Ensure the achievement of the university's strategic objectives by identifying expected risks and how to manage them.

Standardize the approach to anticipate, study, identify, measure, and assess potential risks, determining their possible impacts on the university's goals, projects, investments, assets, and planning how to respond and control them.

Define risk and risk management, explaining the university's specific approach to risk management and documenting the roles and responsibilities of relevant parties.

Integrate risk management policy into the university's internal control tasks and governance arrangements.

Describe the role of risk management in the entire control system, outlining key reporting procedures and explaining the actions to be taken to assess the effectiveness of control measures.

This policy should be reviewed annually unless the management deems a prior review necessary to ensure the continuity of the current policy.

Changes to this policy should be made exclusively by management.

Approval by management should keep the change record updated and be updated whenever a change occurs.

Identifying, assessing, managing, monitoring, reviewing, and reporting risks effectively.

Applying the risk management system and its processes to the university's applied work systems, business continuity, effective governance, and integrated management systems.

Predicting potential risks, estimating their likelihood, severity, and implementing treatment plans with the necessary resources.

Regularly reviewing risk management, its acceptance levels, and making informed decisions to minimize, eliminate, share, or accept risks.

Reviewing the risk management policy and context of the risk management system annually to ensure its consistency with top management's goals and expectations and stakeholders.

Monitoring the risks facing the university.

Classifying the risks facing the university.

Continuously dealing with these risks, attempting to mitigate them.

Holding regular meetings between the risk and business continuity manager and assistants to discuss cases and try to resolve and mitigate them.

Submitting regular reports to the university's agency to participate in reducing these risks.

Identifying risks, listing current or emerging risks for risk analysis.

Risk analysis, measuring potential risks based on the probability and impact of the risk before the current controls are in place.

Risk estimation, measuring the remaining risks after considering the applying party's current controls.

Risk treatment, mitigating the severity of remaining risks to be addressed.