• About DREC
  • How Can We Help?
    • Americans with Disabilities Act (ADA)
    • Civil Rights & Equity Investigations / Title IX
    • Clery Act
    • Drug-Free Schools and Communities Act
    • Enterprise Risk Management
    • Environmental Health & Safety
    • Insurance Services
    • Open Records
    • Privacy
    • Reporting and Preventing Fraud
    • University Youth Programs
  • Make a Report
  • University Rules & SAPs
  • Our Team
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Texas A&M University

Division of Risk, Ethics and Compliance

Texas A&M University

Menu
Division of Risk, Ethics, and Compliance

Header Right

  • About DREC
  • How Can We Help?
    • Americans with Disabilities Act (ADA)
    • Civil Rights & Equity Investigations / Title IX
    • Clery Act
    • Drug-Free Schools and Communities Act
    • Enterprise Risk Management
    • Environmental Health & Safety
    • Insurance Services
    • Open Records
    • Privacy
    • Reporting and Preventing Fraud
    • University Youth Programs
  • Make a Report
  • University Rules & SAPs
  • Our Team

Enterprise Risk Management Common Risk Language and Definitions

Enterprise Risk Management: A process applied across the entity that is designed to identify potential risks that may affect the entity, manage risks within the entity’s risk tolerance, and support the achievement of the entity’s objectives.

Risk: Any event or action that adversely impacts the entity’s ability to achieve its objectives. Types of risks include strategic, operational, reputational, financial, technology, compliance, fraud, etc.

Mitigating activities/strategies: Actions, procedures, and processes used to manage (limit, reduce, avoid, accept, transfer, and/or share) and monitor risks.

Risk ranking: A qualitative process to prioritize risks using a high, medium and low scale considering both the potential impact (consequences) and probability of occurrence (likelihood of happening).

Risk assessment: The process used to identify and rank risks, and document mitigating strategies, monitoring, and/or reporting processes.

Risk Tolerance: The level of residual risk that an organization and its stakeholders are willing to bear within a given strategic context.

Inherent Risk: The risk present in any scenario where no attempts at mitigation have been made and no controls or other measures have been applied to reduce the risk from initial levels to levels more acceptable to the organization.

Residual Risk: The risk remaining after efforts have been made to reduce the inherent risk.

Primary Sidebar

Risk, Compliance & Advisory Services (RCAS)


Enterprise Risk Management

Compliance Program

Audit Liaison

Management Advisory Services

Drug-Free Schools and Communities Act

Reporting & Preventing Fraud


Contact RCAS

General Services Complex
750 Agronomy Road, #2101
1280 TAMU
College Station, TX 77843

You are here: Home / Enterprise Risk Management & Compliance / Enterprise Risk Management / ERM Definitions

Site Footer

Location for Administration & Privacy

YMCA Building
Suite 101A | MS 1243 TAMU
365 Houston St. #101A
College Station, TX 77843-1243
 979-458-8191
✉ [email protected]

Location for the Office of Civil Rights and Title IX (CR/T9)

YMCA Building
Suite 108 | MS 1268 TAMU
365 Houston St. #108
College Station, TX 77843-1268
☎ 979-458-8407
✉ [email protected]

Location for Risk, Compliance & Advisory Services

General Services Complex
Suite 2101 | MS 1280 TAMU
750 Agronomy Rd #2101
College Station, TX 77843-1280
✉ [email protected]

Copyright © 2025 · Texas A&M University · Division of Risk, Ethics and Compliance | Accessibility · Site Policies · Report Fraud