Risk Assessment Form (For more information, click on "Guidelines" tab below)
Compliance Subject: Bill Number TX80RSB 1138 relating to members and advisors of student organizations This Form Prepared by: Minnie R. Urbano
Responsible Department: Student and Academic Services Assessment Date: 03-25-08 Check one:
Responsible Office within Department: Student Services New Assessment: X
Title of Responsible Supervisor: Manager Updated Assessment:
Rank After Mitigation
Prob. of Occurrance
Risk of Non-Compliance
Compliance Activity Evidence or Other Written
(I.e. fine, reprimand, loss of funding, High Manage
(Be specific. Show statutory laws, loss of accrediation, unfavorable Primary Responsible Party Med Monitor Documentation of Compliance
regulations, policy(s) or other legal basis publicity, audits, investigations, (Position Title) Low Accept (What can you show to an auditor that is proof
employee injury, litigation or other Monitoring and/or Oversight
for compliance) Operating Controls that the operating and monitoring controls you
(Briefly bullet each operational control) Controls have described in Columns G and H are being
Section 1. Subchapter z, Chapter 51, Unfavorable audit. Safety risk Manager, Student Medium Low 1. The Student Services Office will hold an 1. Follow-up with Student Meduim Manage 1. Copies of Policy A-6 Campus Safety Policy,
Education Code, is amended by adding for students. Possible injury Services annual meeting in September for student Organization Presidents to ensure Policy A-41 Alcoholic Beverage use on Campus,
Section 51.9361 to read as follows: to students. Liability to organization members to present the risk that all members of student Policy A-26 Risk Management Policy, Policy C-
At least once during each academic year, university. Lawsuits. management process organizations understand all risk 19 Drug and Alcohol Abuse Prevention, Policy F-
a postsecondary educational institution 2. At least one officer and the sponsor/advisor management policies and 3 Student Travel
shall provide a risk management must be present at the annual meeting. procedures. 2. A list of attendees at the yearly Risk
program for members of student 3. Student organization members and 2. The Risk Manager will verify that Management for Student Organizations meeting.
organizations registered at the institution sponsors must sign an acknowledgement the program has been presented to 3. List of attendees will be kept on file for three
form at the meeting stating that they have the organization members. (3) years.
attended the meeting and that they agree to 4. Copies of acknowledgement forms from
follow commonly accepted rules, practices, members who attended the meetings
4. Student Organization members must
promptly report safety hazards or potential
problems to management or the Campus
Safety & Risk Manager.
D:\Docstoc\Working\pdf\f6173e33-9ce1-4a48-8cfc-0f387405d179.xls Blank Risk Assessment Form
UHV Risk Assessment Guidelines
Compliance Subject: Briefly describe the compliance activity being assessed
Responsible Department: The Department responsible for this compliance activity.
Title of Responsible Supervisor:
Responsible Office Within Department: Specific Office responsible for compliance.
Prepared by: The name of the person who prepared this assessment.
Assessment Date: The date this assessment was completed.
Check one: If this is the first formal assessment of this compliance activity, check New Assessment. If making changes to an existing
assessment, check Updated Assessment.
List the compliance activity first, then show the specific law, regulation, policy (or policies) or other legal basis that make this a required
Risk of Non-Compliance
In this column describe the most likely possible consequence(s) of non-compliance. Be as specific as possible: e.g. fine (how much),
reprimand, loss of funding, loss of accreditation, negative publicity, audits, employee injury, litigation, etc.
H-High Impact (If the risk happens, we will probably not achieve our objective or to do so will require major damage control.)
M-Medium Impact (If the risk happens, we will have to do extra work or we will be inefficient, but we can still achieve our objective.)
L-Low Impact (If the risk happens, we will be aware of it but will have little or no effect upon operations or achieving the objective.)
Probability of Occurrence
H-High Probability (It will happen often)
M-Medium probability (It is likely to happen but not often)
L-Low Probability (It is unlikely to happen at all)
Operating Controls - The controls that must be properly and consistently applied to manage the risk to an acceptable level.
Monitoring and Oversight Controls
Monitoring Controls - Generally those procedures performed by the supervisor to determine that the required operating controls are being
Oversight Controls - Generally those procedures used by middle or upper management to ensure that monitoring controls have been
applied as designed, i.e. including reviews of status reports, exception reports, etc.
Evidence or Other Written Documentation of Compliance
(1) What documents or other proof is created that can be shown to an auditor or other reviewer that will verify that the required operating
controls were completed?
(2) What documentation can be produced to show that the supervisor has indeed monitored for compliance?.. i.e. supervisor initials and
dates on some document or report; notations or supervisor's initials on a reconciliation, exception reports, written memo or other
documentation initiated by the supervisor.
Rank After Controls
High -Generally risk that, if it occurs, can have an institutional wide impact and major damage control will be required.
Med - Generally, a risk that, if should happen, it will have isolated or area only impact but we can still achieve our goal or objective.
Low - Generally, a risk that, if it happens will be low level in its impact with little or no effect upon operations.
Manage - Generally, the highest risks that need to be constantly managed to insure that the appropriate controls are being applied.
Monitor - Generally, medium level risks that still may require considerable risk management and monitoring.
Accept - Generally, lower level risks that are accepted, requiring little management and/or monitoring.
D:\Docstoc\Working\pdf\f6173e33-9ce1-4a48-8cfc-0f387405d179.xls Guidelines 9/8/2010 2 of 2