Skip to main content


Enterprise Risk Management (ERM) is a structured and continuous process, encompassing the whole University and led by VU executive management, which enables proactive and ongoing identification, assessment, and prioritization of the major opportunities and threats affecting achievement of the University’s key objectives. ERM is facilitated by the Office of Audit, Risk, & Compliance (ARC) using the Committee of Sponsoring Organizations (COSO) ERM framework. The framework helps provide a structured approach to:

  • Identifying risks across the entire enterprise;
  • Assessing the impact of risks to the operations and mission; 
  • Developing and implementing response or mitigation plans; 
  • Monitoring the identified risks, holding risk owners accountable, and consistently scanning for emerging risks; and
  • Promoting consideration of ways to turn risks into opportunities.

Information presented on this webpage was compiled from the following authoritative source:  Committee of Sponsoring Organizations of the Treadway Commission