1.0 PURPOSE

To correct areas of non-compliance discovered through detailed audits of the Compliance Inventory or substantiated by an investigation, the University will adhere to the requirements of the corrective action plan.

2.0 POLICY

2.1 Policy Statement

1. Alleged non-compliant activities may be reported through several channels. The University will maintain a hotline (callers may remain anonymous) for reporting allegations of non-compliance. Employees and students may also use specific University policies and procedures to report allegations of non-compliance. All reports will be logged, assessed and, if necessary, investigated.
2. Investigations that are substantiated will be reported through the Audit Committee to the President as “findings”.
3. Findings may also be generated:
• As the result of an audit (internal or external);
• As the result of a random review of the Compliance Inventory.
4. Whenever findings are reported, the Executive Administrator responsible for the compliance area will be  required to  file a corrective action report through the Compliance Coordinator.

2.2 Definitions

1. Finding – A documented item of non-compliance identified and corroborated:
• During an audit and submitted to the President through the Audit Committee.
• Subsequent to an investigation and reported to the appropriate level of administration and the Audit Committee.
2. Corrective Action Report – a documented item that delineates steps to be taken to correct a deficiency  within a compliance area or an individual’s behavior as identified in a finding; may remedy an isolated  instance, correct an employee, or modify a University policy.

2.3 Reporting Non-Compliance

Alleged instances of non-compliance can be reported three (3) ways:

1. Employee or student concerns about compliance may be reported verbally or in writing, in person or via the  hotline, by name or anonymously. Direct reports may be filed per the requirements of written University  policies, in person to the Compliance Officer, an individual’s superior or a member of the Executive  Committee. Reports may also be placed on the “hotline” as noted in the Human Resource Policies on the HR  website (Whistleblower Policy). Depending upon the nature of the concern, the individual may be required  to generate a written report prior to investigation. See the relevant policy for the appropriate action.
2. A scheduled audit of a compliance area will generate findings of non-compliance. All findings must be  corroborated with data and documented. Findings will be submitted to the Executive Administrator  responsible for the compliance area through the Executive Committee by the Compliance Coordinator.
3. The Administrator responsible for the compliance area or the Compliance Team may conduct a random  audit of the Compliance Inventory and, due to a revision in a regulation, policy or requirement, generate a  Finding necessitating a corrective action.

2.4 Investigating Non-Compliance

Whenever a report of alleged non-compliance is received through 2.3 above, the Compliance Coordinator, in communication with legal counsel, will determine where there is reasonable cause to believe that a compliance issue may exist. Due diligence will be taken if preliminary discussion indicates that a problem exists and the responsibility for conducting the investigation will be determined on a case-by-case basis. All University employees are expected to cooperate fully with an investigation and efforts will be made to maintain confidentiality during the investigation process and with the subsequent findings; however, confidentiality cannot be guaranteed.

2.5 Tracking Non-Compliance

1. Individual compliance areas will maintain a log of all instances of non-compliance reported through their area policies and procedures per 2.3 above. These will be submitted quarterly to the Compliance  Coordinator who will categorize them by severity – minor infraction or serious infraction – and report  serious infractions through the Audit Committee to the President.
2. The Compliance Coordinator will maintain a log of Findings obtained through a scheduled or random audit and categorize them by severity – minor infraction or serious infraction – and report serious  infractions to the President through the Audit Committee member assigned to University compliance.
3. Serious infractions and Findings will be reviewed with the University’s legal counsel and the nature of the  infraction, the investigation and the possible corrective actions will be considered on a case-by-case basis  and protected as attorney – client privilege.  All findings will be deemed “restricted” information unless changed by counsel or the Board and Audit Committee.

2.6 Corrective Actions

1. Whenever a finding is reported in response to an investigation per 2.3-a above, the Compliance Coordinator shall have the responsibility, after consultation with legal counsel, to take or direct appropriate responses. Corrective actions with employees will be according to Human Resource policies (Corrective Action). Employees may be subject to disciplinary actions, up to and including termination, for non-compliance with University policies or procedures.
2. Whenever a finding is reported in response to a scheduled or random audit, and the Executive Administrator  responsible for the  compliance area prepares a corrective action report, the Compliance Coordinator shall  have the responsibility, in cooperation with the Administrator and legal counsel, to take or direct  appropriate action as directed by the corrective action report.
3. All corrective actions will be designed to prohibit recurrence of the specific issue or similar issues.

2.7 Retaliation

Employees’s who, in good faith, report an alleged instance of non-compliance, discover non-compliance during an audit and document it as a Finding, or are questioned as part of an investigation or audit, will not be subjected to retaliation or harassment for their participation in the compliance program. Any and all concerns of retaliation or harassment must be reported to the Compliance Coordinator.

2.8 Authorization

The authorization for this policy emanates from the Wheeling Jesuit University Board of Directors; it cannot be changed or modified absent the express written consent of the Audit Committee.

3.0 ATTACHMENTS

Internal Audit Findings Template

Investigation Findings Template