Continuous Improvement, Periodic Testing, and Review

The University Ethics and Compliance Office creates detailed breakdowns of regulatory requirements for key compliance areas. These breakdowns allow the University Ethics and Compliance Office to review and document compliance with regulatory requirements and provide feedback to stakeholders regarding any gaps in coverage that might exist. The Ethics and Compliance Office then follows up to assist with closing those gaps.

ERM conducts periodic risk assessments, focusing broadly on facilitating an integrated and coordinated risk identification, measurement, and management process. The University Ethics and Compliance Office focuses attention on high and medium compliance risk areas where there is a threat of harm to the University community, the possibility of significant financial consequences, or the potential for significant reputational damage. The Office of University Audits adds an independent assurance function at the governance, risk management, and internal control process level. Taken together, these organizations support achievement of System objectives by reducing the likelihood and impact of material negative events, while facilitating the acceptance of manageable risks.

The University Ethics and Compliance Office closely coordinates with the University Office of Enterprise Risk Management (ERM) and the Office of University Audits to avoid unnecessary duplication of effort. ERM, the Office of University Audits, and the University Ethics and Compliance Office hold quarterly coordination meetings to optimize coverage and coordination of effort. All three organizations share scheduling, contact and report information, to the extent possible, to facilitate each organization’s efforts.