University audits are selected through a risk assessment process. RMAS communicates with schools, departments and University management to identify and prioritize operational, financial and compliance risks to the University. The specific audit projects for the year are chosen based on these assessed risk factors. The final plan is also evaluated to ensure adequate representation of schools, departments and affiliates.
Risk financing requires planning and arranging for the sources of funds before loss events occur and then directing the funds offered by these sources, post loss, to assure the desired business recovery objectives as met.
While still in early stages of development, our risk financing scheme has emerged over time from constantly trying to interpret University priorities against these questions:
Is the University taking the right amount of risk?
Is the University taking the right types of risk to achieve its priorities?
At its core, risk financing exists to address one vexing problem: how to align a company’s willingness to take risks with its ability to do so, an exercise best done within the context of one’s organizational objectives. Risk management, of which financing is an integral part, is the set of measurable and sustainable actions for reducing the effect of uncertainty on those objectives. The establishment of measurable metrics is a key step in an organization’s growth toward a fully mature enterprise-wide risk management program.
Yes, the Foreign Corrupt Practices Act applies to individuals or corporations who conduct business in a foreign country. The Foreign Corrupt Practices Act is often referred to as the anti-bribery law. Under the Act, an individual or corporation is prohibited from either directly or indirectly bribing a foreign official or foreign political office.
Yes, the Federal Civil False Claims Act applies to individuals and corporations that do business with the federal government. The Federal Civil False Claims Act is an anti-fraud law. Under the Act, an individual or corporation is liable if they knew or should have known that they submitted a false claim to the federal government.
The University Risk Management Council (URMC) administers a structured approach to risk management that identifies and manages, to an acceptable level, the key risks that may adversely affect the University’s ability to achieve its goals and objectives. The Council reports to the President and the Harvard Corporation's Joint Committee on Inspection regarding the effectiveness of the University’s risk management program. The URMC works with Harvard's schools and central administration units on continuous improvement of the University’s capabilities around managing...
Harvard staff and faculty have two roles in managing risk. The first role is to be aware of and understand what areas of risk are present in your current position. For example, if you manage people you need to consider employment laws, discrimination laws and union contracts. You also need to consider the University's policies and practices around hiring, firing and creating a safe work environment.
Once you know your risk areas, you need to consider the implications of these risks on yourself, your department and the University. This second role in managing risk requires that...
As employees or agents of the University, we are all risk managers. Whether "risk manager" is in our job title or job description is irrelevant. We all are presented with risk in the workplace and must act to address risk in an informed manner.
A list of risk management leads at Harvard's schools and central administration units can be accessed below. These individuals can help you think about how best to address your risks and/or connect you with other risk management leaders at the University.