To review details of risk ratings, please see the complete FY2025 Systemwide Risk Registry here.

FY24 Risk RankRisk NameRisk Definition
1EnrollmentInability to sustain, increase and/or retain enrollment of in-state, out-of-state, international, residential, commuter, transfer, undergraduate and/or graduate students.
2Information SecurityInability to safeguard data and/or information systems to prevent unauthorized access - whether intentional or unintentional - by foreign or domestic actors or vendors with whom the University conducts business.
3Facilities and Deferred MaintenanceInability to maintain facilities, including the prioritization of ongoing and deferred maintenance, and/or develop facilities and infrastructure to attract and retain students, staff and faculty, and to support critical research.
4Financial SustainabilityInability to adapt the University's business model to ensure financial sustainability, mitigate risk, and adjust to changing circumstances that influence funding or revenue.
5Student Health and Mental Health SupportInability to maintain capabilities and resources to support the physical and mental health, development and well-being of students.
6Artificial IntelligenceInability to set effective protocols regarding acceptable use and optimization of artificial intelligence in academics, research and the workplace.
7International ActivitiesInability to effectively implement a consistent approach across to the University's international activities across the system, including travel, devices and data, students, employment, trade and sanctions, and business engagements.
8ResearchInability to develop and/or maintain transparent and consistent research protocols across University System to ensure safety, accountability and compliance with applicable rules and regulations.
9Diversity, Equity, Inclusion and AccessibilityInability to sustain and/or enhance diversity, equity, inclusion and accessibility across the University, including employment, students, and campus and workplace culture.
10Attract, Recruit, Retain Faculty and StaffInability to attract, recruit, retain and appropriately vet qualified, skilled and reputable faculty and staff.
11Information PrivacyInability to maintain compliance with state and federal information privacy standards, regulations and laws, including Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI) standards, Personally Identifiable Information (PII) requirements, Family Educational Rights and Privacy Act (FERPA) and General Data Protection Regulations (GDPR).
12SustainabilityThe inability to implement University and state sustainability standards including energy resiliency, meeting carbon reduction goals, climate resiliency, green building design, sustainable transportation, procurement, food services, water systems, and waste reduction and recycling, and related academic and research programming.
13All Hazards Planning and Response CapabilitiesInability to maintain all-hazards preparedness, response and mitigation plans and capabilities as part of an integrated emergency management program both at the system level, as well as on each campus. Hazards include but are not limited to hazardous weather, chemical/biological/radiological/ nuclear/explosives (CBRNE) incidents, active shooter threats and incidents, infectious disease outbreaks, acts of civil disobedience, acts of bias and hate, and any additional threats that could impact the health and safety of the campus community or require the evacuation of a facility, a portion of a campus, or an entire campus.
14Labor RelationsInability to maintain productive labor and employee relations.
15Data ManagementInability to provide consistency in data across the system to support critical information sharing and strategic analytical analysis.
16Vendor Risk ManagementInability to screen vendors, ensure vendors meet contractual requirements, and vendor deliver acceptable services or deliverables.
17Sexual Assault Policies and Response ProceduresInability to implement consistent protocols across the University to prevent, detect, prepare for, and respond to sexual assault, harassment and other interpersonal violent acts (stalking, domestic violence, etc.) and maintain compliance with state and federal regulations.
18NCAA RegulationsInability to comply with NCAA regulations, including recruiting guidelines.
19IT Disaster RecoveryInability to ensure access to systems and/or data in the event of a disruption in technology services.
20Continuity PlanningInability to develop, maintain and/or implement capabilities to maintain continued operations during incidents causing sustained disruption to key services or functions; capabilities include developing, maintaining, exercising and implementing continuity plans as part of an integrated emergency management program.
21Environmental and Public Health and Safety RegulationsInability to comply with local, state and federal environmental, health, public health, and safety regulations and requirements.
22Alcohol and Substance AbuseInability to maintain capabilities and resources to prevent, detect and respond to, and support students impacted by alcohol and substance abuse on campuses, and maintain compliance with local, state and federal regulations.
23Fraud, Waste, AbuseInability to maintain capabilities to prevent, detect and respond to fraud, waste, and abuse.
24Crisis Communications CoordinationInability to develop, maintain and/or implement systemwide protocols to ensure awareness and coordination of timely communication's when an urgent matter or incident impacts the University.
25Uninsured LossInability to obtain legislative authority to obtain property insurance on state-owned facilities.
26Multi-state Payroll TaxationInability to appropriately comply with other states' payroll tax withholding requirements.
27Multi-state Business TaxationInability to comply with other states' sales, excise and franchise tax requirements as the University expands its business model.
28Employment Laws and RegulationsInability to comply with local, state and federal employment laws and regulations.
29Policies/Procedures Regarding Minors on CampusInability to develop, maintain, and implement procedures to safeguard minors on campus.
30Academic Quality and StandardsInability to maintain academic quality and standards, including those required for accreditation.
31Oversight of Student OrganizationsInability to maintain oversight of registered student organizations. (finances, insurance, etc.)

Archived Systemwide Risk Registries

FY2024 Systemwide Risk Registry.

FY2022 Systemwide Risk Registry