Carnegie Mellon University

The Enterprise Risk Management (ERM) department is led by Melanie Lucht, Associate Vice President and Chief Risk Officer. The role of ERM is to provide the governance, framework, and guidance to assist and support campus leadership and stakeholders in identifying events that have the potential to impact the CMU community both positively and negatively, and to manage risks associated with those events.

The goals are to support organizational resiliency with a risk-conscious culture that aligns to the strategic mission and values of the university. This is achieved by enabling the understanding of actual risks and their criticality through the development of effective and efficient mitigation planning, and the proactive identification and management of emerging risks to prevent future issues.

Enterprise Risk Management is committed to fostering an environment where we welcome, celebrate and respect diverse experiences and backgrounds that not only strengthen our inclusive culture, but further create the equitable foundation upon which we strengthen our resiliency as a community.

Defining Enterprise Risk Management (ERM)


ERM is a business-continuous process, led by senior leadership, that extends the concepts of risk management and includes:

  • Identifying risks across the entire enterprise;
  • Assessing the impact of risks to the operations and mission;
  • Developing and practicing response of mitigation plans;
  • Monitoring the identified risks, holding the risk owner accountable, and consistently scanning for emerging risks.
ERM wheel, showing the progression of the ERM process for CMU

ERM Office Location

GATF Building

4615 Forbes Ave, Rm 123

  • Enter through 3rd floor main entrance
  • Take elevator to 1st floor
  • Turn left and then left again around the corner
  • Office entrance is on the right