This policy applies to all First Nations University of Canada (FNUniv) members. An Enterprise Risk Management framework is designed to assist management identify, analyze, evaluate, and treat potential Risks that may affect FNUniv’s ability to achieve its strategic goals or maintain its operations. These risks are assessed against FNUniv’s level of risk tolerance, providing reasonable assurance to the Board of Governors and other stakeholder that the university’s objectives will be achieved. FNUniv is committed to establishing an institution that ensures risk management is an integral part of all university activities and a core capability.
FNUniv’s objective for enterprise risk management include:
Enterprise risk management: a rigorous process applied across FNUniv for assessing and addressing risks from all sources that could impact the achievement of the university’s strategic objectives.
Risk: chance that an event or trend, either positive or negative, that will have a significant impact on university operations and/or fulfillment of the university’s strategic objectives.
Risk appetite or tolerance: described as the level of risk FNUniv is willing to accept in relation to a threat that may cause loss or an opportunity in the day-to-day business activities. The risk tolerance of an organization may be different for different events. FNUniv’s risk tolerance and the alignment between its risk appetite and its objectives form part of the overall university strategy.
Risk register: official record (often prioritized) of the known risks facing FNUniv.
Risk Treatment: management actions that either avoids, accepts, transfers, or reduces various risks.
FNUniv’s methodology for risk management is shown on the Enterprise Risk Management Framework and is simply a flow chart expression of the risk management activities. The process is continuous and should be applied at both the University (enterprise) level or at an individual academic and administrative unit level. The Enterprise risk management Framework also documents the roles and responsibilities of the various stakeholders. Further, FNUniv provides appropriate training and resources to its members to manage risk.
FNUniv’s principles for managing risk are:
The Director of Finance is responsible for the development and maintenance of an Enterprise Risk Management framework, which will include facilitating and coordinating the process of identifying, reviewing and ranking risks; and reporting to the Board of Governors through the President the highest risks facing FNUniv.
The Director of Finance may develop, for approval by the President or Board of Governors (as appropriate), policies and procedures and risk management strategies within their areas of responsibility.
The Executive is responsible for the implementation of this policy, and associated policies and procedures within their areas of responsibility. They shall:
All staff members of FNUniv are responsible for the effective management of risk including the identification of potential risks.
The Audit, Finance and Risk Committee is accountable for the Enterprise Risk Management program as defined in its terms of reference, and approved by the Board of Governors.
Failure to comply with this policy may affect FNUniv and/or academic and administrative unit from achieving its strategic and operational objective.