Skip navigation

Risk Review Process

Continuous Risk Management and Reassessment Cycle

NIU's Enterprise Risk Management (ERM) risk review cycle includes these steps:

  1. Risk Identification
    Annual review and update of Risk Register
  2. Risk Analysis
    Integrate new risks into Risk Register
  3. Risk Evaluation
    Review risk priorities
  4. Risk Mitigation Plan Development
    Risk owners
  5. Mitigation Resourcing
    FY budget development
  6. Mitigation Plan Implementation
    As resources allow

Review partners

The steps in review cycle are to be performed by a variety of partners across campus, ranging from the Core ERM Team to risk owners at the unit level to senior leadership and, finally, directly to the Board of Trustees Finance, Audit, Compliance, Facilities and Operations (FACFO) Committee.

Review schedule and plans

The review process is scheduled to occur Oct. 1 through Sept. 30 of each year and will include identifying new and emerging risks, assessing those risks according to likelihood and severity, identifying or connecting with risk owners, developing mitigation plans, reviewing those plans with the EBC, establishing mitigation plans to report to the Board of Trustees and planning implementation steps.