Internal Audit and Compliance Quarterly Newsletter
|
|
|
July 2022
Dear University of Miami Coral Gables/Marine Campus Colleagues (non-UHealth),
The Office of Audit and Advisory Services, in collaboration with University Compliance Services, is dedicated to supporting and advancing the mission of the University, and has designed this quarterly newsletter to be a resource for the University community. We work with you to foster strong internal controls.
Our audits of the University's functions evaluate financial processes, internal controls, and compliance—laws, rules, and regulations—with a view towards ensuring that services are appropriately delivered in the most efficient and effective manner possible. Our office is also responsible for conducting investigations on all allegations of potential financial improprieties, in addition to Hotline complaints.
We adhere to the professional standards set forth by the University and the internal audit and compliance professions. We are proud to successfully partner with faculty and staff members, while maintaining independence and objectivity, as we work together to enhance the University’s controls and processes. We recognize there is always room for improvement in any operation, and we welcome any suggestions that you may have as to how our offices can better serve students, faculty, and staff.
Thank you,
Blanca Malagon, VP, Audit and Compliance
|
|
|
Access fiscal year end closing information on the Controller's Office website:
|
|
|
Information security controls must be in place to ensure the security and confidentiality of information. University policies help to identify and protect against anticipated threats to the security or integrity of sensitive and confidential information, prevent the unauthorized access to, and/or use of sensitive or confidential information.
University departments are responsible for ensuring all users are aware of and adhere to all policies, such as the Data Classification and Protected Data Access and Confidentiality policies, and are ultimately responsible for ensuring their uses are compliant. Much of the information generated, received, and stored in higher education is protected under federal laws. Inadequately safeguarding electronic and physical information could be costly to the University in terms of security risks and could lead to significant disruptions to operations.
Confidential data – Considered the most protected and sensitive of the Data Classification levels and requiring the highest level of protection and privacy, Confidential Data includes information that the University is under legal or contractual obligation to protect from disclosure, alteration, or destruction.
Private data – Information considered proprietary and critical to the ongoing business continuity and operations of the University and is restricted and only available to University-authorized personnel, contractors, vendors, and third parties who have a definite need to access such information within their job functions or through the agreements established with the University.
Sensitive data – Information not approved for general or public distribution. For proprietary, ethical, or privacy considerations, access to Private Data must be limited to those who have a need for such data.
|
|
|
Internal Controls Self-Assessment
|
|
|
An internal controls self-assessment is a valuable tool to help identify internal control gaps and assist in departmental management and audit preparation. The self-assessment consists of a series of "yes" or "no" questions. "Yes" indicates adequate controls in an area, while "no" indicates potential control gaps that should be addressed. Please reach out to Audit and Advisory Services with any questions or opportunities to help assess your area.
The self-assessment can be accessed here. For questions not addressed in the self-assessment, please feel free to contact us.
|
|
|
Four Trends US College Campuses Should be Tracking in 2022
An article from the Business Journal—by Hilary Burns, Editor, The National Observer: Higher Education Edition—addresses the four trends that college campuses should be tracking for 2022.
The article points out that the challenges and obstacles of the past two years have resulted in a "crisis management," which has become a prevalent issue for universities across the country. This trend does not seem to be something that will go away anytime soon given the new COVID variants that continue to mutate, although the virus does appear to be on the decline.
|
|
|
The four trends to watch are:
|
|
|
Inflation
With the virus came problems with the supply-chain, cost and availability of housing, unemployment and other factors that have led to the high rise of inflation throughout the nation.
|
|
|
COVID Variants
With the rise of new variants, which spread much faster than past variants, universities and colleges are forced to make changes to their crisis management plan. This includes contemplating more remote learning options, putting back more restrictive measures, etc.
|
|
|
Industry Consolidation
Like most other businesses, universities and colleges have also felt the financial impact associated with the pandemic. Schools have closed, consolidated, or eliminated programs. Even though that is the case, one positive note is that "fewer campuses have closed since March 2020 than experts anticipated at the onset of the pandemic."
|
|
|
Mental Health
The Business Journals' article cites mental health as a top challenge and priority for university and college campuses. Research shows that the COVID-19 pandemic has increased the rates of depression and anxiety among students, which also applies to faculty and staff. There are various mental health-related programs available for students, faculty, and staff.
|
|
|
University Compliance Updates
|
|
|
New PolicyStat Interface
On Monday, March 28, 2022, all PolicyStat sites defaulted to a new user interface (UI). Click here for an overview of the new and changing features for PolicyStat. PolicyStat users will still be able to switch back to the legacy UI by using the toggle switch. Additional information on how to start using the new PolicyStat version, where to find training materials, and the timeline for the full UI rollout can be found here.
UDisclose
The enhanced UDisclose System, which launched on January 24, 2022, allows faculty, investigators, and staff to disclose their foreign and domestic interests/relationships that might create conflicts of interest, commitment, foreign Influence, or institutional conflicts of interest relative to the users' Institutional Responsibilities at UM.
The new system enables a thorough review and management of conflicts throughout the institution. As stated in the expanded Conflict of Interest policy, the disclosure of interests is no longer isolated to research and will include a broad spectrum of the University community, who will need to complete training and disclose foreign and domestic relationships.
There are several training resources available to you in Box and ULearn:
- UDisclose Guides & Job Aids
- UDisclose Learning Videos
- Discloser
- Search on ULearn, keyword "UDisclose" for additional videos
- Other
For UDisclose System support and questions, please email: OVPRShelpdesk@miami.edu or call 305-243-2314.
|
|
|
University Hotline
The University Hotline is a comprehensive and confidential reporting tool to address fraud, abuse, and misconduct related to university policies and procedures, and concerns about violations of irregularities or improprieties. The University Hotline is available to any individual who wishes to report a concern and one can choose to remain anonymous while doing so.
The University Hotline is not 911 or an emergency service, and is not intended to be used as a vehicle for resolving workplace disagreements or addressing communication issues between employees and their managers. These types of concerns should be handled with your supervisor or with your HR Client Services representative. In addition, there are various reporting tools available for students (undergraduate, graduate/doctoral, medical) to "Report a Concern" via the Student Affairs Dean of Students website or the MSOM Office of Graduate Studies website. See the NavexGlobal/EthicsPoint FAQ's for additional information.
University employees who report an activity in good faith that may be in violation of a law, rule, or regulation are protected against retaliation by the University's Whistleblower Protection Statement.
To make a Hotline report: Visit university-hotline.ethicspoint.com or call 877-415-4357.
|
|
|
|