Click here to start your application. Apply now

Academic Handbook Risk Management

Risk Management Strategy

Overview

  1. The Risk Management Strategy is designed to support Northeastern University London’s (the University) mission by assessing and managing the risks to the University achieving its stated mission and to ensure that the University is also protecting its stakeholders to which it has responsibilities such as students, staff, funding bodies, partners, suppliers and the general public.
  2. This strategy forms part of the University’s control and governance structure and it is designed to give a summary guidance for those different parts of the University who are responsible for managing risk and for ensuring that their decisions are implemented.

Overarching Approach 

  1. The overarching approach that should be taken by the University in relation to risk is to firstly to adequately understand the nature of the risks involved, their potential impact and the ability to mitigate those risks. Secondly to advance the University’s Mission in a way that strikes a balance between stability and innovation.
  2. In the context of this strategy risk is defined as:
    1. The possibility that an action, event or set of circumstances will adversely affect the University’s ability to achieve its objectives and deliver on its obligations.
  3. Risk Management is defined as:
    1. The planned approach to the identification, evaluation and mitigation of risk.
  4. In practice this means that the University adopts good practice in the identification, evaluation and cost-effective mitigation of risk to ensure that risks are either i) avoided, ii) reduced to an acceptable level, or iii) managed and contained. In addition, the mitigation of risk is communicated across the University’s different constituencies and a dialogue is encouraged by all affected parties about the risk management measures taken.
  5. All relevant parties must understand the nature of risk and accept responsibility for managing the risks associated with their area of authority or personal responsibility.

Objectives

  1. The risk management objectives of the University are to:
    1. Integrate an awareness of managed risk taking, and effective risk management into the culture of the University.
    2. Manage risk in accordance with good practice.
    3. Embed risk management within strategic and operational management processes.
    4. Consider legal compliance as a minimum standard.
    5. Anticipate and respond to changing economic, social, environmental and legislative requirements.
    6. Prevent injury and damage and reduce the cost of risk.
  2. These objectives will be achieved by:
    1. Developing and maintaining a Risk Register which details those risks which, in the view of senior management and the Northeastern London Board, pose the greatest challenge to the achievement of the University’s mission and of its continuing function.
    2. Assessing the likelihood of these risks occurring and the likely impact of an occurrence.
    3. Putting in place arrangements to manage and monitor risk.
    4. Maintaining effective communication and the active involvement of staff.
    5. Preparing contingency plans in areas where there is a potential for an occurrence having a wholly negative effect.
    6. Monitoring and reviewing arrangements on an ongoing basis.
    7. Insuring against risk where this is deemed to be cost effective.

Allocation of Roles and Communication of Expectations

  1. Northeastern London Board has ultimate responsibility for the total risk exposure of the University by:
    1. Setting the tone and influence of the culture of risk management across the University.
    2. Determining the extent to which the University is “risk taking” or “risk averse” as a whole and sets the University’s “risk appetite“.
    3. Approving major decisions affecting the University’s risk profile or exposure.
    4. Determining what types of risk are acceptable/not acceptable and monitoring significant risks and control improvements to mitigate risks.
    5. Annually reviewing the University’s approach to risk management and approving changes or improvements to key elements of the process and procedures.
    6. Establishing, maintaining and reviewing controls for monitoring risks.
    7. Having particular focus on the financial risks that could impact the University and its provision of world class higher education.
  2. To support it in exercising these responsibilities, Northeastern London Board will receive an annual report from Executive Committee (ExCo) on the effectiveness of the risk management process in the University, making recommendations where appropriate.
  3. ExCo are responsible for corporate risks by:
    1. Identifying and evaluating the significant risks faced by the University.
    2. Providing adequate information in a timely manner to Northeastern London Board on the status of risks and controls.
    3. Annually having a risk review and reporting the outcomes to Northeastern London Board.
    4. Implementing policies on risk management and internal control.
    5. Annually reviewing the effectiveness of the system of internal control and risk management.
  4. ExCo’s will report to the Northeastern London Board on an annual basis as to the approach to risk faced by the University, and the management of it, and in each Northeastern London Board meeting will report on any incidents and/or changes to the level of risk faced by the University and the approach to managing those changed circumstances.
  5. The framework for these discussions at Northeastern London Board will be the Risk Register and discussed below.
  6. Each Chair of a University committee in the University’s governance structure is responsible for risk management that sits within the remit of their committee within the overall framework and approach dictated by the Northeastern London Board.

Approach to Risk Management 

  1. The Risk Register will review the risks faced by the University with these rated on the likelihood that a particular event will occur; and on the potential adverse impact (consequences) of the event if it did happen.
  2. Mitigation efforts focus on risks with a high combined score of Likelihood and Impact. Additionally, the controls available to manage each identified risk will be assessed.
  3. This is considered using the matrix below:

With the following definitions:

Likelihood Scale

Impact Scale: Characteristics for Each Rating

Mitigation Scale (expected effectiveness of preventive measures/mitigation)

Title: Risk Management Strategy

Approved by: Northeastern London Board

Location: Academic Handbook/strategies

Version number Date approved Date published Author Proposed next review date
22.3.2 May 2023 May 2023 COO April 2024
Version numbering system revised March 2023
3.1 November 2022 November 2022 COO April 2024
3.0 April 2021 September 2021 COO April 2024
2.0 February 2019 February 2019 COO February 2021
1.0 November 2017 November 2017 COO November 2019
Referenced documents None
External Reference Point(s) UK Quality Code Theme: Admissions, Recruitment and Widening Access; Assessment; Concerns, Complaints and Appeals; Course Design and Development; Enabling Student Achievement; External Expertise; Learning and Teaching; Monitoring and Evaluation; Partnerships; Student Engagement
Print/Save PDF