NEW ENGLAND HIGHER EDUCATION RISK MANAGEMENT ROUNDTABLE October 22, 2020, 8:00-10:00AM Microsoft Teams by Invite Only... INTRODUCTIONS - COHNREZNICKGeorge Gallinger National Director – G
Trang 1NEW ENGLAND HIGHER EDUCATION RISK MANAGEMENT ROUNDTABLE October 22, 2020, 8:00-10:00AM
Microsoft Teams by Invite Only
Trang 2• Logistics
• Introduction
• Roundtable Discussion Topics
̶ Enterprise Risk Management
̶ Business Continuity Planning
̶ Information Technology Strategy and Risk
̶ Workforce Challenges
̶ Board Governance
̶ Vendor Management and Third-party Risk
• Closing Remarks
Trang 3VIRTUAL ROUNDTABLE LOGISTICS
• CohnReznick will act as moderator and admit guests
• Mute yourself when not speaking
• Use the Chat function for questions and comments
̶ Note that the Chat will be visible to all meeting attendees
• Use the raise hand function to indicate you would like to speak
̶ Please unclick it after you’ve been called on
PARTICIPATE!
Trang 4INTRODUCTIONS - COHNREZNICK
George Gallinger
National Director –
Governance, Risk,
and Compliance
Thomas McDermott
Director – Cybersecurity, Technology Risk, and Privacy
Allison Guttenplan
Manager – Governance, Risk, and Compliance
Trang 5INTRODUCTIONS - INVITEES
Albertus
Magnus
College
Assumption College UniversityBay Path Connecticut College UniversityFairfield Goodwin College
Johnson &
Wales
University
Mitchell College Quinnipiac University Rensselaer at Hartford Sacred Heart University Springfield College
Trinity College University of Bridgeport University of Hartford University of New Haven University of Saint Joseph UniversityWesleyan
Western New England University
Worcester State University Yale University
Trang 6ENTERPRISE RISK MANAGEMENT (ERM)
• Formalized program, maturity, and
evolution
• Governance and culture
• Risk assessment
̶ Various perspectives – financial, regulatory, operational, reputational
̶ Identification and prioritization
• Mitigation plans
• Use in strategy/objective setting
• Current risks
̶ Reduction in enrollment and revenue
• International students
• Auxiliary revenue
̶ Costs of remote and/or on-campus learning
̶ Need for refunds
̶ Change in government funding programs and/or regulations
̶ Liquidity scenarios
̶ Fundraising levels
Trang 7BUSINESS CONTINUITY PLANNING (BCP)
• Lessons learned
• Shared ownership and execution
• Business impact analyses
• Importance of testing/tabletop exercises
• Alignment with Disaster Recovery Planning (DRP)
Trang 8INFORMATION TECHNOLOGY STRATEGY AND RISK
• Management and governance
• Incorporating into ERM
• Remote learning
• Cybersecurity
̶ Remote environment
• User access
• Data privacy
Trang 9WORKFORCE CHALLENGES
• Remote workforce models
̶ Effect on interim internal controls
• Changes in organizational structure or roles/responsibilities
• Real estate footprint impact
̶ Impact on technology strategy and risk
Trang 10BOARD GOVERNANCE
• Proper division of oversight
• Board’s role in ERM and strategy setting
• Engagement and communication
Trang 11VENDOR MANAGEMENT AND THIRD-PARTY RISK
• Maintaining internal controls
• Conflicts of interest checks
• Vendor financial vetting and monitoring
̶ Key vendors
̶ New vendors
• Anti-fraud controls in procurement and AP
Trang 12CLOSING REMARKS
• Risk management
• Internal audit
• Communication with all stakeholders
• What do you want to hear more about in future programming?