ERM Lifecycle

What is Enterprise Risk Management?

ERM is a process that helps identify, prioritize, and respond to risks to improve decision-making and program outcomes in the face of uncertainty. The ERM lifecycle, detailed below, will allow DePaul to conduct repeatable risk assessments across the institution and address the most significant risks.

The ERM Lifecycle is a continuous process that includes risk identification, assessment, prioritization, response, and monitoring. Communication occurs during every phase. — Figure: The Enterprise Risk Management Lifecycle

Identify

Identify and categorize risks that impact the achievement of strategic goals and objectives

Assess

Apply risk rating criteria to evaluate overall exposure to the identified risks

Prioritize

Determine the most critical risks

Respond

Develop responses to accept, avoid, reduce, transfer, or exploit risk

Monitor

Provide timely and relevant updates to leadership on risk information at any point in the ERM life cycle