Skip to content

Enterprise Risk Management (ERM) Plan

Texas Transportation Institute
The Texas A&M University System
05/27/2008

The Texas Transportation Institute is an agency of the State of Texas and a member of The Texas A&M University System.

This document sets forth TTI's risk management plan and our strategy for enterprise risk management. This plan is intended to complement and expand upon the Institute's strategic plan. Both of these plans will be used together to guide TTI priorities and decisions. This document is intended to provide guidance on threat management over a 1- to 3-year timeframe and will be updated on a regular basis.

Introduction

Enterprise Risk Management (ERM) at the Texas Transportation Institute (TTI) is the systematic management of activities that involve a meaningful degree of risk to the Institute. The purpose of ERM is to ensure that risk identification, assessment and prevention are incorporated into the management oversight and processes of the Institute and to assist in identifying priorities set forth in TTI's strategic plan.

Enterprise risk management recognizes the fundamental importance of proper management of risks associated with the Institute's functions and activities. It also recognizes that Texas A&M University System Policy 24.01 and 24.01.01 require the Chief Executive Officer of the agency to manage, control, and, where appropriate, reduce or eliminate risk. Objectives of such a plan include: 1) helping to assure that TTI employees, students and visitors are protected from hazards; 2) protecting the Institute's financial condition and the ongoing viability of the research program; and 3) doing what is reasonable and necessary to help assure that TTI's facilities, equipment, and resources are protected.

Identification and prioritization of risks is an essential component of this plan. Mitigation strategies for high-threat risks are also set forth in the plan. The connection between the risk management plan and the strategic plan is presented and emphasized in the mitigation strategies. Development, implementation, and monitoring of the agency's risk management plan accomplish the objectives and purposes described above.

This risk management plan includes the following appendices.

  • Appendix A contains the Texas Transportation Institute's policy on enterprise risk management and details the manner in which the Institute has determined the threat-level of a risk to the Agency. Table 1, Register of Major Risks, sets out the risks facing the Institute and assesses the threat to the agency based on management judgments regarding the likelihood and potential consequences of each risk.
  • Appendix B contains TTI's Risk Management Matrix, an action plan which analyzes and prioritizes the risks identified in the register to determine required management action(s).
  • Appendix C is the TTI Strategic Plan. The Risk Management and Strategic Plans support and complement each other.

Risks to functions and activities can emanate from both internal and external sources. Risks can include issues such as sponsor dissatisfaction, adverse publicity, physical safety and security of employees, low performing management and staff, equipment or computer failure, legal and contractual matters, and fraud. Some, such as available sponsor funding for research, may be beyond the control of TTI, although the Institute needs to prepare for such contingencies. Others can be directly controlled by TTI management.

It is not possible to perform our mission and have anything approaching a risk-free environment. Many decisions involve managing risks according to the Institute's assessment of what constitutes an acceptable level of risk, and judgments about the costs and benefits of alternative courses of action.

TTI's objectives in adopting enterprise risk management include ensuring that: 1) the major risks faced by TTI are identified, prioritized, understood and appropriately managed; 2) TTI's planning and operational processes include awareness of areas where risk management is needed; and 3) an environment exists where all TTI staff assumes responsibility for identifying and managing risk within their area of the Institute with required management oversight and control.

Beneficial Outcomes of Risk Management

Risk management should be an integral tool used by management in leading TTI and planning for our future. It is critical to the overall performance of the agency. Appropriate risk management policies and practices minimize TTI's exposure to the consequences of a range of possible adverse events. Such potential risks are numerous, with the following representing the range of risks faced by a contract research organization that is also a state agency and a member of The Texas A&M University System: 1) reductions in funding available to TTI through any of a number of sources; 2) damage to equipment or facilities; 3) poor management oversight that results in adverse audits or violations of procedures, regulations and/or laws; 3) inability to attract and retain quality staff; 4) inability to maintain a viable, ongoing program of research; and 5) inability to provide the facilities and equipment needed to perform cutting-edge research.

The risk management process at TTI encompasses the systematic application of management policies and appropriate written procedures and practices to identify, analyze, evaluate, monitor and minimize risk.

The implementation of an integrated and rigorous approach to risk management:

  • increases the chances of avoiding costly and unacceptable outcomes, particularly those arising from unexpected events;
  • provides a better understanding of TTI operations and functions, and supports continuous improvement in the agency's operations;
  • helps maintain high staff morale;
  • provides a reporting framework to assist with meeting System and/or State requirements; and
  • allows for a more structured, accountable, and useful strategic plan.

Risk Management Policy and Process

The Institute's risk management plan is a critical component of our vision, mission and goals and our strategic objectives (as set forth in our Strategic Plan). The plan takes into account the Institute's size and the nature of its operations, and recognizes that TTI is a state agency that is operated under the oversight of both the Texas legislature and The Texas A&M University System Board of Regents.

TTI faces a range of potential risks that may affect:

  • our reputation, and/or that of our research staff and/or stakeholders in regard elements such as the quality of research, and the information, advice, and recommendations that research provides;
  • our performance as measured against strategic priorities, and the achievement of critical milestones;
  • the integrity of our decisions and processes, such as our reputation as an unbiased and independent research organization;
  • the safety, security, and health of our employees; and
  • relationships and/or contracts with our sponsors, which may create additional financial or obligatory risks.

For each risk the Institute faces, TTI has assessed the likelihood and potential consequences of an adverse event, and has prioritized each category of risk according to the level of threat facing the agency. We have then determined strategies for managing risks, devoting the greatest resources to the risks considered to present a high threat. (Appendix A, Table 1, identifies the potential risks facing TTI and assesses and prioritizes the level of threat posed by each risk. Appendix B then provides an action plan matrix for managing the identified risks.)

All TTI employees are expected to contribute to minimizing risk, and it is the responsibility of management to assure that employees are aware of TTI's expectations.

  • Members of the Leadership Team are responsible for ensuring that the risk management processes and controls identified in the risk management plan are built into the strategic and operational planning of all parts of the Institute.
  • An Executive Associate Director is responsible for coordinating the implementation of the risk management plan and reporting on implementation and progress to the Agency Director.
  • Associate Directors, Assistant Directors, Division Heads, Center Directors, and Program Managers are responsible for overseeing the implementation of processes relevant to their part of the Institute, including ensuring that staff understand the risk management plan and implement the necessary requirements and strategies. Associate and Assistant Directors are also responsible for providing feedback on implementation to an Executive Associate Director.

Outcomes

The key outcomes expected from enterprise risk management are the monitoring and control activities identified in the Risk Management Matrix (see Appendix B). These actions are reviewed and updated on a regular basis under the direction of an Executive Associate Director. To ensure effective achievement of this process, TTI will:

  • train managers and employees about enterprise risk management and procedures as appropriate;
  • monitor performance against the management action plan and report to the Agency Director as necessary;
  • monitor the risks associated with individual sponsors and research projects, and ensure that management of risks is built into contracts as appropriate;
  • incorporate consideration of risk management performance into the performance assessment of Division Heads, Center Directors, Program Managers, and the Leadership Team;
  • consider performance pertaining to the risk management plan during any internal audit program;
  • include risk management awareness in orientation briefings for new staff; and
  • ensure the risk management plan, any changes to the plan, and related information are provided to the TAMU System as required by System rules and/or state guidelines.

The costs of implementing the Risk Management Plan are predominantly staff time, particularly that of the Agency Director and an Executive Associate Director, with support and input from the Leadership Team (consists of an Executive Associate Director, Associate Directors and Assistant Directors, all directly reporting to the Agency Director). There is expected to be a net benefit from the operation of the plan by reducing agency costs caused as a result of many possible events, including:

  • staff time lost as a result of adverse events;
  • litigation;
  • replacement of lost equipment and other resources;
  • possible loss in contract research; and
  • decreased productivity due to the adverse impacts of risk not properly addressed and managed.

There should be other gains, such as benefits from better prioritization of strategic initiatives, better preparedness and information-gathering as pertains to the legislature, the TAMUS Board of Regents, and other key stakeholders, and improved employee morale as a result of better oversight and information-sharing within the Institute.

Review and Update of Risk Management Plan

The Risk Management Plan will be reviewed and updated on a regular basis by an Executive Associate Director and approved by the Agency Director of TTI.

Risk Management Policy

The Texas Transportation Institute is committed to the management of risk in order to protect our:

  • research sponsors and other key stakeholders;
  • employees and their skills;
  • quality of research and service;
  • assets, including intellectual property;
  • contractual and statutory obligations;
  • image and reputation; and
  • commitment to state government and the people of Texas.

The agency's Risk Management Plan is designed to assist the Agency Director, the Leadership Team, and all employees to develop skills in dealing with, and understanding, risk management. The main elements of the plan include:

  • development and use of risk management standards;
  • assessment and prioritization of risks on a continuing basis;
  • reporting regularly to the A&M System regarding TTI risk and compliance with TAMUS risk management policies; and
  • education and training of staff about risk management as appropriate.

Enterprise risk management is a critical element of improving TTI's business processes and services. The agency's goal is to adopt best practice in managing risks. To achieve this goal, risk management standards involving risk identification and risk evaluation linked to practical and cost-effective risk monitoring and control measures need to be in place and regularly evaluated and reviewed. Risk management is a continuous process, requiring awareness and proactive measures by all agency employees to reduce the occurrence and impact of risks. Risk management should be an integral part of the Institute's business processes.

Staff Roles and Responsibilities

Agency Director
  • Oversee the development and implementation of the Risk Management Plan;
  • Ensure the ongoing review of risks and update the risk register as needed;
  • Encourage a management climate which is aware of, and supports, risk management; and
  • Oversee development of processes to define and deal with new risks.
An Executive Associate Director
  • Coordinate on an ongoing basis the implementation of the Risk Management Plan;
  • Review the risk register on a regular basis and report to the Agency Director on recommended changes;
  • Regularly convene the Leadership Team to discuss the risk register and necessary changes to that register; and
  • Develop and implement risk management procedures and training as needed.
Associate/Assistant Directors
  • Ensure that risk management controls and processes are included in all planning and research;
  • Encourage an organizational climate that supports risk management;
  • Ensure that employees understand the importance and consequences of risk management issues in their immediate work areas and to TTI overall;
  • Identify any new risks and report them to an Executive Associate Director.
Chief Information Officer/Director of Information Systems
  • Ensure that all systems are adequately backed up;
  • Ensure the Disaster Recovery Plan is updated and tested on an annual basis;
  • Ensure that all employees have complete IT security awareness training;
  • Work with the Leadership Team to ensure that adequate investment is made to enable restoration of critical systems in a timely manner.
Researchers and Staff
  • Identify any new risks and report them to their immediate supervisor;
  • Assist in development and implementation of processes to mitigate risk; and
  • Adapt the risk management plan to immediate work areas and processes wherever possible.

Appendix A: Risk Analysis at TTI

This appendix provides background about how the risks facing TTI are prioritized on the basis of potential overall threat that each risk poses to the Institute. TTI has estimated the potential threat posed by each category of risk on the basis of the likelihood of occurrence of the risk (frequency or probability) and the expected consequences (impact or magnitude) using the overall knowledge and judgment of the Institute's Leadership Team. Table 1, Register of Major Risks, sets out the primary risks facing the Institute and assesses the threat to the agency based on management judgments regarding the likelihood and potential consequences of each risk.

Examples of the level of threat include:

  • High: consequences may be severe, significantly impacting the effectiveness, operations, and/or reputation of TTI.
  • Medium: consequences may adversely affect the programs, operations, and effectiveness of TTI.
  • Low: minor consequences for TTI.

Determining that a risk is acceptable does not imply that the risk is insignificant. A risk may be considered to be acceptable because the:

  • threat posed is assessed to be so low (for example because the likelihood of occurrence is rare) that specific treatment is not necessary at the time it is assessed;
  • risk is such that TTI has no available treatment (for example, the risk of a change to particular research funding source might occur for reasons totally beyond the control of the agency);
  • cost of mitigating the risk is very high compared to the perceived benefit of successful treatment; and/or
  • opportunities presented outweigh the threats to such an extent that the risk is justified.

Treatment involves deciding what management measures need to be put in place to minimize the threat posed by identified risks. Treatment options may include:

  • measures aimed at avoiding the risk;
  • measures to reduce the threat posed by the risk, either by reducing the likelihood of the risk and/or its consequences;
  • measures aimed at improving the capacity of TTI to deal with threats (such as reduced funding from any given sponsor);
  • transferring or lessening the threat by shifting management of the risk to another party (for example, System General Counsel); and
  • accepting the risk without taking any action to avoid it, but monitoring the risk and ensuring that TTI has financial and other means to cover associated losses and/or disruptions.
Texas Transportation Institute
Table 1. Register of Major Risks
Likelihood of Occurrence Consequence of Occurrence
High Medium Low
High empty cell empty cell empty cell
Medium
  • Decline in research funding from major sponsor(s)
  • Inability to provide and maintain needed space and equipment
  • Reduction in legislative support
  • Inability to recruit high-quality staff
  • Failure to develop and fully implement an Environmental, Health and Safety (EHS) Program
  • Deterioration of relationship with private consultants
 empty cell
Low
  • Failure to meet diversity and/or HUB goals
  • Failure to perform quality research in a timely manner
  • Failure to comply with applicable laws, rules, procedures and regulations
  • Significant deterioration in relationship with TxDOT
  • Problems with IT system (e.g., security breach, major equipment failure, etc.)
  • Inability to adapt to changing contracting requirements
  • Inability to provide quality support services
 empty cell

Monitoring and control activities may include:

  • High Threat: Leadership Team develops a management/action plan along with monitoring and management oversight by the Director and/or an Executive Associate Director.
  • Medium Threat: Leadership Team develops a management/action plan as necessary; ongoing monitoring and management of the risk by the relevant Associate/Assistant Director and reporting results to an Executive Associate Director.
  • Low Threat: ongoing monitoring by relevant staff with action as necessary and reporting results to an Executive Associate Director.

Appendix B: Risk Management Matrix

This appendix contains TTI's Risk Management Matrix (Table 2), essentially an action plan that prioritizes and analyzes the risks identified in Table 1 to determine required management action(s). The risk management matrix identifies procedures and responsibilities for the implementation of risk management strategies.

The Institute's risk management matrix is in many ways an extension of our strategic goals, strategies and objectives (as set forth in our Strategic Plan – Appendix C). Many of the risks facing the agency have associated goals in the TTI strategic plan that will serve to help mitigate those risks.

For each risk the Institute faces, TTI will assess the likelihood and potential consequences of an adverse event, and prioritize each risk according to the level of the threat. We then determine strategies for managing risks, devoting the greatest resources to the risks considered to present a high threat. The monitoring and control activities identified in the risk management matrix are the key outcomes of our ERM process.

The agency's goal is to adopt best business practice in managing risks. Enterprise Risk Management is a continuous process, requiring awareness and proactive measures by all agency employees to reduce the occurrence and impact of risks. Risk management standards involving risk identification and risk evaluation which are then linked to practical and cost-effective risk control measures will be regularly evaluated and reviewed by the agency's leadership team under the overall direction of an Executive Associate Director.

Texas Transportation Institute
Table 2. FY 2008 Risk Matrix
Risk Description Mitigation Activities Relationship to the TTI Strategic Plan Monitoring Activities Executive Management Reporting Process
Decline in research funding from a major sponsor(s)

1) Increase contract research expenditures by at least 4-5% per year.

2) Diversify TTI's research portfolio so that not more than 50 percent of total contract expenditures come from any single sponsor.

3) Develop and implement training that will increase awareness of TTI staff of available research opportunities.

4) Provide financial incentives for TTI staff to pursue new areas of research that will add to the diversification effort and increase sponsored research.

5) Develop and implement a TTI strategic marketing plan that will help leverage strengths in developing contract research.

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 3.2, 3.4, 3.5 and 4.2 of the TTI Strategic Plan.

1) Quarterly review of contract research revenues and sponsors by the Director and the TTI Leadership Team.

2) Establish compacts directly between the Director and Associate/ Assistant Directors that establish action plans for achieving improved diversification across the agency.

3) Modify performance evaluations to reflect research diversification as an element that is reviewed annually.

1) The Agency Director ensures review of monitoring activities in a timely manner.

2) An Executive Associate Director maintains revenue and sponsor records for review by the Leadership Team on a regular basis.

3) Assistant/ Associate Directors are responsible for meeting the stipulations of compacts with the director for diversification efforts.

4) Appropriate staff are reviewed annually for performance in regard to diversification of the research program.
Inability to provide and maintain needed space and equipment

1) Supervise construction of additional 66,000 square feet of office/ research space.

2) Develop and regularly review a list of critical TTI capital equipment needs and identify possible funding sources.

3) Define existing-space enhancements needed to sustain the research program and identify funding sources.

4) Identify space needs for the next 3-5 years.

 Risk mitigation activities are also embedded in Goals 1.1, 1.3, 1.4, 1.5, 1.6, 2.1, 3.1, 3.2, 3.4, 3.5 and 6.1 of the TTI Strategic Plan.

1) Continuous assessment by the Leadership Team of needs for critical resources to support a growing, diversified program of research.

2) Maintain and track a schedule of new building construction milestones.

3) Regularly review critical equipment needs and match to potential sponsors or other potential funding sources.

1) Periodic updates are provided to the Leadership Team by TTI Facilities & Support Services on space requirements and the status of new and existing facilities.

2) The Leadership Team discusses critical equipment and space needs at regular meetings.
Reduction in legislative support

1) Benchmark the quality and success of the TTI research program and use the information to supply to legislators and key sponsors.

2) Use highly credible TTI researchers as representatives of professional transportation expertise at state and national levels when presenting to legislators.

3) Use timely reports and other quality information products to represent the activities of TTI before legislators.

4) Ensure Texas legislators are aware of the activities of TTI Urban Offices within their districts.

5) Actively engage the TTI Advisory Council in legislative activities.

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 2.1, 2.2, 2.6, 3.1, 3.2, 4.2 and 6.2 of the TTI Strategic Plan.

1) Quality information and documents are provided to TTI legislative represen-tatives in a timely manner (both Federal and State).

2) The Leadership Team identifies and supports the use of well-respected TTI researchers in solving issues of significance to legislators.

3) The TTI Urban Offices provide regular reports to the Director that can be used to provide Texas legislators with specific news of TTI successes in a particular district.

1) The Director reports to the Leadership Team on a regular basis about legislative issues that affect transportation research.

2) The Director and the Leadership Team receive periodic updates on legislative activities from the TAMU System Federal legislative representative and the Engineering Program State legislative representative.

3) The Director makes timely efforts to contact key legislators and commissioners to discuss transportation research needs.
Inability to recruit high-quality staff

1) Sustain the high quality of the TTI research program as a means of attracting top researchers and students.

2) Sustain the highly credible leadership role of TTI researchers at state and national levels to indicate the quality of TTI and its research.

3) Utilize quality marketing materials as a recruiting tool that reflects on the professionalism and credibility of the agency.

4) Diversify the agency's research portfolio as an attraction to new opportunities for researchers and students

5) Foster close ties with academic leaders to promote TTI as a resource for a new generation of transportation professionals.

6) Develop the diversity of the TTI workforce.

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.3, 1.4, 1.5, 2.2, 2.3, 2.4, 3.2, 3.4, 3.5, 4.1, 5.1, 6.1 and 6.2 of the TTI Strategic Plan.

1) The Leadership Team monitors the personnel needs of the agency to sustain the research program.

2) The Leadership Team ensures that recruiting high-quality researchers is a key audience for new TTI marketing materials.

1) The Leadership Team periodically will discuss current recruitment issues and opportunities.

2) The TTI Diversity Council will periodically report to the Leadership Team on opportunities available to recruit highly-qualified minorities at TTI.

3) When necessary, urgent recruiting needs will be brought immediately to the Leadership Team for resolution.
Failure to meet diversity and/ or HUB goals

1) Establish a TTI Diversity Council to lead the effort to improve diversity and to write a TTI diversity plan.

2) TTI Urban Offices are used as an integral part of effectively recruiting minority students to Texas A&M University and TTI.

3) Establish aggressive HUB goals for TTI

 The risk mitigation activities are also embedded in Goals 1.4, 1.5 and 6.2 of the TTI Strategic Plan.

1) The TTI Diversity Council develops a TTI diversity plan and establishes methods for creating new opportunities for minorities.

2) The HUB Coordinator periodically submits HUB status reports to the Director and Leadership Team.

3) The Leadership Team regularly monitors HUB goals and statistics.

4) The Leadership Team regularly monitors diversity goals and statistics.

1) Periodic reports are provided to the Leadership Team by TTI Diversity Council on diversity and goals and statistics.

2) The Leadership Team periodically discusses diversity needs, goals and statistics.

3) Periodic reports on HUB goals and statistics are presented to the Leadership Team by the HUB Coordinator.
Failure to perform quality research in a timely manner

1) Identify leaders that are sponsor- and service-oriented to mentor staff.

2) Provide high-quality support services to assist staff in developing and performing project work.

3) Develop and implement training seminars to increase the awareness of TTI employees about the importance of customer service.

 Risk mitigation activities are also embedded in Goals 1.1, 1.4, 1.5, 2.3, 2.5, 2.6, 4.2, 5.1, 6.1 and 6.2 of the TTI Strategic Plan.

1) Maintain current project lists and monitor timelines to ensure timely documentation and reporting of project deliverables.

2) Review business processes on a regular basis and identify areas where support can be provided to researchers.

1) The Leadership Team discusses customer service to sponsors at regular intervals.

2) Discrepancies with project deliverables or sponsor complaints are assigned to a member of the Leadership Team for resolution.
Failure to develop and fully implement an Environmental, Health and Safety (EHS) Program

1) Ensure appropriate State and System laws, rules and regulations are in place and adhered to.

2) Ensure appropriate building and property safety mechanisms are in place.

3) Follow established System procedures for developing and implementing an EHS program for TTI.

 Risk mitigation activities are also embedded in Goals 1.1, 2.1 and 6.1 of the TTI Strategic Plan.

1) TTI Facilities, Safety and Support Services coordinates compliance with all State and System laws, rules and regulations in regard to EHS matters.

2) Periodic assessments of TTI work locations will be conducted to ensure tenets of the EHS program are being followed.

1) TTI Facilities, Safety and Support Services will provide updates to the Executive Associate Director, as needed, on any unresolved deficiencies in EHS matters.

2) The Executive Associate Director will bring deficiencies to the Leadership Team or the Agency Director for resolution as necessary.

3) The Leadership Team will periodically discuss opportunities to improve EHS at TTI.
Failure to comply with applicable laws, rules, procedures and regulations

1) Document and comply with all Federal, State, and System laws, rules, and regulations.

2) Maintain close contact with System offices responsible for identification of new and existing laws, rules, policies and regulations.

3) Clearly define responsibilities within the agency.

 Risk mitigation activities are also embedded in Goals 1.1, 1.3, 1.4, 2.1, 4.1, 5.1 and 6.1 of the TTI Strategic Plan.

1) TTI's Business Office identifies the appropriate laws, rules, and regulations under which the agency operates and ensures compliance.

1) The Executive Associate Director reports to the Agency Director on any deficiencies or reporting errors.

2) When necessary, discrepancies may be reported by the Executive Associate Director to the Leadership Team for options and resolution.
Significant deterioration in relationship with TxDOT

1) Maintain close professional relationships with TxDOT leadership.

2) Maintain close, regular contact with the Texas Transportation Commission.

3) Identify marketing goals and business development targets for TTI that recognize the importance of TxDOT as a sponsor.

 Risk mitigation activities are also embedded in Goals 1.1, 1.3, 1.6, 2.3, 6.1 and 6.2 of the TTI Strategic Plan.

1) Quarterly reports are prepared to identify the amount and percentage of TxDOT-sponsored work in which TTI is participating.

2) Decreases in TxDOT research expenditures are monitored for significant variations from year to year.

1) The TTI Financial Officer reports to the Agency Director and the Leadership Team each quarter concerning TxDOT research expenditures.

2) The Leadership Team ensures that TxDOT relationships are maintained as a high priority within the agency.
Deterioration of relationship with private consultants

1) Maintain close professional relationships with private consultants from which to gather important information about consulting issues.

2) Maintain close, regular contact with the TTI Advisory Council.

3) Identify and consider the risk in areas where there may be a perception that TTI is competing with the private sector.

4) Adhere to the agreement between TTI and the Council of Engineering Companies (CEC).

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.3, 2.1, 2.6 and 6.2 of the TTI Strategic Plan.

1) The TTI Advisory Council is consulted on an annual basis about issues pertaining to TTI's relationships with private consultants.

2) Negative issues leading to the deterioration of a relationship with a private consultant are tracked to ensure adequate resolution.

1) The Agency Director is informed when a complaint or other negative comment is received by a private consultant. The director may handle the complaint directly or assign a member of the Leadership Team to intervene in resolving issues.

2) Complaints not resolved will be discussed with the Director as soon as possible to discuss mitigation needs.
Inability to provide quality support services

1) Benchmark the quality and effectiveness of TTI support services and look for ways to improve.

2) Develop TTI marketing goals and strategies to effectively focus and utilize the agency's communications assets.

3) Develop and implement training seminars to increase the awareness of TTI staff about available support services.

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.4, 1.5, 1.6, 2.3, 2.7, 4.1, 5.1, 6.1 and 6.2 of the TTI Strategic Plan.

1) The Leadership Team surveys TTI staff about the level and effectiveness of the support services they receive.

2) Promotional information is developed and shared with staff about the support services available at TTI.

3) Feedback on training and the level of support services is collected and reviewed.

1) The Leadership Team will periodically discuss service benchmarks as well as opportunities for improvement.
Problems with Information Technology (IT) system (e.g., security breach, major equipment failure, etc.)

1) TTI's Network Information Systems maintains and updates security procedures and IT systems to enhance network security.

2) In the event of failure of any major hardware component, effective back-up systems are available to mitigate the risk.

3) Access to software and other intellectual property is carefully tracked and documented.

 Risk mitigation activities are also embedded in Goals 1.1, 1.4, 1.5, 2.1, and 6.1 of the TTI Strategic Plan.

1) Network security is monitored for effectiveness and breaches of security on a constant basis.

2) New hardware and software requirements needed to maintain the integrity of the IT system are given adequate priority in cost considerations.

1) The Director of Network Information Systems (NIS) will report to the Executive Associate Director and Agency Director regarding any breach of network security or IT system failure.

2) IT needs are prioritized by the Leadership Team as warranted to maintain the integrity of the IT system.
Inability to adapt to changing contracting requirements

1) TTI's Research Development Office (RDO) adopts new standards and guidelines as needed by the agency to sustain its goals for growth and diversification.

2) RDO revises proposal and contracting functions to meet the needs of TTI's sponsors.

 Risk mitigation activities are also embedded in Goals 1.1, 1.2, 1.4, 2.1, 2.7, 3.1, 3.2, 4.2, 6.1 and 6.2 of the TTI Strategic Plan.

1) RDO will monitor feedback from staff and researchers about the quality, timeliness, and effectiveness of the TTI proposal process.

2) Contract mechanisms are adjusted to provide the best service to the sponsor and the researcher.

1) The Director of the Research Development Office will report to the Executive Associate Director and Agency Director concerning any needed changes in contracting requirements.

2) The Leadership Team will assist in determining whether new proposal and or contracting methods should be implemented to better server TTI sponsors.

Information About: