Risk Assessment at the University of Toledo
Risk assessment is accomplished at the unit level in the following forms …
Internal Audits
The University’s Internal Audit department executes an aggressive annual schedule of process reviews and internal control advisory projects. The projects selected for auditing are based on perceived risk to the University, based on feedback obtained by a broad stakeholder group. The annual audit plan is formally approved by the Finance and Audit Committee of the Board Of Trustees, as well as the full Board, at its September meeting. Internal Audit monitors a “universe” of approximately 100 processes, over 1,000 risks associated with these processes, and over 3,000 internal controls identified that minimizes these risks. Additional information regarding the Internal Audit and Compliance Risk Assessment process can be found on the Internal Audit webpage.
Compliance Risk Assessments
The Institutional Compliance Officers, with the assistance of the Internal Audit team, perform regular “compliance risk assessments” of key processes, to help ensure that business risks are kept to a manageable level. The results of the compliance risk assessments inform the Internal Audit process universe, and risk assessments of high-impact processes are shared with the relevant senior leader, the Chief Risk Officer, and the University President.
Institutional Compliance Officer Annual Reports
Each officer in the Institutional Compliance department submits an annual report of the activities of his/her assigned regulatory area. These reports summarize the findings of monitoring reviews completed, policies/procedures development, risk/exposure areas requiring management’s attention, and an action plan for the next fiscal year. The annual reports are shared with the relevant senior leader, the Chief Risk Officer, and the University President. Examples of recently completed institutional compliance officer annual reports include …
-
- Americans with Disabilities Act
- State Authorization of Online Degree Programs and Professional Licensure Disclosure
- Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act
- University Privacy Office
- Intercollegiate Athletics
Compliance Committees
The Institutional Compliance Officers in most significant regulatory areas have assembled cross-functional teams to discuss recent regulatory developments and accreditation requirements and plans to address them. These discussions ultimately influence the activities of each Institutional Compliance Officer and inform the preparation of his/her annual report. The action items identified by these compliance committees will also inform the compliance risk assessments and the Internal Audit process universe referred to above.
The University also supports an Institutional Compliance Committee that governs compliance activities across the enterprise. The Committee produces an annual report for Board Of Trustee review that documents the University's conformance with the seven essential elements of an effective compliance program (written policies and procedures, compliance officer and compliance committee, training and education, effective lines of communication, internal monitoring and auditing, enforcing standards through well-publicized disciplinary guidelines, and Responding promptly to detected problems and undertaking corrective action. The annual report for the most recently-completed fiscal year is located on the Institutional Compliance webpage.
If you are interested in serving on an Institutional Compliance committee or providing input into the activities of a committee, you are invited to contact the relevant Institutional Compliance Officer directly.