Executive Policy 8.207 Executive Policy 8.207


Risk Management


Executive Policy Chapter 8, Business and Finance
Executive Policy EP 8.207, Risk Management
Effective Date: October 2014
Prior Dates Amended: August 1983
Responsible Office: Office of Risk Management
Governing Board of Regents Policy RP 2.202, Duties of the President
Review Date: August  2018

I. Purpose

This policy describes the actions to be taken to strengthen the proper management of risks through proactive risk identification, risk management, and risk acceptance pertaining to all activities within the University of Hawaii.

Risk is inherent in all academic, administrative and business activities of the University.  It is neither possible, nor advantageous, to entirely eliminate risk from an activity without ceasing that activity.  It is University policy for every employee to act to reduce the risk of such accidental loss or injury to the greatest extent feasible, consistent with carrying out of the University's mission of teaching, research, service and outreach. University resources must be protected from financial loss resulting from such events.

II. Definitions

Risk is defined as the effect of uncertainty on objectives.  It applies to any issue that could impact the ability of the institution to meet its objectives.

Enterprise Risk Management (ERM) expands the concept of risk management.  It is the consistent, structured and process-driven tool that enables University leadership and management to identify, assess, evaluate, mitigate, monitor, prioritize and respond to risk that affects the achievement of University strategic goals and objectives.

III. Executive Policy

To accomplish the goal of effective management of risks, the University's risk management program is established to identify and analyze loss exposure and safety hazards, develop and select the best techniques or combination of techniques for treating risks, implement effective administration of each risk treatment plan, and monitor the results produced or achievement of change. 

Campus administrators shall ensure compliance with this policy at every level of operation.


The University may elect to utilize one or more of the following strategies to address risk:

    1. Avoid undesirably high risks by refusing to undertake unsafe activities or by discontinuing high-risk programs;

    2. Reduce risk through oversight and management at all levels of the enterprise;

    3. Retain risk, up to a reasonable level through a program of self-insurance; and

    4. Transfer risk to another party or reduce a certain amount of exposure through processes such as insurance


It is the responsibility of each unit and its personnel to conduct business in such a way as to avoid obvious or known hazards to individuals and the University and to evaluate the risk potential when undertaking any projects, programs or activities.


All University employees and programs shall be responsible for ensuring that exposure to known or reasonably anticipated risks be reduced by using common sense and good judgment.  Risk of loss shall be evaluated from an individual, department and campus viewpoint and proactively addressed through proper training and supervision.  Conditions and practices which may cause loss shall be eliminated or modified whenever possible.  Activities involving elevated risk shall be properly vetted and approved by the Chancellor or his designee.


The University self-insures against normal and expected losses for a broad scope of third party liability losses.  Payments are made through the Risk Management Special Fund (“RMSF”).  The RMSF pays the University’s settlements and judgments, system-wide insurance premiums, retention payments, litigation expenses incurred by the University General Counsel, and risk management related expenses. The program is funded through annual assessments of each campus.  The University’s Office of Risk Management is responsible for administering and maintaining the fund.


The financial responsibility for risks may be transferred to others through contractual agreements or through the purchase of insurance. Methods for transferring risk include third party waivers, hold harmless agreements, or through vendor contracting. Insurance is a technique to finance some loss exposures and a part of the broader concept of risk management.  Commercially insuring risks does not alter the responsibility of the University, its units, or personnel for compliance with required and appropriate safety and security standards.  System-wide insurance policies shall be funded by the Risk Management Special Fund and administered by the Office of Risk Management.  All other insurance policies covering specific colleges, activities and programs shall be funded and administered by those schools, colleges, or programs requiring the specialized insurance.


    1. The Office of Risk Management shall administer, coordinate, and evaluate the risk management program of the University. The Director has the responsibility and authority for the following:
        a. Administer the Risk Management Special Fund;

        b. Recommend levels of funding for the Risk Management Special Fund;

        c. Purchase and administer all system-wide insurance policies;

        d. Administer the University’s workers' compensation program;

        e. Serve as the point of contact with the State Risk Manager’s Office and coordinate the interaction between the State and University risk management programs;

        f. Assess risk through identifying, measuring, and evaluating risk exposures based on information provided by programs, determine potential impact of University actions on liability exposures, and provide advice and counsel to internal customers on risk control methods;

        g. Recommend selection of insurance related service providers, such as brokerage and claims administration services;

        h. Provide or coordinate training to employees and staff as requested by the Environmental Health and Safety Office to prevent or reduce risk exposure;

        i. Work with the Office of General Counsel, insurance companies and others in reporting, negotiating, adjusting and settling insured or self-insured losses;
        j. Create and maintain web pages with links to relevant information; and

        k. Report significant accidents, injuries, liabilities and other risk management activities to departments or campuses as warranted.

    2. To further the objectives of Enterprise Risk Management, each chancellor shall identify a campus Risk Management coordinator.  The coordinator shall act as a liaison with the Office of Risk Management to assist in integrating risk management into the culture and strategic decision-making of the University.  ERM will enable the ongoing identification and monitoring of risks and foster a common awareness that allows individuals to focus attention on risks with strategic impacts.

IV. Delegation of Authority

The Director of the Office of Risk Management has been delegated certain risk management responsibilities and authority from the President:

A. Approve the purchase or renewal of insurance policies

B. Approve workers’ compensation claim settlements

C. Approve settlement of claims covered by System-wide insurance policies

V. Contact Information

Office of Risk Management
Telephone: (808) 956-7243
Email: orm@hawaii.edu

VI. References

    A. HRS §304A-2151 University of Hawaii risk management special fund

    B. Link to superseded Executive Policies in old format https://www.hawaii.edu/policy/archives/ep/

    C. Link to Administrative Procedures in old format https://www.hawaii.edu/policy/archives/apm/sysap.php

VII. Exhibits and Appendices

No Exhibits and Appendices found


    David Lassner    
    October 31, 2014    


No Topics found.