To review details of risk ratings, please see the complete FY2024 Systemwide Risk Registry here.

FY24 Risk RankRisk NameRisk Definition
1EnrollmentInability to sustain, increase and/or retain enrollment of in-state, out-of-state, international, residential, commuter, transfer, undergraduate and/or graduate students.
2Information SecurityInability to safeguard data and/or information systems to prevent unauthorized access - whether intentional or unintentional - by foreign or domestic actors or vendors with whom the University conducts business.
3Facilities and Deferred MaintenanceInability to maintain facilities, including the prioritization of ongoing and deferred maintenance, and/or develop facilities and infrastructure to attract and retain students, staff and faculty, and to support critical research.
4Financial SustainabilityInability to adapt the University's business model to ensure financial sustainability, mitigate risk, and adjust to changing circumstances that influence funding or revenue.
5Student Health and Mental Health SupportInability to maintain capabilities and resources to support the physical and mental health, development and well-being of students.
6Artificial IntelligenceInability to set effective protocols regarding acceptable use and optimization of artificial intelligence in academics, research and the workplace. 
7International ActivitiesInability to effectively implement a consistent approach across to the University's international activities across the system, including travel, devices and data, students, employment, trade and sanctions, and business engagements.
8ResearchInability to develop and/or maintain transparent and consistent research protocols  across University System to ensure safety, accountability and compliance with applicable rules and regulations.
9Diversity, Equity, Inclusion and AccessibilityInability to sustain and/or enhance diversity, equity, inclusion and accessibility across the University, including employment, students, and campus and workplace culture.
10Attract, Recruit, Retain Faculty and StaffInability to attract, recruit, retain and appropriately vet qualified, skilled and reputable faculty and staff.
11Information PrivacyInability to maintain compliance with state and federal information privacy standards, regulations and laws, including Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI) standards, Personally Identifiable Information (PII) requirements, Family Educational Rights and Privacy Act (FERPA) and General Data Protection Regulations (GDPR). 
12All Hazards Planning and Response CapabilitiesInability to maintain all-hazards preparedness, response and mitigation plans and capabilities as part of an integrated emergency management program both at the system level, as well as on each campus. Hazards include but are not limited to hazardous weather, chemical/biological/radiological/ nuclear/explosives (CBRNE) incidents, active shooter threats and incidents, infectious disease outbreaks, acts of civil disobedience, acts of bias and hate, and any additional threats that could impact the health and safety of the campus community or require the evacuation of a facility, a portion of a campus, or an entire campus.
13Labor RelationsInability to maintain productive labor and employee relations.
14Data ManagementInability to provide consistency in data across the system to support critical information sharing and strategic analytical analysis. 
15Vendor Risk ManagementInability to screen vendors, ensure vendors meet contractual requirements, and vendor deliver acceptable services or deliverables. 
16Sexual Assault Policies and Response ProceduresInability to implement consistent protocols across the University to prevent, detect, prepare for, and respond to sexual assault, harassment and other interpersonal violent acts (stalking, domestic violence, etc.) and maintain compliance with state and federal regulations.
17NCAA RegulationsInability to comply with NCAA regulations, including recruiting guidelines.
18IT Disaster Recovery Inability to ensure access to systems and/or data in the event of a disruption in technology services.
19Continuity PlanningInability to develop, maintain and/or implement capabilities to maintain continued operations during incidents causing sustained disruption to key services or functions; capabilities include developing, maintaining, exercising and implementing continuity plans as part of an integrated emergency management program. 
20Environmental and Public Health and Safety RegulationsInability to comply with local, state and federal environmental, health, public health, and safety regulations and requirements.
21Alcohol and Substance AbuseInability to maintain capabilities and resources to prevent, detect and respond to, and support students impacted by alcohol and substance abuse on campuses, and maintain compliance with local, state and federal regulations.
22Fraud, Waste, AbuseInability to maintain capabilities to prevent, detect and respond to fraud, waste, and abuse.
23Crisis Communications CoordinationInability to develop, maintain and/or implement systemwide protocols to ensure awareness and coordination of timely communication's when an urgent matter or incident impacts the University. 
24Uninsured LossInability to obtain legislative authority to obtain property insurance on state-owned facilities.
25Multi-state Payroll TaxationInability to appropriately comply with other states' payroll tax withholding requirements.
26Multi-state Business TaxationInability to comply with other states' sales, excise and franchise tax requirements as the University expands its business model.
27Employment Laws and RegulationsInability to comply with local, state and federal employment laws and regulations.
28Policies/Procedures Regarding Minors on CampusInability to develop, maintain, and implement procedures to safeguard minors on campus.
29Academic Quality and StandardsInability to maintain academic quality and standards, including those required for accreditation.
30Oversight of Student OrganizationsInability to maintain oversight of registered student organizations. (finances, insurance, etc.)

Archived Systemwide Risk Registries

FY2022 Systemwide Risk Registry