RISK MANAGEMENT AT LAKEHEAD UNIVERSITY

 

 

Many institutions are setting up comprehensive risk management policies and plans to enhance their operations and the discharge of their ethical and legal responsibilities to their clients and staff.  This initiative aims at promoting the potentially positive outcomes of the numerous and multi-faceted risks confronting and undertaken by institutions, and at reducing potential hazards and their consequences – thereby reducing as well legal and insurance costs.  Governments in some countries, such as England and Australia, have mandated that their universities establish risk management plans.  At Lakehead University, individual departments have over the years set up a number of such policies and plans.  The Office of Risk Management and Access to Information and the Risk Management Committee, who report to the Vice-President (Administration and Finance), have been charged with reviewing and fostering existing risk management operations and initiatives, and coordinating the establishment of a comprehensive system for the whole University.

 

 

“Risk” can be defined as “uncertainty about outcomes that can be either negative or positive” (E. Baranoff, S. Harrington, G. Niehaus, Risk Assessment, 1^st ed. [Malvern, PA:  AICPCU/IIA, 2005], p. 1.4).  In an institution like a university a particular risk may have potential consequences in up to 6 main areas: 

 

1. Health and safety;

 

2. Operations (i.e. if the risk potentially affects, for good or ill, the actual operations or procedures of a department);

 

3. Finance;

 

4. Compliance with law, statutes, and regulations;

 

5. Reputation (i.e. if the risk has potential to enhance or harm the reputation of a department or the institution);

 

6. Strategic goals (if the risk could affect a department’s or the institution’s overall goals, development, or survival).

 

A particular risk may have potential consequences in any or all of these dimensions.

 

 

Once a risk and its potential consequences have been identified, a management plan can be developed for it.  Risk management involves the application of no profound or sophisticated science - except in its extension into actuarial analysis, tort (like negligence), and insurance law.  Normally risk management involves only the exercise of common sense.  In its basic form it’s a fairly simple process:

 

1. Analyzing identified risks and their specific potential positive and/or negative outcomes – including their likelihood and importance or gravity;

 

2. Deciding in each case whether to promote, eliminate, limit, transfer (by, e.g., insurance and/or waivers), or disregard the risk;

 

3. Developing appropriate and feasible policies and procedures to carry out the decision about how to deal with the risk;

 

4. Planning responses to negative outcomes in order to limit their damage – and responding accordingly to actual negative events;

 

5. Monitoring the implementation and success of the risk management policies, procedures, response plans, and actual responses in each case and improving them where necessary and feasible.

 

While serious attention needs to be devoted to managing risks to avoid, eliminate, or limit their negative outcomes (and the attendant growth in insurance premiums and legal liability), the possible positive outcomes should also be considered in any risk management plan.  There can be no growth or development – or, arguably, even survival - without taking risks, so risk management often does not entail eliminating risks entirely, but, rather limiting or mitigating their possible hazardous consequences – so that they don’t outweigh the potential benefits.  Risk management should also be undertaken not just to protect the University from hazards and liability, but to support the highest ethical and legal standards of responsibility to and care for its members.  The main purposes of such a system are NOT to add extra layers of bureaucracy and red tape to the University’s operations, or to create a “Chicken Little” atmosphere, but to establish and promote clear and comprehensive policies and procedures to which adherence will not be a heavy burden but, once established, routine, and to foster risk identification and analysis at all levels of the University’s planning.  In consequence, University members should be able to devote more resources and attention to the efficient operation and development of the University’s primary programs:  education and research.

 

The Director of Risk Management and the Risk Management Committee will review and promote the development of risk management policies and procedures in close consultation with the departments concerned, while ensuring compliance with law, statute, and regulation.  The Director and Committee will rely on external best practices and expertise in addition to departmental experience, assessment, and advice.  Every effort will be made to establish and support risk management policies and procedures that, while fulfilling legal obligations, aid and do not hinder the departments and personnel responsible for their implementation.

 

 

All questions, concerns, or suggestions about risk management at Lakehead University are welcome, and can be addressed to:

 

Millo Shaw

Director of Risk Management and Access to Information

ATAC 4010

Lakehead University

Telephone:  (807) 343-8518

Fax:  (807) 346-7735

E-mail:  mshaw1@lakeheadu.ca

 

The Administrative Assistant for the Office of Risk Management and Access to Information is:

 

Lois Tilson

ATAC 4007

Lakehead University

Telephone:  (807) 343-8267

Fax:  (807) 346-7735

E-mail:  lois.tilson@lakeheadu.ca