Risk Areas


In 2004, the Treadway Commission's Committee of Sponsoring Organizations published a framework to help executive management address enterprise risk management. In the COSO model, an organization must analyze its risk landscape and address those risks that would prevent achievement of its business objectives. Compliance, as one component of The University of Texas System's business objectives, identified three primary areas of risk.

Compliance Primary Risk Areas

Working with the Systemwide Executive Compliance Committee, the Systemwide Compliance Program identified the following areas as holding the highest risk for compliance-related concerns:

  • Healthcare
  • Information Security
  • Research

Other Compliance Risk Areas

In addition to the primary risk areas of healthcare, information security, and research, the Systemwide Compliance Program carefully monitors the following areas:

  • Asset/Financial Management
  • Conflicts of Interest
  • Endowments
  • Environmental Health and Safety
  • Human Resources
  • Intercollegiate Athletics
  • Privacy
  • Student Financial Aid