Operations, Audit and Risk Committee Meeting November 16, 2024
The Operations, Audit and Risk Committee met on Thursday, November, 16, 2023 at 1:30 p.m. in the Freeman Center, Room 201 with Acting Chair Terry McKnight presiding.
Present from the Committee
- Mrs. Terry McKnight, CPA, Acting Chair
- Ms. Christy Morton (remote participation by phone)
- Mr. Brentley Archer
- Mrs. Lindsey Carney Smith, Esq.
- Ms. Kelli Purdy Meadows, CPA
- The Honorable Ronald L. Tillett
Other Board Members Present
None
Others Present
- President William G. Kelly
- Mrs. Faith Belote, University Internal Auditor
- Mrs. Jennifer Latour, Vice President for Finance and Planning/Chief Financial Officer
- Ms. Christine Ledford, Vice President for Administration and Auxiliary Services
- Other CNU faculty and staff members
Remote Participation
Ms. Christy T. Morton, Secretary participated in the meeting remotely by phone. Remote participation permitted due to personal work-related travel to attend the Senate Finance Committee Retreat in Northern Virginia pursuant to Code of Virginia § 2.2-3708.3
Acting Chair McKnight called the meeting to order and welcomed everyone in attendance. She thanked everyone for being there and Ms. Christy Morton was on the phone and thanked everyone for allowing her to participate remotely as she was attending the Senate Finance Retreat in Northern Virginia.
Approval of September 14, 2023 Minutes
Acting Chair McKnight asked if everyone had a chance to review the Operations, Audit and Risk Committee minutes from September 14, 2023. There being no comments, edits or suggestions, Acting Chair McKnight called for a motion to approve the minutes as presented. The Honorable Ronald Tillet, provided the motion, which was seconded by Mrs. Lindsey Carney Smith and the minutes were approved by unanimous vote of the committee.
Acting Chair McKnight introduced Mr. Bryan Donohue, Director of Emergency Management to provide the following report:
Emergency Management Overview
Mr. Donohue provided an overview of the Emergency Management Plan for Christopher Newport University and reported the State of Virginia requires institutions to have a CEMP (Crisis Emergency Management Plan) that is adopted by the Board of Visitors. Currently, we are in the second year of a four-year cycle and are required to exercise our plan annually. Mr. Donohue explained Executive Order 41 establishes an Emergency Manager and requires a Continuity of Operations Plan (COOP). The State also requires the University to establish an emergency notification system for the campus community. The University has multiple notification systems to include outdoor siren and PA systems, alert beacons, desktop takeover, phone call, text, email and social media feeds. Training takes place yearly for emergencies and consists of test drills and exercises, both for groups and individuals. These range from tornado drills, shelter in place drills to a full-scale active attack which includes State and local partners.
Christopher Newport University is one of 13 Universities designated as a State Coordinated Regional Shelter. It is a State managed shelter and is staffed by multiple State agencies. The Freeman Center is the building used should we be called upon to open the shelter. This was established in 2018 in response to Hurricane Florence and the plan is currently being updated by the State.
Acting Chair McKnight thanked Mr. Donohue for all of his work and thanked the staff for supporting this initiative. Chair McKnight introduced Ms. Diane Reed, University Comptroller to provide the following report:
ARMICS Certification
Ms. Diane Reed presented the FY23 ARMICS (Agency Risk Management and Internal Control Standards) certification results. The ARMICS agency level evaluation is completed every three years with the most recent being completed in FY23. The certification covered items such as slot analysis, conflict of interest, third party providers, University compliance, red flags identity theft prevention, and State cardinal human capital management system access. No significant weaknesses in the design or operation of internal controls at the agency and transaction levels were found in existence as of June 30, 2023.
Acting Chair McKnight thanked Ms. Reed and all staff for their work on this project and introduced, Mrs. Faith Belote, Director of Internal Audit.
Internal Audit Report
Mrs. Faith Belote, Director of Internal Audit, presented the status of the audit plan for FY 2023-2024 and reported the annual audit plan and hours have been adjusted to prioritize the Endowed Student Scholarships audit for completion during Spring 2024 based on the recommendation of the President. The remaining available audit resources have been allocated to the Information and Communication Technology Accessibility audit. This project will evaluate the oversight of Americans with Disabilities Act (ADA) compliance responsibilities and assessment processes involving digital content accessibility in accordance with University policy. The Network Firewalls audit is complete. The Endowed Faculty Professorships audit fieldwork is underway and anticipated report completion for the February meeting. Planning has begun on the access controls audit of the State Application.
The Quality Assurance review status is that the draft report is under review by the independent assessment team. Additional consultations with the Director and team are anticipated in early December. The final report will be presented at the February meeting.
Mrs. Belote also reported on the summary status of audit issues stating the Network Firewalls audit report was presented in the board materials. Five open audit points are targeted for completion by March 15, 2024. Student Accounts audit follow-up is a work in progress, with seven audit points targeted for completion by July 1, 2024. Two StarRez audit points are closed, with four points targeted for completion by January 15, 2024. An extension was granted for the remaining Faculty Recruitment and Succession Planning audit points due to the restructuring of Equal Opportunity (EO) responsibilities, with nine due December 22, 2023 and one due June 1, 2024. The final Maxient audit point has been closed as the IT Executive Steering Committee has approved the Data Sharing Standard. The committee expressed approval of the new format for reporting the Status of Audit Issues as a standard practice moving forward.
A Student Accounts Data Analysis report was completed in response to OAR Committee member’s questions at the September 14, 2023 meeting.
Appointments to the Administrative and Professional Faculty (Informational Only)
Acting Chair McKnight stated that Appointments to the Administrative and Professional Faculty are informational only and can be found under Tab 5F of BoardDocs.
There being no further business, the meeting adjourned at 2:24 p.m.