Risks

Activities

Governance and Leadership

HM

Strategic Planning
Process
HM

Governance

Information Technology - See Appendix

D for detailed risk assessment for IT
Acquisition and
areas.
HM Strategic Planning HM Implementation
Plant Operations and Maintenance

HM

Construction

Disaster Recovery
Planning for
Business
Processes (Not IT
Disaster
Recovery)
HL

HH

Organizational
Structure

HM

HM

Delivery and
Support

MM Monitoring
MM Utilities

HM

Work Orders &

Billings

HM

Organizational
Structure - Facilities
Management

Engineering & Science

Research Enhancement
Initiative

MH

Animal Research
& Safety Issues

Student Records

HL

Enrollment
Services

Budgeting

ML

Contracted
Services

LL

MH

CGA: Allowable
Costs

CGA: Cash
MM Management

HL

Registration

HL

Admissions
Processing

MM Student Life

ML

Employment Diversity

ML

Biosafety

HM

Contract and
Grant Accounting
(CGA): Time &
Effort Reporting
MH

Student Services

HM

Financial Aid

HM

Scholarships &
Fellowships

Human Resources Management

HM

Strategic Plan
does not address
Human Resources HM

Human Resources
Organization and
Staffing
MM Compensation

Employment MM Recruiting

Asset and Risk Management

HM

Campus Safety &

Security
MH

Cash Handling

Tuition and Fee

MM Collection Process MM Endowments

Financial Management - See Appendix

H for detailed risk assessment for
Internal Financial
Financial Areas.
HM Controls
HL
University Relations and Alumni Affairs

Financial
Reporting

MM Investments

MM Turnover

Travel

MH

Signature Authority

MH

Outside Sales by
Schools and
Division

Annual
MM Fundraising

ML

Partnerships

ML

Governmental
Relations

MH

Fixed Assets /
MM Equipment

Instruction and Academic Support

HH

Accreditation /
Institutional
Effectiveness

Deployment of
Resources Among
Academic
MM Programs
MM Library

Course
Scheduling and
MM Availability

Instructional &
Academic
MM Technology

Purchasing

MH

Contracting
Process

Policies and
MM Procedures

Operations and
MM Bid Processes

Organization and
MM Management

Minority and Small

Business Vendors
MM (HUB)
LL

Central Receiving

Auxiliary and Service Departments

ML

Housing

ML

ML

LL

LL

Bookstore

Institutional Compliance Program - see

Compliance
Appendix E for listing of high-risk areas. MM Program
HH, HM
HL, MH
MM, ML, LH
LM, LL

Extensive Risk Management & Considerable Risk Management (all levels of control plus traditional
audit)
Manage and Monitor (all levels of control, but no traditional audit)
Monitor (only execution controls and supervisory controls)
Accept (accept the risk and have no controls)

Impact = The effect a single occurrence of that risk will have upon the achievement of org's goals & objectives.
22

Printing

Public Service

MM

Staff Development ML

MM Risk Management MM

LL

MM Planned Giving

Food Services

MM

OSP: Preparation
of Research
MM Protocols
MM

Organization and
MM Budget Operation MM Management

Gifts

University Police
and Parking

Internal
MM Communications

Transportation

HM

Student Union

Institutional
Policies &
MM Procedures

Research and Development - See

Appendix C for detailed risk assessment
for Research.
HH

HL

LL

Continuing
Education

MM

LL

Management of
Departments and
Classroom and
MM Programs of Study MM Building Utilization MM

LL

Activities

Risks
1

High: The effect will cause org not to achieve its goals and objectives.
Medium: The effect will cause org to operate inefficiently and/or expend unplanned resources to meet goals and objectives.
Low: There will be no measurable effect upon the achievement of org's goals and objectives.

Probability = The probability that a risk will become reality at org.

High: The risk will become a reality frequently at org.
Medium: The risk will become a reality infrequently at org.
Low: The risk will rarely become a reality at org.

23

Activities

Governance and Leadership

Facility Planning

10

11

12

13

Office of the
MM President

Meetings &
MM Committees

Upward
Evaluation of
MM Administrators

MM Compliance Office ML

Institutional
MM Review Board

Office of
Sponsored
Projects (OSP):
Negotiation of
MM Agreements

CGA: Financial
MM Reporting

CGA: Cost
MM Sharing

14

15

Performance
Measures

Information Technology - See Appendix

D for detailed risk assessment for IT
areas.
Plant Operations and Maintenance
OSP: Research
Integrity

Research and Development - See

(objectivity,
Appendix C for detailed risk assessment scientific
for Research.
misconduct)

Student Services

Administration

MM Recruiting

Human Resources Management

Employee
Relations

ML

Asset and Risk Management

Cash
Management

Bonded
Indebtedness and
Accounts
MM Issuance
MM Receivable

Employment Hiring

Financial Management - See Appendix

H for detailed risk assessment for
Financial Areas.
Accounts Payable MM Payroll
University Relations and Alumni Affairs

Instruction and Academic Support

News and
Information

Deferred
Maintenance

LL

MM Student Health

ML

Faculty
Credentials

Contract and
MM Grant Accounting

International
MM Students

LL

Technology
MM Transfer

ML

Research Training ML

CGA: Facilities
and Administrative
Cost Accounting

LM

Activities Center
Operations

Student
Grievances

LL

Institutional
Affiliations

ML

Student
Organizations &
Activities

ML

Student
Counseling

ML

Internal Auditing

LM

Records Retention

ML

Faculty
(recruitment, tenure,
development,
turnover, workload,
productivity)
LL

Policy and
Procedure

Organization and
MM Management
Budget
Preparation
MM Process

Alumni Relations

Distance
MM Education

MM Special Programs ML

Program
Development &
Program
Evaluation
Process

Purchasing
Auxiliary and Service Departments
Institutional Compliance Program - see
Appendix E for listing of high-risk areas.
HH, HM
HL, MH
MM, ML, LH
LM, LL
Impact = The effect a single occurrence of that risk will have upon the achievement of org's goals & objectives.
24

K-16 Issues

LL

Activities

10

11

High: The effect will cause org not to achieve its goals and objectives.
Medium: The effect will cause org to operate inefficiently and/or expend unplanned resources to meet goals and objectives.
Low: There will be no measurable effect upon the achievement of org's goals and objectives.

Probability = The probability that a risk will become reality at org.

High: The risk will become a reality frequently at org.
Medium: The risk will become a reality infrequently at org.
Low: The risk will rarely become a reality at org.

25

12

13

14

15

APPENDIX C: Risk Assessment for Research Areas

FISCAL YEAR 20**
Risks
Activities
Laboratory Safety (Biosafety,
Chemical Safety,Controlled
Substances, Laser/Radiation Safety)

1
Financial, criminal, and/or
physical harm from
misapplication of laboratory
HM procedures and parctices.

Inappropriate disposal of
hazardous waste resulting in
HM fines and criminal charges.

Time and Effort Reporting

HH

MH

Improper classification of
grants or contracts as an
unrestricted gift.

Funding agency sends

confusing award letters as to if
MH the award is a gift or a grant.

MH

Improper maintenance of
records.

Noncompliance with record

MH retention.

HL

Export of controlled
information not properly
processed and reported.

HL

Unauthorized foreign nationals

working on restricted research.

HL

Research protocols are not

reviewed and approved by IRB
and IACUC committees for
scientific merit.

HL

PI fails to report earning

returned from technology.

HL

Funding opportunities are

missed because
documentations are not
provided to the funding
agency.

HL

Lack of independent
monitoring of research activity
by PI and animal resources
staff.
HL

Incidences of non-compliance
are not properly reported to
research compliance.
Incidences of non-compliance
are not properly reported to
research compliance.

Records Archiving

Research Integrity - Objectivity of

Research
Research Integrity - Scientific
Misconduct
Technology Transfer

Loss of Federal/State funding

and incurrence of penalties
School Effort Coordinators not
due to lack of documentation
performing independent
for hourly time changes in the
HM reviews.
HM school departments.

Noncompliance with University

MH or applicable sponsor policies.

HL

PI or research staff reports

invalid and inaccurate data to
funding agency.
Patent and agreement
violations occur.

HL

PIs and research staff are not

properly trained and record of
training is not on file with
research compliance.

HL

Lack of training for PI and

Research Staff.

HL

Lack of training for PI and

Research Staff.

HL

Lack of independent
monitoring of research activity
by PI and animal resources
staff.
HL

HL

IRB Committee is not familiar

with state and federal
regulations concerning human
participant research.
HL

Proper measures are not taken

to review and approve
research protocols thoroughly. HL

Protocols are not pre-reviewed

by research compliance.

HL

Lack of training for PI and

Research Staff.

HL

Proper measures are not taken

to ensure confidentiality of
research participants.
HL

Consent forms and research

data are not stored properly.

HL

Non-compliance issues and

adverse effects are not
reported to research
compliance.

Access to research data by

unauthorized personnel.

HL

Issues of non-compliance are

not reported to research
administration.

MH

Training - Research

Animal Research - Safety

Protection of Animal Subjects

Institutional Review Board (IRB)

Protection of Human Subjects

Protection of Researcher
HL

Lack of training for PI and

Research Staff.

HL

Non-compliance issues and

adverse effects are not
reported to research
compliance.

HL

Lack of training for PI and

Research Staff.

HL

Research data is not stored

properly.

Protection of Research

Financial of physical harm to

the University, its students,
HM faculty and staff.

Loss of Federal/State funding

and incurrence of penalties
due to PI over-committing his
time-not charging minimum or
charging more than maximum, HH

Coordination of Gifts and Grants with

Development Office

International Initiatives (Export

Control)

Loss of Federal/State funding

and incurrence of penalties
due to RAs not knowing the
name of the project they're
working on, the funding
source, and the link between
their work and the project.

HL

Page 24

HL

Loss of Federal/State funding

and incurrence of penalties
due to someone other that a
knowledgeable person signing
the certification form.
ML

Loss of Federal/State funding

and incurrence of penalties
due to signed certification
reports not being returned to
C&GA in a timely fashion.

APPENDIX C: Risk Assessment for Research Areas

FISCAL YEAR 20**
Risks
Activities
OSP - Negotiation of Agreements

HL

Lack of expertise when

negotiating other than System
approved contracts and
agreements.
HL

Lack of knowledge of System

rules and regulations regarding
contracts.
HL

Lack of knowledge about

intellectual property
agreements.

HL

Animal subject and human

participant research protocols
are not pre-reviewed by
research compliance.

HL

Protocols will not get approved

by IACUC and IRB.
HL

Funding opportunities are

missed because of delay in
protocols approvals.

MH

Faculty does not have any

idea of how to calculate the
actual cost of the research
project.

Faculty underestimates what

the research will cost and will
be unable to complete the
MH research.

MH

Disallowed costs due to

inability to get cost share
documentation from schools
on closed federal grants.

Unallowable costs due to

separately identifiable cost
share account does not get
opened and budgeted before
MH grant is opened, per org policy. MH

HL

Disallowed costs due to

inaccurate or incomplete
reporting requirements
reflected on contract
documents.

HL

Disallowed costs due to PIs

doing major purchases at end
of grant to use up funds.

HL

Disallowed costs and damage

to reputation due to training
programs not being tailored to
the individual needs of
faculty/staff/management.
HL

MH

org sub-contracts may not

include clause requiring subcontractors to comply with
applicable laws & regulations.

MH

Overspending Sponsored
Programs Budgets resulting in
Schools not handling Petty
unreimbursed costs.
MH Cash per org policy

Preparation of Research Protocols

Cost Estimates

Cost Sharing

Financial Reporting

Allowable Costs

HL

HL

Loss of Federal/State funding

and public embarrassment due
to inaccurate reporting of or
failure to provide mandatory
cost sharing per contract.
MH

Sponsor disallowed costs due

to charging unallowable costs
to mandatory cost share
accounts.

Disallowed costs and damage

to reputation due to lack of
training policy and plan for
continuous improvements.
HL

Disallowed costs due to lack

of participation in program.

Loss of Federal/State funding

and public embarrassment due
to reports not done in a timely
fashion.
Unallowable costs incurred
and not reimbursed by
sponsors.

Training - Post Award Research

Disallowed costs and damage
to reputation due to lack of
training programs offered.
HL

Sub-Contractor monitoring

Cash Management

Subcontracts are not reviewed

Annual sub-contractor risk
annually per new org policy.
assessments not being done,
MH Effective approximately 8/06. MH per new policy.

Sub-contractor invoice
certification not included on
sub-contractor purchase
MH orders and invoices.

Letter of Credit draws not

ML made in timely fashion

Not collecting all billed

MM revenue.

HL

Sponsor billing does not take

place, or is not done per the
Delay in filing financial reports
contract. Negative effect on
to the sponsor(s).
MM cash flow.

MM IDCs not charged, if required.

Contract versus grant

Risk of not being reimbursed in
designation incorrect on brief.
a timely fashion. Negative
Some federal contracts do not
MM cash flow.
MM require quarterly reporting.

ML

PI does not accurately list the

percentage of work spent on
agreement or work with other
inventors.

ML PI does not patent invention.

PI does not disclose royalty

ML revenues.

ML

PIs and research staff do not

have proper certifications and
assurance on file with research
administration.
ML

Incomplete/inaccurate contract/grant
documentation or no documentation
received.
Invention Disclosure

Preparation of Certifications and

Assurances

Facilities and Administrative Cost

Accounting

Subcontractors may not be in

compliance with Federal and
MH other applicable regulations.

Incorrect IDC rate/base

entered into FINS due to
MM incorrect paperwork.

PI does not disclourse an

ML invention.
Funding opportunities are
missed because
documentations are not
provided to the funding
agency.

IDC rate changes during term

of grant and separate account
is not opened. (The only way
MM FINS can handle this).
MM

Loss of Federal/State funding

and public embarrassment due
to incorrect calculations in F&A
rate proposal.

Page 25

APPENDIX C: Risk Assessment for Research Areas

FISCAL YEAR 20**
Risks
Activities
Minority and Small Business Vendors

Records Archiving

Administration/creation of contract
and grant documentation:
Lack of clarity between sponsor &
org regarding carry-forward of funds
Authorized spending of
contract/grant funds without signed
pre-award or signed agreement.
Purchase Orders for services are
treated as sub-contracts in violation
of OMB Circular A-133, sect
$___.210.

Data input to systerm not accurate

and/or differs from paperwork
received.

Loss of Federal/State funding

and damage to reputation due
to PI not using small
business/minority and women
owned business to fullest
MM extent practicable.
MM

Loss of Federal/State funding

and damage to reputation due
to PI not making information
on forthcoming opportunities
available to encourage and
facilitate participation by small
business/minority and women
owned business.
MM

Loss of Federal/State funding

and public embarrassment if
org Accounts Payable and the
Schools cannot produce
receipts for contract/grant
MM expenditures.
MM

Untimely closing of grants

creating increased risk for
unallowable costs due to
audits.

Unreimbursed costs due to

opening and budgeting
sponsored programs accounts
before obtaining official
MM sponsor commitments.
MM

Excessive cost transfers may

affect the audit trail of
transactions which in turn may
result in unsubstantiated costs
leading to disallowances.

Loss of Federal/State funding

and damage to reputation due
to vendor being on debarment
list

Negative effect on cash flow

Funds expended before official
until funds can be reimbursed,
contract date may be
if and when signed contract is
MM disallowed by the sponsor(s)). MM received.
Loss of Indirect Cost revenue
due to expenses charged to
sub-contractor expense
instead of M&O. Breakdown
on invoices and financial
Incorrect breakdown of costs
reporting by expense category
on invoices and financial
MM are incorrect.
MM reporting by expense category. MM

Lacking CFDA # - required for

MM Federal reporting.
HH
HM
HL
MH
MM
ML
LH
LM
LL

Accurate contract/grant
start/stop dates cannot be
counted on leading to
inaccurate financial reporting
MM of grants.

Vendors providing services are

treated as sub-contractors in
violation of OMB A-133,
section $___.210.

Pre-award specialist assigns

grant number from wrong
Missing Sponsor or PI ID
range (fed., state, pvt., or
numbers-leading to inaccurate
local)- Reporting category is in
Sponsor/sub-sponsor switched
MM reporting.
MM error.
MM on brief.

= Extensive Risk Management & Considerable Risk Management (all Levels of Control* plus a traditional audit)
= Manage and Monitor (all Levels of Control but no traditional audit)
= Monitor (only Execution Controls & Supervisory Controls)
= Accept (accept the risk and have no controls)

Impact = The effect a single occurrence of that risk will have on org.
High: The effect will cause org to materially misrepresent its financial position.
Medium: The effect will cause org to misrepresent its financial position.
Low: There will be no measurable effect upon financial statement reporting.

Probability = The probability that a risk will become reality at org.

High: The risk will become a reality frequently at org.
Medium: The risk will become a reality infrequently at org.
Low: The risk will rarely become a reality at org.

Page 26