Overview of ERM at the University of California

The University of California Risk Services provides advice, resources, technology and expertise to support people across the University system in managing their risks. The University of California began a systemwide Enterprise Risk Management (ERM) Program in 2005 after hiring a Chief Risk Officer, and The Board of Regents formally endorsed the ERM program in March of 2012.

The University has risk management departments at every UC location, and we network in professional cohort workgroups to raise issues, share best practices, and collaboratively manage systemwide risks.  The University leverages subject matter experts across the system, from Centers of Excellence who provide expertise, to issue-focused multi-disciplinary workgroups who shepherd the development of policies, procedures and organizational process improvements. Governance and management structures provide relevant and timely risk information to senior management and the Board of Regents. The University of California maintains strong communication networks and has robust data reporting tools, so employees at all levels in the organization have the information necessary to evaluate and act on risks, to share recommendations on ways to improve performance, and to seek input and assistance across the system.


  • The University of California was recognized in 2017 and 2018 as a RIMS Risk Maturity Model Recipient
  • UC was the first non-financial institution to receive credit rating agency acknowledgement of its enterprise risk management program. Standard & Poor’s RatingsDirect, September 9, 2010
  • Treasury & Risk 2013 Alexander Hamilton Award silver recipient for Enterprise Risk Management
  • APQC selected the University of California as a top 5 Best-Practice Organization in Enterprise Risk Management out of 300 global organizations.