The Two-Headed
Monster of Risk:
What Higher Ed
Traditional Risk Managers
and Enterprise Risk
Managers Can Learn from
Each Other
STARRING!
Andy Goldblatt, RISK MANAGER, UC BERKELEY
Hans Gude, ARM-E, Enterprise Risk Director, UC Berkeley
Today’s Agenda
1. Define traditional and enterprise risk
management
2. List useful skills for each
3. Describe how enterprise risk helps the
traditional risk manager
4. Describe how traditional risk helps the
enterprise risk manager
5. Explore three risks and whether they are
traditional, enterprise, or both
What is Traditional Risk Management?
Focused principally on operations and
insurable risks.
Loss prevention
Claim and lawsuit handling
Traditional Risk Manager’s Skill Set
1. Knowledge of:
– Insurance
– Law
– Loss prevention
2. Appetite for action
3. Crisis management
4. Comfort in gray areas
5. Ability to communicate to a
broad audience
6. Ability to negotiate
What is Enterprise Risk Management?
ERM
ERM
ERM
ERM
ERM
ERM
?
?
?
?
?
?
FORGET
ABOUT
‘ERM’ !
We’ll remember it back in a minute....
The business problem:
Given my organization’s strategic
objectives...
What are our opportunities?
Where are our greatest threats?
Where should we focus our finite
resources to mitigate threats and
maximize opportunities?
“ERM” refers to two things:
“ERM” refers to two things:
First, a perspective on how to think
about risk in your organization...
What is that perspective?
>Operational
>Reputation
>Financial
>Strategic
>Health
-Safety
“ERM” refers to two things:
Second, a toolbox for how to solve
“the business problem”...
• COSO
• ISO 31000
• Et al.
How do
you DO
that?
Enterprise Risk Manager’s Skill Set
1. Creative thinking: Figuring out how to take concepts
and make them operational
2. Consulting, including organizational change and process
improvement
3. Networking & sales
4. Willing to roll up your
sleeves and help with
the work
5. Communicate with
leadership
6. Comfort in gray areas
7. Patience to accept slow, incremental change
How Enterprise Risk Helps the
Traditional Risk Manager
How Enterprise Risk Helps the
Traditional Risk Manager
Broadens perspective.
How Enterprise Risk Helps the
Traditional Risk Manager
Provides basis for
prioritizing tasks
based on mission.
How Enterprise Risk Helps the
Traditional Risk Manager
Provides a governance structure for
bringing risk trends to senior management.
How Traditional Risk Helps the
Enterprise Risk Manager
What are
you nuts!
We don’t say ‘No.’
We say ‘How.’
Financial risk
Operational risk
Reputational risk
Strategic risk
Health–safety risk
How Traditional Risk Helps the
Enterprise Risk Manager
Makes ERM pragmatic: It has to make a
difference ‘on the ground.’
How Traditional Risk Helps the
Enterprise Risk Manager
Clarifies that activities are the point of entry
for assessing ‘enterprise’ risks, because
that’s where the risks “live.”
UC Berkeley tabletop fault model
How Traditional Risk Helps the
Enterprise Risk Manager
Clarifies the day-to-day risks that
impact the campus.
Traditional or Enterprise Risk?
Student Alcohol Abuse
Traditional or Enterprise Risk?
Reliable Source of Campus Energy
Traditional or Enterprise Risk?
The Demand for “Safe Space”
In conclusion...
1. Allies, not rivals.
2. Traditional risk manager becomes more
strategically savvy.
3. Enterprise risk manager becomes more
operationally savvy.
4. Increased individual effectiveness.
5. More effective at reducing the campus’s
overall risk.
Enterprise Risk Services, UC
36