Audit, Compliance and Risk Committee Discusses Incident Reporting and Compliance – The Cavalier Daily

The Board of Visitors’ Audit, Compliance and Risk Committee met Friday, where it heard a presentation on compliance guidelines and new incident management software from Gary Nimax, assistant vice president of compliance. The committee then went into closed session for the rest of the meeting, where it was expected to talk about specific employee performance and discuss proprietary business information and legal matters.

Nimax provided a brief overview of the University’s Compliance Program, which goals prevent and resolve potential violations of regulations or the law by the University, and promote appropriate conduct and work ethic at the University. He also spoke about the broader mission of the compliance program to ensure the University’s compliance with federal and state regulations.

Nimax then spoke to the Committee about SafeGrounds, an incident management software developed by the University to process compliance reports and ensure compliance with federal and state regulations. According to Nimax, SafeGrounds enables the University to process reports from a variety of sources, including Title IX reports, the Threat Assessment Team, which works on to prevent violence in the community before it occurs and the University Compliance Helpline, which allows Anyone in the community can report unethical behavior or rule violations, which will be investigated.

Presentation slides presented to the Committee he said that during the past fiscal year — running from summer 2023 to summer 2024 — SafeGrounds processed a total of 7,447 reports.

Of these reports, 39 percent he entered through Student Affairs, while the next two highest percentages came from human resources for the Health System and Academic Division, at 21 percent and 16 percent, respectively, according to Nimax’s presentation. Nimax said those percentages are in line with what other comparable universities might see. While Nimax noted that some schools may have human resources reports as the largest portion of their reports, he said nothing about the university’s breakdown of incident reports was unexpected.

Nimax said he hopes to raise awareness of the compliance hotline and other reporting methods across university departments. He said his team has already made progress toward the goal of raising awareness by attending meetings and sending emails to proactively address people’s concerns about reporting processes.

“I would say that for some of our peers who are not receiving reports, it’s a lack of awareness of the hotline, a lack of compliance (systems) or a fear of retaliation among employees,” Nimax said. “And those aren’t concerns in this case, which is good.”

The Committee then moved into closed session, as is the Committee’s policy when matters concerning the performance of specific employees or discussions involving proprietary information, ongoing legal proceedings or final strategic considerations.

At the June meeting, the Committee discussed ongoing audit of the University by the Auditor of Public Accounts of the Commonwealth of Virginia. The audit was not discussed at this meeting, although the committee I met August 14 for an update on the process. Presentation slides for this meeting attached timetable that said the target month for financial reporting was November — the same goal discussed in June.

The Audit, Compliance and Risk Committee is scheduled to meet again at the next Management Board meeting in December.