Skip to main content

Trinity College Dublin, The University of Dublin

Trinity Menu Trinity Search



You are here

Framework

The Trinity College Risk Management Framework is the process by which the University manages the internal and external risks to the achievement of its objectives. The objective of the Framework is to drive efficient, proactive, and forward-looking risk management aligned with the University Strategic Plan 2020-2025.

Information on the various elements that comprise the Framework can be located through the links below.

The Framework encompasses a system of policies, committees, and tools that provides management and staff with a structured and efficient approach to risk management, providing the Board with assurance over the identification and effective management of risk.

The ultimate ownership of risk management within the University rests with the Board, which is supported by the Chief Risk Officer and committees that include the Executive Officers Group and the Risk Management Group (Click here for Terms of Reference of the Risk Management Group).

The implementation of the framework is the responsibility of the Chief Risk officer, supported by various risk committees. An important organisational element of the framework is the concept of the “Three Lines of Defence,” a term commonly used to describe the division of responsibility for risk management within an entity. Effective implementation of the Three Lines of Defence ensures separation of duties, oversight responsibilities and independence between the lines.

  • 1st line – The core business functions: schools, faculties, corporate services.
  • 2nd line – The support functions e.g. risk, compliance, data protection, legal, insurance, quality, and financial controls.
  • 3rd line – The assurance function: Internal Audit.

Risk Management Principles

The Framework is supported by risk management principles that are derived from both the experience of the University and the risks that it seeks to manage.

The framework provides the tools to support both the historic measurement of risk with a view to preventing or identifying the circumstances within which the University may wish to accept, mitigate, transfer, or manage specific types of risk in the future. An example of such a tool is the risk register for each faculty and professional area as well as the ongoing analysis of the information from these registers.

Annual Risk Management Cycle

Risk management at Trinity College follows a defined annual process overseen by the Chief Risk Officer that begins with the updating of the University Risk Register, which captures all the top risks identified across the University. The risks are owned, identified, and recorded by the various divisions within the university, including the faculties, schools, academic departments and corporate services. The risks are ranked using considerations of potential impact and the strength of internal controls in place to mitigate them. Those risks that present the most severe risk to the University are recorded in the University Risk Register, which is regularly reviewed at the Board, Audit Committee, Officer Level and Risk Management Group to ensure the proper level of scrutiny and remediation is undertaken to manage that risk.

Assessment of the Risk Management Framework and Implementation

Implementation of the Risk Framework, including the development and implementation of the University Risk Register is subject to independent review and assessment by Internal Audit as part of the risk-based internal audit plan.