Higher education institutions are under increased pressure from government agencies, the public, and members of the campus community to manage risks. Traditionally, risk management responsibility has been delegated to individual operating units. This approach lacks an overarching strategy for managing risks and is being supplanted by an approach gaining favour in higher education for strategically managing risks now termed enterprise risk management. As a senior leadership lead initiative, enterprise risk management provides a comprehensive strategy for managing risks. However, since existing models originate from the business sector they lack guidance for implementing the approach in a higher education environment. The focus of this study examines why higher education institutions would adopt an enterprise risk management strategy and how critical success factors influence its implementation. The central thesis of this study is that management concepts drawn from theory can enhance the implementation of enterprise risk management in higher education. To test this thesis, a conceptual framework for enterprise risk management implementation was derived from a review of the theoretical literature on change management, decision making, and organizational learning. A systematic review methodology was employed to test the conceptual framework against findings from 55 research studies. Implications for practice include approaches for adopting enterprise risk management to improve organizational performance, clarifying its purpose, reflecting the culture of the institution in its design, assigning a program champion and cross-functional implementation team, assigning risk assessment methodologies based on the type of risk, and using an enterprise risk management approach to build organizational learning and resiliency. Theoretical implications include exploring how theories on change management, decisions making, and organizational learning can further extend research on this topic.