For the 3 months ended June 30, 2007

Annual Compliance Plan for FY 2008

Institutional Compliance Status Report:

Institutional compliance activities at each university during the three months ended June 30, 2007 are as follows:

Activity	UH/UHS	UHCL	UHD	UHV
Risk Assessments Completed	0	0	0	4
Risk Assessments Updated	2	0	0	0
Compliance Audits Conducted	0	1	0	1
Compliance Committee Meetings Held	1	1	1	1
Risk Mitigation Implemented:
Specific Control Activities (pol. & proc.)	1	0	0	4
New Training Program / Activities	12	0	1	9

Hot-line Reports:			0
Number Received during quarter	7	0	0	1
Reports Resolved during quarter	4	0	0	2
Unresolved Reports as of June 30, 2006	4	0	0	0

UHS: A system-wide meeting of the institutional compliance officers was held on April 23, 2007 to discuss institutional compliance activities. Included on the meeting agenda were the following:

A review of reports to be presented to the Board of Regents Audit Committee meeting on May 1, 2007
A discussion about cooperative problem solving, sharing of ideas, and major concerns/accomplishments
A presentation by the UHS/UH Executive Director of Finance on the final versions of the fraud awareness and ethics web-based training
A presentation from the UHS/UH Executive Director of Business Services on mandatory Web CT training

UH: Environmental Health and Risk Management conducted a laser safety training course for faculty and students who work with laser machines in laboratories; one training course for laboratory workers on hazardous waste handling regulations, six sessions on hazard communication, and four sessions on blood borne pathogens, all of which are regulatory-required.

Environmental Health and Risk Management conducted an internal audit of compliance with above ground petroleum storage tank regulations and as a result, registered 4 unregistered tanks to achieve regulatory compliance.

On June 12, 2007 the Division of Research hosted a National Council of Research Administrators web cast entitled “Conflict of Interest – How to Spot and Manage It.” UHS business, financial, and auditing staff attended.

UH Finance submitted revised P-Card and Travel Card policies for review and approval that more clearly define the roles and responsibilities of cardholders, college/division administrators, and Accounts Payable, as well as sanctions for non-compliance.

UHCL: The audit team reports by audit team leader for past action plans the items were as follows:

§ Major property damage/destruction – Mike Herbst – carry forward to FY 2008.

§ 8. FERPA – Dr. Darlene Biggers – no report, carry forward to FY 2008.

§ 31. Injury – Susan Prihoda – no report, carry forward to FY 2008.

§ 47. Travel risks – Dr. Darlene Biggers – no report, carry forward to FY 2008.

§ 62. TDLR – Dan Wilson – violations corrected – item closed.

Harry C. Stenvall attended and reported on April’s UHS Institutional Compliance Officers meeting, May’s UTS 5^th Compliance conference, and June’s UHD “Creating a Culture of Compliance” seminars.

UHD: Hosted a presentation with Q&A session on “Creating a Culture of Compliance” with David Crawford as the guest speaker. David Crawford is one of the authors of “Effective Compliance System: A Practical Guide for Educational Institutions”, Audit Manager Emeritus with the University of Texas System Audit Office and an International Consultant. The session was open to all UH System Compliance Officers and UHD personnel. Presentation topics included:

What is Compliance?
Who are the Players?
Key Responsibilities of Each.
How they are connected?

In a follow-up afternoon session with the UHD Compliance Committee Members, David Crawford and Russell Hoskens addressed questions and concerns from the Committee Members.

Completed remaining two of twenty-one Monitoring Plans.

Working with David Crawford to implement his revised formatting that combines, simplifies and facilitates the risk assessment, monitoring and ongoing reporting tool.

UHV: The quarterly campus Compliance meeting was held April 18^th. During the quarter, formal risk assessments and/or procedures were developed for Indoor Air Quality, Elevator Passenger Emergency Evacuation, Contract Administration and Placing Student Holds with the State.

The Small Business Administration conducted its annual site audit of the UHV Small Business Development Center. The Center’s financials, compliance with client information protocol and training files were reviewed. There was one minor recommendation for improvement which has since been corrected. During the quarter, there was one reported instance of P-card fraud by a non-employee. J.P. Morgan Chase identified a fraudulent internet charge of $27.06, and cancelled the card with no loss to the University.

In the wake of the Virginia Tech tragedy, the President convened the Emergency Response Team to review general campus security and safety at UHV, UHSSL and UHSCR. Various improvements are being implemented and others are being considered. The statistics for this summary report are derived from the more detailed campus departmental report of activities. The detailed report will be available on the UHV Compliance website (http://www.uhv.edu/compliance/reports.asp) after July 20^th.

Annual Compliance Plan:

UH / UHS:

Update all risk assessments
Complete additional risk assessments for Athletics
Conduct quarterly compliance committee meetings
Respond to and investigate all reports of non-compliance

UHCL:

Fraud Review: A review of the existence of recommended internal control measures under the authority of the Business Coordinators as of March 31, 2007 was completed by Mr. David Kelling CFE. The methodology used was for each Business Coordinator to complete and forward to the CFE the Fraud Risk Assessment – Business Coordinator Review questionnaire for the area(s) under their authority at which time he thoroughly reviewed their answers and test as necessary.

Review Finding: From the answers obtained from the Business Coordinators on the Fraud Risk Assessment – Business Coordinator Review questionnaire and from CFE’s review and testing, there were no weaknesses in internal control noted; therefore, this finding substantiates the overall fraud risk assessment for the University of Houston – Clear Lake as of January 5, 2007, of “Very Low” to “Low.”

FY 2008 Goals: The goals for FY 2008 will include:

Implementation of UHS web based training developed by Mr. Mike Glisson. The committee wants the completion percentages of previous web based training to know where to target training.
Begin a “Culture of Compliance” by requesting all departments do a self assessment and evaluation of their top 5 risks.
Evaluate using My Safe Campus as a source for compliance issue question not just non-compliance issues and advertise hotline as such.
Completion of FY 2007 audits carried forward above.

UHD: Meet quarterly with Compliance Committee:

Complete Training and Reporting Plans and initiate periodic (monthly/quarterly) reports.
Update existing risk assessment areas on as needed basis.
Identify and assess additional areas of risk
Predefine consequences of noncompliance.
Finalize “Standard of Conducts Guide”.
Obtain legal review and initiate development of global training for UHD.
Develop UHD Compliance Website.
Respond to and investigate all reports of non-compliance.

UHV: Annual departmental review and update of the campus master risk matrix by 8/31/08.

Conduct quarterly compliance meetings, including:

- Posting of committee minutes on campus IC web site.

- Requesting quarterly compliance report of activities from departments.

- Preparing a combined campus report for distribution to Administration.

- Preparing quarterly executive summary reports of activities for Board information.

Monitor mandatory compliance training, including online Fraud and Ethics modules, new for FY08.
Continue to introduce new employees, as part of their orientation, to the campus Compliance program including MySafeCampus and the Governor’s Program on Fraud and Waste Prevention.
Respond to hotline or other reports of fraud, waste or other non-compliance with due diligence.
Have each department head complete an annual self-assessment questionnaire, certifying as to their awareness of various compliance related policies and institutional procedures by November 30^th.

Department Specific Compliance Activities:

Human Resources – Expand new employee background checks to include more positions. Formalize policy and procedures.
International Programs-Finalize policies and procedures, upon OGC review, for students and others participating in study abroad programs. Develop a monitoring plan to insure compliance.
Athletic Department – Develop a monitoring plan to insure compliance with NAIA bylaws. Continue review and updating of Athletic Department handbook of policies and procedures.
Research Administration– Develop a monitoring plan to insure contract/grant compliance, including compliance with OMB Rules, PI acknowledgement of responsibilities, and time and effort reporting.
Office of University Advancement – Develop a monitoring plan to insure endowment compliance and proper stewardship of donor funds, avoiding non-compliance with donor restrictions and/or inappropriate use of endowment funds.

_______________________________

Don F. Guyton
System-wide Compliance Officer
July 9, 2007