Like all institutions of higher education, Colorado State University must recognize the importance of an institutional risk management framework in managing risk and resources entrusted to the university in support of the university’s mission and strategic goals. Institutional risk management recognizes that risk, broadly defined, is anything that could prevent the University from achieving its objectives, is inherent in pursuing our mission, and must be appropriately managed as a part of the overall strategic planning process.

Institutional risk management, also known as Enterprise Risk Management (ERM) is “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across institution, designed to identify potential events (risks) that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.” (COSO ERM Framework)