Board of Visitors Audit, Compliance, and Risk Committee March 2, - - PowerPoint PPT Presentation

board of visitors audit compliance and risk committee
SMART_READER_LITE
LIVE PREVIEW

Board of Visitors Audit, Compliance, and Risk Committee March 2, - - PowerPoint PPT Presentation

Aug 21, 2023 201 likes •369 views

Board of Visitors Audit, Compliance, and Risk Committee March 2, 2017 1 Audit Department Activities 2 Program Project Change People Process Technology Governance Management Management Future State Design & Executive Sponsorship

slide-1
SLIDE 1

Board of Visitors Audit, Compliance, and Risk Committee March 2, 2017

1

slide-2
SLIDE 2

Audit Department Activities

2

slide-3
SLIDE 3

PROJECT HEALTH CHECKS

3

Program Governance

Executive Sponsorship & Leadership (Steering Committee) Program Structure & Monitoring Roles and Responsibilities Defined Goals, Objectives & Business Case Benefits Realization

Project Management

Scope & Integrated Plan Risk & Issue Management Financial Management Resource Management Time/ Milestone Management

Change Management

Change Approach & Strategy Business Readiness Transition from Current to Future State

People

Organization & Role Design Education/ Training

Process

Future State Design Requirements Business and Financial Controls

Technology

Future State Design & Proof of Concept Information Security Interfaces Testing: System Integration & User Acceptance Data Conversion IT Change Management IT Quality Assurance

slide-4
SLIDE 4

Large programs are inherently risky. A project health check is a feedback loop to sponsors and stakeholders focused on drivers of success.

Clearly defined goals and measures Top management support and attention Sufficient resources allocated Competent project manager and project team Effective communication and decision making Risk and issue management

slide-5
SLIDE 5

5

Assurance and Advisory Projects: In Progress as of March 2017 BOV Meeting

Subject Areas of Audit Focus UVA Division Ufirst HR Transformation Project Health Check Program governance; project management; financial management Pan-University Epic Phase 2 Implementation—Project Health Check Database security;

  • perational readiness; project

management; go-live criteria Health System IT System Security: Privileged Access Management of administrative access to key systems Health System Incident Response: Malware Ransomware Health System Medical Center Procurement Procurement processes and controls Health System Archive and Special Collections Library Safeguarding of assets Academic IT Change Management General computing controls Academic

slide-6
SLIDE 6

6

Other Audit Department Current Priorities

Topic Key Tasks

FY 18 Audit Planning Process • Define audit risk universe

  • Gather stakeholder input
  • Conduct risk assessment
  • Develop audit plan for ACR Committee approval in June

2017 Hire and on-board IT Audit Director Job is posted; candidate pool forming Hire and on-board Health System auditor Job is posted; candidate pool forming

slide-7
SLIDE 7

University Compliance

7

slide-8
SLIDE 8

Enterprise Risk Management Update

slide-9
SLIDE 9

ERM First Year Priorities

ERM Priorities Reposition Program Enhance Board Reporting Onboard Health System

9

slide-10
SLIDE 10

10

Adopt ERM Charter Create Risk

  • Mgmt. Network

Develop Key Risk List Develop Risk Management /Mitigation

  • Feb. 2016
  • Mar. 2016
  • Dec. 2016
  • Mar. 2017
  • Jun. 2017

Academic Division Health System

Adopt ERM Charter Create Risk

  • Mgmt. Network

Develop Key Risk List Develop Risk Management /Mitigation

ERM Priorities Timeline

slide-11
SLIDE 11

December 2016

ERM K Key R y Risk k Dashbo hboard – Acad ademic ic D Divis isio ion

ACA CADEMIC DIVI VISI SION K KEY RI RISK SKS

  • EXEC. OWNER

NER RESOU OURCES CES - diminished, or loss of, financial resources from major funding sources. (e.g., State, Advancement, Research, Endowment) EVP-COO RESEA EARCH CH - research leadership, infrastructure, and funding to adequately support the accomplishment of our research

  • bjectives

EVP-Provost EVP-Health Affairs STATE - concern about whether public policy in the State will continue to be supportive of quality public higher education President FACU CULTY - attracting, retaining, and developing a distinguished faculty EVP-Provost LEADERSHIP IP – maintaining and renewing a highly skilled and cooperative executive team given the attractive alternatives for the best executives President EXECU CUTIVE T VE TRANSITI TION – preparing for an executive leadership transition and a potential change in the University’s strategic direction BOV President IT IT SECURIT ITY Y – enhancing cybersecurity in an era of increasing threats EVP-COO RESOU OURCE CE ALLOCATIO ION – developing an optimal process for allocating resources in meeting strategic objectives EVP-COO ADVANCEM CEMENT – developing a campaign strategy that adequately addresses philanthropic investment, fundraising strategies, and the governance implications of the resulting distribution of resources between the University and foundations VP for Advancement COMPETIT ITIV IVE ENVIRON ONMEN ENT – assessing the University's competitive space in undergraduate, graduate, and professional programs EVP-Provost SAFET ETY – maintaining a safe environment for the University community EVP-COO VP for Student Affairs INVES ESTMENTS TS - stewarding assets particularly related to investable assets EVP-COO

!

slide-12
SLIDE 12

March 2017

ERM K Key R y Risk k Dashbo hboard – Health Sys System

HEALT LTH SY SYST STEM K KEY RI RISK SKS

  • EXEC. OWNER

NER HEALTH R H REFORM: Government payer reform (Medicare, Medicaid, and ACA) EVP-Health Affairs STRATE TEGY: Strategic direction in a changing competitive environment (flexibility around change) EVP-Health Affairs TALENT NT MANAGE GEMENT NT: : Recruitment and retention of key personnel (patient care services positions, research, and leadership) EVP-Health Affairs ONE S E SYST STEM: Alignment of Health System entities towards a single system of operation EVP-Health Affairs QUALIT LITY: Y: Achieving goals for national ranking/patient experience, quality, and care EVP-Health Affairs RESEA EARCH CH: Research leadership, infrastructure and funding to adequately support the accomplishment of our research objectives EVP-Health Affairs TECHNO NOLOGY GY: Technology investment and enablement EVP-Health Affairs SAFETY: Y: A major quality or safety event EVP-Health Affairs PARTNERSH SHIPS: PS: Maximize the benefits of off-grounds partnerships EVP-Health Affairs FACULT LTY P Y PRODUCTIV IVIT ITY: Y: Managing faculty productivity (clinical and research) EVP-Health Affairs

!

slide-13
SLIDE 13

Key Risk List Overlap

Academic Division

  • Resources
  • Research
  • State
  • Faculty
  • Leadership
  • Executive Transition
  • IT Security
  • Resource Allocation
  • Advancement
  • Competitive Environment
  • Safety
  • Investments

Health System

  • Reform
  • Strategy
  • Talent Management
  • One System
  • Quality
  • Research
  • Technology
  • Safety
  • Partnerships
  • Faculty Productivity

13

slide-14
SLIDE 14

CLOSED SESSION

Discussion of proprietary, business related information pertaining to the operations of the Medical Center, where disclosure at this time would adversely affect the competitive position of the Medical Center; specifically confidential information and data related to the provision

  • f patient care services, clinical documentation, and reimbursement as

well as compliance with federal laws and regulations regarding the delivery and documentation of such care and related to confidentiality and privacy of protected health information, in consultation with legal counsel, as provided for in § 2.2-3711 (A)(22) of the Code of Virginia.

Audit, Compliance, and Risk Committee Agenda

14

slide-15
SLIDE 15

15

Resume Open Session and Adjourn