Office of Audit, Compliance & Privacy

Our Mission

The mission of the Office of Audit, Compliance & Privacy is to assist the University in fulfilling its vision of being a preeminent comprehensive land-grant university. Our office provides services in three distinct yet related disciplines - audit, compliance, and privacy - in support of Auburn University's three-pronged mission of teaching, research, and service.

The Office of Audit, Compliance & Privacy functions in partnership with University leadership to:

  • improve the internal control system and culture;
  • improve and enhance the management of operational, financial, compliance, strategic and reputational risks;
  • enhance governance processes;
  • ensure strong stewardship and management accountability at all levels of the University.

Case In Point: Lessons for the proactive manager
Volume 10: No 04

This month we continue our review of the 2017 events that were linked in Case in Point: Lessons for the Proactive Manager. This month's evaluation focuses on the category we call Compliance/Regulatory & Legal Events --- our largest category by volume over the past few years. The regulatory burden does not appear to be lessening despite some speculation and discussions about ways this burden could be reduced.

Annually, the Compliance/Regulatory & Legal Events category is the most difficult to evaluate due to the diverse ways an institution can find themselves in legal conflict. There were seven general topics that appeared more than others. However, it is important to realize this list in no way encapsulates the legal and compliance risks that are out there for our industry today.

The Top 7 2017 Most Frequent Compliance/Regulatory & Legal Events:

  1. Title IX
  2. NCAA
  3. Speech Related Litigation
  4. Employment Law Litigation
  5. Hazing Litigation/Charges
  6. Discrimination
  7. Open Records Litigation

One emerging regulatory item that is not on the list but that institutions should be aware of are the new General Data Protection Standards (GDPR). These are European privacy related regulations that will impact US institutions in a variety of ways. For a brief overview of this regulation see this linked story from EAB. We plan to devote a future issue to GDPR and other privacy related concerns. With the recent Facebook-Cambridge Analytica controversy, institutions will almost certainly devote even more attention to privacy related issues in the coming year.

We again invite you to review the events occurring throughout higher education with a view towards proactive risk management. If you see areas of concern or risks you have influence over, take action before you become the crisis.

As always, we invite your comments and suggestions.

(Read more of Case In Point)

Anonymous Reporting Hotline

Auburn University uses the EthicsPoint anonymous Reporting System to enhance communication and empower individuals to promote safety, security, and ethical behavior. Use this anonymous, confidential system to report situations, events or actions by individuals or groups that you believe unethical or otherwise inappropriate. Frivolous or unfounded reports do not help foster a positive workplace. This hotline service does not replace our existing reporting methods for reporting fraud, waste, abuse or other potentially illegal activities. The University continues to encourage stakeholders to report concerns or suspected violations to their supervisor or other campus entities as appropriate. If you are uncertain if a situation violates University policy, is illegal or constitutes harassment or discrimination, you may use EthicsPoint to obtain clarification. We would much rather have you ask questions than let potential problems go unchecked. However, EthicsPoint should not be used for immediate threats to life or property. If the situation presents an immediate threat to life or property call emergency -- 911

Last Updated: October 31, 2016