Office of Audit, Risk, and Compliance
The Office of Audit, Risk, and Compliance (OARC) strives to be a proactive partner and resource to Ohio University. OARC is an independent unit that reports directly to the Audit and Risk Management Committee of the Board of Trustees.
- Internal Audit provides an independent and objective assessment of the university's operations, evaluating effectiveness of controls and system, identifying areas for enhancement and ensuring that best practices are implemented.
- Compliance establishes an oversight program that coordinates decentralized compliance efforts to maintain institutional adherence to technical standards, regulations, and laws. Compliance ensures that the university’s policies and processes are aligned with external requirements, thereby safeguarding the institution against legal and regulatory risks. Compliance risk assessment supports comprehensive and coordinated response to critical compliance issues that impact the university across multiple operational areas.
- Enterprise Risk Management (ERM) further enhances this framework by systematically identifying, assessing, and managing risks across the entire university, addressing insurable risk, and supporting development of other risk mitigation measures.
- Together, these functions create a comprehensive assurance framework that ensures regulatory adherence and drives operational excellence, institutional integrity, and strategic risk management. Moreover, integrated Audit, Risk, and Compliance supports institutional strategic planning, ensuring that potential risks are proactively identified, addressed, mitigated, and monitored, thereby preventing or reducing impacts of “sidelining” events that could harm the university’s reputation, finances, standing with state and federal regulators, and most importantly, the safety of its students, faculty, staff, and communities. By prioritizing Audit, Risk, and Compliance, the university can achieve a robust and resilient university that values efficiency, transparency, and ethical decision-making
OARC's Functions
OARC is comprised of two distinct functions. Both functions take a risk-based approach to assist the university in mitigating risks—or any event or occurrence that could impair the university’s ability to achieve its objectives.
-
Internal AuditDevelops an annual risk-based audit plan and conducts audits and consultative services in accordance with the Institute of Internal Auditor’s International Standards for the Professional Practice of Internal Auditing.
-
University ComplianceProvides independent oversight to Ohio University compliance programs with a focus on federal, state, and local laws, as well as university policies.
News & Announcements
NEW: Employee Compliance training policy
On December 2, 2024, President Lori Gonzalez signed 40.130: Employee Educational Program and Compliance Training. The policy is effective immediately.
Ohio University is committed to providing educational training programs that clarify expectations and responsibilities for all employees, uphold the highest standards of professionalism, ethics, and regulatory compliance, and establish risk management practices.
The university will deploy appropriate compliance training programs for employees as required by federal or state law.
In addition to mandatory compliance training, employees may be required to complete additional, role-specific training as needed for their positions, to maintain the institution’s compliance with applicable laws and policies or to enhance safety and technical preparedness, or to improve operations or departmental function.
Specialized training may be required for certain employees to ensure a safe working environment or as part of a performance improvement plan.
New Privacy resources available for OHIO
For information about how OHIO protects the privacy of its current and prospective students, faculty, and staff, visit resources at Privacy Office, including OHIO's new policy 92.001: Privacy Protection.
OHIO employees required to complete fraud reporting training by Oct. 29
All Ohio University employees, including faculty, staff, graduate and undergraduate students, and program employees, who receive a paycheck from Ohio University must complete a fraud reporting training program during the fall semester.
Read full article from September 20, 2024
Mary Ann Boyle named as Executive Director of Office of Audit, Risk and Compliance & Chief Audit Executive
Ohio University President Lori Stewart Gonzalez and Trustee Thomas Parfitt are pleased to announce that Mary Ann Boyle, CIA, CFE, has been named as the executive director of the Office of Audit, Risk and Compliance and chief audit executive, effective Aug. 19.
Read Full Announcement From July 24, 2024
REMINDER: Ohio University Ethics Hotline Available
The Office of Audit, Risk, and Compliance issues this reminder that OHIO faculty, staff, and students may report concerns of fraud, waste, abuse, or non-compliance with federal or state regulations or University policies. Reports made to the EthicsPoint hotline—via phone or website—are triaged and responded to by anonymous dialogue between the reporter, OARC, or the University representative who can most appropriately respond to the concern.
Read the Full News Article: Ohio University Ethics Hotline Available
(published December 12, 2023)
Office Renamed
In July 2022, Ohio University's Internal Audit office was repositioned as the Office of Audit, Risk, and Compliance (OARC) with expanded functions that will enhance internal controls and compliance mechanisms and build compliance consciousness in existing University business processes.
Laura Myers, who most recently served as OHIO’s deputy chief strategy and innovation officer, has been appointed director of University Compliance, reporting to the Chief Audit Executive.