Enterprise Risk Management

SHARED GOVERNANCE APPROACH

ERM provides leadership, expertise, and strategic guidance to the Stony Brook community on emergency management and business continuity, environmental health and safety, risk management, policy & compliance, public safety, and campus services and will work to integrate other areas to ensure the safeguarding of our people, our property, and the environment while reducing the institution’s vulnerability to conditions adversely affecting its missions of education, research, and healthcare. 

The Vice President of Enterprise Risk Management and Chief Security Officer will help lead thinking about the costs and benefits of taking risks, and how the institution manages risks through a strategic planning process and beyond. Risk is inherent in every activity and ERM will establish a robust risk-aware mindset and appropriate risk appetite by linking institutional governance, risk management, and campus safety. 

Consistent with traditional risk management frameworks throughout higher education, the shared governance structure for ERM will comprise two distinct committees and will brief the University Senate Environment Committee at least annually. The focus of the teams’ work varies from year to year as different issues arise, but the consistent task is to ensure that the policies, practices, and operations are aligned with the risk appetite and proactively managed.

Enterprise Risk Management Shared Governanace. SENIOR RISK ADVISORY COUNCIL (SRAC) Senior Risk Advisory Council (SRAC) includes members of the senior executive leadership team that meet to review and discuss signi�cant high-level risk and compliance issues that could impact the strategic goals for the Stony Brook enterprise. The mission of SRAC is to provide strategic oversight/guidance to the integrated risk-management framework implementation and the review of signi�cant risks. SRAC will integrate risk management into SBU’s business and strategic processes, allowing SBU to take the right risks to create value and respond and mitigate risks that do not. RISK & COMPLIANCE OWNER COMMITTEE (RCOC) Risk & Compliance Owner Committee (RCOC), a team assembled from institution-wide risk and compliance owners representing functional areas to identify, assess and draft recommendations to mitigate potential risks. Through its members, the committee facilitates communication across functional areas and campuses. ERM RESILIENCY TEAMS & UNIT SPECIFIC RISK OWNERS FINANCE & ADMINISTRATION SPACE PLANNING CAMPUS SAFETY HEALTHCARE HUMAN CAPITAL INFORMATION TECHNOLOGY GOVERNANCE & COMMUNITY AFFAIRS ACADEMIC AFFAIRS STUDENT AFFAIRS RESEARCH & RESEARCH SECURITY

View Shared Governance Structure PDF

 

GOVERNANCE & CULTURE STRATEGY & OBJECTIVE-SETTING PERFORMANCE REVIEW & REVISION INFORMATION, COMMUNICATION, & REPORTING MISSION, VISION, & CORE VALUES STRATEGY DEVELOPMENT BUSINESS OBJECTIVE FORMULATION IMPLEMENTATION & PERFORMANCE ENHANCED VALUE ENTERPRISE RISK MANAGEMENT

 

View Enterprise Risk Management PDF