Home » Statutorily Required Reports » Enterprise Risk Management (ERM) Plan

Enterprise Risk Management (ERM) Plan

On this page:

Texas Transportation Institute
The Texas A&M University System
Updated 01/25/10

Introduction

The Texas Transportation Institute is an agency of the State of Texas and a member of The Texas A&M University System. This document sets forth TTI’s risk management plan and our strategy for enterprise risk management. This plan is intended to complement and expand upon the Institute’s strategic plan. Both of these plans will be used together to guide TTI priorities and decisions. This document is intended to provide guidance on threat management over a one- to three-year timeframe and will be updated on a regular basis.

Enterprise Risk Management (ERM) at the Texas Transportation Institute (TTI) is the systematic management of activities that involve a meaningful degree of risk to the Institute. The purpose of ERM is to ensure that risk identification, assessment and prevention are incorporated into the management oversight and processes of the Institute and to assist in identifying priorities set forth in TTI’s strategic plan.

Enterprise risk management recognizes the fundamental importance of proper management of risks associated with the Institute’s functions and activities. It also recognizes that Texas A&M University System Policy 24.01 and 24.01.01 require the Chief Executive Officer of the agency to manage, control, and, as appropriate, reduce or eliminate risk. Objectives of such a plan include: 1) helping to ensure that TTI employees, students and visitors are protected from hazards; 2) protecting the Institute’s financial condition and the ongoing viability of the research program; and 3) doing what is reasonable and necessary to help ensure that TTI’s facilities, equipment and resources are protected.

Identification and prioritization of risks is an essential component of this plan. Mitigation strategies for high-threat risks are also set forth in the plan. The connection between the risk management plan and the strategic plan is presented and emphasized in the mitigation strategies. Development, implementation and monitoring of the agency’s risk management plan accomplish the objectives and purposes described above.

The Texas Transportation Institute is committed to the management of risk in order to protect our:

  • employees and their skills;
  • research sponsors and other key stakeholders;
  • quality of research and service;
  • assets, including intellectual property;
  • contractual and statutory obligations;
  • image and reputation; and
  • commitment to state government and the people of Texas.

The agency’s risk management plan is designed to assist the Agency Director, the Leadership Team, and all employees to develop skills in addressing and understanding risk management. The main elements of the plan include:

  • development and use of risk management standards;
  • assessment and prioritization of risks on a continuing basis;
  • reporting regularly to the A&M System regarding TTI risk and compliance with Texas A&M System risk management policies; and
  • education and training of staff about risk management as appropriate.

Enterprise risk management is a critical element of improving TTI’s business processes and services. The agency’s goal is to adopt best practice in managing risks. To achieve this goal, risk management standards involving risk identification and risk evaluation linked to practical, cost-effective risk monitoring and control measures need to be in place and regularly evaluated and reviewed. Risk management is a continuous process, requiring awareness and proactive measures by all agency employees to reduce the occurrence and impact of risks. Risk management should be an integral part of the Institute’s business processes.

Objectives of Risk Management

Risks to functions and activities can result from both internal and external sources. Risks can include issues such as sponsor dissatisfaction, adverse publicity, physical safety and security of employees, low performing management and staff, equipment or computer failure, legal and contractual matters, and fraud. Some, such as available sponsor funding for research, may be beyond the control of TTI, although the Institute needs to prepare for such contingencies. Others can be directly controlled by TTI management.

It is not possible to perform our mission and have anything approaching a risk-free environment. Many decisions involve managing risks according to the Institute’s assessment of what constitutes an acceptable level of risk and judgments about the costs and benefits of alternative courses of action.

TTI’s objectives in adopting enterprise risk management include ensuring that: 1) the major risks faced by TTI are identified, prioritized, understood and appropriately managed; 2) TTI’s planning and operational processes include awareness of areas where risk management is needed; and 3) an environment exists where all TTI staff assumes responsibility for identifying and managing risk within their area of the Institute with required management oversight and control.

Risk management should be an integral tool used by management in leading TTI and planning for our future. It is critical to the overall performance of the agency. Appropriate risk management policies and practices minimize TTI’s exposure to the consequences of a range of possible adverse events. Such potential risks are numerous, with the following representing the range of risks faced by a contract research organization that is also a state agency and a member of The Texas A&M University System: 1) reductions in funding available to TTI through any of a number of sources; 2) safety of TTI’s workforce; 3) damage to equipment or facilities; 4) poor management oversight that results in adverse audits or violations of procedures, regulations and/or laws; 5) inability to attract and retain quality staff; 6) inability to maintain a viable, ongoing program of research; and 7) inability to provide the facilities and equipment needed to perform cutting-edge research.

The risk management process at TTI encompasses the systematic application of management policies and appropriate written procedures and practices to identify, analyze, evaluate, monitor and minimize risk.

The implementation of an integrated and rigorous approach to risk management:

  • increases the chances of avoiding costly and unacceptable outcomes, particularly those arising from unexpected events;
  • provides a better understanding of TTI operations and functions, and supports continuous improvement in the agency’s operations;
  • helps maintain high staff morale;
  • provides a reporting framework to assist in meeting A&M System and/or state requirements; and
  • allows for a more structured, accountable and useful strategic plan.

Risk Management Procedure and Process

The Institute’s risk management plan is a critical component of our vision, mission, imperatives and goals as set forth in the TTI Strategic Plan. The plan takes into account the Institute’s size and the nature of its operations, and recognizes that TTI is a state agency that is operated under the oversight of both the Texas Legislature and The Texas A&M University System Board of Regents.

TTI faces a range of potential risks that may affect:

  • our reputation, and/or that of our research staff and/or stakeholders regarding elements such as the quality of research, and the information, advice and recommendations that research provides;
  • our performance as measured against strategic priorities and the achievement of critical milestones;
  • the integrity of our decisions and processes;
  • the workplace safety, security and health of our employees; and
  • relationships and/or contracts with our sponsors, which may create additional financial or obligatory risks.

For each risk the Institute faces, TTI has assessed the likelihood and potential consequences of an adverse event, and has prioritized each category of risk according to the level of threat facing the agency. We have then determined strategies for managing risks, devoting the greatest resources to the risks considered to present a high threat. Appendix A, Table 1, identifies the potential risks facing TTI and assesses and prioritizes the level of threat posed by each risk. Appendix B, Table 2, provides an action plan matrix for managing the identified risks.

All TTI employees are expected to contribute to minimizing risk, and it is the responsibility of management to ensure that employees are aware of TTI’s expectations.

  • Members of the Leadership Team are responsible for ensuring that the risk management processes and controls identified in the risk management plan are built into the strategic and operational planning of all parts of the Institute.
  • The Executive Associate Director/CFO is responsible for coordinating the implementation of the risk management plan and reporting on implementation and progress to the Agency Director.
  • Associate Directors, Assistant Directors, Division Heads, Center Directors and Program Managers are responsible for overseeing the implementation of processes relevant to their part of the Institute, including ensuring that staff understand the risk management plan and implement the necessary requirements and strategies. Associate and Assistant Directors are also responsible for providing feedback on implementation to an Executive Associate Director.

Beneficial Outcomes of Risk Management

The key outcomes expected from enterprise risk management are the monitoring and control activities identified in the Risk Management Matrix (see Appendix B). These actions are reviewed and updated on a regular basis under the direction of the Executive Associate Director/CFO. To ensure effective achievement of this process, TTI will:

  • train managers and employees about enterprise risk management and procedures as appropriate;
  • monitor performance against the management action plan and report to the Agency Director as necessary;
  • monitor the risks associated with individual sponsors and research projects, and ensure that management of risks is built into contracts as appropriate;
  • incorporate consideration of risk management performance into the performance assessment of Division Heads, Center Directors, Program Managers and the Leadership Team;
  • consider performance pertaining to the risk management plan during any internal audit program;
  • include risk management awareness in orientation briefings for new staff; and
  • ensure the risk management plan, any changes to the plan, and related information are provided to the Texas A&M System as required by System rules and/or state guidelines.

The costs of implementing the Risk Management Plan are predominantly staff time, particularly that of the Agency Director and the Executive Associate Director/CFO, with support and input from the Leadership Team. A net benefit is expected from the operation of the plan by reducing agency costs as a result of many possible events, including:

  • staff time lost as a result of adverse events;
  • litigation;
  • replacement of lost equipment and other resources;
  • possible loss of contract research; and
  • decreased productivity.

There should be other gains, such as benefits from better prioritization of strategic initiatives, better preparedness and information-gathering pertaining to the legislature, the Texas A&M System Board of Regents and other key stakeholders, as well as improved employee morale as a result of better oversight and information-sharing within the Institute.

Staff Roles and Responsibilities

Agency Director

  • Oversees the development and implementation of the Risk Management Plan;
  • Ensures the ongoing review of risks and updates the Register of Major Risks as needed;
  • Encourages a management climate which is aware of and supports risk management; and
  • Oversees development of processes to define and address new risks.

Executive Associate Director/CFO

  • Coordinates, on an ongoing basis, the implementation of the Risk Management Plan;
  • Reviews Table 1, Register of Major Risks, on a regular basis and reports to the Agency Director on recommended changes;
  • Regularly convenes the Leadership Team to discuss the Register of Major Risks and necessary changes to that register; and
  • Develops and implements risk management procedures and training as needed.

Associate/Assistant Directors

  • Ensure that risk management controls and processes are included in all planning and research;
  • Encourage an organizational climate that supports risk management;
  • Ensure that employees understand the importance and consequences of risk management issues in their immediate work areas and to TTI overall;
  • Identify any new risks and report them to an Executive Associate Director.

Researchers and Staff

  • Identify any new risks and report them to their immediate supervisor;
  • Assist in development and implementation of processes to mitigate risk; and
  • Adapt the risk management plan to immediate work areas and processes wherever possible.

Review and Update of Risk Management Plan

The Risk Management Plan will be reviewed and updated on a regular basis by the Executive Associate Director/CFO and approved by the Agency Director.

Appendices

  • Appendix A provides background about how TTI prioritizes risks and details the manner in which the Institute has determined the threat-level of a risk to the Agency. Table 1, Register of Major Risks, sets out the risks facing the Institute and assesses the threat to the agency based on management judgments regarding the likelihood and potential consequences of each risk.
  • Appendix B contains TTI’s Risk Management Matrix, an action plan which analyzes and prioritizes the risks identified in the register to determine required management action(s).
  • Appendix C is the TTI Strategic Plan. The Risk Management Plan and Strategic Plan support and complement each other.

Appendix A: Risk Analysis at TTI

Introduction

Appendix A provides background about how the risks facing TTI are prioritized on the basis of potential overall threat that each risk poses to the Institute. TTI has estimated the potential threat posed by each category of risk on the basis of the likelihood of occurrence of the risk (frequency or probability) and the expected consequences (impact or magnitude) using the overall knowledge and judgment of the Institute’s Leadership Team. Table 1, Register of Major Risks, sets out the primary risks facing the Institute and assesses the threat to the agency based on management judgments regarding potential consequences of each risk.

Examples of the level of threat include:

  • High: consequences may be severe, significantly impacting the effectiveness, operations and/or reputation of TTI.
  • Medium: consequences may adversely affect the programs, operations and effectiveness of TTI.
  • Low: minor consequences for TTI.

Determining that a risk is acceptable does not imply that the risk is insignificant. A risk may be considered to be acceptable because the:

  • threat posed is assessed to be so low (for example, because the likelihood of occurrence is rare) that specific treatment is not necessary at the time it is assessed;
  • risk is such that TTI has no available treatment (for example, the risk of a change to particular research funding source might occur for reasons totally beyond the control of the agency);
  • cost of mitigating the risk is very high compared to the perceived benefit of successful treatment; and/or
  • opportunities presented outweigh the threats to such an extent that the risk is justified.

Treatment of risks involves deciding what management measures need to be put into place to minimize the threat posed by identified risks. Treatment options may include:

  • measures aimed at avoiding the risk;
  • measures to reduce the threat posed by the risk, either by reducing the likelihood of the risk and/or its consequences;
  • measures aimed at improving the capacity of TTI to address threats (such as reduced funding from any given sponsor);
  • transferring or lessening the threat by shifting management of the risk to another party (for example, System General Counsel);
  • accepting the risk without taking any action to avoid it, but monitoring the risk and ensuring that TTI has financial and other means to cover associated losses and/or disruptions; and
  • identifying a media spokesperson to address risk as needed.
Table 1. Register of Major Risks
Likelihood of Occurrence Consequence of Occurrence
High Medium Low
High
Medium
  • Decline in research funding from a major sponsor(s)
  • Inability to provide and maintain needed space and equipment
  • Reduction in legislative support
  • Deterioration in relationships with private consultants
  • Deterioration in relationship with TxDOT
  • Inability to recruit/retain high-quality staff
Low
  • Failure to perform quality research in a timely manner
  • Failure to comply with applicable federal and state laws, A&M System policies, regulations and procedures
  • Failure to have a strong Environmental, Health and Safety (EHS) Program
  • Failure to meet workforce diversity and/or HUB goals
  • Problems with Information Technology (IT) system as outlined in TTI’s Disaster Recovery Plan
  • Inability to adapt to changing contracting requirements
  • Inability to provide quality support services

Monitoring and control activities may include:

  • High Threat: Leadership Team develops a management/action plan along with monitoring and management oversight by the Agency Director and/or an Executive Associate Director.
  • Medium Threat: Leadership Team develops a management/action plan as necessary; ongoing monitoring and management of the risk by the relevant Associate/Assistant Director and reporting results to an Executive Associate Director.
  • Low Threat: ongoing monitoring by relevant staff with action as necessary and reporting results to an Executive Associate Director.

Appendix B: Risk Management Matrix

Appendix B contains TTI’s Risk Management Matrix (Table 2), essentially an action plan that prioritizes and analyzes the risks identified in Table 1 to determine required management action(s). The risk management matrix identifies procedures and responsibilities for the implementation of risk management strategies.

The Institute’s risk management matrix is in many ways an extension of the Institute’s imperatives and goals as set forth in the TTI Strategic Plan (Appendix C). Many of the risks facing the agency have associated goals in the strategic plan that will serve to help mitigate those risks.

For each risk the Institute faces, TTI will assess the likelihood and potential consequences of an adverse event, and prioritize each risk according to the level of the threat. Strategies will be determined for managing risks, devoting the greatest resources to the risks considered to present a high threat. The monitoring and control activities identified in the risk management matrix are the key outcomes of TTI’s Enterprise Risk Management process.

The Institute’s objective is to adopt best business practice in managing risks. Enterprise Risk Management is a continuous process, requiring awareness and proactive measures by all agency employees to identify and reduce the occurrence and impact of risks. Risk management standards involving risk identification and risk evaluation, which are then linked to practical and cost-effective risk control measures, will be regularly evaluated and reviewed by the Institute’s Leadership Team under the overall direction of an Executive Associate Director.

Table 2. FY 2010 Risk Matrix
Risk Desc. Threat Assess. Mitigation Activities Rel. to the TTI Strategic Plan Monitoring Activities Executive Mgmt. Reporting Process
Decline in research funding from a major sponsor(s) HIGH Diversify TTI’s research portfolio so that not more than 50 percent of total contract expenditures come from any single sponsor.

Develop and implement training that will increase awareness of TTI staff of available research opportunities.

Provide financial incentives for TTI staff to pursue new areas of research that will add to the diversification effort and increase sponsored research.

Develop and implement a TTI strategic marketing plan that will help leverage strengths in developing contract research.

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.3, 1.4, 2.5, 3.1 and 3.7 of the TTI Strategic Plan. Quarterly review of contract research revenues and sponsors by the Agency Director and the Leadership Team.

Develop, implement and monitor an institute-wide research diversification program.

Compacts directly between the Agency Director and Associate/ Assistant Directors that establish action plans for achieving improved diversification.

Conduct quarterly research development seminars on topics that assist researchers in diversifying research contracts.

Include research diversification as an element that is reviewed in annual performance evaluations.

 The Agency Director ensures review of monitoring activities in a timely manner.

The Executive Associate Director/ CFO maintains revenue and sponsor records for review by the Leadership Team on a regular basis.

Assistant/ Associate Directors are responsible for meeting the stipulations of compacts with the director for diversification efforts.

Appropriate staff is reviewed annually for performance regarding diversification of the research program.
Inability to provide and maintain needed space and equipment MEDIUM Recent construction of additional 66,754 square feet of office/ research space.

Develop and regularly review a list of critical TTI capital equipment needs and identify possible funding sources.

Define space enhancements needed to sustain the research program and identify funding sources.

Per the TTI Annual Capital Plan, Identify space needs for the next 3-5 years.

 Risk mitigation activities are also embedded in Goals 1.3 and 2.4 of the TTI Strategic Plan. Continuous assessment by the Leadership Team of needs for critical space and resources to support a growing, diversified program of research.

Regularly review critical equipment needs and match to potential sponsors or other potential funding sources.

 Periodic updates are provided to the Leadership Team by Facilities, Safety and Support Services on space requirements and the status of new and existing facilities.

The Leadership Team discusses critical equipment and space needs at regular meetings.
Reduction in legislative support HIGH Use timely reports and other quality information products to represent TTI with legislators.

Assess the quality and success of the TTI research program and use the information to supply to legislators.

Use highly credible TTI researchers as representatives of professional transportation expertise at state and national levels when interacting with legislators.

Ensure Texas Legislators are aware of the activities of TTI urban offices within their districts.

Actively engage the TTI Advisory Council in legislative activities.

Engage private industry contacts and partners in legislative interactions as appropriate.

 Risk mitigation activities are also embedded in Goals 1.1, 1.2. 1.3, 1.4, 1.5, 2.5, 3.1, 3.4 and 3.7 of the TTI Strategic Plan. Quality information and documents are provided to TTI legislative representatives in a timely manner (both federal and state).

The Leadership Team identifies and supports the use of well-respected researchers in solving issues of significance to legislators.

The urban offices provide regular updates to the Agency Director that can be used to provide Texas Legislators with specific news of TTI successes in a particular district.

The Agency Director provides regular updates to members of the TTI Council on TTI’s legislative activities.

 The Agency Director reports to the Leadership Team on a regular basis about legislative issues that affect transportation research.

The Agency Director and the Leadership Team receive periodic updates on legislative activities from the Texas A&M System leadership, federal legislative representative and the Engineering Program state legislative representative.

The Agency Director makes timely efforts to contact key legislators and their staff to discuss transportation research needs.
Inability to recruit/ retain high-quality staff HIGH Sustain the high quality of the TTI research program as a means of attracting top researchers and students.

Sustain the highly credible leadership role of TTI researchers at state and national levels to indicate the quality of TTI and its research.

Diversify the agency’s research portfolio to attract new opportunities for researchers and students.

Strengthen relationships with TTI’s academic partners.

Develop agency-wide leadership and professional development programs for all TTI staff.

Continue to enhance TTI’s Employee Awards Program.

Strengthen TTI’s research program through strategic hires as appropriate.

Foster close ties with academic leaders to promote TTI as a resource for producing continued generations of transportation professionals.

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.3, 2.1, 2.2, 2.3, 2.4, 2.5, , 3.3, 3.6 and 3.7 of the TTI Strategic Plan The Leadership Team monitors the personnel needs of the agency to sustain the research program.

The Leadership Team examines gaps in expertise and initiates strategic hires as appropriate.

TTI’s leadership development and management training programs are monitored and evaluated on an annual basis.

The Employee Awards Program is evaluated on a regular basis and changes are incorporated as appropriate.

The Leadership Team supports and monitors the hiring of qualified students in TTI programs.

 The Agency Director receives regular updates from the Leadership Team and Director of Human Resources on needs and issues related to staff recruitment and retention.

The recommendations from TTI’s biennial Higher Education Excellence Survey are implemented and evaluated.

The Agency Director supports and assists in hiring transportation faculty members at Texas A&M University as needed.
Failure to meet workforce diversity and/ or HUB goals MEDIUM Implement the objectives of TTI’s Workforce Diversity Plan and recommendations of the climate studies.

Support staffing diversity to achieve ranking in the upper half of the Texas A&M System agencies with headquarters in College Station.

Develop key relationships with minority-serving institutions to create a pipeline of transportation professionals.

Use the TTI urban offices as an integral part of effectively recruiting minority students to Texas A&M University and TTI.

Establish aggressive HUB goals for TTI.

 The risk mitigation activities are also embedded in Goals 1.3, 2.2, 2.3 and 3.2 of the TTI Strategic Plan. The Leadership Team monitors the implementation of the Workforce Diversity Plan and climate study recommendations.

The HUB Coordinator periodically submits HUB status reports to the Agency Director and Leadership Team.

One or more Leadership Team members are responsible for development of key relationships with minority-serving institutions.

The Leadership Team regularly monitors HUB goals and statistics.

The Leadership Team regularly monitors diversity goals and statistics.

 The Diversity Council periodically reports to the Leadership Team on opportunities to recruit highly qualified minorities to TTI.

Periodic reports are provided to the Leadership Team by the Diversity Council on diversity and goals and statistics.

The Leadership Team periodically discusses diversity needs, goals and statistics.

Periodic reports on HUB goals and statistics are presented to the Leadership Team by the HUB Coordinator.
Failure to perform quality research in a timely manner MEDIUM Regularly assess the quality of TTI’s research products.

Regularly engage TTI’s research sponsors in evaluating and providing feedback on TTI’s research products and customer service.

Provide high-quality support services to assist TTI staff in developing and performing project work.

Offer employee training to increase the awareness of the importance of customer service.

 Risk mitigation activities are also embedded in Goals 1.3, 1.4, 2.4, 2.5 and 3.1 of the TTI Strategic Plan. Maintain current project lists and monitor timelines to ensure timely documentation and reporting of project deliverables.

Report research sponsor feedback on research projects and customer service to TTI staff.

Review business processes on a regular basis and identify areas where support can be provided to researchers.

 The Leadership Team reviews sponsor feedback and discusses customer service to sponsors at regular intervals.

Discrepancies with project deliverables or sponsor complaints are assigned to a member of the Leadership Team for resolution.
Failure to have a strong Environmental, Health and Safety (EHS) Program MEDIUM Ensure appropriate state and laws and A&M System policies, regulations and procedures on EHS matters are in place and followed.

Ensure appropriate building and property safety mechanisms are in place.

Ensure TTI’s Pandemic Influenza Plan is in place and followed.

Implement TTI’s Alternate Work Location rule as appropriate.

 Risk mitigation activities are also embedded in Goal 2.4 of the TTI Strategic Plan. Facilities, Safety and Support Services coordinates compliance with all State laws and System policies, regulations and procedures in regard to EHS matters.

Facilities, Safety and Support Services monitors the Pandemic Influenza Plan to ensure the workplace health, safety and well-being of TTI employees, and mitigate disruption to TTI operations should an pandemic occur.

Periodic assessments of TTI work locations will be conducted to ensure tenets of the EHS program are being followed.

 Facilities, Safety and Support Services will provide updates to the Executive Associate Director/ CFO as needed, on any unresolved deficiencies in EHS matters.

The Executive Associate Director/ CFO of Director of Facilities, Safety and Support Services will bring deficiencies to the Leadership Team or the Agency Director for resolution as necessary.

If a pandemic threat is eminent, The Executive Associate/ CFO Director and the Director of TTI Facilities, Safety and Support Services will provide updates on the pandemic plan and related matters to the Leadership Team.

The Leadership Team will periodically discuss opportunities to improve EHS at TTI.
Deterioration in relationship with TxDOT MEDIUM Maintain close professional relationships with TxDOT leadership and staff.

Develop a process to ensure TxDOT district engineers, division managers and administration are contacted on a regular basis to assess their research needs.

Actively participate in TxDOT research and technical meetings.

 Risk mitigation activities are also embedded in Goals 1.2, 1.3, 1.4, 2.5, 3.1, and 3.7 of the TTI Strategic Plan. Quarterly reports are prepared to identify the amount and percentage of TxDOT-sponsored work in which TTI is participating.

Recommendations resulting from the regular contacts with TxDOT personnel are implemented.

The results of the TxDOT Survey Report are monitored and implemented as appropriate.

Decreases in TxDOT research expenditures are monitored for significant variations from year to year.

 The Executive Associate Director/ CFO reports to the Agency Director and the Leadership Team each quarter concerning TxDOT research expenditures.

The Leadership Team routinely discusses TxDOT relationships and ensures they are a high priority within the agency.
Deterioration in relationships with private consultants MEDIUM Maintain close professional relationships with private consultants from which to gather important information about consulting issues.

Maintain close, regular contact with the TTI Advisory Council.

Identify and consider the risks in areas where there may be a perception that TTI is competing with the private sector.

Adhere to the agreement between TTI and the Council of Engineering Companies (CEC).

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.3, 1.5, 2.5, 3.1, 3.5 and 3.7 of the TTI Strategic Plan. The TTI Advisory Council is consulted on an annual basis about issues pertaining to TTI’s relationships with private consultants.

Negative issues leading to the deterioration of a relationship with a private consultant are tracked to ensure adequate resolution.

 The Agency Director is informed when a complaint or other negative comment is received from a private consultant. The director may handle the complaint directly or assign a member of the Leadership Team to intervene in resolving issues.

Complaints not resolved will be discussed with the Agency Director as soon as possible to discuss mitigation needs.

The Leadership Team routinely discusses relationships with private consultants and ensures they are a high priority within the agency.
Inability to provide quality support services MEDIUM Benchmark the quality and effectiveness of TTI support services and look for ways to improve.

Evaluate TTI research management to enhance current systems and processes.

Develop and implement training seminars to increase the awareness of TTI staff about available support services.

Provide and maintain support services information and contacts on TTINet.

Encourage support services staff to participate in TTI’s Professional Development Program.

 Risk mitigation activities are also embedded in Goals 1.3, 1.4, 2.1 and 2.4 of the TTI Strategic Plan. The Leadership Team surveys TTI staff about the level and effectiveness of the support services they receive and implements recommendations as needed.

Information is developed and shared with staff about the support services available at TTI.

Feedback on the level of support services and additional needs is collected and reviewed.

 The Leadership Team periodically discusses service benchmarks, survey results and opportunities for improvement.

The recommendations from TTI’s biennial Higher Education Excellence Survey are implemented and evaluated.
Problems with Information Technology (IT) system as outlined in TTI’s Disaster Recovery Plan MEDIUM Network Information Systems maintains and updates security procedures and IT systems to enhance network security.

In the event of failure of any major hardware component, effective back-up systems are available to mitigate the risk.

Maintain effective back-up systems to mitigate negative impacts of equipment failure.

 Risk mitigation activities are also embedded Goal 2.4 of the TTI Strategic Plan. Network security is monitored for effectiveness and breaches of security on a constant basis.

New hardware and software requirements needed to maintain the integrity of the IT system are given adequate priority in cost considerations.

The Chief Information Officer and Director of Information Systems develops contingency plans to address IT security breaches, equipment failure and other IT risks.

 The Chief Information Officer and Director of Information Systems reports to the Executive Associate Director/ CFO and Agency Director regarding any breaches of network security or IT system failure.

IT needs are prioritized by the Leadership Team as warranted to maintain the integrity of the IT system.
Inability to adapt to changing contracting requirements MEDIUM TTI’s Research Development Office (RDO) adopts new standards and guidelines as needed by the agency to sustain its goals for growth and diversification.

RDO revises proposal and contracting functions to meet the needs of TTI’s sponsors as appropriate.

Maintain close communication with sponsors to ensure a cooperative approach to contracting requirements.

 Risk mitigation activities are also embedded in Goals 1.3, 2.4 and 3.1of the TTI Strategic Plan. RDO will monitor feedback from staff and researchers about the quality, timeliness and effectiveness of the TTI proposal process.

Contract mechanisms are adjusted to provide the best service to the sponsor and the researcher as appropriate.

 The Director of the Research Development Office will report to an Executive Associate Director and Agency Director concerning any needed changes in contracting requirements.

The Leadership Team will assist in determining if new proposal strategies and/ or contracting methods should be implemented to better serve TTI sponsors and researchers.
Failure to comply with applicable federal and state laws and A&M System policies, regulations and procedures HIGH Document and comply with all federal and state laws, and A&M System policies, regulations and procedures.

Maintain close contact with A&M System offices responsible for identification of new and existing state and federal laws, and System policies, regulations and procedures.

Clearly define responsibilities within the agency.

 Risk mitigation activities are also embedded in Goals 1.5, 2.1, 2.4, 3.2 and 3.4 of the TTI Strategic Plan. Appropriate TTI functional areas identify the appropriate laws, policies, regulations and procedures under which the agency operates and ensures compliance.

TTI rules and procedures are developed and maintained to comply with federal and state laws and System policies, regulations and procedures.

 An Executive Associate Director reports to the Agency Director on any deficiencies or reporting errors.

When necessary, discrepancies may be reported by an Executive Associate Director to the Leadership Team for options and resolution.

Appendix C: TTI Strategic Plan

The TTI Strategic Plan is designed to provide clear guidance for Institute decisions, primarily in a three- to five-year timeframe. The plan was originally completed in August 2007. The Agency Director appointed a Strategic Working Group in September 2008 to refine and update the plan.
Development of revisions to the Strategic Plan have fully considered the recommendations, actions, policies and processes presented in the EMR Plan. The implementation of the Strategic Plan is closely coordinated with the EMR Plan.