MTSU Enterprise Compliance and Risk Management Committee

A. Charge

The Enterprise Compliance and Risk Management Committee's ("ECRMC" or "Committee") charge is to promote and support the University's mission and community standards through the advancement of ethics and risk management programming, monitoring, and testing for the prevention of fraud, waste, and abuse of state resources in alignment with MTSU’s internal control system and Compliance Plan, as well as in compliance with state and federal laws and regulations. The Committee additionally aligns with the elements of an effective Compliance Program as set forth by the United States Sentencing Commission's Guidelines (U.S. Sentencing Comm'n, Guidelines § 8B2.1); the Department of Justice's Filip Factors; and the State of Tennessee's Risk Management Department within its Division of Finance and Administration.

B. Composition

The Committee is comprised of:

1. a faculty representative from faculty senate (faculty senate president);
2. one attorney from the Office of University Counsel;
3. one administrator from the Office of Research and Sponsored Programs;
4. one administrator from the Division of Student Affairs;
5. one administrator from the Office of Institutional Equity and Compliance;
6. at least one administrator from the Division of Academic Affairs;
7. one administrator from Human Resources;
8. one administrator from the Information Technology Division;
9. at least one administrator from the Athletics department;
10. one administrator from Campus Planning;
11. one administrator from Facilities Services or the Office of Environmental Health and Safety;
12. one administrator from the Division for Business and Finance;
13. one officer or administrator from the University Police; and
14. one administrator from the Office of Audit and Consulting Services.

The chair of the Committee shall be the Assistant Vice-President for Compliance and Enterprise Risk Management. The Committee shall maintain meeting minutes and other documentation, as necessary. The Committee shall meet at least twice annually. A schedule of meeting dates also will be posted on the Office of Compliance and Enterprise Risk Management's webpage.

The following are the meeting agendas of the Enterprise Compliance and Risk Management Committee ("ECRMC" or "Committee"), also known as the Institutional Compliance Committee. Meeting minutes are posted after review and acceptance by the Committee.

The ECRMC, or Institutional Compliance Committee, has two subcommittees - Healthcare and HIPAA Compliance; and Ethics, Privacy, and Confidentiality. Below are the goals for each subcommittee, as well as information on the ways the subcommittees align with MTSU's academic master plan strategic goals and Community values. In addition, each subcommittee aligns with existing University policies.

The following is the Compliance Plan ("Compliance Plan") for Middle Tennessee State University ("University"). The Compliance Plan is reviewed bi-annually by the University's Enterprise Compliance and Risk Management Committee. Changes to the Compliance Plan are made, as needed, to address any operational, academic, and/or financial needs of the University, as well as to address changes in federal, state, and local laws, regulations, and public health mandates.

• MTSU Compliance Plan 2021-2022