![]() ![]() The University has a high appetite for risk in the context of encouraging and promoting critical enquiry, academic freedom, freedom of expression, and open debate. In pursuing its objectives, as expressed in its Strategic Plan and elsewhere, the University will generally accept a level of risk proportionate to the expected benefits to be gained, and the scale or likelihood of damage. The University’s statement of risk appetite sets out the overarching principles that define its appetite for risk, and guides the University’s approach to the acceptance of risk. Specifically, notes 1 – 3 of the ISO Guide 73 definition of ‘risk management framework’. Further definition of terms, together with explanatory guidance on their interpretation and application, is provided separately on the University web-site. These definitions are specified in international standards ISO Guide 73:2009 and reflected in ISO 31000:2009. The standards also note : that a risk management framework would be expected to include policy, objectives, mandate and commitment to manage risk together with plans, accountabilities, resources, processes and activities for risk management. Risk appetite is defined as ‘the amount of risk that an organisation is willing to pursue or retain’.Ī risk management framework is defined as ‘a set of components that provide the foundations and organisational arrangements for designing, implementing, monitoring, reviewing and continually improving risk management throughout the organisation’. ![]() Risk management is defined as ‘co-ordinated activities to direct and control an organisation with regard to risk’. This may also be expressed as a deviation from expected outcomes that could be positive (opportunity) or negative (threat). Risk is defined as ‘the effect of uncertainty on objectives’. The Policies, Processes and Activities Employed in Business Continuity.Business Continuity Training and Awareness.An Introduction to Business Continuity Planning.International transfers of personal data.Personal data breaches: prevent, report, protect.Retention and disposal of personal data.University guidance on GDPR and photography.Data privacy and information security training module.Code of Practice on Meetings and Events. ![]() Anti-slavery and anti-trafficking policy.Submit a freedom of information request (FOI).How we use your personal data for research purposes.Department for Continuing Education (Undergraduate Courses) applicant privacy policy. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |