MENU

Internal Audit and Enterprise Risk Management

Enterprise Risk Management: Purpose and Goals

The Office of Internal Audit and Enterprise Risk Management (ERM) is committed to supporting Florida Tech’s mission by promoting accountability, transparency, and continuous improvement. Through independent assurance and advisory services, we help the university manage risks, strengthen internal controls, and enhance operational effectiveness.

The Office of Internal Audit and ERM serves as an independent function reporting to senior leadership and the Board of Trustees. It provides objective evaluations of university operations and collaborates with departments to improve compliance, efficiency, and strategic risk management.

The office is responsible for developing and implementing Florida Tech’s ERM framework and conducting audits across various domains. Our work has helped departments improve compliance, streamline operations, and make informed decisions that support long-term success.

Contact Information

Mandeep Mishra, CPA, MAcc
Director of Internal Audit & Enterprise Risk Management

The Office of Internal Audit and Enterprise Risk Management (ERM) at Florida Tech operates as an independent function within the university’s administrative framework. The office reports directly to the Vice President for Administration and Finance & Chief Financial Officer and maintains functional independence through direct access to the President and the Audit and ERM Committee of the Board of Trustees.

This reporting structure ensures objectivity and transparency in audit and risk management activities, enabling the office to provide unbiased assurance and advisory services across all university operations.

Overview

Internal Audit at Florida Tech provides independent, objective assurance and consulting services designed to add value and improve university operations. The office helps the institution accomplish its objectives by evaluating and improving the effectiveness of risk management, control, and governance processes.

Annual Audit Plan

Each fiscal year, an Annual Audit Plan is developed to outline scheduled audits. This plan is informed by a risk-based assessment and is shared with senior leadership and the Audit and ERM Committee of the Board of Trustees. Leadership and the Board may also request audits throughout the year, which are reviewed and considered for inclusion in the plan based on priority and available resources.

Types of Audits

  • Compliance Audits
    Ensure adherence to applicable laws, regulations, policies, and procedures.
  • Operational Audits
    Assess the efficiency and effectiveness of business processes and operations.
  • Financial Audits
    Review financial transactions and records for accuracy, completeness, and integrity.
  • Information Technology Audits
    Evaluate IT systems, data security, and technology-related controls.

Purpose and Approach

Florida Tech’s Enterprise Risk Management (ERM) program is designed to proactively identify, assess, and manage risks that could impact the university’s ability to achieve its strategic and operational objectives. The ERM framework promotes a culture of informed decision-making, accountability, and resilience across all levels of the institution.

Integration and Collaboration

Led by the Office of Internal Audit and ERM, the program integrates risk management into university planning, operations, and governance. It encourages collaboration among departments to recognize emerging risks, evaluate their potential impact, and implement effective mitigation strategies.

Key Elements of the ERM Framework

  • Risk Identification
    Engaging stakeholders to recognize risks across academic, administrative, financial, and technological domains.
  • Risk Assessment
    Evaluating the likelihood and impact of identified risks using qualitative and quantitative methods.
  • Risk Response
    Developing strategies to mitigate, transfer, accept, or avoid risks based on institutional priorities.
  • Monitoring and Reporting
    Tracking risk trends and communicating findings to senior leadership and the Audit and ERM Committee of the Board of Trustees.

The ERM program is continuously evolving to align with best practices and the dynamic environment in which the university operates.

ERM Roadmap

Florida Tech’s Enterprise Risk Management (ERM) program is a strategic initiative designed to strengthen resilience and support informed decision-making across the university. The ERM Roadmap provides a clear path for building a sustainable risk management culture that aligns with our mission and strategic goals.

This roadmap outlines key phases and actions that will guide the development and integration of ERM into university operations. Each component reflects our commitment to proactive risk identification, collaborative governance, and continuous improvement.

Governance and Oversight

  • Secure Sponsorship
  • ERM Steering Committee
  • Appoint Risk Officer

ERM Framework

  • Develop ERM Policy
  • Risk Appetite and Tolerance
  • ERM Framework and Methodology
  • Align Framework with Florida Tech's Strategic Goals

Risk Management

  • Risk Identification
  • Risk Assessment & Prioritization
  • Risk Mitigation Plans
  • Risk Register

ERM Awareness and Reporting

  • Training and Workshops
  • Embed ERM into Operation

Ongoing Assessment and Evaluation

  • Risk Report and Mitigation Progress
  • Ongoing Risk Assessment
  • Annual ERM Evaluation
  • ERM Report to Board
Edit Page