Newsletters
Risk Central
Digital EditionSee What United Educators’ Constance Neary Has to Say About ERM
Constance Neary is the vice president of risk management for United Educators, and has a wealth of experience, expertise, and insights drawing upon decades of work in the industry. She can be reached at [email protected].
As I reflect on 30 years of serving education, the trends in risk management for this field are clearer to me than ever.
Except for the most well-resourced private K-12 schools, colleges and universities, educational institutions are increasingly resource-constrained. Schools of different sizes, types and geographic areas feel the strain on their business model, with students and families asking tough questions about tuition costs and the need for traditional degrees. The disruption of the COVID-19 pandemic forced us all to do things differently. And inflation is driving up costs even further.
At the same time, the risk portfolio that institutions contend with is broader and more complex.
Decades ago, campus risk management was primarily responsible for purchasing insurance and perhaps campus safety. But today’s top-of-mind risks as reported by United Educators (UE) members in our Top Risks survey — declining enrollment, data security, pandemics, deferred maintenance, sexual misconduct of students (often minors), student mental health — do not belong to a single individual or department, they can affect the entire campus, and require mitigation efforts from the front lines to the board room.
Amid these challenges, education leaders must ensure that the limited dollars they spend on insurance and risk management focus on the highest-impact activity possible.
Each institution has unique challenges and its own level of risk management maturity. Like differentiated learning, leaders must follow their own pathway to growing a risk management program based on the institution’s mission, objectives and available resources. This endeavor begins with framing risk in a way that is meaningful to the institution’s success.
Risk management isn’t a safety issue alone. It must be considered with a broad, enterprise-wide approach. It must be intertwined with strategy and mission. It needs continuous investment over time. It isn’t the responsibility of a single person, but the product of an organizational mindset.
Institutions will be well-served by establishing and building a capacity to continually scan the landscape, identifying priority areas of risk most likely to knock the institution off-course and developing mitigation plans that provide a broad, holistic response. Whether you’re new to the concept of enterprise risk management (ERM) or already have initiated an ERM process on campus, at UE we recommend three key steps to ensure program success over time.
1) Get leadership buy-in. ERM is particularly useful with risks that cut across an institution, lack a formal owner and require cross-functional coordination to manage effectively. As a result, an ERM program can quickly become marginalized if it isn’t prioritized at an institution’s highest ranks. Tone at the top is critical.
Long-term success depends on visible leadership support, meaning that the board, President and/or Head of School articulates to the community the importance of ERM and appoints a champion with substantial authority to advance the program and demand accountability across the institution.
By comparison, traditional risk management tends to focus on a narrower set of risks that are managed within a function or written into the job responsibility of a single administrator or team, like some compliance or hazard risks.
2) Act. ERM is less about precision and absolutes and more about relativism and action. As the adage goes, don’t let perfect be the enemy of good. Doing something “fast and roughly right” is almost always better than doing nothing.
Many institutions overwhelm themselves with getting organized or identifying and assessing risks, spending 80% of their time and effort on this and 20% on treatment and implementation. We recommend doing the opposite at your institution: Spend 20% of your time on planning and 80% on acting.
ERM isn’t a project with an end date; the process grows and matures over time. There’s no need to unearth every stone at your institution immediately or get stuck in the wording of a particular risk. Treat one or a few risks at a time and gradually expand your program. Get small wins early and learn as you go.
3) Seek broader engagement. Institutions are rich in talent and expertise. Seeking broad input will result in better decisions about the most critical risks and the solutions put in place to address them. Key components to this process are the following:
- Define program scope at regular intervals — annually works best for most institutions — that align with available resources. Taking on a manageable effort increases the likelihood that steps in the ERM process — identifying risks, planning mitigation activities, assigning risk owners and even the program’s ultimate goals — are more attainable.
- Identify and engage a key champion who can bring energy to the process. The champion could be part of a functional or operating team that inherently manages risk and could gain new visibility with your program; a key administrative leader who anticipates a major risk and wants help; or someone with a dynamic, well-liked personality who can inspire others to engage.
- Deliver meaningful results by composing a cross-functional team to share the work ERM requires. The team also will bring a broader set of perspectives in developing risk mitigation plans and solutions.
While we focus on educational institutions, these ideas apply to other organizations looking to evolve their risk management program.
ERM can seem daunting, but given the increasing challenges of the day, it is necessary. Adopting these keys to success can help you launch or mature your efforts even in the face of today’s imposing challenges. &
