Risk Management Overview

Organisations face internal and external factors and influences that make it uncertain whether and when the extent to which they will achieve or exceed their objectives. The effect that this uncertainty has on the organisations objectives is “risk” (DPER Risk Management Guidance February 2016). Risks may thus be either opportunities or threats.

The University can be risk-taking or risk-adverse and may be willing to accept different levels of risk depending on the risk type. For example, an organisation may have a zero risk tolerance with regard to compliance risk but may be willing to accept a level of risk with regard to financial risk. A risk appetite statement is established outlining the University’s tolerance for risk and must be approved by Údarás.

The importance of Risk Management has been emphasised in publications such as the Department of Public Expenditure and Reform’s Risk Management Guidance for Government Departments and Offices (February 2016) and the recently published Code of Governance for Irish Universities (September 2019). NUI Galway is committed to establishing and maintaining a robust risk management framework that supports the ongoing management of risk in accordance with the established risk appetite and University strategy (Strategy 2020 – 25). The objective of the University’s risk management framework is to add value to normal management processes by providing a mechanism for:

  • identifying systemic risks;
  • escalating emerging or common themes and;
  • identifying whether the University’s strategic risks are both understood and managed at an appropriate level.

Over many years, the University has operated an internal control environment that has successfully managed operational risk, and has had in place insurance arrangements to mitigate against the financial impact of key exposures. The University operates a comprehensive set of processes for the identification, evaluation and management of significant risks.

Údarás na hOllscoile has ultimate responsibility for overseeing the management of risk within the University as a whole. The Risk Management Group (RMG) at NUI Galway is a sub-committees of the Audit and Risk Committee (ARC) and assists Údarás na hOllscoile in fulfilling its oversight responsibilities in relation to risk management. A University Risk Forum, a sub-committee of the RMG, is a forum where risk officers and those charged with implementing risk management in units meet to discuss risks, risk registers and common risks.

 The NUI Galway Risk Management Framework consists of the following:

  • Risk Policy
  • Risk Management Procedural Guidance
  • Risk Appetite Statement

The above documents are reviewed annually and the risk policy is submitted to Údarás for approval annually (last completed in June 2020). See the following page for additional information.