The University of Texas of the Permian Basin
Institutional Compliance Program
Quarterly Report
For the Quarter Ended November 30, 2008
Section I – Organizational Matters
 A meeting of the Institutional Compliance Committee was held November 25, 2008.
 There were no changes in membership on the Institutional Compliance Committee for the
new fiscal year.
 There were no changes in the Compliance staff.
Section II - Risk Assessment, Monitoring Activities and Specialized Training (Performed by
Responsible Party)
High-Risk Area #1: Research
Responsible Party: J. Tillapaugh, Asst. Vice President for Graduate Studies and
Sponsored Research
Key “A” risk(s) identified:
 Noncompliance with Time and Effort reporting
 Failure to follow laws, policies and procedures related to animal and human
subjects research
Key Monitoring Activities:
 The Responsible Party reviewed the Effort Commitment & Certification reports
that were completed by principal investigators of Federal grants for the 4th
quarter of FY 2008. Questions related to salary payment authorized by UTPB
casual appointment forms caused five exceptions. A change in the procedure for
initiating such salary payments was made as a result of the exceptions.
 Of 94 protocols for animal and human subjects research that were reviewed, 75
were approved without revisions, 19 were approved with revisions.
Specialized Training:
A special presentation on Human Subjects Research was presented by Dr. Jim
Plvarnik, Michigan State University, to faculty and students. Ninety-four
attended.
High-Risk Area #2: Intercollegiate Athletics
Responsible Party: Steve Aicinena, Director of Intercollegiate Athletics
Key “A” risk(s) identified:
 Ineligible students participating in practice and competition
 Lack of comprehensive training program on NCAA rules
 NCAA rules and regulations not disseminated to appropriate individuals
Key Monitoring Activities:
 Daily monitoring revealed two NCAA secondary level II violations. One-on-one
training was completed with the individuals who could have prevented the
violations and self reports were filed with the conference and NCAA.
Specialized Training:
A compliance seminar was held for coaches and employees regarding changes to
NCAA rules and the Departmental Compliance Plan. Eleven of the twelve
employees (92%) attended.
1
High-Risk Area #3: Information Resources
Responsible Party: Keith Yarbrough, Assistant Vice President and Director of
Information Resources
Key “A” risk(s) identified:
Inadequate information security program impacting confidentiality, availability and / or
integrity of data.
Key Monitoring Activities:
 Ongoing monitoring of email for confidential content. All inbound and outbound
email messages are examined. Emails containing social security numbers averaged
62 sent per month in FY 2008 compared to 21 per month to date in FY 2009.
Emails containing credit card numbers averaged 19 per month in FY 2008
compared to 2 per month to date in FY 2009.
Specialized Training:
Annual Information Security Awareness training is required of all UTPB
information resource users. An updated Information Security Awareness Training
module was made available to faculty and staff during November 2008. As of the
end of November, training has been completed by 214 of 611 users (35%). A
weekly reminder is now being sent to all who have not completed the requirement.
A report of training remaining to be completed will be provided to the Director of
Information Resources.
Section III – Monitoring and Assurance Activities (Performed by Compliance
Office/Designate)
High-Risk Area: Failure to follow financial reporting standards and UT System
guidelines for budgeting and financial reporting
Assessment of Control Structure: Opportunity for enhancement
 Monitoring/Assurance Activities Conducted: Financial audit of Fiscal Year
2008 Annual Financial Report.
Significant Findings: Opportunities for improvement of controls over financial
reporting were noted during the audit. Some of the recommendations were
repeat recommendations from prior years. Three of the findings were considered
significant deficiencies.
 Monitoring/Assurance Activities Conducted: Compliance Officer and Internal
Auditor/Asst. Compliance Officer meet weekly with the President, Provost and
Director of the Office of Accounting to review current financial position and
potential actions that could impact year end results and financial rating status.
 Training Provided: Training for budget heads and support staff regarding
proper reconciliation of statements of account was initiated during the quarter.
The Internal Auditor attends each session to stress the importance of proper
reconciliation procedures and to answer questions about expectations for proper
documentation.
High-Risk Area: Financial Aid
Assessment of Control Structure: Opportunity for enhancement
 Monitoring/Assurance Activities Conducted: The State Auditor’s Office A133 limited scope audit of financial aid continued through the quarter. A draft
report has not been provided to the university as of the end of the quarter.
Preliminary verbal discussions have indicated that some findings from the audit
in FY 2008 will be repeated and new findings may be added.
2
High-Risk Area: Time and Effort Reporting
Assessment of Control Structure: Opportunity for enhancement
 Monitoring/Assurance Activities Conducted: An audit of the Joint
Admissions Medical Program (JAMP) was completed during the quarter.
Opportunities for improvement of control over financial documentation and
monitoring were identified during the audit. None of the findings were
considered significant.
Section IV – General Compliance Training Activities
Seven modules of General Compliance training administered through Training Post were
assigned to all continuing employees. New employees were assigned twelve General Compliance
modules. December 15, 2008 is the date set by the Institutional Compliance Committee for the
assigned training to be completed. As of November 20, 2008, 925 of the 2,180 modules assigned
or 42.4% were completed. Follow-up reminders from the appropriate executive staff will be used
to remind staff to comply with the deadline.
Section V – Action Plan Activities
The following Action Plan items were implemented during the quarter just ended:
 Surveys were completed by the Committee to assess the compliance program and the
compliance officers.
 A self-assessment survey of the program was completed by the Compliance Officer. The
Compliance program, Compliance Committee, and Compliance function were assessed to
ensure continual improvement.
 The Committee requested individual certification letters from all budget heads and
responsible parties that provide assurance and/or note exceptions to compliance activities
and programs within each area.
 The Assistant Compliance Officer participated in a meeting at U.T. System for
introduction of the new system-wide compliance officer and to discuss system-wide
compliance activities and expectations.
 Provided the annual report for FY 2008 to the U.T. System Compliance Office.
 Held a meeting of the Institutional Compliance Committee during the quarter.
 Provided articles for inclusion in the employee newsletter that highlight various
compliance topics and educate the UTPB community regarding the Compliance Program.
 The Assistant Compliance Officer participated in training provided to Budget Heads with
emphasis on general compliance issues and in training sessions provided by the
university trainer on the statement of accounts reconciliation process.
 Received and investigated or forwarded to appropriate administrators compliance
inquiries received through various means including the “888” hotline, internal phone,
email and in person. Provided an update on the inquiries to the Compliance Committee
in November 2008 at their regularly scheduled meeting.
3