skip to content

Governance and Compliance Division

 

Definitions

The University uses the following definitions relating to risk and risk management:

  • Risk is the threat or opportunity that an action or event will adversely or beneficially affect the University's ability to meet its objectives.
  • Risk management is the process by which risks are identified, assessed, prioritised and managed in order to support well-informed decision-making and maximise the realisation of opportunities across the University.
  • Risk appetite is the level of risk that the University is willing to pursue or retain.
  • Risk tolerance is the degree of variation - the latitude - in outcome that the University is willing to accept with regard to managing the respective risk. 

At Cambridge, risks can be seen to exist at different levels:

  • Corporate or strategic level, i.e. those monitored by the senior leadership team on behalf of the Council;
  • School and Non-School institution level;
  • Faculty and/or Department level; and
  • Project level.

The University's Risk Management Framework and associated Policy set out how risks should be managed and recorded at the University, School, NSI and institution level. 

Further guidance on risk management specific to Schools and Non-School Institutions can be found in Section 5 of the Risk Management Framework

Training

A new online training module, Introduction to the principles of risk management at the University of Cambridge, is available for all members of staff at the University. The course is aimed at staff across the University who have any involvement in producing risk registers or who would like a general introduction to the principles of risk management.