Policy Details

4000-5-9 Integrated Risk Management

Responsible Executive Senior Vice-President, Strategy & Corporate Services
Director, Finance
Issue Date October 15, 2015
Supersedes Date October 15, 2015
Last Review October 21, 2022
Last Revision October 21, 2022

Upon request, the college will provide a copy of this policy in an alternate format.

Lambton College Board Policy 4-015 states that “The Board of Governors of The Lambton College of Applied Arts and Technology believes that the success of Lambton College is dependent upon the effective management of those activities that support Lambton College Strategic Priorities.  The Board of Governors acknowledges that all activity has associated with it an element of inherent risk.” The Board Policy further states that Lambton College will identify, manage, and accept risks consciously.

Integrated Risk Management (IRM) is a process, promoted by the Board of Governors and Management and applied across the College. This Policy is a statement of commitment by the College to the introduction, adoption, and implementation of formal risk management throughout the College.

IRM activities will form an integral part of College planning and operations.  IRM supports and improves the decision-making, planning and prioritization processes by ensuring that risk is continually assessed and addressed. IRM is a continuous, proactive, and dynamic process to identify, assess, manage and communicate risks that may impact the achievement of the strategic goals of the organization.

IRM will assist the College in attaining its goals, helping to avoid pitfalls and surprises along the way. It involves employees at every level of the institution and requires the development of risk profiles across the entire organization. This Policy sets out the structure of how IRM is to be carried out and is intended to operate in conjunction with all other policies and strategies of the College.


  1. Lambton College engages in a wide range of activities, both on and off campus, all of which give rise to some level of Lambton College will:
    1. embed risk management into the culture and operations of the College;
    2. integrate risk management into strategic planning, operational planning, performance management and resource allocation decisions;
    3. manage risk to enable the realization of opportunities that support the strategic direction of the College;
    4. regularly review the College risk profiles and the effectiveness of risk treatments in addressing the institutional environment and the achievement of the College strategic plan;
    5. anticipate and respond through appropriate risk management actions to changing social, environmental and legislative requirements.
  2. The College will maintain a Risk Leadership Team sponsored by the Senior Vice-President, Strategy & Corporate Services, reporting to the Executive Management Team, to develop and oversee the implementation of the Integrated Risk Management Program.


  1. All employees have responsibility for adhering to internal controls and managing risk. Everyone shall be aware of the risks that are present in their activities.
  2. The Board of Governors is responsible for providing the general oversight of the Integrated Risk Management Program. The Board will be aware of critical risks to the College.
  3. The Executive Management Team is
    1. responsible for the leadership and the implementation of integrated risk management;
    2. accountable for ensuring effective mitigation strategies for all risks consistent with the Board’s established risk tolerance statements;
    3. responsible for providing, through the President, regular risk reports to the Board of Governors describing IRM activities and processes.
  4. The Risk Leadership Team is responsible for
    1. developing and overseeing the Integrated Risk Management Program;
    2. overseeing the development and management of the risk framework and register;
    3. providing support to assist managers in identifying, assessing and managing risks;
    4. reporting regularly to the Senior Management Team on identified risks, risk treatments implemented and risk re-evaluation timeline.
  5. Deans and Directors are responsible for
    1. identifying, evaluating, and managing risks within their areas of responsibility;
    2. ensuring that everyone in their school or division understands their risk management responsibilities and making clear the extent to which the employees are permitted to accept risks.
  6. Managers and Supervisors are responsible for ensuring that all risks in their area of operations are identified and managed appropriately.
  7. All employees are responsible for effectively identifying and managing risks in their area of responsibility and advising their supervisor of potential or emerging risks.


an event, trend or course of action that will have either a positive or negative effect on an institution’s ability to meet its strategic or operational objectives
Integrated Risk Management
is the framework to identify, assess and manage risks. It provides the methodology for integrating risk into decision-making
Risk Analysis
is the process of determining the likelihood of a particular event, trend or course of action occurring and the impact on operational or strategic objectives if it does
Risk Treatment
sometimes known as risk control, is the measures used to modify the risk to fall within the College’s risk tolerance for that risk.  Options include accept, mitigate, transfer or avoid the event, trend or course the action
Risk Register
a list of identified enterprise risks which documents the risk analysis, risk scores, risk treatments, risk owner, results of risk treatments and status of each risk
Risk Tolerance Statements
the Board of Governors risk management limits from a Financial, Student, Employee and Quality perspective

For questions or concerns regarding this policy, please contact the Policy Sponsor by phoning our main line 519-542-7751.