RISKS CONTROL1 Insufficient effort to attract research funding Educate faculty on award opportunities Research interests that do not match funding availability Implement a pre-approval process for research Inadequate support/assistance to faculty in developing proposals Staff member expertise in assisting PI's in applying for funding Inadequate proposal review Have a dedicated office for reviewing proposals Proposals with poorly developed cost budget or do not include indirect cost Staff member expertise in assisting PI's in applying for funding Accepting grants that require more resources, such as matching, than available Have a dedicated office for reviewing proposals Over commitment of principal investigator Develop a reporting process that lists PI research commitmentsCONTROL 2 CONTROL 3 Staff member expertise in assisting PI's in applying for funding Documented policies and procedures Training of Pis and faculty Provide adequate training for reviewing proposals Documented policies and procedures Training of Pis and faculty Provide adequate training for reviewing proposals Implement a pre-approval process for research Documented policies and proceduresCONTROL 4 CONTROL 5 Training of Pis and facultyRISKS CONTROL1 Inadequate efforts to hire and retain quality researchers Ensure budget aligns with strategic plan Falsification of research data or misreporting results Compliance review Plagiarism of other researchers’ work Policy addressing plagiarism Inadequate documentation of research Compliance review Research that lacks merit Tenure process Failure to produce deliverables Pre-approval process for researchCONTROL 2 CONTROL 3 Recruiting plan for faculty/researchers Policy addressing falsification of research Oversight committee for all sponsored research Oversight committee for all sponsored research Training for researchers Documented policies and procedures for research activities Pre-approval process for all research Tenure processCONTROL 4 CONTROL 5 Training for researchersRISKS CONTROL1 Outdated or inadequate facilities or equipment Develop a research strategic plan Inadequate system for tracking property Provide adequate training Property not appropriately tagged Develop procedures for tagging equipment when purchased Theft or loss of equipment Implement adequate security measures to prevent lossCONTROL 2 CONTROL 3 Preventive maintenance Inspection and monitoring of facilities Documented policies and procedures for fixed asset management Training on P&P Annual physical inventory Training on P&P Annual physical inventory Training on P&PCONTROL 4 CONTROL 5RISKS CONTROL1 Inadequate physical security for research facility Implement access controls (card swipe, key-pad) Failure to control laboratory access Implement access controls (card swipe, key-pad) Attacks or vandalism of research facilities Implement access controls (card swipe, key-pad) Intrusion of computer systems used in research Firewalls Inadequate screening of research personnel Implement a policy for background checks: criminal, credentials, work history Inappropriate disclosure of sensitive or confidential data Sign a confidentiality statement Inadequate control of pharmaceuticals Implement access controls (card swipe, key-pad) Non-compliance with export control laws Have a research compliance officer perform reviews of activity, protocols, etc.CONTROL 2 CONTROL 3 check for visitor ID & require visitors to wear badge check for visitor ID & require visitors to wear badge check for visitor ID & require visitors to wear badge Passwords Train PI's on computer security Documented policies and procedures on confidentiality Training Perform periodic inventory Develop procedures for delivering & disbursing or disposing of pharm. in a central location Implement an approval process for exporting itemsCONTROL 4 CONTROL 5RISKS CONTROL1 Inadequate training and safety procedures for laboratories Develop a database to track training completion by employees Insufficient laboratory oversight Provide adequate training for Pis Accident involving biohazards or other hazardous materials Provide & require attendance of biohazard safety courses Untimely or inappropriate response to accidents and other incidents Conduct practice drills to simulate accidents & practice response Unrestricted access to biohazards and other hazardous materials Implement access controls (card swipe, key-pad) Unsafe condition of laboratories and equipment Required safety training Improper storage or disposal of laboratory materials Disposal allowed only through central handling office (Safety Services)CONTROL 2 CONTROL 3 Train the trainer! Periodic revisions to training manual & procedures Develop a monitoring process for labs & Pis Facilities planning to minimize effect of risk Monitor and inspect facilities with hazard potential Develop and implement an emergency response plan Maintain and review logs of access Conduct periodic lab safety inspections Periodic inventory report to monitor usage & disposal TrainingCONTROL 4 CONTROL 5 InspectionsRISKS CONTROL1 Inadequate or no review by animal care and use committee Develop a policy outlining responsibilities of the animal care & use committee Lack of institutional policies and guidance on animal research Develop documented policies and procedures which are required to be reviewed periodically Improper conduct of animal research or inappropriate use of animal subjects IACUC committee reviews Inadequate environmental conditions and animal housing in laboratories IACUC committee reviews Non-compliance with federal regulations on animal research IACUC committee reviewsCONTROL 2 CONTROL 3 Have institution go through IACUC accreditation process Training for PI and all research staff Research compliance officer reviews Training for PI and all research staff Research compliance officer reviews Training for PI and all research staff Research compliance officer reviews Training for PI and all research staffCONTROL 4 CONTROL 5 Inspections of facilities Inspections of facilitiesRISKS CONTROL1 Inadequate or no review by IRB IRB guidelines Non-compliance with federal regulations on human subjects Strong IRB involvement Lack of institutional policies and guidance on human subjects Documented policies and procedures Improper conduct of human subjects research or unethical experimentation Adequate review of protocols Conducting experimental medical procedures or drug studies IRB Review Non-compliance with Health Insurance Portability and Accountability Act (HIPAA.) Collaboration between Privacy Officer & research administrators CONTROL 2 CONTROL 3 IRB accreditation process Monitoring of IRB process In-house reviews of research compliance PI training IRB involvement Audit review of design of P&P Approvals of consent to treat Adequate review of protocols HIPAA training Proper security of files that contain covered dataCONTROL 4 CONTROL 5 Adequate review of protocols Approvals of consent to treatRISKS CONTROL1 Conflict of interest Annual disclosures of conflicts of interest Use of labs, materials or research assistants for personal business Access controls on materials after hours Payments or subcontracts to own business Segregation of contracting/procurement duties Over billing federal agency Review process of research expenditures for reimbursement to ensure accuracy of accounting of expenditures Fraudulent expenditures on research grants Review process of purchasesCONTROL 2 CONTROL 3 Segregation of contracting/procurement duties Pre-approval of all research hotline to report misuse Develop a policy on use of University assets Related party disclosure statement Signed conflict of interest statements for all Pis Consolidated research accounting office review & preparation of bills submitted for research expenditures Independent review of interim & final reports prior to submission Independent reconcilement of orders to invoices CONTROL 4 CONTROL 5 Awareness of policy/state law Training on research grant requirements prior to granting expenditure authorityRISKS CONTROL1 Lack of compliance oversight function Employee training and awareness program Non-compliance with A-21 and other regulations and laws Periodic reviews/audits Unallowable costs charged to grant Careful independent monitoring of costs Inadequate documentation to support charges to grant Careful independent monitoring of costs Inaccurate or insufficient effort reporting Careful independent monitoring of costs Violation of salary cap limitations Careful independent monitoring of costs Failure to obtain Cost Accounting Standards (CAS) exception approval Establish a process requiring prior approval Grant funds used to purchase assets for other grants or non-grant work Require PI to submit adequate documentation to support charges Incorrect or inappropriate cost transfers Careful independent monitoring of costs Untimely deliverables Research review committee monitorsCONTROL 2 CONTROL 3 Formal Institutional Compliance Program Research compliance officer Careful independent monitoring of costs Employee training and awareness program Vital for PI to understand their role in accounting for charges-provide info. through training Third party review prior to payment Employee training and awareness program Third party review prior to payment Individuals most knowledgeable on effort should be reviewing report Periodic reviews/audits Monitoring by grant accounting office Awareness of limitations Employee training and awareness program Employee training and awareness program Third party review prior to payment Require adequate documentation Establish a process requiring prior approval Tenure process Employee training and awareness programCONTROL 4 CONTROL 5 Vital for PI to understand their role in accounting for charges-provide info. through training Periodic reviews/audits Periodic reviews/audits PI should be trained on purpose & process of effort reporting Employee training and awareness program Employee training and awareness program Third party review prior to payment Periodic reviews/audits Establish deadlines Employee training and awareness programRISKS CONTROL1 Insufficient post-award monitoring Document a formal process for post-award monitoring Inadequate grants information system Articulate grants info systems needs Insufficient staffing Align budget with strategic plan Inadequate policies and training Documented policies and procedures for the research enterprise Retaliation to whistleblowers Develop a fraud policy addressing whistleblower treatmentCONTROL 2 CONTROL 3 reevaluate indirect cost % periodically Training of faculty, researchers, and support employees Develop an ethical environment from top down Implement a hotlineCONTROL 4 CONTROL 5RISKS CONTROL1 Inadequate financial reporting system Articulate the requirements for research financial reporting systems Inaccurate grant accounting Failure to bill all costs timely Establish a monthly billing process Not collecting all billed revenues Aging reports part of a monthly process Incorrect calculation of Facilities & Administrative rate Expertise & training of personnel Overspending of grant budget Implement budget system controls along with someone carefully tracking expenses Not including all costs in close-out Formal close-out process Extensive unexpended funds on a grant monitor account balances Poor cash management, including insufficient/excessive draw downs Documented process for cash management in the research arenaCONTROL 2 CONTROL 3 Reconcile expenditure accounts with billings Review reconciliations Review aging reports and take action Obtain external expertise in developing and seeking approval of rates Reconciliation of accounts Review of reconciliations expertise of personnel cost-transfer controls Implement sound budgeting process to best estimate need Monitor cash management activity through analytical proceduresCONTROL 4 CONTROL 5 approval/review of PIRISKS CONTROL1 Lack of policies and training on intellectual property or technology transfer strong technology transfer compliance program Failure to pursue copyrights or patents Knowledgeable research staff-aware of copyright issues Failure to properly define ownership rights Knowledgeable research staff-aware of rights Loss or theft of intellectual property Knowledgeable research staff-aware of copyright issues Infringement on other’s intellectual property Knowledgeable research staff-aware of copyright issues Insufficient efforts in licensing and technology transfer General Counsel involvement Product liability General Counsel involvementCONTROL 2 CONTROL 3 Documented policies and procedures Training and awareness of PI and staff Policy addressing copyrights/patents PI awareness General Counsel involvement Define ownership rights prior to accepting research PI awareness Implement access controls (card swipe, key-pad) Training Establish office to control and monitor this activity Documented review and approval processCONTROL 4 CONTROL 5 On-going monitoring of activity General Counsel involvement check for visitor ID & require visitors to wear badge IT SecurityRISKS CONTROL 1CONTROL 2 CONTROL 3CONTROL 4 CONTROL 5