UC lauded for its enterprise risk management program
While the University of California is best known for stellar academics and groundbreaking research, in some circles it is becoming equally well known as a leader in enterprise risk management.
From Harvard University to Singapore’s largest health care organization, there are dozens of public and private institutions now learning from UC and hoping to achieve similar results.
UC’s enterprise risk management program — part of the Working Smarter initiative to improve administrative operations and reduce costs — has saved the University roughly $493 million since fiscal year 2003–04, and more savings are anticipated in the coming years.
Equally important, UC is now better prepared to address risks that fall outside the scope of traditional risk management, said Grace Crickette, UC’s chief risk officer and the driving force behind the move to a more holistic approach to managing risk.
Enterprise risk management, or ERM, goes well beyond planning for natural disasters, she said. For an institution like UC to fully manage its risks, it must look at the whole operation and anticipate a wider range of events. From that global perspective, everything from deferred maintenance to faculty recruitment and retention becomes part of risk management.
Accordingly, all ten campuses now have risk management teams that include participants from the academic side of the house, as well as human resources, finance, IT, and health and safety.
UC’s Office of Risk Services has developed a library of tools to help UC campuses and medical centers analyze their risks and assess the most cost-effective ways to minimize them, she said. UC Santa Cruz, for example, recently used one of the tools as part of its decision-making process for making difficult budget cuts.
“Traditional risk management — fire, flood, theft — didn’t concern itself with the business side of risk, but that’s where risk management is moving, and UC is further ahead than a lot of large public and private institutions,” Crickette said. “There are more than 40 higher education institutions that we’ve been working with, whether it’s a phone call or a webinar.”
Colleges and universities aren’t the only ones taking note of UC’s success.
Last fall, Standard and Poor’s, the credit rating agency, cited UC’s enterprise risk management as a credit strength for the university, the first time any non-financial institution received such an acknowledgement. And last month, UC was one of just five organizations to be cited by APQC, one of the world’s leading proponents of knowledge management, benchmarking and business research, for its best practices in enterprise risk management.
“The University of California,” the APQC study said, “regards ERM as a model for organizational efficiency and effectiveness, using tools and templates to identify and manage risk so that staff can focus on the mission.”
Crickette says UC has reaped big dividends by shifting dollars from insurance premiums to investing in the tools and training that can help reduce claims. It has also minimized risk by leveraging quantitative performance indicators to assess how well UC is doing in a range of areas.
“Performance indicators let you know if you’re performing well — and if you’re not performing well, that’s where the risk will arise,” Crickette said. “Our use of business intelligence is where we are cutting edge and leading in both the public and private sectors.”
On June 6, people from around the UC system gathered in Los Angeles for a three-day risk summit to share tips and tools for further refining those best practices. Joining them will be leaders from Intuit, Safeway and the American Society of Healthcare Risk Management, among others, looking to learn from UC’s experiences and to share their own.
“I’ve been accused of being the Mary Kay of Enterprise Risk Management, but I’m just trying to convey a vision in which everyone at UC is a risk manager,” Crickette said.