NUS' ERM Initiatives

(I) Introduction

  • The Corporatisation and internal governance requirements in NUS saw the need to have a good Enterprise Risk Management (ERM) process across the organisation.
  • Office of Risk Management ("ORM") was established in January 2007.

Lead by the Chief Risk Officer, who was appointed in the January 2007, the NUS' journey in ERM began...

(II) Overview of ERM Initiatives

ERM Infrastructure

  • Set-up-Risk Management Steering Committee (RMSC)
  • Established NUS ERM Policy, Framework and Process
  • Developed ERM Implementation Structure
  • Set-up ERM Online Solution

ERM Education & Communication

  • Risk Owners identified and Risk Representatives are nominated.
  • Risk Owners were briefed on ERM initiatives and Policy & Framework
  • Training sessions were conducted for Risk Representatives
  • Accessible ERM knowledge repository

ERM Oversight

  • Key risk reporting and review by RMSC

(III) The success of a well embedded ERM process needs the following:

  1. Good embedded Risk Culture across the enterprise.
  2. Strong Boards/Senior Management support and guidance.
  3. Good Risk Plans and Strategy with realistic timeline to implement the specific risk policy & framework (to be kept simple) that are approved by the Risk Steering Committee.
  4. Good Governance support and oversight from RMSC and ORM, to facilitate and drive the risk initiatives across the organization through instituting good risk structures, common risk language and culture across the University.
  5. Constant communication across the University through training, monitoring and high-level reports of significant risks to appropritate authorities and committees.

ERM is an ongoing effort through implementation of Strategic & Work Plans approved by RMSC.

It should be noted that the purpose of the ERM initiatives (Plans & Strategy) is not to eliminate risk altogether, but rather to prevent or mitigate those risks that the University deems unacceptable, and at same time also see risks as opportunities.