No organization is perfect. Policies and procedures are designed to minimize human error. However, the risk of human error remains. All organizations are subject to change--sometimes gradual, sometimes drastic. Every change potentially alters the myriad of risks an organization must take into account.
One of the missions of the Office of Government Relations, Compliance and Procedures (OGRCP) is to remain vigilant in identifying organizational risk and changes which impact risk so that management can better decide how to allocate resources to prevent the bad outcomes resulting from a given risk.
Risks appear everywhere in everything we do. Compliance Risks are those risks either which arise when policies and procedures are not followed or when they are insufficient or ineffective. Some compliance risks are significant; others are comparatively trivial. They come in many forms. Compliance risks may be safety-related, such as the outcomes associated with violating administrative procedures . They may be finance-related, such as the risk of loss by way of waste, fraud or abuse associated with violating, for example, procurement procedures or conflict of interest policies. Compliance risk may even be academically related, such as where our students’ education and our reputation is jeopardized when graduation rules are misapplied or ignored.
When compliance risks are identified by the OGRCP we communicate the risks to management. Management may act to eliminate, mitigate, transfer or monitor the risks. In some instances, the OGRCP can assist management directly with the risks. Subject to our own resources, we can sometimes provide oversight or help to train employees or assist in revising procedures which govern the identified risks. Often we can provide assistance in coordinating efforts by different departments to reduce risk.
Our ongoing tasks include regular review of Administrative Procedures and Board of Education Policies and the laws and regulations on which they are based. Changes to operations are noted and examined. We pay attention to particularly dangerous risks, significant changes in operations, which may result in new compliance risks, audit results and communications from Internal Audit about Hotline tips, and areas where different departments must interact cooperatively in order to affect the desired result.
Related Content