Create a manageable approach to campus events and enterprise risks

Chief business officers and their colleagues in the administration who think about risk management have no shortage of stimuli. Among the many pressures are board demands, compliance requirements, uncontrollable demographic trends, as well as growing internal complexity from international ventures, campus incidents, and of course political activism.

Pressures from Without and Within

External Factors

For many of the discrete pressures listed here, a dedicated role exists on campus to be accountable for dealing with that activity and its associated risk (think here about campus safety, or the IT staff member caring for the campus firewall), which is good news. However, the holistic management of the many pressures listed here tend to come together in a storm cloud above the senior most business officer, as the person on campus accountable for making sure these risks are covered.

Getting a handle on the universe of risks that a CBO’s office oversees can be unwieldy—if not overwhelming—in higher education’s shared governance setting. A multi-layer approach can break down the venture into phases, prioritize filling urgent gaps, and setting a manageable path toward holistic risk management. EAB will be releasing an updated study later this quarter that contains further details; below is the recommended framework for approaching the challenge of campus risk management.

Phase one: Round out your response plan

Just as any organization would have a response plan for fire safety, a natural disaster, or campus safety incident, the first step is to round out the “event-response” plan portfolio with:

  • An IT Security Breach Response Plan
  • A Campus Activism First-Responders Plan

Phase two: Engage campus leaders in risk management

Having ensured that foreseeable “events” are covered with response plans, the opportunity opens up to tackle the bigger picture. The next step is to engage campus leaders in a discussion of risk management for the enterprise. The goal is to (re-)set stakeholders’ expectations that risk management does not have to be overwhelming, and to gain buy-in that structured risk management is in the interest of a successful, sustainable organization.

EAB offers a “foundational essentials” guide to establish a footing during this phase. The three basic tactics below are recommended:

  • Establish a right-sized governance and oversight structure for risk
  • Apply disciplines to scope down and clearly triage risks for treatment
  • Borrow wisely from existing risk registers to kick-start the effort

Related article
How to de-average risk

In parallel, the campus CIO and Student Affairs VP may review the “foundational essentials” EAB is presenting for information security and campus activism. Improving these functions’ ability to prevent negative outcomes from incidents pays off greatly.

Phase three: Engage other campus stakeholders

With these building blocks in place, CBOs can engage other critical stakeholders such as faculty, trustees, community members, and the media, all in order to boost the campus’s resilience in fast-changing times.

Rolling Out Risk Management

Phase Chart

It's not just physical security: How cyber-secure is your campus?

We talked to dozens of college and university IT security directors about what challenges their campuses are facing. Download our brief to use their insights to identify potential emerging security concerns on your campus. Download the Brief

This is a preview of restricted content.

Full access to this content is reserved for Business Affairs Forum members. Log in now or learn more about Business Affairs Forum.

Next, Check Out

Assessing and Managing Institutional Risk

  • Manage Your Events
  • Saved webpages and searches
  • Manage your subscriptions
  • Update personal information
  • Invite a colleague