Policy and Procedure Manual

602-2 Risk Management

Title: Risk Management
Owner: Director of IT & Cybersecurity
Last Update/Revised: 07/30/2024

Policy: Aspen University will support a systematic approach to identifying, evaluating and implementing effective controls to avoid, mitigate, or manage risks to ensure the achievement of the university’s goals. Aspen University will seek to embed effective risk management practices across the university through implementation of an Enterprise Risk Management (ERM) process. The management of risk does not mean the University will eliminate all risks but rather, it will ensure that risks are identified and managed within the University’s risk appetite.


Purpose: This risk management policy sets out the process to be followed at United States University to systematically identify, evaluate, and manage risks in support of the University’s strategy, goals and objectives.