Institutional Compliance

Risk Assessment at the University of Toledo


Risk assessment is accomplished at the unit level in the following forms …

Internal Audits

The University’s Internal Audit department executes an aggressive annual schedule of process reviews and internal control advisory projects.  The projects selected for auditing are based on perceived risk to the University, based on feedback obtained by a broad stakeholder group.  The annual audit plan is formally approved by the Finance and Audit Committee of the Board Of Trustees, as well as the full Board, at its September meeting.  Internal Audit monitors a “universe” of approximately 100 processes, over 1,000 risks associated with these processes, and over 3,000 internal controls identified that minimizes these risks.  Additional information regarding the FY2021 Internal Audit and Compliance Risk Assessment process can be found here.

Compliance Risk Assessments

The Institutional Compliance Officers, with the assistance of the Internal Audit team, perform regular “compliance risk assessments” of key processes, to help ensure that business risks are kept to a manageable level.  The results of the compliance risk assessments inform the Internal Audit process universe, and risk assessments of high-impact processes are shared with the relevant senior leader, the Chief Financial Officer, and the University President.  Examples of recently completed compliance risk assessments include …

    • Academic Affairs (instruction) (July 2020)
    • University of Toledo Medical Center (5 processes) (July 2020)
    • Facilities and Construction (2 processes) (July 2020)
    • Student Affairs (housing) (May 2020)
    • Finance and Treasury (10 processes) (April 2020)
    • Enrollment Management (2 processes) (December 2019)
    • Intercollegiate Athletics (NCAA) (December 2019)
    • Information Technology (2 processes) (December 2019)
    • Research Compliance (July 2020)
    • Maintenance of Infrastructure (6 processes) (July 2020)
    • Cash Handling (April 2020)
    • Property Management System (February 2020)

Institutional Compliance Officer Annual Reports

Each officer in the Institutional Compliance department submits an annual report of the activities of his/her assigned regulatory area.  These reports summarize the findings of monitoring reviews completed, policies/procedures development, risk/exposure areas requiring management’s attention, and an action plan for the next fiscal year.  The annual reports are shared with the relevant senior leader, the Chief Financial Officer, and the University President.  Examples of recently completed institutional compliance officer annual reports include …

    • Americans with Disabilities Act (November 2020)
    • State Authorization and Professional Licensure Disclosure (July 2020)
    • Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (July 2020)
    • Clinical Research (July 2020)
    • University Privacy Office (July 2020)
    • University of Toledo Medical Center (July 2020)
    • Intercollegiate Athletics (May 2020)

Compliance Committees

The Institutional Compliance Officers in most significant regulatory areas have assembled cross-functional teams to discuss recent regulatory developments and accreditation requirements and plans to address them.  These discussions ultimately influence the activities of each Institutional Compliance Officer and inform the preparation of his/her annual report.  The action items identified by these compliance committees will also inform the compliance risk assessments and the Internal Audit process universe referred to above.

If you are interested in serving on an Institutional Compliance committee or providing input into the activities of a committee, you are invited to contact the relevant Institutional Compliance Officer directly.  A list of current officers is maintained on the Institutional Compliance webpage.

Last Updated: 1/3/23