The University is faced with a broad array of risks across many functional areas. Defining and addressing these risks requires coordination, collaboration and commitment.
According to Tom York, director of internal audit, “One of the first challenges we face is deciding whose job it is to do all the work expected and required. The good news is that risk management is everyone’s job, so no one individual is responsible for all of it. Risk management is a team sport, requiring several lines of defense working together to protect the University from the consequences of unidentified risks.”
York suggests thinking of risk management framework like the 49ers football team. In the press box, with a bird’s eye view of the field and the team, is the UNC Charlotte Board of Trustees. This group provides long-range guidance and is focused on ensuring the integration of all the elements of the risk team.
The coaching staff manning the sidelines of the University’s risk team is Chancellor Philip L. Dubois and the Cabinet. Much like Coach Lambert and his staff, the chancellor and vice chancellors play key functional roles, sending in instructions to defend against anticipated threats or to attack identified opportunities.
But the keys to risk management are the players on the field; they are the three lines of defense.
As the first line of defense, operational management has ownership, responsibility and accountability for assessing, controlling and mitigating risks together with maintaining effective internal controls.
“Much like our defensive line, they meet risks head-on on every play, following their assignments (policies and procedures) and stopping the majority of risks before they get started,” said York.
The risk management and compliance functions operate as the second line of defense.
“They are our linebackers, roaming sideline to sideline tracking down those risks that get outside the first line of defense,” Betty Coulter, director of risk management, stated. “These players, like the elements within RMSS or the Controller’s Office or IT Security, have responsibilities that cut across divisional boundaries and monitor the implementation of effective risk management practices by operational management. They also assist the risk owners in performing risk assessments, implementing proper controls and ensuring adequate risk related information is shared throughout the University.”
The third line of defense is the Internal Audit Department. Much like defensive backs in football, they are the last line, watching the plays that develop and react to fill key gaps that occur.
“We provide assurance to the Board of Trustees and senior management on how effectively the University assesses and manages its risks, including the manner in which the first and second lines of defense operate,” explained York.
Another line of defense is the Office of the State Auditor. Like football special teams, state auditors have special skills for special situations.
“They provide assurance to our external stakeholders, board and senior management regarding the true and fair view of our financial statements, but their mission is limited to financial reporting risks only,” York noted. “It is up to the rest of the team – the first three lines and our ‘coaches’ – to manage and monitor strategic, operational and compliance risks enterprise-wide.”
Coach Lambert and his staff are preparing their team to face the risks presented by the Campbell University Camels on Aug. 31, said York, and the University’s coach, Chancellor Dubois, and his senior leadership team are preparing UNC Charlotte to face the risks of higher education in the 21st century.
“Each of us has a key role to play in managing risks. By working together, we can come out on top, on Aug. 31 and beyond,” York stated. “RMSS and the Internal Audit Department are always available to consult with any University manager on risk assessment, risk management and internal control development.”
Email the department at internalaudit@uncc.edu or call 704-687-5693. Contact risk management by emailing Coulter (bcoulte1@uncc.edu) or call 704-687-8448.