United States, and research funding is threatened in science, arts, and humanities. Even the principle of evidence-based decisions, fundamental to the academic enterprise, is questioned by national leaders. Do these times call for a new look at risk?
Colleges and universities only recently started to see value in developing a way to identify, evaluate, and address risks at the institutional level. By the time Enterprise Risk Management began to take hold on campus, most businesses and government agencies had already established systems of ERM. Realizing it wouldn’t work simply to replicate standard ERM frameworks, academic leaders developed their own systems based on shared governance and sustaining their mission.
The new presidential administration has issued statements, directives, and orders on issues from immigration policy to transgender rights; nearly all have implications for the academic realm.
But in recent months, uncertainty in academic decision-making has risen steeply. The landscape for higher education and for nonprofit organizations grows harder to navigate. The new presidential administration has issued statements, directives, and orders on issues from immigration policy to transgender rights; nearly all have implications for the academic realm. What happens to ERM programs assailed by so much change?
While this question affects any organization that practices ERM, it looms largest for those with fledgling and new programs—and that includes most academic institutions, especially the smaller ones. I’ve noticed three ways academic institutions are responding to these times of intensified uncertainty:
- “Things right now are too volatile to do ERM.” Struggling to manage stepped-up risks in their own areas, administrators stop making institutional risk meetings a priority, and ERM goes on hold;
- “Same old ERM.” The system proceeds on auto-pilot, without reference to the current political situation. A quarterly meeting of the ERM Council looks like the same meeting held a year and a half ago. Each risk owner summarizes what’s happened since last time and says, “We’re still working on it.” No one wants to acknowledge a new climate.
- “Wait, let’s re-evaluate.” A risk leader makes the group face a new reality. The meeting agenda is rewritten; risk owners are asked to directly address potential and recent changes in the legal, political, and cultural environment.
This third approach enables new, crucial questions: How can we protect access for students whose immigration status makes them vulnerable? How does the rise of bigoted speech in the public sphere affect campus discourse? How might we respond to changing legal interpretations of Title IX?
Such adjustment to new circumstances should occur naturally as part of ERM. But in practice, people are so accustomed to their routines that unless it is given a name, even very large-scale change can be minimized or overlooked until it’s too late. Neither “ERM on hold” nor “ERM as usual” represents a wise option. Risk leaders should address big change head-on. Only then can Enterprise Risk Management—especially if newly established and still fragile—continue to drive good institutional decisions.