Risk Assessment - Business & Financial Services

Risk Management Presentation
May 12, 2011
Pam Lombardo, Director EH&S
Risk Management Presentation
Meeting Topics
 Section 1. Risk & the Risk Management Process
 Section 2. UC Insurance Programs & Policies
 Section 3. Risk & Contracts
 Section 4. Other Risk Transfer Techniques
 Section 5. Enterprise Risk Management
Section 1
Risk & the Risk Management Process
 Definitions
 The Risk Management Process
– Risk Analysis
– Risk Financing
– Elimination, Loss Control, Risk
– Risk Transfer
 Risk Management Flow Chart
Section 1. Risk & the Risk Management Process
 Risk:
– the potential that a chosen action or activity (including the choice of inaction) will
lead to a loss; the possibility of loss or exposure to loss. Almost any human
endeavor creates some risk.
 Risk Management:
– a process that involves the identification, analysis and evaluation of risk and the
selection of the best method of treating the risk. The objective of the risk
management process is the protection of an organization’s financial, physical, and
human assets from loss or destruction.
Section 1. Risk & the Risk Management Process
The Risk Management Process
 Define Objectives: What do you want to do and how will
you do it.
 Risk Identification: Identify all potential loss exposures –
an inventory of all possible human, physical, financial, and
natural losses.
 Apply Risk Management Techniques: Analysis,
financing, elimination, reduction, retention, and transfer.
Section 1. Risk & the Risk Management Process
Risk Analysis
High Frequency
Low Frequency
High Severity
Work to reduce and insure Insure
Low Severity
Work to reduce and insure Retain and self-insure
Risk Analysis:
How frequently will losses occur?
How severe will they be?
What are the total loss possibilities for a single risk
Section 1. Risk & the Risk Management Process
Elimination, Loss Control, Retention
 Elimination:
– The best solution, is to eliminate risk if possible.
 Loss Control:
– take steps to avoid risk as much as possible, and implement policies and procedures
that will reduce and prevent losses.
 Risk Retention:
– After you made your best effort to eliminate and avoid risks, and taken steps that
will reduce and prevent losses, you must analyze the remaining loss potential to
whether it is small enough to retain or it is necessary to transfer.
Section 1. Risk & Risk Management Process
Risk Transfer
 Risk Transfer:
– Insurance:
• The University purchases insurance to cover the exposures that are caused by its
operations and that cannot be retained, eliminated, or transferred to a vendor. Insurance is
a risk transfer technique.
– Indemnification or Hold Harmless Provision:
• Requires a supplier, tenant, or contractor to assumes responsibility for liabilities caused by
its own negligence; vendor provides evidence of insurance to demonstrate it has financial
wherewithal to meet the indemnification obligation.
– Waiver of Liability:
• A document that requires a participant in an activity to hold the University harmless if
injured in the activity.
Section 1. Risk & the Risk Management Process
Risk Management Flow Chart
What are you
trying to do and
how will you do
What are potential
human, physical,
financial & natural
loss exposures?
What are you
doing to manage
the risks –
elimination, loss
control, retention,
and/or risk
Are you
monitoring key
risk indicators
and tracking
efficacy of risk
Section 2
UC Insurance Programs & Policies
 UC Self Insurance Programs
 UC Excess Insurance Policies
 Commercial Insurance Policies
Section 2. UC Insurance Programs & Policies
Self-Insurance Programs
 The University of California has been self-insured since 1986. Self-
insurance is a form of retained risk. UC decided that the cost of buying
insurance was so high that it made sense to establish the following inhouse self-financed insurance programs:
 Workers Compensation
 Auto Liability
 General Liability
 Professional Liability
 Employment Practices Liability
 Property Insurance
Section 2. UC Insurance Programs & Policies
UC’s Excess Commercial Policies
The University’s
programs provide
coverage to certain
limits, the selfinsured retention
(SIR). Above the
programs, UC
purchases excess
commercial insurance
policies. Excess
insurance policies are
a means of
transferring risk.
Section 2. UC Insurance Programs & Policies
UC Commercial Insurance Policies
 UC does not self-insure all its exposures. It transfers the cost of risk of some
by purchasing commercial policies that provide “first dollar” coverage:
 Aviation
 Boiler & Machinery
 Builder’s Risk
 Business Travel
 ICA & Club Sports
 Fine Arts & Collections
 Foreign General Liability
 Ocean Marine
 Off-Campus Student Travel
 Marine Open Cargo
 Special Events
Section 3
Risk & Contracts
 What is a Contract?
 Types of Contracts
 Indemnification
 UC’s Standard Mutual Indemnification Provision
 Vendor Insurance
 UC’s Vendor Insurance Matrix
 Typical Vendor Insurance Requirements
 The Certificate of Insurance
 Waiver of UC Insurance Requirements
Section 3. Risk and Contracts
What is a Contract?
 Contract: A contract is a legally enforceable agreement between two
(or more) parties to perform, or refrain from performing, some
specified act(s) in exchange for lawful consideration.
 Contract Elements:
Terms (unambiguous)
Signature of individuals authorized to enter into contract
Section 3. Risk and Contracts
Types of Contracts
Facility Use Permits
 Professional Services Agreement
 Grants
 Research Access Permits
 Performance Agreements
 Academic, Instructional agreements
 Leases, Rentals
Purchase Orders
Section 3. Risk and Contracts
 What is Indemnification?
– A Contract provision that is a form of risk transfer, as it specifies who shall be
financially responsible in the event of a loss.
 Regents' Standing Order 100.4(dd)(9):
– Prohibits campuses from entering into agreements that contain indemnification
provisions by which UC assumes liability for conduct of persons other than
University officers, agents, employees, students, invitees, and guests.
Section 3. Risk and Contracts
Vendor Insurance
 Indemnification
– is a Promise to Perform
 Vendor Insurance
is the Financial Wherewithal to Perform
Section 3. Risk and Contracts
UC’s Vendor Insurance Matrix
Section 3. Risk and Contracts
Typical Vendor Insurance Req’ts.
 GENERAL LIABILITY (contractual liability included) with minimum limits:
a) Each Occurrence
b) Products/Completed Operations Aggregate
c) Personal and Advertising Injury
d) General Aggregate
$ 1,000,000 CSL
As req’d by State law
 ADDITIONAL INSURED: both the General Liability and Automobile
Liability policies shall be endorsed to include The Regents of the University of
California as additional insured.
Section 3. Risk and Contracts
The Certificate of Insurance
Section 3. Risk and Contracts
Waiver of UC Insurance Requirements
Can UC Insurance Requirements Be Waived?
 It depends – can be waived when exposure to liability is determined to be
What Is Critical to Determining If Exposures Are Negligible?
 We need to know what the final product is and how the vendor will
accomplish the contract scope of work. The how and what is what creates the
A Waiver Negates Risk Transfer.
 When a department requests a waiver of University insurance requirements it
creates increased liability for the University. Waivers are granted on the
condition that the department requesting the waiver assumes financial
responsibility for any losses that arise out of the contract scope of work.
Section 4
Miscellaneous Risk
 UC Waivers of Liability
 Campus Connexions
 Accident/Travel Insurance
Section 4. Miscellaneous Risks
UC Waivers of Liability
 protect the University from legal
liability for injuries that may occur
to individuals who participate in
voluntary or required activities.
 a participant in an activity agrees
to hold the University harmless if
injured in the activity.
 commonly required for activities
that create physical risk to the
participants, e.g. sports activities,
off-campus travel, boat charters,
transportation, etc.
Section 4. Miscellaneous Risks
 Insurance for Affiliated Organizations:
 Registered Student Organizations Event Liability Policy
 Foundations, Alumni, and Support Groups Policies
 Tenant Users Liability Insurance Protection (TULIP)
 Recognized Club Sports Camps and Clinics Event Liability Policy
 Renters Insurance
 http://ucsb.marshcampusconnexions.com
Section 4. Miscellaneous Risks
Travel Accident Insurance
 The University’s Travel Accident Insurance Program: a travel insurance program for
employees and students who are traveling out-of-state on University business or
participating in University sponsored activities. The benefits are provided at no cost and
– Out-of-Country Medical Expenses
– Emergency Medical Evacuation
– Repatriation of Remains
– Security Extraction
– Travel Assistance
– Personal Property and Lost Luggage
– Trips Interruption and Cancellation
 iJet/WorldcueTRAVELER: When University travelers register for travel accident
coverage they will receive travel alerts about the country they are traveling in. The
system also allows the University to keep track of and communicate with its employees
and students in the event of an emergency.
Section 5
Enterprise Risk Management
 Definition
 Elements of Enterprise Risk Management
 Everyone is a Risk Manager
 Top 5 Risks at UCSB?
ERM - Defined
 A risk-based approach to managing an
– Integrates concepts of internal controls and
strategic planning
– Includes all stakeholders
– Incorporates a broad spectrum of risks in
complex organizations to ensure they are
Section 5. Enterprise Risk Management
Elements of Enterprise Risk Mgmt.
 Strategic Goals – The University’s mission is teaching, research and public
Risk Assessment: Identify and assess risk in context of strategic goals, to
identify changing risk trends, and to prioritize risk management.
Risk Response: Develop a set of actions to mitigate risks.
Control Activities: Establish and implement policies and procedures to help
ensure risk responses are effectively carried out.
Communication: Communicate risk management goals and activities,
identify interrelations of risk factors across activities and units.
Monitor: Develop and implement means to monitor key risk indicators, and
report on processes for on-going risk management activities.
ERM Flow Chart
Section 5. Enterprise Risk Management
Everyone is a Risk Manager
 MSO’s – Internal Controls, SAS 112
 Internal Audit - Annual Risk Assessment
 General Counsel - Advice for Legal Matters, Manages Litigation
 Insurance - Workers’ Compensation, General Liability Insurance
 Compliance and Ethics Committee - Compliance with Laws, Ethics, Policies
 Student Affairs - Student Behavioral Health Team
 Athletics - NCAA Compliance
 Strategic Planning - Funding for Operations
 EH&S - Assess Safety and Hazards
 Information Security- HIPAA, IS-3
 Design and Construction - Earthquake Assessment
 Research - Compliance with Grant Regulations, Laws
Control Self-Assessment
The Control Self-Assessment Questionnaire is a tool to be used by
departments to assess the adequacy of the internal controls within their
area. Departments are encouraged to conduct a self-assessment
annually, or as needed with changes in administrative personnel.
UCSB Policies and Procedures for Business Officers:
Section 5. Enterprise Risk Management
Top 5 Risks at UCSB
 Lab Safety
 Outdated Information Technology Systems
 Deferred Maintenance
 Inadequate Information Technology Funding
 Loss of Research Productivity as PI’s Teach Classes
Risk Management Presentation
Section 6. Campus Contact Information
 Lee Mudrick, Insurance Administrator
– Tel. 893‐2860; Email: [email protected]
 Kathy Speer, Insurance Coordinator
– Tel. 893‐5837; Email: [email protected]
 Kimberly Tapia, Contracts Manager
– Tel. 893-5836; Email: [email protected]
 Daniel Sweeney, Contracts Analyst
– Tel. 893-2271; Email: [email protected]
 Ron Betancourt, Contracts Assistant
– Tel. 893‐4670; Email: [email protected]
 Carrie Frandsen, Enterprise Risk Management
– Tel. 893-3154; Email: [email protected]
Risk Management Takes a Village