Skip navigation

Compliance & Records Management


Working with risk owners, Compliance conducts risk assessments of University business operations to ensure that legal requirements are followed.  In addition, we manage several University policies related to ethical behavior and corporate governance.

How We Can Help - RiSk Assessments

We can work with your business unit to conduct a compliance risk assessment.  A compliance risk is generally a legal requirement that an outside party (typically a unit of government) imposes on the University, such as FERPA or the Higher Education Opportunity Act, which are both federal laws. A risk owner is the business unit that is responsible for managing, monitoring, and controlling processes to comply with the legal requirement, even though the requirement might also apply elsewhere at the University. The owner is usually the business unit that is in the best position to understand and implement processes to keep the University in compliance.

A compliance risk assessment:

  • Helps identify situations where the University may not be in full compliance with a law.
  • Documents procedures (or the absence of procedures) for following laws.
  • Allows the University to be more proactive and forward-looking - by ensuring compliance now, we can reduce surprises and associated costs (such as regulatory fines) later.

University Polices Managed by Compliance

We also manage the following University policies:

  • Code of Business Conduct - The Code serves as a guide of appropriate business behavior for trustees, officers, faculty, and staff of the University of Denver.
  • Conflicts of Commitment and Interest - The policy limits opportunities for interference in University business decisions by the personal interests of trustees, officers, faculty, and staff.
  • Corporate Governance and Responsibility - The policy adopts emerging best practices in Corporate Governance and Responsibility in the following areas: Auditor Independence; Trustees, Senior Management, and Other Employees; the Audit Committee; and Document Retention and Periodic Destruction.

We can answer any questions you might have about these policies.  In addition, please let us know if you have any suggestions for change in any of these policies.