Corporate Risk Management

Introduction

Corporate risk management forms part of Keele University’s governance and internal control arrangements, and it is a requirement of the Terms and Conditions of Funding for Higher Education Institutions that the University Council has ultimate responsibility for risk management.  The University’s Risk Management Policy was last updated in 2017 and can be accessed here:

Risk Management Policy 2017

Corporate and Management Risk Register

A key element of risk management at Keele is the Corporate and Management Risk Register.  These are intrinsically linked to the University Strategic Plan, and identify risks that have a fundamental impact on the University’s ability to operate as a business and/or deliver its Strategic Plan.  Risk management is incorporated into the strategic planning process to ensure that the University is able to monitor risks to achieving the University’s objectives and determine which risks have the most significant impact. 

Local Risk Registers

The high level strategic risks identified in the Corporate Risk Register are underpinned and informed by Risk Registers overseen at the local operational level – in Faculties and Directorates, by subsidiary companies or for significant institutional projects.  These local registers identify risks that impact upon and are managed by operational areas or subsidiary companies.

Risk Register Monitoring

University Executive Committee (UEC) reviews the Corporate, Management and local risk registers on a routine basis to ensure that risk is being accurately identified and managed and that the University continues to operate within the agreed risk tolerances.  

Governance

Audit and Risk Committee acts on behalf of Council to maintain an overview of risk management, control and governance arrangements.  It receives the Corporate and Management Risk Register on a quarterly basis and makes recommendations to Council on changes to the corporate and management risks and their ratings.

Council’s role is to determine the overall policy for risk management within the University. This includes:

  • Determining institutional risk appetite
  • Approval of major decisions affecting the University’s risk profile or exposure
  • Approval of changes to the Corporate Risk Register
  • Reviewing the University’s approach to risk management and approve changes or improvements to key elements of its processes and procedures 

Council receives the Corporate Risk Register on a quarterly basis, alongside a report on University performance against the University Strategy.

Further Information

Please contact Jen Paddison for further information on 01782 734980.