Risk Management & Assurance Mapping
Share this page
Although HEIs have been required to implement risk management for many years now, we are seeing an increased focus on ensuring that risk management isn't simply an overhead but adds real value. This has led to many institutions re-examining their established risk management approaches - often with the support of Uniac. There is no one right answer - beyond stating that a good risk management framework will both support the executive and allow the governing body to be satisfied that the principal risks to the institution have been identified and appropriate responses formulated.
Some debating points remain: some institutions link risks tightly to their corporate plans while others also devote space to identifying external left-field factors that may have an impact. External factors such as government policy may have been treated as "unmanageable" in the past, but increasingly and encouragingly we see institutions couching these risks in terms of increasing the instititution's own capacity to respond to external forces.
Assurance mapping flows from risk management and is a powerful tool to ensure that internal audit, and other sources of assurance, are channelled towards those areas where there are gaps in the assurance available to executive and governing body members.