the university of texas system institutional compliance program l.
Download
Skip this Video
Download Presentation
The University of Texas System Institutional Compliance Program

Loading in 2 Seconds...

play fullscreen
1 / 17

The University of Texas System Institutional Compliance Program - PowerPoint PPT Presentation


  • 176 Views
  • Uploaded on

The University of Texas System Institutional Compliance Program. Risk Assessment . Agenda. Roll Call & Opening Remarks - Charles Chaffin Session Objectives – David Crawford Risk Assessment Process – David Crawford Three Approaches to Risk Assessment UT Arlington – Jennifer Chapman

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'The University of Texas System Institutional Compliance Program' - lorimer


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
agenda
Agenda
  • Roll Call & Opening Remarks - Charles Chaffin
  • Session Objectives – David Crawford
  • Risk Assessment Process – David Crawford
  • Three Approaches to Risk Assessment
    • UT Arlington – Jennifer Chapman
    • UT Dallas – Jody Nelson
    • UT Southwestern Medical Center at Dallas – Al Thibodeau
  • Questions and Answers
  • Summary
session objectives
Session Objectives
  • Definition of Compliance Risk
  • Develop a risk inventory
  • Validate the risk inventory with high-risk group products
  • Select the institutional “A” risks
  • Continuing Risk Assessment
  • What about non-”A” risks
  • What do others do and what have they learned
definition of compliance risks
Definition of Compliance Risks
  • A compliance risk is the likelihood that an employee (faculty, administration, or staff) will fail to follow an internal policy or procedure or an external law, rule or regulation that applies to the activity in which they are engaged.
risk assessment process
Risk Assessment Process
  • Three Ways to Develop Your Risk Inventory
  • Determining Your Institutional “A” Risks
  • Using High-Risk Work Group Products to Validate Your Risk Inventory
  • What About All the Other Compliance Risks
  • Keep Up with the Changing Risk Environment
three ways to develop your risk inventory
Three Ways to Develop Your Risk Inventory
  • Bottom-up
    • Every Work Unit
    • Consolidate at Risk Area
    • Consolidate at Institution
  • Risk Area
    • Every risk area
    • Consolidate at Institution
  • Institution
    • Executive Level only
slide7

Risk Assessment Matrix

(Name of Process or Function)

BEST PRACTICES

Objective/Activity

Risk & Exposure

Rank BeforeControls

Rank After Controls

Potential Impact

Prob.OfOccur.

Mitigation Strategy

Operating Controls

Monitoring Controls

Oversight Controls

I/A Controls

HML

HML

HH

HM

HL

MH

MM

HML

Avoid

Accept

Transfer

Control

determine your institution s a risks
Determine Your Institution’s “A” Risks
  • Determine Potential Impact and Probability of each Risk
  • Value of each risk is the combination of these two with impact value always first
  • Items with HH and HM values (high impact/high probability and high impact/medium probability) should be on “A” list
  • Items with HL and MH may be on “A” list
using high risk work group products to validate
Using High Risk Work Group Products to Validate
  • Compare your institutional “A” risks to the High-Risk Area Work Group “A” risks
  • Be able to explain rationale for any item on your “A” list that is not on Work Group “A” risks list
  • Be able to explain rationale for any item on Work Group “A” risk list not on your “A” list
what about all the other compliance risks
What About All the Other Compliance Risks
  • “A” risks at every level must be managed
  • “A” risks at every level require
    • Responsible party
    • Monitoring plan
    • Specialized training plan
    • Reporting plan
  • Difference between “A” risks at the different levels is who performs the oversight, on whom, and for whom
oversight controls for a risks at all levels

Institutional Level

“A” Risks Covered

Who Provides Oversight Controls

On Whom Oversight is Provided

For Whom Oversight Is Provided

Institution

“A” Risks

Compliance Officer and Function

Responsible Party

Chief Executive Officer

Risk Area

Risk Area “A” risks not included above

Risk Area Responsible Party

Work Unit Management

Compliance Officer

Work Unit

Work Unit risks not included in either above

Work Unit Management

Work Unit Employees

Risk Area Responsible Party

Institution

Oversight Controls for “A” Risks at All Levels
keep up with changing risk environment
Keep Up with Changing Risk Environment
  • Centralized office to monitor external environment
  • High Risk responsible parties monitor their respective high risk area internal and external environment
  • Compliance Committee (and/or work group) discusses environment and potential changes as a part of every meeting
  • Annual assessment of both internal and external environment
component risk assessment presentations
Component Risk Assessment Presentations
  • UT Arlington – Jennifer Chapman
  • UT Dallas – Jody Nelson
  • UT Southwestern Medical Center at Dallas – Al Thibodeau
summary
Summary
  • Risk environment for your institution is unique
  • Risk environment continuously changes
  • Risk ranking changes with the environment
  • Risk assessment is on-going, not periodic
  • Be Prepared for change by Managing the “A” risks at every level of the institution