Upload
shana-joseph
View
213
Download
0
Tags:
Embed Size (px)
Citation preview
Purpose
• Provide an Overview of the Evolution of the Enterprise Risk Management (ERM) Ecosystem at UC Riversideo from the early efforts of reacting & responding
o to the drafting & modifying of an effective compliance & ethics annual work plan & enterprise risk management maturity work plan
o to the current focus of developing a coordinated & comprehensive methodology
• with the goal of having a campus culture of ingrained shared governance, responsive risk management, & collaborative compliance.
The Evolving ERM Ecosystem at UC Riverside
Learning Objectives Objective 1: Provide an Overview of the ERM Model at
UCR Objective 2: Provide Insights to the Importance of Campus-
Wide Collaboration Objective 3: Identify the Challenges & Opportunities in
Starting & Maintaining an Effective & Energized Campus ERM Program
The Evolving ERM Ecosystem at UC Riverside
Where have we been?
The Evolving ERM Ecosystem at UC RiversidePractical Overview
Where are we at?
The Evolving ERM Ecosystem at UC RiversidePractical Overview
Where are we going?
The Evolving ERM Ecosystem at UC RiversidePractical Overview
ComplianceCompliance is either a state of being in accordance with established guidelines,
specifications, or legislation or the process of becoming so.(What we are required to do)
The Evolving ERM Ecosystem at UC RiversidePractical Terms
EthicsThe basic concepts & fundamental principles of decent human conduct.
(What we should do)UC Standards of Ethical Conduct
The Evolving ERM Ecosystem at UC RiversidePractical Terms
Tartan PrideIntegrityExcellenceAccountabilityRespect
RiskA probability or threat of damage, injury, liability, loss, or any other negative
occurrence that is caused by external or internal vulnerabilities, & that may be avoided through preemptive action.
(What we must & should be aware of)
The Evolving ERM Ecosystem at UC RiversidePractical Terms
Risk Management (RM)The identification, analysis, assessment, control, & avoidance,
minimization, or elimination of unacceptable risks.(What we do to optimize effectiveness in achieving objectives)
The Evolving ERM Ecosystem at UC RiversidePractical Terms
Internal Controls Process for assuring achievement of an organization's objectives in
operational effectiveness & efficiency, reliable financial reporting, & compliance with laws, regulations, & policies.
(What we do to check on effectiveness in achieving our mission)
The Evolving ERM Ecosystem at UC RiversidePractical Terms
Enterprise Risk Management (ERM)Process, effected by entity’s board of directors, management, & other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations,
reporting, & compliance.(What we do to optimize effectiveness in achieving objectives)
http://www.ucop.edu/enterprise-risk-management/procedures/what-is-erm.html
The Evolving ERM Ecosystem at UC RiversidePractical Terms
Shared Governance"The University has a dual-track system of authority & responsibility which presumes that faculty members are best qualified to chart the University's educational course, while administrators are
most competent to direct its finances & organization. In practice, these domains are overlapping & interdependent. To function successfully together, faculty & administrators depend upon a high
degree of consultation, trust, mutual respect, & a tradition of collegiality."
(Collaboration in UCR 2020 The Path to Preeminence)
The Evolving ERM Ecosystem at UC RiversidePractical Terms
System Historical Overview• UCOP ECAS Oversight (Beginning in Fall 2007)
Establish & Champion System-Wide C&E Program
The Evolving ERM Ecosystem at UC Riverside
System Historical OverviewUC Ethics & Compliance Risk Council
Monthly Meetings with Campus CECOs
The Evolving ERM Ecosystem at UC Riverside
System Historical OverviewUCOP ECAS Organization (2008)
The Evolving ERM Ecosystem at UC Riverside
System Historical OverviewUC System-Wide Compliance (2008)
The Evolving ERM Ecosystem at UC Riverside
Campus Historical Overview2009-2010
ECRAC Charter (July 2009)• Provide Campus Oversight to UC E&C Program • Advises SVP/Chief Compliance & Audit Officer thru UC E&C Risk Council• Quarterly Meetings Co-Chaired by Campus EVC&P & CECO• Facilitated by Director of A&AS• Committee Membership Comprised of 20 Senior Campus Reps• Responsible for Overall Campus Culture• Identify & Implement Tools, Metrics, & Processes to Effectively Monitor Climate• Encourage Awareness of Compliance & Open Lines of Communication • Monitor Effectiveness & Consistency of Compliance • Track Effectiveness of Risk Assessment Tools • Advise on Guidance, Education, & Training• Provide Quarterly & Annual Campus Compliance Reports to
o UC Ethics & Compliance Risk Council o SVP/Chief Compliance & Audit Officer
The Evolving ERM Ecosystem at UC Riverside
Ethics, Compliance, Risk, and Audit Controls Committee (ECRAC)
Campus Historical Overview2009-2010
• Commissioned 2009 by CECO Providing Oversight of Campus ERM• Chaired & Facilitated by RM Director• Advises Campus ECRAC• Meets Quarterly• Membership of 20 Comprised from Major Functional Areas• Establish Common Language for Managing Campus Risk• Collaborate on Comprehensive & Balanced Approach to Identify & Manage Risks• Provide Assurance ERM Decisions are Aligned with Campus Vision & Goals• Communicate Strategies to Respective Stakeholders• Responsible for Campus Overall ERM Program (Implementation, Metrics, & Monitoring)• Advise on Need for Campus-Specific P&Ps, Training as it Relates to Specific Risk Areas• Review Risk Areas of High Priority & Proposed Risk Mitigation Activities
The Evolving ERM Ecosystem at UC Riverside
Enterprise Risk Work Group (ERWG)
Campus Historical Overview2009-2010
• Commissioned in 2000• Advises, Consults, & Participates with Campus EH&S on
o Programs & Standards for Safe Conduct of Teaching & Researcho Issues Related to Research & Lab Safetyo Effective Operational Strategies with
Institutional Bio-Safety Committee Radiation Safety Committee Institutional Animal Care & Use Committee Institutional Bio-Safety Committee Institutional Review Board Pesticide Safety Committee Other Related Committees
• Monthly Meetings o Chaired by Faculty Membero Facilitated by Campus EH&S Directoro Membership of 23 Comprised from Major Functional Areas o Campus Executive Committee Provided Annual Briefing
The Evolving ERM Ecosystem at UC Riverside
Research Integrated Safety Committee
The Evolving ERM Ecosystem at UC RiversideCampus Historical Overview
2009-2010Reacting & Responding
Campus Compliance Program Highlights
A&AS, RM, & CECO Not Yet Actively Collaborating
҉L
҉L
҉L
҉L
҉L
҉L
҉L
Established "Accountability in Laboratory Safety" Protocol Outlining Actions and Responsibil ities at All Campus Levels
Mandated & Implemented New "Violence in the Workplace" Training for All Campus Employees
Implemented Campus Emergency Status Website with Quarterly Emergency Response Testing
Lab Safety
Developed New Laboratory Safety Program Under Purview of Campus Environmental Health and Safety Director
Event Management
Efforts in Place to Develop Uniform Practices for Facil ity Scheduling & Use Applicable Campus-Wide
Campus Director of Risk Management Taking Lead to Coordinate a Standardized Process Applicable to All Activities
Developed Monthly Reporting Tool for Effective Tracking of Contracts and Grants "Principal Investigator Web Reporting System"
Research Integrity
Established a Campus Conflict of Interest Committee Established a Campus Stem Cell Research Oversight Committee
On-Going Campus-Wide Effort to Create, Implement, and Maintain Unit-Specific Business Continuity Plans
Efforts in Place to Develop and Implement Policy & Procedures to Ensure Safety and Security at All Campus Events
The Evolving ERM Ecosystem at UC Riverside
Risk Category Identifiable RisksInfrastructure Deferred Maintenance
Value Engineering Life Cycle Costs Space Planning
Catastrophic/Violence in the Workplace Emergency Planning Continuity Planning
IT Security System Security Data Security System Accessibility
Crime/Violence in the Workplace Building/Physical Crimes Employee-Employee Student-Student Student-Employee Third Party Non-Affiliated
Workforce/Budget/Economy Reduction In Workforce Overloaded Workforce Aging Workforce Succession Planning Attracting Qualified Candidates EPL/Discrimination Claims
Reputational Academic Misconduct Administrative Misconduct Conflict of Interest Ethics Student Conduct
Campus Safety Premises Safety Lab Safety Safety/Risk Training
Non-Compliance/Sanctions Laws Regulations Grants Policies
Travel Auto/Driver Trainingo UC Vehicleso Personal Vehicles
Team/Athletics Faculty/Staff/Studentso Domestico International
Event Management Concerts/Festivals Unsupervised Student Events Open Campus Events Unknown Events
ERWG Members Initially Identified 39 Risks within 10 Risk Categories
Campus Historical Overview2009-2010
Reacting & Responding• RM Drafts First Campus ERM Maturity Work Plan
o UCOP RS (Developed & Adopted in 2009)o Five Components
Internal Environment/Objective Setting Event Identification/Risk Assessment Risk Responsibility/Control Activity Information & Communication Monitoring
o Input from Several Risk Focus Areas in Campus E&C Annual Work Plano Challenge in Fully Understanding COSO Modelo Connection Among Three Plans not Strong
• UCOP RS Tasks Campuses with Completing HERA Workbook• Formal ERM Process Not Yet In Place
o Ad-Hoc Committee in Place Addressing ERM Issues for Past Four Yearso ECRAC Designated to Provide Campus Oversight through E&C Programo Strategic Goals Also Used to Address Alignment with ERM Objectives
The Evolving ERM Ecosystem at UC Riverside
The Evolving ERM Ecosystem at UC Riverside 2010
The Evolving ERM Ecosystem at UC Riverside 2010
UCR Campus Ethics and Compliance Program - Key Components
1. 2. 3. 4. 5. 6. 7.
Enforcement ToolsResponsive Initiatives
Incorporating the Federal Sentencing Guidelines Seven Essential Elements for an Effective Compliance Program
Active OversightPolicies, Standards, & Code of Conduct Education & TrainingOpen CommunicationsMonitoring & Metrics
Operating ControlsEmployee
Responsibilities
Monitoring ControlsSupervisory
Responsibilities
Oversight ControlsCompliance
Responsibilities
Auditing Controls
Auditing Responsibilities
Leadership Engagement
Campus Historical Overview2010-2011
• UCOP ECAS Provides Template for Developing E&C Annual Work PlanERWG Identifies 28 Risk Focus Areas in 7 General Risk Categories
o Reporting to UCOP ECAS on Quarterly Basis is On-Going Challenge
The Evolving ERM Ecosystem at UC Riverside
Campus Historical Overview2010-2011 E&C Annual Work Plan
12 Risk Focus Areas Recommended for Tracking & Reporting
The Evolving ERM Ecosystem at UC Riverside
Campus Metric
Campus SafetyGovernment Reporting
AccuracyData Privacy and Security Research Culture of Ethics and Compliance Investigations
Health Care Reform
UC Riverside 1) Develop a new Lab Safety program, which includes a new "Accountabil ity in Laboratory Safety" protocol which outlining actions and responsibil ities at all campus levels - including faculty, Deans and Provosts.
1) Develop a monthly reporting tool for contract and grants - "Principal Investigator Web Reporting System" (PIWRS).
UCR requires those involved with student systems to take FERPA training annually.
UCR has established a Conflict of Interest Committee (Research), as well as a Stem Cell Research Oversight Committee.
1) UCR has undertaked steps to to review delegations of authority and administrative policies.
Establish and mainatain LDO liasions with the other UC campuses and UCOP.
2) Mandate a new "violence in the workplace" training course for all employees.
2) UCR is securing campus wide access to the website "A Guide to Managing Federal Grants for Colleges and Universities;" a subscriber-only service that includes access to its website, monthly print and PDF newsletters, and print and web access to pertinent government documents.
2) Campus is roll ing out Principle Investigator reporting application which includes responsibil ity overviews.
3) Implement a Campus Emergency Status website and campus emergency response is tested quarterly.
3) Senior adminstration takes action on policy violations, such as systems access removal and funding l imitations.
4) Draft a new "Accountabil ity in Laboratory Safety " which outlines actions and responsibil ities at all campus levels - including faculty, Deans and the Provost.
Campus Historical Overview2010-2011
• UCOP ECAS Distributes E&C Services Program Policy (February 2011) Providingo Program Guidanceo Annual E&C Work Plan Procedureso Annual Report Requirement o Annual Education Plano Confidential Reporting Mechanisms
• RM Becomes Familiar with Available ERM Activities & Tools
The Evolving ERM Ecosystem at UC Riverside
Campus Historical Overview2011-2012
Identifying Key Components/Players/Activities• UCOP ECAS Provides Guidance to Report on Select Critical Risk Focus Areas• ERWG Solicits Input from Campus Departments with Risk Assessment Template• ERWG Reviews Risk Focus Areas Using UCOP ECAS Template
o 33 Risk Focus Areas Identifiedo Quarterly Reports Remains Work-In-Progress
• CECO Submits Campus E&C Annual Work Plan Narrative & Work Plan• UCOP RS Provides Summary of ERM Maturity Work Plan Efforts for Campuses• RM Drafts Campus Enterprise Management Maturity Work Plan• RM Director Works with CECO Rep with Goal of having Both Plans in Synch• A&AS, RM, & CECO Reps Meet to Discuss UCR IA 2010-2011 Annual Report
The Evolving ERM Ecosystem at UC Riverside
The Evolving ERM Ecosystem at UC RiversideAudit & Advisory Services
Risk Assessment & Audit Planning Timeline
January February March April May
Data Gathering /
Analysis
Prepare Draft Plan
Complete Risk Assessment
Model
ECRAC Approves Draft Plan
Assess Current Plan Status
Revise Draft Plan
ECRAC Approves Final Plan
A&AS Tools• Interviews• E&C Annual Work Plan• Risk Focus Assessment Work Sheets• Data Analytics• Internal & External Sources
March March 17 April May May 23
Draft Plan Approved by
ECRAC
Draft Plan to UCOP
Draft Plan Reviewed by
Regent’s Audit Committee
Final Plan Approved by
ECRAC Final Plan Reviewed
by Regent’s Audit
Committee
Assess Current
Plan Status /Revise Draft Plan
The Evolving ERM Ecosystem at UC RiversideAudit & Advisory Services
Audit Plan Development Timeline
The Evolving ERM Ecosystem at UC RiversideAudit & Advisory Services
Audit Risk Assessment Methodology
• Data Gathering & Analysis• Interviews with Management & Staff• Data/Financial Analysis• Ethics & Compliance Annual Work Plan• Risk Focus Assessment Work Sheet• Campus Committees• Prior Internal & External Audit Coverage
• Complete Risk Assessment Model• Universe of Processes, Functions, Units• Scoring Universe Using Predictive Factors
Campus Historical Overview2012-2013
Refining Reporting Tools/Establishing Collaboration • UCOP ECAS Provides Campuses System-Wide E&C Annual Work Plan• UCOP RS Tasks Campuses with Updating HERA Workbook• ERWG Identifies & Recommends Tracking & Reporting on 8 Risk Focus Areas• ERM Maturity Work Plan Built with Input from E&C Annual Work Plan• A&AS Director/RM Director/CECO Reps Meet to Compare & Contrast Respective Plans
The Evolving ERM Ecosystem at UC Riverside
Campus Historical Overview2012-2013
E&C Annual Work Plan
The Evolving ERM Ecosystem at UC Riverside
R Risk Focus Area Objectives/Goals Responsible Unit/POC Stakeholder(s)
Outcomes Metrics (Tracking Indicators)
Estimated Date of Completion Date
Outcome Metrics (Behavioral Expectations)
1 Campus Safety Lab Safety & Integrity
Laboratory Safety Accountability Project Lab Safety Training Modules
EH&S/Director RISC/BCOE/CNAS/Other
EH&S/Training & Communications
Manager HR/RISC/CSC/BCOE/CNAS/Other
Quarterly Status Reports
Track Key Safety Factors Plan & Conduct
Internal Lab Assessments EH&S Follow Ups
LMS Development Identify Mandatory Training Develop Lab-Specific Training Modules Provide Notices to Stakeholders
On Going On Going
Increase & Maintain Number of Safety
Compliant Labs w/Overall Goal of 100% Compliance
Increase Number of Persons Properly
Trained w/Supporting Documentation & Reduce Number & Severity of Lab Incidents
2 Campus Safety Motor Vehicle Safety
Working Smarter P&P Project Implement Comprehensive Motor Vehicle
Safety Initiative
TAPS/Director
CSC/Others TAPS/Director
RISC/CSC/HR/Other
Review & Update Applicable
P&Ps/Guidelines/Best Practices Monitor & Report on
Training Through LMS Vehicle Usage & Trends Compliance to Applicable Federal, State,
Local, System-Wide Regulations
12/31/2012 On Going
Current Ready Reference for Campus
Community Reduce/Eliminate Incidents Involving UCR
Motor Vehicles Reduce Costs of Vehicle Repairs &
Maintenance Determine Effectiveness of Vehicle Usage
3 Campus Safety Safety of Minors
Develop & Implement Guidelines & Best
Practices in Concert w/UCOP Initiatives Involving the Safety of Minors on All Campuses
Conduct Internal Audit of Campus Safety
of Minors Program
RM/Director UCPD/GC/SMG/SA/RISC/CSC /Others to
Include All Campus Units w/Programs Involving Minors
A&AS/Director UCPD/RM/GC/SMG/Other
Identify & Monitor & Track Campus
Units/Programs that Sponsor Events/Activities Involving Minors
Develop & Implement General Guidelines &
Program-Specific Protocols for Sponsored Events/Activities
Determine Whether There is need to Develop Campus-Wide Policy w/Program-Specific Procedures
Define Audit Scope/Review & Respond to Audit Findings
On Going On Going On Going 12/31/2012
Establish Campus Culture that Protects &
Promotes Overall Well-Being & Safety of Minors on Campus, as well as for Sponsored Activities /Events Off Campus
Identify & Implement Plan to Address
Areas of Concerns 4 Data Privacy & Security/
Government Reporting PCI Compliance
Comprehensive Review of Campus PCI:DSS
Program Conduct Internal Audit of Campus PCI:DSS
Program
FS & C&C/AVC-FS & AVC-C&C
• SMG/Others Including All Campus Units Involved in Process of Electronic Payment Card Transactions
A&AS/Director FS/C&C/FBO/RM/SMG Other
Review & Update Campus Policies &
Departmental Procedures/Guidelines to Ensure Adherence to Applicable Sections in
BUS-49 IS-2, 3, 11, 12
Define Audit Scope/Review & Respond to Findings
On Going 12/31/2012
Update PCI:DSS Safeguards to Eliminate
Network Security Breaches & Mitigate Losses
Identify & Implement Plan to Address Areas
of Concerns 5 Research
Conflicts of Interest Conflict of Interest Initiative
OR/VC SMG/GC/Academic Senate
Review & Stay Current w/Information
Provided by UCOP General Counsel & Office of Research
Monitor for Completion & Documentation Training to Include
Introduction of Applicable Federal & State Requirements
Required Signed Documentation Statement of Economic Interest UC Conflict of Interest Code Faculty Commitment of Time Industry-Sponsored Research Publications Patents Gifts & Honoraria
Provide Greater Visibility to Policies Involving Research Concerns Working with Campus to Implement UCOP Standard Format, as applicable
Ensure Conflict of Interest Committee Remains Active & Providing Two-Way Communications
On Going
Establish Conflict of Interest Program that
Provides Requisite Guidance & Clarity to Faculty & Staff to Allow for Educated Decision to Pursue Other Interests
6 Culture of E&C School of Medicine
Compliance & Privacy Program Initiative
HS/Dean SMG/Others
Identify & Position Compliance & Privacy
Program Officer Devise & Implement Effective Compliance &
Privacy Program Review Requirements Involving Clinics &
Residencies
04/16/2012
On Going
Individual Identified & Hired w/Extensive
Experience w/UC System& Technical Expertise for Programs Involving School of Medicine
Establish & Maintain Effective Compliance & Privacy Program & Implement Tools to Address Upcoming Compliance Requirements as School of Medicine Matures
7 Culture of E&C Whistleblower Hotline
Systems are in place to report with the
expectation of prompt follow-up involving activities contrary to Statement of Ethics Values & Standards of Ethical Conduct
LDO
UCPD/RM/GC/SMG/Other
LDO records, tracks, & maintains all reports
of allegations of non-compliance not reflected in Ethics Point
ECAS: Maintain system-wide Ethics Point data
OGC: Record & track amount of attorney fees associated with retaliation cases (and/or attorney hours); settlement amounts
Risk Services: Record & track liability claims
On-Going
with 4Q reporting to reflect data gathered for FY 2012-13
Include indicators related to:
number of hotline reports; number of substantiated reports; & settlement costs.
These combined metrics provide a baseline for review & initial indications of increased awareness of what types of incidents need to be reported & employees’ responsibility to report. In addition, by beginning to review the cost of resolving claims of allegations and measuring their increase or decrease over time will provide another indicator of effective communication.
8 Investigations Claims
Campus Claims Annual Review Trends
RM/Director SMG/FBO/Others
Track, Reconcile & Report on Claims Entered
into iVOS & ERMIS Provide Trend Analysis for Risk Assessment
for ERWG Members
06/30/2012
Use Annual Claims Review & Trend Analysis
as Tool to Prioritize Risks & Develop Plans to Track & Mitigate Selected Metrics
Campus Historical Overview2013-2014
Identifying & Implementing a Process • Implementing an E&C/ERM Process
o UCOP ECAS Provides RAP Timeline FY2013-2014o CECO Provides UCOP ECAS Rating Tool for FY 2013-2014o CECO Calls for First E&C Focus Groupo ERWG Members Provided RFA Worksheet at May Meeting o E&C Focus Group & ERWG Recommend Tracking & Reporting on 9 Risk Focus Areaso CECO Presents E&C Annual Work Plan Assessment at ECRAC Meeting in Juneo ECRAC Reviews & Prioritizes Risk Focus Areaso CECO Submits Campus E&C Work Plan in June to UCOP ECASo CECO Works with Stakeholders to Put Together Metrics & Planso CECO Conducts Quarterly Reviews of E&C Annual Work Plano CECO Drafts ERM Maturity Work Plan
• CECO Meets Quarterly with A&AS Director & RM Director • FRMP Work Plan Drafted & Approved (First Plan to Use COSO Model)
The Evolving ERM Ecosystem at UC Riverside
Campus Historical Overview2013-2014
E&C Annual Work Plan
The Evolving ERM Ecosystem at UC Riverside
System Historical OverviewUCOP ECAS Organization (2014)
The Evolving ERM Ecosystem at UC Riverside
The Evolving ERM Ecosystem at UC Riverside2014
The Evolving ERM Ecosystem at UC Riverside 2014
UCR Campus Ethics and Compliance Program - Key Components
1. 2. 3. 4. 5. 6. 7.
Enforcement ToolsResponsive Initiatives
Incorporating the Federal Sentencing Guidelines Seven Essential Elements for an Effective Compliance Program
Active OversightPolicies, Standards, & Code of Conduct Education & TrainingOpen CommunicationsMonitoring & Metrics
Operating ControlsEmployee
Responsibilities
Monitoring ControlsSupervisory
Responsibilities
Oversight ControlsCompliance
Responsibilities
Auditing Controls
Auditing Responsibilities
Leadership Engagement
Current Efforts2014-2015
Reviewing & Revising the Process• UCOP ECAS• UCOP RS• ECRAC• E&C Focus Group• E&C RFA Worksheet• ERWG • RM• CECO• A&AS• E&C Annual Work Plan• ERM Maturity Work Plan• Internal Audit Work Plan• E&C Clearinghouse Website
The Evolving ERM Ecosystem at UC Riverside
Initial FY2013-2014 2014-2015 ECRAC
UCOP General Category Risk Focus Area Identified Ranking ERWG (16/20) FG (15/19)Delta AVG Ranking Ranking
Campus Safety Lab Safety & Integrity 2009-2010 3 4.04 4.38 0.34 4.213 1
Campus Safety Safety of General Community 2013-2014 1 4.00 4.23 0.23 4.115 2
Campus Safety Phys ica l Infrastructure 2009-2010 14 3.54 3.92 0.38 3.732 3Data Privacy & Securi ty/ Government Reporting PCI Compl iance 2010-2011 12 3.58 3.85 0.26 3.715 4
Campus Safety Safety of Minors 2012-2013 2 3.85 3.46 0.38 3.654 5
Investigations Al legations 2014-2015 NR 3.50 3.71 0.21 3.607 6
Data Privacy & Securi ty Campus Standards & Internal Controls 2014-2015 NR 3.50 3.43 0.07 3.464 7
Culture of E&C Crisis Management 2013-2014 4 3.67 3.15 0.51 3.410 8
Campus Safety Violence Against Women Act (VAWA) 2014-2015 NR 3.36 3.36 0.00 3.357 9
Research NSF/NIH New Auditing Techniques 2013-2014 5 3.36 3.25 0.11 3.307 10
Healthcare Third Party Relationships 2013-2014 NR 3.45 3.15 0.30 3.304
Healthcare Regulatory Concerns 2014-2015 NR 3.45 3.15 0.30 3.304
Culture of E&C School of Medicine 2012-2013 8 3.23 3.33 0.11 3.280
Campus Safety Student Concerns (Alcohol Use/Driving) 2013-2014 7 3.23 3.31 0.08 3.269
Campus Safety Facul ty-Student Relationships 2013-2014 20 3.54 3.00 0.54 3.269
Data Privacy & Securi ty E-Discovery 2013-2014 13 3.42 3.08 0.34 3.247
Campus Safety Bus iness Continuity Plan 2013-2014 NR 3.00 3.43 0.43 3.214
Campus Safety Reputation of Univers i ty 2013-2014 11 3.35 3.08 0.27 3.212
Culture of E&C OFCCP Areas of Concerns 2013-2014 6 3.00 3.38 0.38 3.192
Campus SafetyCo-Exis tence of Travel Modes on Campus 2014-2015 NR 3.29 3.07 0.21 3.179
Investigations Cla ims 2010-2011 16 3.29 2.92 0.38 3.104Campus Safety/ Cul ture of E&C Americans Disabi l ities Act (ADA) 2011-2012 NR 3.29 2.86 0.43 3.071
Culture of E&C Development of Facul ty 2014-2015 NR 2.77 3.33 0.56 3.051
Culture of E&C Salary Inequities 2014-2015 NR 2.89 3.13 0.24 3.007
Culture of E&C Work Force Stressors/Staff Development 2013-2014 9 2.83 3.15 0.32 2.994
ResearchConfl ict of Interest/Confl ict of Commitment 2014-2015 NR 3.04 2.92 0.12 2.982
Culture of E&CEngaged & Informed Risk Assessments 2013-2014 21 2.88 2.92 0.04 2.904
Culture of E&C NCAA Regulations 2014-2015 NR 3.04 2.71 0.33 2.878
Data Privacy & Securi ty Records Management & Retention 2013-2014 18 2.73 2.92 0.19 2.827
Campus Safety Motor Vehicle Safety 2009-2010 10 2.92 2.69 0.23 2.808
Culture of E&C Events Management 2011-2012 NR 2.93 2.64 0.29 2.786
Government Reporting Payrol l Certifi cation 2009-2010 19 2.73 2.83 0.11 2.780
Culture of E&C Campus Cl imate Survey 2014-2015 NR 2.44 3.00 0.56 2.722
Culture of E&C Pol icy Management 2010-2011 NR 2.71 2.71 0.00 2.714
Investigations Whistleblower 2010-2011 22 2.83 2.46 0.37 2.647
Research Intel lectua l Property 2014-2015 NR 2.45 2.77 0.31 2.612
Research Export Controls 2013-2014 15 2.44 2.73 0.28 2.586
Culture of E&C International Agreements 2013-2014 NR 2.38 2.75 0.37 2.567
Culture of E&C Campus Compl iance Ca lendar 2014-2015 NR 2.36 2.21 0.14 2.286
Campus Safety Assembly & Free Speech 2012-2013 17 2.23 2.23 0.00 2.231
3.11 3.12 0.00 3.115
Risk Rank (1-5 [1=Slight to 5=Severe])
Moving Forward
• ERWG Involvement• ECRAC Commitment
• CECO Champion
• ERM Website• Research• School of Medicine
The Evolving ERM Ecosystem at UC Riverside
Moving ForwardHeat Maps, Balanced Scorecards, Data Dictionaries
http://www.ucop.edu/enterprise-risk-management/procedures/objective-setting/using-the-balanced-scorecard.html
The Evolving ERM Ecosystem at UC Riverside
Moving ForwardData Analytics
The Evolving ERM Ecosystem at UC Riverside
The science of examining raw data with the purpose of drawing conclusions about that information.
Moving ForwardUCOP RS MMR
http://www.ucop.edu/enterprise-risk-management/tools-templates/ermis/index.html
The Evolving ERM Ecosystem at UC Riverside
Moving ForwardUCOP RS ERMIS
http://www.ucop.edu/enterprise-risk-management/tools-templates/ermis/ermis-dashboards.html
The Evolving ERM Ecosystem at UC Riverside
ERMIS Objectives Include:• Better Quantitative Analysis Capabilities• Improved Analytical & Reporting Capabilities• Support for Leading Risk Governance & Compliance
Processes• System-Wide Visibility, with Local Flexibility• Scalability without additional burden on UC staff
Moving ForwardSharing Within UC
The Evolving ERM Ecosystem at UC Riverside
Moving Forward-One Step at a TimeChallenges/Opportunities
The Evolving ERM Ecosystem at UC Riverside
Committed Risk OwnersThe Evolving ERM Ecosystem at UC Riverside
Systematically Prioritizing RisksThe Evolving ERM Ecosystem at UC Riverside
UCOP ECAS/RSContinued Guidance & Collaboration
/
The Evolving ERM Ecosystem at UC Riverside
Move Forward with PurposeThe Evolving ERM Ecosystem at UC Riverside
Contact Information• Nida Niravanh: [email protected]• Greg Moore: [email protected]• Tim Willette: [email protected]