500.9 - Enterprise Risk Management and Compliance
University Group Policy #500.9
I. Policy StatementThis policy directs Winston-Salem State University to establish and oversee enterprise risk management and compliance processes.
Establishment and Oversight of Enterprise Risk Management and Compliance Processes. The Board of Trustees monitors university-wide risk and compliance through the Audit, Risk, and Compliance Committee (ARCC). The chancellor, with assistance from the chief audit, risk, and compliance officer of the university, the general counsel, the chief financial officer, and other senior officers and staff, shall establish and oversee university-wide processes to address enterprise risk management, including risks related to compliance with laws and ethical standards. The university’s processes should align with the institution’s programs, activities, and management systems and support the institution’s strategic and other goals.
- The process will include components focused on the following:
- Developing, implementing, evaluating, and monitoring a university-wide enterprise risk management process;
- Promoting a culture that supports board goals for risk management and compliance;
- Promoting a uniform approach to measuring the university resources expended on regulatory compliance;
- Supporting training and educational efforts;
- Providing regular updates to the board’s ARCC;
- Referring matters to university officers, divisions, and units, as appropriate; and
- Performing other duties as directed by the president of the University of North Carolina, the Board of Governors, the chancellor, and the Board of Trustees.
- The process shall include appropriate procedures for:
- Identifying risks that impact the institution’s goals;
- Developing plans to monitor and mitigate risks;
- Providing periodic updates to the chancellor and the Board of Trustees; and
- Reporting significant enterprise risks to the president of the University of North Carolina and, with the president’s guidance, to the Board of Governors.
III. ApplicabilityThis policy is applicable across the campus of Winston-Salem State University.
Responsible Division: Internal Audit, Risk & Compliance
Authority: Board of Trustees
- Adopted March 16, 2018