This policy defines VIU’s approach to managing its operational and strategic risks by setting out the principles the university will follow to manage institutional risks, as well as the roles, responsibilities, and accountabilities for Enterprise Risk Management.
About the policy consultation
Consultation is now closed. The consultation ran from Wednesday, February 18 until 4 pm on Tuesday, March 10. Input received during the community consultation will help inform changes to the proposed policy. Thank you to everyone who provided feedback.
Policy information
A board level policy is required because a key responsibility of the Board of Governors is risk oversight.
UVIC, SFU, TRU and UFV risk management policies were reviewed in developing the draft risk management policy. While some had short, high-level policies of only a few paragraphs, UVIC and SFU draw a balance of higher-level principles and detail on their institution’s approach to risk management, particularly around roles and responsibilities.
The new policy uses aspects of SFU and UVic’s approach combined with VIU’s original policy:
- New purpose statement
- New “Policy” section includes:
- the “General” section of the existing policy rewritten, but reflecting the same basic principles
- the “Objectives” from the beginning “Statement” of the existing policy
- “Scope and Application” brings over the existing section and adds an additional statement
- Under “Roles and Responsibilities:”
- New roles added to align with the Policy Framework
- The ERM Designated Responsible Person (DRP) and the Enterprise Risk Management Group have been removed as they are operational in nature and should be defined in the Risk Management Framework
- The SMT role has been changed to the Executive Team role
- “Definitions” section has been brought over and expanded
- Additional new sections have been added to align with the Framework
As VIU has an established Integrated Risk Management Framework, separate procedures have not been developed.
Documents for Review
Thank you for participating!
The policy consultation is now complete. The next step is for this policy to go through the Board of Governors approval process. The policy may be updated based on the feedback received. The Policy Office may also make minor changes to formatting/wording for consistency. Consultation feedback and policy changes will be outlined in the consultation report. The consultation report will be provided to the Board of Governors and posted on this policy page.
We anticipate this draft policy will be provided to the March 31, 2026 Board of Governors meeting for approval. Check back on the GC07: Risk Management policy page for updates as this policy moves through the policy approval process.