The responsible person, identified by the Executive Compliance Committee, for each high-risk area must develop a Risk Management Plan (RMP) for that area. The risk management plan is not a statement of official policy; instead, it represents an educational tool and information directory to be used by UT Dallas’ compliance program.
The plan is intended to be a model for risk mitigation and may not be applicable in all situations. The RMP identifies:
- Regulations – What are the local, UT System, state and federal statutes and policies requiring compliance?
- Risks – What are the risks of being non-compliant with the identified regulations? For each risk identified, the responsible person must consider the probability of that risk occurring and the impact it would have on the University if it did occur.
- Controls – What are the internal controls in place to mitigate the identified risks? The day-to-day controls, supervisory controls and oversight controls should be identified and listed.
- Training – What training is provided to the campus to ensure compliance with regulations? What training does the responsible person receive to stay abreast of new requirements and regulations for the high-risk area?
- Reporting – What are the requirements to outside agencies to stay in compliance with regulations?
Risk management plans should be periodically reviewed by the responsible person to reassess potential risks and ensure internal controls are relevant and effective.
We’re here to help you. If you have questions or need assistance, please contact us.