The directive is issued based on clause 12) of § 11 of the Statutes of Tallinn University of Technology.
1. Risk management at Tallinn University of Technology (hereinafter referred to as “the university”) is based on general good management practices and recognised principles of risk management.
2. I hereby approve the university’s risk matrix, which includes the strategic and sectoral risks. For each risk an owner is assigned, who is responsible for ensuring that the risk is managed and the planned mitigation actions are carried out and the persons responsible are designated (Annex 1).
3. I hereby update the risk management process map in the interactive manual.
4. The head of each structural unit (incl. a dean, director, head of a support unit) shall map the risks of his/her unit and area of responsibility at least once every two years, shall plan and monitor the mitigation actions. If it is not possible to mitigate a sectoral risk at the level of the structural unit, the head of the structural unit shall inform the quality manager thereof.
5. The risk owner indicated in the risk management process is responsible for identifying and mapping of risks, as well as for implementing the mitigation actions. The owner shall assess the impact and the likelihood of the occurrence of the risk, decide on the mitigation actions and the persons responsible, incl. agree on the persons responsible and mitigation actions also outside of his/her area of responsibility if this is necessary to manage the risk.
6. The Rectorate Strategy Office:
6.1 compiles a risk matrix including the strategic and sectoral risks at least once in every two years;
6.2 coordinates the calibration of university-wide risks and the mitigation actions in accordance with the risk management process and submits them to the Rector for approval;
6.3 monitors high-score and university-wide risks annually in the framework of annual monitoring;
6.4 gives recommendations and instructions to risk owners upon risk analysis to ensure uniform description and management of the risks.
7. The university’s risk matrix and information related to risk management are published on the university’s intranet.
8. I hereby repeal “Approval of the Risk Management Principles of Tallinn University of Technology” approved by Rector’s directive No 98 of 6 March 2012 (amended by Rector’s directive No 83 of 25 June 2016).
9. The directive shall enter into force upon signature