Audit, Compliance and Risk Committee discusses incident reporting and compliance – The Cavalier Daily

The Board of Visitors' Audit, Compliance and Risk Committee met on Friday, where Gary Nimax, assistant vice president for compliance, heard a presentation on compliance policies and new incident management software. The committee then entered a closed session for the remainder of the meeting to discuss the performance of certain employees, as well as confidential business information and legal issues.

Nimax gave a brief overview of the University’s compliance program, which Goals to prevent and remediate potential regulatory or legal violations by the University and to promote appropriate conduct and work ethics at the University. He also spoke about the Compliance Program's broader mission to ensure the University's compliance with federal and state regulations.

Nimax then spoke to the committee about SafeGrounds, an incident management software developed by the university to process reports of compliance issues and ensure it complies with federal and state regulations. According to Nimax, SafeGrounds allows the university to process reports that come in from a variety of sources, including Title IX reports, the Threat Assessment team that works to impede violence in the community before it happens, and the University Compliance Helpline, which allowed Anyone in the community can submit reports of unethical behavior or policy violations for investigation.

The presentation slides presented to the Committee said that SafeGrounds processed a total of 7,447 reports in the last fiscal year, which ran from summer 2023 to summer 2024.

From these reports came by student government, while the next highest percentages came from the health system and academic department human resources departments at 21 percent and 16 percent, respectively, according to Nimax's presentation. Nimax said those percentages are in line with what other comparable universities might see. While Nimax noted that at some schools human resources department reports might make up the largest portion of reports, he said nothing in the university's breakdown of incident reports was unexpected.

Nimax said he hopes to create more awareness about the compliance helpline and other reporting methods across all departments at the university. He said his team has already made progress in raising awareness by attending meetings and sending emails to preemptively address people's concerns about reporting processes.

“I would say that for some of our colleagues who do not receive reports, not knowing about the helpline means exclusion of compliance [systems] or fear of retaliation from employees,” Nimax said. “And those are not concerns here, which is good.”

The Committee then met in closed session, which it is permitted to do for matters relating to the performance of specific employees or for discussions involving confidential information, ongoing legal proceedings or final strategic considerations.

At its meeting in June, the Committee discussed an ongoing audit of the University being conducted by the Commonwealth of Virginia Auditor General. The audit was not discussed at this meeting, although the committee fulfilled August 14 for an update on the process. The presentation slides from this meeting Including a schedule that said the target month for publishing financial reports was November – the same target discussed in June.

The Audit, Compliance and Risk Committee is scheduled to meet again during the next Board meeting in December.