An Open Letter to the Presidents of our Universities - Part I
Posted on Tue, Jan 17, 2012
From Setracon's President, Jeffrey Slotnick
Every day you are responsible for the welfare of the institution and its stakeholders. It must make you uncomfortable when you read reports of incidents like Penn State University and realize that there are many different risks that may ultimately end up at your door step that may dilute the value you have worked so hard to create.
But understand that risk mitigation and security can actually create immeasurable value to your brand. Unfortunately, your marketing and advancement team may not agree and therein lays your problem.
I suggest a different path or as a peer of mine once said: a Path to Value
First let’s define the baseline of your risk at a high level:
Although the specific threats for each educational institution vary the nature of those all hazard threats remain the same: manmade threats including those reportable under the Clery Act and natural disasters such as earthquake, windstorm, or flood. This generally leads to a comprehensive review of crime statistics, past events, and ongoing issues which can have an impact on the safety and security of students, academic, and professional staff.
In determining risk we evaluate Risk Capacity as measured by potential loss, Risk Appetite as measured by what is acceptable risk to the institution, current level of preparedness to address the risk, and what the impact of the loss is to the institution. Loss can be measured by many different metrics such as Loss of Revenue, Loss of Reputation, Loss of Public Confidence, Loss of Life, Loss of Faculty and many others.
In the case of Pennsylvania State University, Loss of Reputation has a huge impact far beyond the event itself as it relates to the safety of students, staff, and faculty, loss of potential donors and investors, and loss of students who, due to the event, may choose to attend another institution. All of this equates to a significant impact if not a financial loss.
All of this points to the need for a comprehensive audit of the institution to identify the most likely risks with the highest consequences and then the application of a risk treatment to prevent the event from occurring or minimizing the event to such an extent that it is resolved quickly.
Now let's look at how to mitigate that: Having a well-trained Crisis management team, well written policies and procedures, exceptional communication ability, and a collaborative environment can assist an institution in eliminating or mitigating most events. Crisis management has four objectives:
• Reducing tension during the incident
• Demonstrating corporate commitment and expertise
• Controlling the flow and accuracy of information
• Managing resources effectively
In our next blog we will look at each of these points in detail.