Purpose Provide an Overview of the Evolution of the Enterprise Risk Management (ERM) Ecosystem at UC Riverside o from the early efforts of reacting & responding

Purpose

• Provide an Overview of the Evolution of the Enterprise Risk Management (ERM) Ecosystem at UC Riversideo from the early efforts of reacting & responding

o to the drafting & modifying of an effective compliance & ethics annual work plan & enterprise risk management maturity work plan

o to the current focus of developing a coordinated & comprehensive methodology

• with the goal of having a campus culture of ingrained shared governance, responsive risk management, & collaborative compliance.

The Evolving ERM Ecosystem at UC Riverside

Learning Objectives Objective 1: Provide an Overview of the ERM Model at

UCR Objective 2: Provide Insights to the Importance of Campus-

Wide Collaboration Objective 3: Identify the Challenges & Opportunities in

Starting & Maintaining an Effective & Energized Campus ERM Program


Where have we been?

The Evolving ERM Ecosystem at UC RiversidePractical Overview

Where are we at?


Where are we going?


ComplianceCompliance is either a state of being in accordance with established guidelines,

specifications, or legislation or the process of becoming so.(What we are required to do)

The Evolving ERM Ecosystem at UC RiversidePractical Terms

EthicsThe basic concepts & fundamental principles of decent human conduct.

(What we should do)UC Standards of Ethical Conduct


Tartan PrideIntegrityExcellenceAccountabilityRespect

http://www2.lbl.gov/Workplace/RIIO/ec/UC_Standards_of_Ethical_Conduct.pdf

RiskA probability or threat of damage, injury, liability, loss, or any other negative

occurrence that is caused by external or internal vulnerabilities, & that may be avoided through preemptive action.

(What we must & should be aware of)


Risk Management (RM)The identification, analysis, assessment, control, & avoidance,

minimization, or elimination of unacceptable risks.(What we do to optimize effectiveness in achieving objectives)


Internal Controls Process for assuring achievement of an organization's objectives in

operational effectiveness & efficiency, reliable financial reporting, & compliance with laws, regulations, & policies.

(What we do to check on effectiveness in achieving our mission)


Enterprise Risk Management (ERM)Process, effected by entity’s board of directors, management, & other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations,

reporting, & compliance.(What we do to optimize effectiveness in achieving objectives)

http://www.ucop.edu/enterprise-risk-management/procedures/what-is-erm.html




Shared Governance"The University has a dual-track system of authority & responsibility which presumes that faculty members are best qualified to chart the University's educational course, while administrators are

most competent to direct its finances & organization. In practice, these domains are overlapping & interdependent. To function successfully together, faculty & administrators depend upon a high

degree of consultation, trust, mutual respect, & a tradition of collegiality."

(Collaboration in UCR 2020 The Path to Preeminence)


http://strategicplan.ucr.edu/documents/UCR%202020%20-%20Final.pdf

System Historical Overview• UCOP ECAS Oversight (Beginning in Fall 2007)

Establish & Champion System-Wide C&E Program


http://www.ucop.edu/ethics-compliance-audit-services/compliance/ecas-plans-reports-summaries.html

System Historical OverviewUC Ethics & Compliance Risk Council

Monthly Meetings with Campus CECOs


System Historical OverviewUCOP ECAS Organization (2008)


System Historical OverviewUC System-Wide Compliance (2008)


Campus Historical Overview2009-2010

ECRAC Charter (July 2009)• Provide Campus Oversight to UC E&C Program • Advises SVP/Chief Compliance & Audit Officer thru UC E&C Risk Council• Quarterly Meetings Co-Chaired by Campus EVC&P & CECO• Facilitated by Director of A&AS• Committee Membership Comprised of 20 Senior Campus Reps• Responsible for Overall Campus Culture• Identify & Implement Tools, Metrics, & Processes to Effectively Monitor Climate• Encourage Awareness of Compliance & Open Lines of Communication • Monitor Effectiveness & Consistency of Compliance • Track Effectiveness of Risk Assessment Tools • Advise on Guidance, Education, & Training• Provide Quarterly & Annual Campus Compliance Reports to

o UC Ethics & Compliance Risk Council o SVP/Chief Compliance & Audit Officer


Ethics, Compliance, Risk, and Audit Controls Committee (ECRAC)

http://provost.ucr.edu/councils/


• Commissioned 2009 by CECO Providing Oversight of Campus ERM• Chaired & Facilitated by RM Director• Advises Campus ECRAC• Meets Quarterly• Membership of 20 Comprised from Major Functional Areas• Establish Common Language for Managing Campus Risk• Collaborate on Comprehensive & Balanced Approach to Identify & Manage Risks• Provide Assurance ERM Decisions are Aligned with Campus Vision & Goals• Communicate Strategies to Respective Stakeholders• Responsible for Campus Overall ERM Program (Implementation, Metrics, & Monitoring)• Advise on Need for Campus-Specific P&Ps, Training as it Relates to Specific Risk Areas• Review Risk Areas of High Priority & Proposed Risk Mitigation Activities


Enterprise Risk Work Group (ERWG)

http://risk.ucr.edu/erwg.html


• Commissioned in 2000• Advises, Consults, & Participates with Campus EH&S on

o Programs & Standards for Safe Conduct of Teaching & Researcho Issues Related to Research & Lab Safetyo Effective Operational Strategies with

Institutional Bio-Safety Committee Radiation Safety Committee Institutional Animal Care & Use Committee Institutional Bio-Safety Committee Institutional Review Board Pesticide Safety Committee Other Related Committees

• Monthly Meetings o Chaired by Faculty Membero Facilitated by Campus EH&S Directoro Membership of 23 Comprised from Major Functional Areas o Campus Executive Committee Provided Annual Briefing


Research Integrated Safety Committee

http://ehs.ucr.edu/laboratory/risc.html

The Evolving ERM Ecosystem at UC RiversideCampus Historical Overview

2009-2010Reacting & Responding

Campus Compliance Program Highlights

A&AS, RM, & CECO Not Yet Actively Collaborating

҉L

҉L

҉L

҉L

҉L

҉L

҉L

Established "Accountability in Laboratory Safety" Protocol Outlining Actions and Responsibil ities at All Campus Levels

Mandated & Implemented New "Violence in the Workplace" Training for All Campus Employees

Implemented Campus Emergency Status Website with Quarterly Emergency Response Testing

Lab Safety

Developed New Laboratory Safety Program Under Purview of Campus Environmental Health and Safety Director

Event Management

Efforts in Place to Develop Uniform Practices for Facil ity Scheduling & Use Applicable Campus-Wide

Campus Director of Risk Management Taking Lead to Coordinate a Standardized Process Applicable to All Activities

Developed Monthly Reporting Tool for Effective Tracking of Contracts and Grants "Principal Investigator Web Reporting System"

Research Integrity

Established a Campus Conflict of Interest Committee Established a Campus Stem Cell Research Oversight Committee

On-Going Campus-Wide Effort to Create, Implement, and Maintain Unit-Specific Business Continuity Plans

Efforts in Place to Develop and Implement Policy & Procedures to Ensure Safety and Security at All Campus Events


Risk Category Identifiable RisksInfrastructure Deferred Maintenance

Value Engineering Life Cycle Costs Space Planning

Catastrophic/Violence in the Workplace Emergency Planning Continuity Planning

IT Security System Security Data Security System Accessibility

Crime/Violence in the Workplace Building/Physical Crimes Employee-Employee Student-Student Student-Employee Third Party Non-Affiliated

Workforce/Budget/Economy Reduction In Workforce Overloaded Workforce Aging Workforce Succession Planning Attracting Qualified Candidates EPL/Discrimination Claims

Reputational Academic Misconduct Administrative Misconduct Conflict of Interest Ethics Student Conduct

Campus Safety Premises Safety Lab Safety Safety/Risk Training

Non-Compliance/Sanctions Laws Regulations Grants Policies

Travel Auto/Driver Trainingo UC Vehicleso Personal Vehicles

Team/Athletics Faculty/Staff/Studentso Domestico International

Event Management Concerts/Festivals Unsupervised Student Events Open Campus Events Unknown Events

ERWG Members Initially Identified 39 Risks within 10 Risk Categories


Reacting & Responding• RM Drafts First Campus ERM Maturity Work Plan

o UCOP RS (Developed & Adopted in 2009)o Five Components

Internal Environment/Objective Setting Event Identification/Risk Assessment Risk Responsibility/Control Activity Information & Communication Monitoring

o Input from Several Risk Focus Areas in Campus E&C Annual Work Plano Challenge in Fully Understanding COSO Modelo Connection Among Three Plans not Strong

• UCOP RS Tasks Campuses with Completing HERA Workbook• Formal ERM Process Not Yet In Place

o Ad-Hoc Committee in Place Addressing ERM Issues for Past Four Yearso ECRAC Designated to Provide Campus Oversight through E&C Programo Strategic Goals Also Used to Address Alignment with ERM Objectives


http://www.coso.org/guidance.htm

http://www.ucop.edu/enterprise-risk-management/tools-templates/risk-assessment-toolbox-content/higher-education-risk-assessment-tool.html



The Evolving ERM Ecosystem at UC Riverside 2010


UCR Campus Ethics and Compliance Program - Key Components

1. 2. 3. 4. 5. 6. 7.

Enforcement ToolsResponsive Initiatives

Incorporating the Federal Sentencing Guidelines Seven Essential Elements for an Effective Compliance Program

Active OversightPolicies, Standards, & Code of Conduct Education & TrainingOpen CommunicationsMonitoring & Metrics

Operating ControlsEmployee

Responsibilities

Monitoring ControlsSupervisory

Responsibilities

Oversight ControlsCompliance

Responsibilities

Auditing Controls

Auditing Responsibilities

Leadership Engagement

http://www.ussc.gov/guidelines-manual/2012/2012-8b21


• UCOP ECAS Provides Template for Developing E&C Annual Work PlanERWG Identifies 28 Risk Focus Areas in 7 General Risk Categories

o Reporting to UCOP ECAS on Quarterly Basis is On-Going Challenge


Campus Historical Overview2010-2011 E&C Annual Work Plan

12 Risk Focus Areas Recommended for Tracking & Reporting


Campus Metric

Campus SafetyGovernment Reporting

AccuracyData Privacy and Security Research Culture of Ethics and Compliance Investigations

Health Care Reform

UC Riverside 1) Develop a new Lab Safety program, which includes a new "Accountabil ity in Laboratory Safety" protocol which outlining actions and responsibil ities at all campus levels - including faculty, Deans and Provosts.

1) Develop a monthly reporting tool for contract and grants - "Principal Investigator Web Reporting System" (PIWRS).

UCR requires those involved with student systems to take FERPA training annually.

UCR has established a Conflict of Interest Committee (Research), as well as a Stem Cell Research Oversight Committee.

1) UCR has undertaked steps to to review delegations of authority and administrative policies.

Establish and mainatain LDO liasions with the other UC campuses and UCOP.

2) Mandate a new "violence in the workplace" training course for all employees.

2) UCR is securing campus wide access to the website "A Guide to Managing Federal Grants for Colleges and Universities;" a subscriber-only service that includes access to its website, monthly print and PDF newsletters, and print and web access to pertinent government documents.

2) Campus is roll ing out Principle Investigator reporting application which includes responsibil ity overviews.

3) Implement a Campus Emergency Status website and campus emergency response is tested quarterly.

3) Senior adminstration takes action on policy violations, such as systems access removal and funding l imitations.

4) Draft a new "Accountabil ity in Laboratory Safety " which outlines actions and responsibil ities at all campus levels - including faculty, Deans and the Provost.


• UCOP ECAS Distributes E&C Services Program Policy (February 2011) Providingo Program Guidanceo Annual E&C Work Plan Procedureso Annual Report Requirement o Annual Education Plano Confidential Reporting Mechanisms

• RM Becomes Familiar with Available ERM Activities & Tools


http://www.ucop.edu/ethics-compliance-audit-services/_files/compliance/ecs-dept-policies.pdf


Identifying Key Components/Players/Activities• UCOP ECAS Provides Guidance to Report on Select Critical Risk Focus Areas• ERWG Solicits Input from Campus Departments with Risk Assessment Template• ERWG Reviews Risk Focus Areas Using UCOP ECAS Template

o 33 Risk Focus Areas Identifiedo Quarterly Reports Remains Work-In-Progress

• CECO Submits Campus E&C Annual Work Plan Narrative & Work Plan• UCOP RS Provides Summary of ERM Maturity Work Plan Efforts for Campuses• RM Drafts Campus Enterprise Management Maturity Work Plan• RM Director Works with CECO Rep with Goal of having Both Plans in Synch• A&AS, RM, & CECO Reps Meet to Discuss UCR IA 2010-2011 Annual Report


The Evolving ERM Ecosystem at UC RiversideAudit & Advisory Services

Risk Assessment & Audit Planning Timeline

January February March April May

Data Gathering /

Analysis

Prepare Draft Plan

Complete Risk Assessment

Model

ECRAC Approves Draft Plan

Assess Current Plan Status

Revise Draft Plan

ECRAC Approves Final Plan

A&AS Tools• Interviews• E&C Annual Work Plan• Risk Focus Assessment Work Sheets• Data Analytics• Internal & External Sources

March March 17 April May May 23

Draft Plan Approved by

ECRAC

Draft Plan to UCOP

Draft Plan Reviewed by

Regent’s Audit Committee

Final Plan Approved by

ECRAC Final Plan Reviewed

by Regent’s Audit

Committee

Assess Current

Plan Status /Revise Draft Plan


Audit Plan Development Timeline


Audit Risk Assessment Methodology

• Data Gathering & Analysis• Interviews with Management & Staff• Data/Financial Analysis• Ethics & Compliance Annual Work Plan• Risk Focus Assessment Work Sheet• Campus Committees• Prior Internal & External Audit Coverage

• Complete Risk Assessment Model• Universe of Processes, Functions, Units• Scoring Universe Using Predictive Factors


Refining Reporting Tools/Establishing Collaboration • UCOP ECAS Provides Campuses System-Wide E&C Annual Work Plan• UCOP RS Tasks Campuses with Updating HERA Workbook• ERWG Identifies & Recommends Tracking & Reporting on 8 Risk Focus Areas• ERM Maturity Work Plan Built with Input from E&C Annual Work Plan• A&AS Director/RM Director/CECO Reps Meet to Compare & Contrast Respective Plans



E&C Annual Work Plan


R Risk Focus Area Objectives/Goals Responsible Unit/POC Stakeholder(s)

Outcomes Metrics (Tracking Indicators)

Estimated Date of Completion Date

Outcome Metrics (Behavioral Expectations)

1 Campus Safety Lab Safety & Integrity

Laboratory Safety Accountability Project Lab Safety Training Modules

EH&S/Director RISC/BCOE/CNAS/Other

EH&S/Training & Communications

Manager HR/RISC/CSC/BCOE/CNAS/Other

Quarterly Status Reports

Track Key Safety Factors Plan & Conduct

Internal Lab Assessments EH&S Follow Ups

LMS Development Identify Mandatory Training Develop Lab-Specific Training Modules Provide Notices to Stakeholders

On Going On Going

Increase & Maintain Number of Safety

Compliant Labs w/Overall Goal of 100% Compliance

Increase Number of Persons Properly

Trained w/Supporting Documentation & Reduce Number & Severity of Lab Incidents

2 Campus Safety Motor Vehicle Safety

Working Smarter P&P Project Implement Comprehensive Motor Vehicle

Safety Initiative

TAPS/Director

CSC/Others TAPS/Director

RISC/CSC/HR/Other

Review & Update Applicable

P&Ps/Guidelines/Best Practices Monitor & Report on

Training Through LMS Vehicle Usage & Trends Compliance to Applicable Federal, State,

Local, System-Wide Regulations

12/31/2012 On Going

Current Ready Reference for Campus

Community Reduce/Eliminate Incidents Involving UCR

Motor Vehicles Reduce Costs of Vehicle Repairs &

Maintenance Determine Effectiveness of Vehicle Usage

3 Campus Safety Safety of Minors

Develop & Implement Guidelines & Best

Practices in Concert w/UCOP Initiatives Involving the Safety of Minors on All Campuses

Conduct Internal Audit of Campus Safety

of Minors Program

RM/Director UCPD/GC/SMG/SA/RISC/CSC /Others to

Include All Campus Units w/Programs Involving Minors

A&AS/Director UCPD/RM/GC/SMG/Other

Identify & Monitor & Track Campus

Units/Programs that Sponsor Events/Activities Involving Minors

Develop & Implement General Guidelines &

Program-Specific Protocols for Sponsored Events/Activities

Determine Whether There is need to Develop Campus-Wide Policy w/Program-Specific Procedures

Define Audit Scope/Review & Respond to Audit Findings

On Going On Going On Going 12/31/2012

Establish Campus Culture that Protects &

Promotes Overall Well-Being & Safety of Minors on Campus, as well as for Sponsored Activities /Events Off Campus

Identify & Implement Plan to Address

Areas of Concerns 4 Data Privacy & Security/

Government Reporting PCI Compliance

Comprehensive Review of Campus PCI:DSS

Program Conduct Internal Audit of Campus PCI:DSS

Program

FS & C&C/AVC-FS & AVC-C&C

• SMG/Others Including All Campus Units Involved in Process of Electronic Payment Card Transactions

A&AS/Director FS/C&C/FBO/RM/SMG Other

Review & Update Campus Policies &

Departmental Procedures/Guidelines to Ensure Adherence to Applicable Sections in

BUS-49 IS-2, 3, 11, 12

Define Audit Scope/Review & Respond to Findings

On Going 12/31/2012

Update PCI:DSS Safeguards to Eliminate

Network Security Breaches & Mitigate Losses

Identify & Implement Plan to Address Areas

of Concerns 5 Research

Conflicts of Interest Conflict of Interest Initiative

OR/VC SMG/GC/Academic Senate

Review & Stay Current w/Information

Provided by UCOP General Counsel & Office of Research

Monitor for Completion & Documentation Training to Include

Introduction of Applicable Federal & State Requirements

Required Signed Documentation Statement of Economic Interest UC Conflict of Interest Code Faculty Commitment of Time Industry-Sponsored Research Publications Patents Gifts & Honoraria

Provide Greater Visibility to Policies Involving Research Concerns Working with Campus to Implement UCOP Standard Format, as applicable

Ensure Conflict of Interest Committee Remains Active & Providing Two-Way Communications

On Going

Establish Conflict of Interest Program that

Provides Requisite Guidance & Clarity to Faculty & Staff to Allow for Educated Decision to Pursue Other Interests

6 Culture of E&C School of Medicine

Compliance & Privacy Program Initiative

HS/Dean SMG/Others

Identify & Position Compliance & Privacy

Program Officer Devise & Implement Effective Compliance &

Privacy Program Review Requirements Involving Clinics &

Residencies

04/16/2012

On Going

Individual Identified & Hired w/Extensive

Experience w/UC System& Technical Expertise for Programs Involving School of Medicine

Establish & Maintain Effective Compliance & Privacy Program & Implement Tools to Address Upcoming Compliance Requirements as School of Medicine Matures

7 Culture of E&C Whistleblower Hotline

Systems are in place to report with the

expectation of prompt follow-up involving activities contrary to Statement of Ethics Values & Standards of Ethical Conduct

LDO

UCPD/RM/GC/SMG/Other

LDO records, tracks, & maintains all reports

of allegations of non-compliance not reflected in Ethics Point

ECAS: Maintain system-wide Ethics Point data

OGC: Record & track amount of attorney fees associated with retaliation cases (and/or attorney hours); settlement amounts

Risk Services: Record & track liability claims

On-Going

with 4Q reporting to reflect data gathered for FY 2012-13

Include indicators related to:

number of hotline reports; number of substantiated reports; & settlement costs.

These combined metrics provide a baseline for review & initial indications of increased awareness of what types of incidents need to be reported & employees’ responsibility to report. In addition, by beginning to review the cost of resolving claims of allegations and measuring their increase or decrease over time will provide another indicator of effective communication.

8 Investigations Claims

Campus Claims Annual Review Trends

RM/Director SMG/FBO/Others

Track, Reconcile & Report on Claims Entered

into iVOS & ERMIS Provide Trend Analysis for Risk Assessment

for ERWG Members

06/30/2012

Use Annual Claims Review & Trend Analysis

as Tool to Prioritize Risks & Develop Plans to Track & Mitigate Selected Metrics


Identifying & Implementing a Process • Implementing an E&C/ERM Process

o UCOP ECAS Provides RAP Timeline FY2013-2014o CECO Provides UCOP ECAS Rating Tool for FY 2013-2014o CECO Calls for First E&C Focus Groupo ERWG Members Provided RFA Worksheet at May Meeting o E&C Focus Group & ERWG Recommend Tracking & Reporting on 9 Risk Focus Areaso CECO Presents E&C Annual Work Plan Assessment at ECRAC Meeting in Juneo ECRAC Reviews & Prioritizes Risk Focus Areaso CECO Submits Campus E&C Work Plan in June to UCOP ECASo CECO Works with Stakeholders to Put Together Metrics & Planso CECO Conducts Quarterly Reviews of E&C Annual Work Plano CECO Drafts ERM Maturity Work Plan

• CECO Meets Quarterly with A&AS Director & RM Director • FRMP Work Plan Drafted & Approved (First Plan to Use COSO Model)



E&C Annual Work Plan


System Historical OverviewUCOP ECAS Organization (2014)


The Evolving ERM Ecosystem at UC Riverside2014


UCR Campus Ethics and Compliance Program - Key Components

1. 2. 3. 4. 5. 6. 7.

Enforcement ToolsResponsive Initiatives

Incorporating the Federal Sentencing Guidelines Seven Essential Elements for an Effective Compliance Program

Active OversightPolicies, Standards, & Code of Conduct Education & TrainingOpen CommunicationsMonitoring & Metrics

Operating ControlsEmployee

Responsibilities

Monitoring ControlsSupervisory

Responsibilities

Oversight ControlsCompliance

Responsibilities

Auditing Controls

Auditing Responsibilities

Leadership Engagement

http://www.ussc.gov/guidelines-manual/2012/2012-8b21

Current Efforts2014-2015

Reviewing & Revising the Process• UCOP ECAS• UCOP RS• ECRAC• E&C Focus Group• E&C RFA Worksheet• ERWG • RM• CECO• A&AS• E&C Annual Work Plan• ERM Maturity Work Plan• Internal Audit Work Plan• E&C Clearinghouse Website


Initial FY2013-2014 2014-2015 ECRAC

UCOP General Category Risk Focus Area Identified Ranking ERWG (16/20) FG (15/19)Delta AVG Ranking Ranking

Campus Safety Lab Safety & Integrity 2009-2010 3 4.04 4.38 0.34 4.213 1

Campus Safety Safety of General Community 2013-2014 1 4.00 4.23 0.23 4.115 2

Campus Safety Phys ica l Infrastructure 2009-2010 14 3.54 3.92 0.38 3.732 3Data Privacy & Securi ty/ Government Reporting PCI Compl iance 2010-2011 12 3.58 3.85 0.26 3.715 4

Campus Safety Safety of Minors 2012-2013 2 3.85 3.46 0.38 3.654 5

Investigations Al legations 2014-2015 NR 3.50 3.71 0.21 3.607 6

Data Privacy & Securi ty Campus Standards & Internal Controls 2014-2015 NR 3.50 3.43 0.07 3.464 7

Culture of E&C Crisis Management 2013-2014 4 3.67 3.15 0.51 3.410 8

Campus Safety Violence Against Women Act (VAWA) 2014-2015 NR 3.36 3.36 0.00 3.357 9

Research NSF/NIH New Auditing Techniques 2013-2014 5 3.36 3.25 0.11 3.307 10

Healthcare Third Party Relationships 2013-2014 NR 3.45 3.15 0.30 3.304

Healthcare Regulatory Concerns 2014-2015 NR 3.45 3.15 0.30 3.304

Culture of E&C School of Medicine 2012-2013 8 3.23 3.33 0.11 3.280

Campus Safety Student Concerns (Alcohol Use/Driving) 2013-2014 7 3.23 3.31 0.08 3.269

Campus Safety Facul ty-Student Relationships 2013-2014 20 3.54 3.00 0.54 3.269

Data Privacy & Securi ty E-Discovery 2013-2014 13 3.42 3.08 0.34 3.247

Campus Safety Bus iness Continuity Plan 2013-2014 NR 3.00 3.43 0.43 3.214

Campus Safety Reputation of Univers i ty 2013-2014 11 3.35 3.08 0.27 3.212

Culture of E&C OFCCP Areas of Concerns 2013-2014 6 3.00 3.38 0.38 3.192

Campus SafetyCo-Exis tence of Travel Modes on Campus 2014-2015 NR 3.29 3.07 0.21 3.179

Investigations Cla ims 2010-2011 16 3.29 2.92 0.38 3.104Campus Safety/ Cul ture of E&C Americans Disabi l ities Act (ADA) 2011-2012 NR 3.29 2.86 0.43 3.071

Culture of E&C Development of Facul ty 2014-2015 NR 2.77 3.33 0.56 3.051

Culture of E&C Salary Inequities 2014-2015 NR 2.89 3.13 0.24 3.007

Culture of E&C Work Force Stressors/Staff Development 2013-2014 9 2.83 3.15 0.32 2.994

ResearchConfl ict of Interest/Confl ict of Commitment 2014-2015 NR 3.04 2.92 0.12 2.982

Culture of E&CEngaged & Informed Risk Assessments 2013-2014 21 2.88 2.92 0.04 2.904

Culture of E&C NCAA Regulations 2014-2015 NR 3.04 2.71 0.33 2.878

Data Privacy & Securi ty Records Management & Retention 2013-2014 18 2.73 2.92 0.19 2.827

Campus Safety Motor Vehicle Safety 2009-2010 10 2.92 2.69 0.23 2.808

Culture of E&C Events Management 2011-2012 NR 2.93 2.64 0.29 2.786

Government Reporting Payrol l Certifi cation 2009-2010 19 2.73 2.83 0.11 2.780

Culture of E&C Campus Cl imate Survey 2014-2015 NR 2.44 3.00 0.56 2.722

Culture of E&C Pol icy Management 2010-2011 NR 2.71 2.71 0.00 2.714

Investigations Whistleblower 2010-2011 22 2.83 2.46 0.37 2.647

Research Intel lectua l Property 2014-2015 NR 2.45 2.77 0.31 2.612

Research Export Controls 2013-2014 15 2.44 2.73 0.28 2.586

Culture of E&C International Agreements 2013-2014 NR 2.38 2.75 0.37 2.567

Culture of E&C Campus Compl iance Ca lendar 2014-2015 NR 2.36 2.21 0.14 2.286

Campus Safety Assembly & Free Speech 2012-2013 17 2.23 2.23 0.00 2.231

3.11 3.12 0.00 3.115

Risk Rank (1-5 [1=Slight to 5=Severe])

http://compliance.ucr.edu/

Moving Forward

• ERWG Involvement• ECRAC Commitment

• CECO Champion

• ERM Website• Research• School of Medicine


http://www.ucop.edu/enterprise-risk-management/tools-templates/ermis/index.html


http://or.ucr.edu/

http://medschool.ucr.edu/

Moving ForwardHeat Maps, Balanced Scorecards, Data Dictionaries

http://www.ucop.edu/enterprise-risk-management/procedures/objective-setting/using-the-balanced-scorecard.html




Moving ForwardData Analytics


The science of examining raw data with the purpose of drawing conclusions about that information.

Moving ForwardUCOP RS MMR




Moving ForwardUCOP RS ERMIS

http://www.ucop.edu/enterprise-risk-management/tools-templates/ermis/ermis-dashboards.html


ERMIS Objectives Include:• Better Quantitative Analysis Capabilities• Improved Analytical & Reporting Capabilities• Support for Leading Risk Governance & Compliance

Processes• System-Wide Visibility, with Local Flexibility• Scalability without additional burden on UC staff



Moving ForwardSharing Within UC


Moving Forward-One Step at a TimeChallenges/Opportunities


Committed Risk OwnersThe Evolving ERM Ecosystem at UC Riverside

Systematically Prioritizing RisksThe Evolving ERM Ecosystem at UC Riverside

UCOP ECAS/RSContinued Guidance & Collaboration

/


Move Forward with PurposeThe Evolving ERM Ecosystem at UC Riverside

Contact Information• Nida Niravanh: [email protected]• Greg Moore: [email protected]• Tim Willette: [email protected]

mailto:[email protected]



Documents

Purpose Provide an Overview of the Evolution of the Enterprise Risk Management (ERM) Ecosystem at UC Riverside o from the early efforts of reacting & responding