Compliance & Risk Management > About
The purpose of the university compliance program is to foster a culture of compliance and accountability that is consistent with DePaul's mission.
At the direction of the Audit Committee of the Board of Trustees, DePaul University began an effort in July 2003 to implement an enterprise-wide institutional compliance initiative addressing a number of activities that fall under the framework of "Managing our Business" and "Managing our Risk."
In August 2003, the Office of Institutional Compliance was formed. The department is responsible for implementing the "Managing our Business" activities, which include:
In addition, the Compliance office is responsible for coordinating the "Managing our Risk" activities, including the work of the compliance department and reporting the results to the Compliance Officer, the Executive Compliance Committee (Joint Council subcommittee) and the Audit Committee of the Board of Trustees. The "Managing our Risk" portion of DePaul's compliance program includes the following appointments and activities:
A subset of the Joint Council subcommittee met to identify DePaul's high-risk areas in July 2003. This high-risk list was reviewed and refined by the Compliance Officer, the Associate Vice President for Institutional Compliance and the Director of Internal Audit in the fall of 2003. The high-risk list was further refined by the Audit Committee of the Board of Trustees in December 2003.
The criteria used to identify areas as high risk include the likelihood of non-compliance occurring (generally due to complexity or inherent risks) and the consequence of non-compliance, especially as it relates to the risk of a federal or state audit, financial loss, harm to people and damage of DePaul's reputation. DePaul's high risks are in the following areas: