The University considers that taking well-managed risks is essential to the success of higher education, in the management of its core activities of research and teaching, as well as its supporting activities.
Risks include not only threats facing the University, but also a failure to seize opportunities.
Good risk management, incorporating identification, assessment and control of risks, is a key factor in the achievement of the University’s strategic objectives in all its areas of activity.
The practice of risk management at Stirling
The University sees risk management as an integral component of its decision-making processes and culture, rather than an extra process. It is central to the planning and budgeting process, and is key to encouraging innovation.
The University’s risk management processes will be explicit, able to be audited, and clearly encorporated into all major business processes. Regular reporting to senior management and Court are essential to ensuring its effectiveness.
The role of University Court and Audit Committee is to determine the risk appetite of the institution (the level of risk deemed acceptable), set internal control policies and to assure themselves that these are working correctly.
The responsibility of University senior management is to implement these policies, and to identify, assess and manage risks as a central part of their ongoing management activity.
A strategic risk identification, assessment and prioritisation process is undertaken annually by senior management. This leads to the production of a prioritised risk register and informs the Strategic Action Plan.
The University promotes a risk management culture at all levels of the institution, through the acceptance by all staff of their shared responsibility for the success and good management of the institution.
It is the responsibility of Heads of School/Directors of Service Areas and project leaders to identify, assess and manage risks in their own areas of concern. Where risks are identified which cannot be managed at the School/Service Area or project level, these should be reported immediately to senior management.
The University is committed to the development of risk management processes to help facilitate better and more efficient University processes, and an improved capacity to predict and control risks.
The University’s risk management policy is also intended to secure financial and regulatory benefits, including staff time, legal fees, insurance premiums, reduction of bad debt and light touch audit, through the early identification and effective management of risk.
The safety and security of staff and students is a high priority for the University, which seeks to secure this through good management of health and safety risks.