Leadership Accountability Home

MANAGEMENT ASSESMENT TOOL (MAT)
STATEMENT	POLICY LINKS	BEST PRACTICES
OVERVIEW
1. All benefits eligible employees in my department have received a copy of the UTSA Employee Standards of Conduct Guide and a signed and dated acknowledgement form is in each employee’s departmental personnel file.	UTSA Standards of Conduct Guide for Employees	Encourage new employees to read the UTSA Standards of Conduct Guide for Employees and sign the acknowledgement form within 10 days of receipt. Keep a signed Acknowledgement Form in every employee’s departmental personnel file (employees transferring from another UTSA department should sign a new Acknowledgement Form). Encourage employees to bring questions or observations of unethical activity to their supervisor. Provide new employees with an orientation regarding their duties and responsibilities. An On-the-Job Orientation Checklist is available on the Human Resources web site. Contact the Office of Institutional Compliance at 458-4992 for additional copies of the UTSA Standards of Conduct Guide for Employees for non-benefits eligible employees. Inform employees that they can report suspected issues of non-compliance anonymously through the Compliance Hotline 1-877-888-0002 or via the web at https://www.tnwinc.com/webreport/. More information about the hotline is available at the web site. for the Office of Institutional Compliance & Risk Services.
2. Employees in my department have completed the general compliance training modules they were assigned.	General Compliance Training	Emphasize to all employees the importance of completing online compliance training. Employees will be notified via email when training has been assigned and will be given a deadline to complete the training. New employees will be assigned training within 30 days of hire. Existing employees are required to take annual refresher training. Student titles are required to take compliance training as well. It is important that email addresses in DEFINE are accurate so that employees receive their training notifications.
3. I am aware and have informed my department staff that ethical or legal concerns raised by employees or students should always be taken seriously and should be referred to the appropriate office at UTSA for handling.	UTSA Standards of Conduct Guide for Employees	Encourage employees to bring questions or observations of unethical activity to their supervisor. Supervisors should direct employees to the appropriate offices listed in the UTSA Standards of Conduct Guide for Employees. Inform employees that they can report suspected issues of non-compliance anonymously through the Compliance Hotline 1-877-888-0002 or via the web at https://www.tnwinc.com/webreport/. More information about the hotline is available at the web site. for the Office of Institutional Compliance & Risk Services. Ethical or legal concerns can be reported to the Chief Legal Officer (Legal Affairs) at 458-4105.
4. I am aware that it is important to have measurable written goals and objectives for my department.		Define department/unit mission statement. Develop long-term strategic goals. Develop measurable annual goals based on your department’s mission and strategic goals. Create an action plan to achieve annual goals. Communicate goals and action plan to all employees. Evaluate action plan and goals annually.
5. I am aware that it is important to have written procedures for critical systems/processes in my department.		Identify critical operations. Develop written procedures and review and update them annually.
FISCAL MANAGEMENT
GENERAL
6. My department has a system for reviewing/reconciling accounts on a monthly basis to determine whether the university’s accounting records match my department’s records. Procedures are in place to ensure that appropriate action is taken in the event that errors and/or unauthorized transactions are identified, and all account reviews/reconciliations are dated and signed by the preparer and the reviewer.	Reconciliation Flowchart UT System Administration Policy – UTS 142.1	Managers should have a working knowledge of their budgets and DEFINE (UTSA’s financial accounting system). Implement a departmental system for tracking and reviewing departmental expenditures and revenue. The type of system used may vary depending on the complexity of the department’s accounts. Review the information provided in this Reconciliation Flowchart. If possible, assign different individuals the responsibility for entering data into the departmental system and the responsibility for reconciling the departmental system to DEFINE. Check departmental reviews/reconciliations monthly and question unusual or unique transactions or trends. Ensure that errors are corrected immediately.
7. My department is structured so that one person does not create, approve, and reconcile transactions. If I do not have the staff to adequately segregate these duties, I understand that as department head I must take a more active role in monitoring my department’s accounts.		Proper segregation of duties in a department ensures that no single individual handles all aspects of a transaction or business process, thus reducing the possibility of undetected errors or fraudulent activity. Ensure that no one person handles all phases of a transaction, e.g., creates, approves, and reconciles. Good segregation of duties is critical to prevent fraud in a cash operation. Having one person in charge of all phases of a cash operation is risky - the rule of thumb is that there should be at least two sets of eyes on every transaction. Ideally you should ensure that the individual responsible for record keeping (reconciling cash/checks received to cash register tapes, registration or other income records) is different from the person who has custody of the cash/checks (opens mail, prepares deposit). In small departments this can be a challenge, however, there are creative ways to compensate if you cannot fully segregate duties, e.g., have someone outside of the process analyze sales and deposits for reasonableness or monitor for unusual trends.
8. There is a process in my department for reviewing monthly phone charges to ensure that employees are not making personal long-distance calls on departmental phones and employee(s) who do so are required to reimburse UTSA the full amount including taxes.	Telephone Usage Memo	Inform staff that university phones should not be used for personal long distance calls. If personal long distance charges are incurred, the university should be reimbursed in a timely manner. Review monthly phone bills and question unusual charges. Staff should review phone bills on a monthly basis and each staff member should attest that phone calls are business related. Form for Attestation of Personal Calls
9. There is a process in my department for reconciling cash and check income records to deposit documentation.		A department that receives cash and/or checks should have a system in place for recording those receipts, e.g., cash register or log. Cash register tapes or logs should be compared to actual deposits on a routine basis to ensure that all income is being deposited. Income trends should be analyzed to determine whether actual income matches expected income.
10. There is a process in my department to ensure that cash/checks are adequately secured at all times, access is restricted to the extent possible and checks are immediately endorsed when received.		As a minimum requirement, keep cash/checks locked in drawer or safe at all times. Establish accountability for cash/checks by limiting access to the key or combination to as few individuals as possible.
11. There is a process in my department to ensure that cash and checks received totaling $200 or more are deposited with Fiscal Services on a daily basis and cash receipts under $200 are deposited within a week.	UT System Administration Policy – UTS 166	Depositing cash and checks timely is key to reducing the risk of theft and should be a priority when organizing employees’ duties.
PURCHASING
12. There is a process in my department to ensure that employees who procure goods and services attend purchasing training prior to placing orders on the system.	Purchasing Office Web site	Managers should have a working knowledge of purchasing policies and procedures. Ensure that employees who perform purchasing duties attend initial purchasing training (followed by subsequent refresher courses) within 30 days of starting employment. TXCLASS provides a number of training classes concerning purchasing procedures and the use of Procard. TXCLASS can be accessed online through UTDirect or by calling HR Training and Development at 458-4658. Emphasize the importance of following purchasing regulations. Utilize the UTSA Procard for purchases under $5,000 (items purchased must comply with Procard regulations). Notify Purchasing when discrepancies or problems occur with vendors or contractors. Call Purchasing Buyers if you have questions. Employees are stewards of University funds; therefore, purchases must be business related and consistent with the department’s mission.
13. There is a process in my department to ensure that the Purchasing Department handles all purchases over $5,000 and I am aware and have informed my department staff that orders cannot be split to avoid these dollar requirements.		Maintain adequate supporting documentation for all purchases in the event of an audit or other requests for information. Ensure that employees who initiate and approve transactions are familiar with guidelines and restrictions for different accounts. Expenditure transactions and related vouchers must be independently reviewed for completeness, accuracy, and compliance with University policies and in agreement with supporting documentation before being approved for payment. Standardize specifications and requirements for commodities and services where possible.
14. There is a process in my department to ensure that Central Receiving is notified immediately when goods are delivered directly to my department and to ensure that goods are verified and Central Receiving is notified of any discrepancies within 3 days. I am aware and have informed my department staff that the department could be subject to interest penalties when vendors are not paid within 30 days.	Central Receiving Web site	Ensure that employees who receive goods in your department are aware that they should notify Central Receiving immediately so that vendors can be paid. Departments may incur monetary penalties under the Prompt Payment Law if vendors are not paid within 30 days. If goods delivered to a department are damaged or are not what was ordered, the supplier should be contacted immediately. Central Receiving should be notified once the vendor has remedied the situation to your satisfaction so that the vendor can be paid. Ensure that items are inspected and counted prior to signing and dating the receiving report/form from the vendor. Departments should have a system for tracking outstanding purchase orders, e.g. an internal filing or accounting system.
15. There is a process in my department to ensure that Procard purchases comply with UTSA requirements and restrictions for using the Procard.	UTSA Procard Web site	Managers should have a working knowledge of Procard policies and procedures. Managers should be aware of items that cannot be purchased using the Procard and should ensure that cardholders are aware of these items as well. A list of restricted items is available on the Procard Web site. Ensure that Procard purchases are appropriate for the purposes/mission of the department/unit. Maintain a log of Procard purchases and retain adequate supporting documentation for all Procard purchases, including Internet purchases, e.g. invoice, packing slip. Before approving the electronic voucher in DEFINE for Procard purchases, review all transactions to ensure that they are reasonable and appropriate for the department. Unusual transactions should be questioned. Promote use of the Procard for purchases made over the telephone or the Internet. Call the Procard office at 458-4059 if you have any questions or problems with the Procard. Ensure that sales tax is not charged on Procard transactions. Approve the VP 7 (electronic voucher) transaction document before the designated date.
HUB
16. My department is committed to the University’s goal of doing business with Historically Underutilized Businesses (HUBs) and my department has a process in place to ensure that HUBs are considered in the selection of vendors and contractors.	UTSA HUB Program Web site	Gain a working knowledge of UTSA HUB Mission Statement. Take steps to ensure HUB vendors are utilized whenever possible on purchases under $5,000. Use HUB information provided by Purchasing and Distribution Services to make purchasing decisions. Utilize web sites or other minority/women directory listings maintained by local Chamber of Commerce. HUB vendors can be found on the Texas Building and Procurement Commission Web site.
CONTRACTED SERVICES AND LEASES
17. I am aware and I have informed my department staff that they do not have the authority to bind the University to a contract.	Regent’s Rules Series No: 10501 Contracting Office Web site	Ensure that contracts comply with UTSA, UT System and State policies and procedures. Ensure that contracts are reviewed and signed by the appropriate authority. Resources and offices for processing contracts are: Incoming and outgoing sponsored contracts and sub awards – Office of Sponsored Programs (OSP) Purchasing goods or services – Purchasing and Distribution Services Department employees are not authorized to negotiate and execute agreements for contracted services and leases. Implement a system for monitoring contracts within the department, e.g. a list of those providing contracted services and leases to include at a minimum: supplier name, agreement type, expiration date, and estimated value. Perform a risk assessment of agreements for contracted services and leases, which takes into account financial impact; student, public, or University sensitivities; strategic importance or other factors as deemed important by the Department Head. Collect, evaluate, and track supplier performance data considering: teamwork, communication, invoice/billing, supplier responsiveness, quality, and service level.
CAPITAL ASSETS MANAGEMENT
18. There is a process in my department to ensure that an annual inventory of university property is conducted.	UTSA Handbook of Operating Procedures - Inventory Procedures for Furniture and Equipment UTSA Inventory Web site	The Inventory Contact Person (ICP) is a staff/faculty member responsible for daily oversight of the department’s inventory. Ensure that the department designates a primary and alternate ICP and submit an ICP Appointment Form at the beginning of each fiscal year to the Inventory Department. The Inventory Department will determine what type of training is needed (initial or refresher) and contact the ICP to schedule the training needed to conduct the department’s annual inventory. Contact the DEFINE Administrators and ensure the ICP has access to inventory records for each Unit Code that ICP is responsible for updating in DEFINE. Ensure that your department’s annual inventory is conducted and review the annual inventory documentation before completing the required annual certification.
19. There is a process in my department to ensure that proper inventory forms are prepared and maintained. In addition, I am aware that during the annual inventory process employees in my department are required to sign the Custody/Pre-Inventory Listing provide their Banner ID for inventory items assigned to them and Banner IDs should be updated in DEFINE.	UTSA Inventory Web site	Designate an employee(s) to oversee the inventory process. UTSA Inventory Forms are available in all categories related to managing UTSA assets.
20. Equipment vulnerable to theft in my department is adequately safeguarded in locked cabinets or locked rooms.	Controlled Property Class Codes	Ensure that items such as laptops, projectors etc. are in locked rooms or cabinets when not in use and limit the number of individuals who have keys/access.
21. I am aware and I have informed my department staff that in the event that equipment is stolen or recovered, the University Police Department and the Inventory Manager should be immediately notified as required by University policy. In addition, I am aware and I have informed my employees that they may be held personally liable for lost/stolen equipment if: reasonable care was not exercised in the safekeeping of the equipment; reasonable care was not exercised in the maintenance and service of the equipment; the loss occurred as a result of an intentional wrongful act or a negligent act by a university employee.		Ensure that employees are familiar with rules regarding accountability for university property. Contact the University Police at 458-4242 and an officer will be assigned to investigate. After contacting University Police, contact the Inventory Department and complete and submit an official Stolen Property Report or Recovered Property Report and a copy of the police report.
22. There is a process in my department to ensure that separating employees return equipment and are cleared by the departmental Inventory Contact Person before leaving the university.	Employee Separation Processing Checklist	Ensure that separating employees are cleared by the designated ICP, prior to reporting to the Inventory Office.
23. There is a process in my department to ensure that equipment that is taken off campus is returned to the department when no longer used for university business, and my department maintains complete records for university-owned equipment that is not on university premises.	Removal of Equipment Form	A Removal of Equipment Form must be completed before any university property can be removed from university premises. This form requires the signatures of the authorized department official and the appropriate dean or vice president.
GIFTS
24. There is a process in my department to ensure that all gifts received are forwarded to the Development Office within 24 hours of receipt accompanied by a completed gift processing form and all original documentation (i.e. letter from donor, gift agreement, etc.). For UTSA purposes, “gifts” are described as “a contribution of cash or gift in kind in which the donor voluntarily gives up all control of the asset to the university for its benefit.”	Regent’s Rules Series No: 60101 UTSA Handbook of Operating Procedures - Procedures Governing Private Gift Solicitation	Review information on UTSA's Development Office Web site. Managers should have a working knowledge of gift policies in the HOP and Regents’ Rules (see web links provided) Ensure that designated employees know where to find and how to fill out the gift processing form. Ensure that employees know contact information for the unit/college Development Officer (if applicable) or the UTSA Development Office.
25. There is a process in my department to ensure that each donor receives an acknowledgment letter thanking them for his or her gift and a copy is forwarded to the Development Office with the original gift.		Designate an employee to manage gift accounts. Have written procedures on managing gift accounts. Keep files current, organized and easily identifiable. Copies of gift documentation should be secured and not readily accessible to non-departmental staff. Ensure that copies of appropriate documentation are in the files. Included should be copies of the Gift Processing Form, any correspondence from the donor, check, and department chair/director’s acknowledgment letter. (All original documentation is forwarded to the Development Office.)
26. There is a process in my department to keep track of all gift accounts for which we are responsible and ensure that current files are maintained.		Designate an employee to manage gift accounts. Have written procedures on managing gift accounts. Keep files current, organized, easily identifiable, and readily accessible. Ensure that copies of appropriate documentation are in the files. Included should be copies of the Gift Processing Form, any correspondence from the donor, check, and department chair/director’s acknowledgment letter (all original documentation is forwarded to the Development Office).
27. There is a process in my department to ensure and document that expenditures from gift accounts comply with the donor’s intentions.		Designate an employee to manage gift accounts. Document policies/procedures for expenditures including donor’s intentions for each gift account. Ensure that employees know policies and procedures regarding appropriate expenditures. Prior to approving expenditures from gift accounts, ensure that the expenditure is in compliance with the donor’s intentions.
HUMAN RESOURCES
28. I complete and document annual performance evaluations for all employees reporting directly to me and there is a process in place in my department to ensure that annual performance evaluations are performed for all other employees.	UTSA Handbook of Operating Procedures - Annual Non-Faculty Performance Evaluation Program	Every supervisor is expected to conduct an annual performance evaluation for all regular Classified and Administrative and Professional employees that report to them. Standard Evaluation Forms are available on the Human Resources web site. Evaluations should be completed by no later than the first work day in March of each year covering the period Feb. 1st of the previous year through Jan 31st of the current year. Place the original evaluation form in the employee’s departmental personnel file and provide a copy to the employee and a copy to the Office of Human Resources. Ensure probationary employees are evaluated during the first six months of employment. An evaluation should be conducted on the 30th, 90th, and 160th day of employment. Results of these evaluations should be the basis for retention or release of the employee. Probationary Evaluation Forms are available on the Human Resources web site. Develop performance standards for all positions (you may consult with your employees when developing standards for the position). Communicate the standards for the position to the employee upon hiring and at the onset of the evaluation period. In evaluating an employee, consider the employee’s performance in the position in relation to the standards previously set by the supervisor.
29. There is a process in my department to record and track hours worked for hourly employees.	Payroll Office Web site Payroll Forms Payroll Calendar	Time sheets/cards should be used to record hours worked for hourly employees and are available on the Payroll web site.: hourly employee time card. Time sheets/cards should be signed and dated by the employee and supervisor and kept on file in the department. Hourly employees are generally paid on a semi-monthly basis. Ensure that the electronic payroll voucher (OV1) is created and approved by the payroll deadline on the payroll calendar.
30. There is a process in my department to ensure that overtime and other non-standard work hours are appropriate and approved in advance by a supervisor.	UTSA Handbook of Operating Procedures - Advance Approval for Overtime Payments	Whenever possible, notify employees in advance when business demands require that they work non-standard or overtime hours. Develop a departmental procedure for requests to work additional or nonstandard hours (explanation for supervisor, supervisor’s approval, etc.) and keep copies of documentation.
31. There is a process in my department to manage employee leave that achieves the following: Employee workdays are monitored and leave balances are routinely reviewed by someone in their management chain .Vacation, sick leave, and compensatory time balances are reconciled and entered into DEFINE on a monthly basis. Leave balances (vacation, sick and compensatory) are communicated to employees on a monthly basis. The monthly Vacation & Sick Leave Report reflecting the prior months leave activity is submitted to HR by the 15th of each month.		Ensure that department keeps copies of appropriate documentation/records. Encourage employees to review their individual reports for accuracy.
32. There is a process in my department to ensure that all qualified job applicants are considered and HR guidelines for determining the best qualified applicant are followed.	HR Recruitment Guidelines UTSA Handbook of Operating Procedures - Records and Information Management and Retention	A set of interview questions (that are job related) should be prepared in advance of the interviews. Interview questions should be designed to permit a fair and objective evaluation of each applicant and consist of objective, job-related inquiries. Each applicant should be asked the same questions; all responses should be recorded in writing. A list of acceptable questions can be found at: Sample Interview Questions. To facilitate the hiring decision, a matrix should be used. The matrix, questions and responses should be maintained by the department for a minimum of two years.
EEO COMPLIANCE
33. I am aware and have informed my department staff that sexual misconduct and sexual harassment in any form will not be tolerated and such conduct will be subject to disciplinary action.	UTSA Handbook of Operating Procedures - Nondiscrimination and Sexual Harassment and Sexual Misconduct UTSA Handbook of Operating Procedures - Consensual Relationships Office of Equal Opportunity Services Web site Human Resources Web site	Recognize that sexual harassment includes conduct that interferes with an individual’s work performance or creates an intimidating, hostile or offensive work environment. Sexual harassment may include telling sexually explicit jokes, making inappropriate comments, or sending e-mails to one another containing jokes of a sexual nature. A workplace in which consistent offensive conduct abounds can constitute a hostile work environment, even if other people deem such conduct harmless, insignificant or they take no offense to it. One inappropriate joke may not meet the legal threshold of a hostile environment. However, a workplace can easily develop into a culture that tolerates inappropriate conduct if it is not addressed. This conduct has the potential to: negatively impact the work environment, fall below acceptable standards for professional conduct and create a sense of discomfort that results in behavior that violates university policy. Set expectations, communicate them to your employees, and remind employees about the sexual harassment policy and procedures at appropriate forums, such as faculty or staff meetings. Ensure that employees know where in the HOP they can find the policies on nondiscrimination and sexual harassment and sexual misconduct. Ensure that you comply with the sexual harassment policies and procedures by not initiating inappropriate actions, participating in inappropriate discussions, or condoning such actions or discussions by choosing to remain silent.
34. I am aware and have informed my department staff regarding various forms of discrimination and that discrimination based upon any protected category, including sexual orientation, is prohibited by state and federal law and by university policy.	UTSA Handbook of Operating Procedures - Nondiscrimination and Sexual Harassment and Sexual Misconduct UTSA Handbook of Operating Procedures - Consensual Relationships Office of Equal Opportunity Services Web site United States Equal Employment Opportunity Commission	Recognize your role and responsibilities as a manager in taking action to prevent discrimination, including: Examining your own behavior and making sure you lead by example. Identifying early signs of unprofessional behavior that may require preventive measures. Identifying specific behaviors requiring proactive measures or immediate intervention. UTSA prohibits discrimination in all areas of employment, including recruitment, hiring, training, assignments, promotion, discipline and termination. Employment discrimination occurs if it is based on race, color, religion, sex, national origin, age, disability, veteran status, or sexual orientation. Examples of employment discrimination include: Treating one employee differently than another who is similarly situated. Any employment practice no matter what the intent, if it has a disparate impact on members of a protected class, which includes women, minorities, the handicapped, veterans, and persons over 40 years old.
35. I am aware and have informed my department staff to advise individuals reporting incidents of sexual harassment and/or discrimination to contact the Office of Equal Opportunity Services immediately.	UTSA Handbook of Operating Procedures - Nondiscrimination and Sexual Harassment and Sexual Misconduct UTSA Handbook of Operating Procedures - Consensual Relationships Office of Equal Opportunity Services Web site	The Office of Equal Opportunity Services (EOS) takes all reports of discrimination seriously. EOS’s responsibility is to accept all reports of discrimination, determine appropriate handling and recommend action to resolve the matter in compliance with policy.
36. I am aware and have informed my department staff that complaints of sexual harassment and/or discrimination should be filed as soon as possible after the conduct giving rise to the complaint, but no later than 30 calendar days after the event occurs.	UTSA Handbook of Operating Procedures - Nondiscrimination and Sexual Harassment and Sexual Misconduct UTSA Handbook of Operating Procedures - Consensual Relationships Office of Equal Opportunity Services Web site	Review information on the EOS web site. and encourage employees to review the site and make note of the contact names and numbers. EOS has a responsibility to ensure our campus environment remains free of discrimination. As such, reports of incidents of discrimination beyond the 30-day deadline should still be reported to EOS in order to determine the possible recurrence of past conduct.
37. I am aware and have informed my department staff that it is unlawful to retaliate against an employee who has reported an allegation of wrongdoing or is participating in an investigation pertaining to allegations of wrongdoing.	Whistleblower Policy	UTSA is committed to including employees in the process of ensuring that UTSA operates in an ethical, honest, and lawful manner. It is therefore the policy of UTSA to: Encourage employees to report and assist in any investigation by persons authorized or responsible for such matters, known or suspected violations of laws, rules, policies, or regulations, or improper activities; and Prohibit unlawful retaliation against employees as a consequence of good faith actions in the reporting of, or the participation in an investigation pertaining to, allegations of wrongdoing.
ENVIRONMENTAL HEALTH AND SAFETY
38. There is a process in my department to ensure that departmental activities comply with applicable rules, regulations, and best practices relating to occupational health, safety and the environment to include: Use and disposal of hazardous chemicals, radioisotopes, and biological agents; Proper preventative measures for maintaining equipment and facilities in safe working order for all my employees, students and visitors; and Keeping my work area in compliance with NFPA 101- Life Safety Code as mandated by the State Fire Marshal’s Office and UT System.	Office of Environmental Health, Safety and Risk Management Web site UTSA Handbook of Operating Procedures - Occupational Safety and Health Policy UTSA Handbook of Operating Procedures - Procedures for Compliance with the Texas Hazard Communication Act UTSA Handbook of Operating Procedures - Hazardous Waste Management Program	Inform your staff that policies and safety manuals governing health and safety are referenced on the web site. for the Office of Environmental Health, Safety and Risk Management.
39. There is a process in my department to ensure that department staff attend applicable safety training courses mandated by the UTSA Environmental Health, Safety, and Risk Management Office (EHS&RM), State of Texas and federal regulations to include: Texas Hazard Communication Act, Radiation Control Program, Radioactive Material License and TX Blood borne Pathogen Rule; and Federal EPA/OSHA regulations governing hazardous waste operations.	Office of Environmental Health, Safety and Risk Management Web site Safety Training Course Schedule	Ensure that employees attend the hazard communication safety training prior to working with hazardous chemicals or toxins. Ensure that employees attend radiation or laser safety training prior to working with radioactive materials or class 3b or 4 lasers. Ensure that employees who may be exposed to human blood, cells, tissues and body fluids attend initial bloodborne pathogens training, are offered the HBV Vaccine, and the annual refresher training. Ensure that employees working with biological agents or recombinant DNA in laboratories attend bio safety and laboratory safety training. Ensure employees generating hazardous biological chemicals or radioactive material waste attend Hazardous Waste Generator’s Safety Training. Training is mandated by the following rules and regulations: TX Department of State Health Services (TDSHS) in the Texas Hazard Communication Act, TDSHS Radiation Control Program - Radioactive Material License for UTSA and TX Bloodborne Pathogen Rule; and federal CDC/USDA Select Agent Rules and EPA / OSHA regulations governing hazardous waste operations.
40. I am aware and have informed my department staff that it is important to be responsive to any safety, health or environmental concerns raised by faculty, staff or students and to report all employee accidents, injuries, and exposures to hazardous agents to EHS&RM, regardless of whether they were formally reported by the employee. In addition, there is a process in my department to maintain contact with employees who have lost time due to injuries and encourage them to return to work within the scope of restrictions placed upon them by authorized treating physicians.	UTSA Handbook of Operating Procedures - Occupational Safety and Health Policy UTSA Handbook of Operating Procedures - Procedures for Compliance with the Texas Hazard Communication Act UTSA Handbook of Operating Procedures - Hazardous Waste Management Program Office of Environmental Health, Safety and Risk Management Web site	Contact Environmental Health, Safety, and Risk Management Office at 458-5250 if there are any concerns or questions. Refer to the Office of Environmental Health, Safety and Risk Management Web site for specific contact persons and information and forms for reporting injuries or exposures, and the UTSA Return to Work Program. Dial “911” on campus phone for emergencies. Off campus and cellular phones dial 458-4911 to contact the UTSA Police Department in a emergency (non-emergency number is 458-4242). The UTSA Police maintain emergency information for EHSRM personnel to respond to accidents, fires, hazardous material spills and other emergencies as necessary.
UNIVERSITY POLICE
41. I am aware and have informed my department staff that crimes, emergencies and dangerous or potentially harmful events should be reported to the University Police immediately.	UTSA Administrative Memorandum No. 62: Injuries, Emergencies and Related Matters UTSA's Business Continuity and Emergency Management Office	Dial “911” on any campus phone to reach the University Police. Ensure that a list of essential phone numbers and contact persons is available and can be easily accessed by all employees. All employees should know that University Police is located at MS 1.02.00. Information regarding reporting crimes and hazards can be found on the University Police Web site. Employees should be aware of and review UTSA Administrative Memorandum No. 62: Injuries, Emergencies and Related Matters
42. I am aware and have informed my department staff to contact University Police if illegal activity is suspected.	University Police	Dial “911” on any campus phone to reach the University Police. Ensure that a list of essential phone numbers and contact persons is available and can be easily accessed by all employees. Information regarding reporting crimes and hazards can be found on the University Police Web site. All employees should know that University Police is located at MS 1.02.00.
KEY AND CARD ACCESS
43. I am aware and have informed my department staff that lost or stolen keys or access ID cards should be reported to Access Control immediately.	UTSA Handbook of Operating Procedures - Keys to University Facilities	Managers should be aware of the policies regarding keys and access to university facilities. Managers should ensure that their employees know and adhere to university policy on keys and access to university facilities.
44. There is a process in my department to ensure that keys or access ID cards for new employees are obtained by sending the employee’s information to the Access Control Office.	UTSA's Access Control Information	All employees should know that the Access Control Office is located at MS 1.01.14 and can be contacted at 458-7144. The Access Request Authorization form is available On the Access Control section of the UTPD Web site.
EMERGENCY PREPAREDNESS
45. I am aware and have informed my department staff of emergency evacuation procedures.	UTSA Evacuation Plans UTSA Emergency Response Plans	Managers should ensure that their employees are familiar with UTSA Emergency Response Plans, UTSA Evacuation Plans and Environmental Health, Safety and Risk Management. Ensure that a list of essential phone numbers and contact persons is available and can be easily accessed by all employees. Know your building captains. Managers can contact 4417 to obtain the name and contact number of the Building Captain for their building.
46. I am aware and have informed my staff that they are required to participate in all evacuation drills.	UTSA Evacuation Plans	Communicate to employees that all evacuation drills should be taken seriously. Have a plan for helping employees who need additional assistance in an evacuation.
47. I know who my Building Captain is and have informed my department staff that they should contact the UTSA Police Department for information regarding Building Captains.	UTSA Evacuation Plans UTSA Emergency Response Plans	Know your building captains. Managers can contact 4417 to obtain the name and contact number of the Building Captain for their building.
48. I am aware and have informed my department staff that suspicious packages or devices should be immediately reported to the University Police.	FBI Advisory on Suspicious Packages UTSA's Business Continuity and Emergency Management Office	Review with employees the FBI Advisory on Suspicious Packages.
INFORMATION SECURITY
49. I am aware and have informed my department staff that passwords are never to be shared.	UTSA Handbook of Operating Procedures - Computer Security UTSA Handbook of Operating Procedures - Information Resources Use and Security Policy Computer Security Internet Privacy UTSA's Password Standard	When assigning work or computers to your employees, ensure that each user has a separate computer account.
50. I am aware and have informed my department staff that all computers should have screensavers with password protection activated.	UTSA's Password Standard	When users leave their computers unattended, password protected screensavers reduce the risk of access by an unauthorized user. Details on the procedure for activating a password-protected screensaver can be found at UTSA's OIT Computer Security Handbook.
51. I am aware and have informed my department staff that duplication of copyrighted software is a violation of Federal copyright law unless permitted by the software license.	UTSA Handbook of Operating Procedures - Reproduction of Copyright Materials UTSA's File Sharing Standard UTSA's Software Licensing Standards UTSA's Information Resources Acceptable Use Policy	If software is to be used in your office, check with the Office of Information Technology (OIT) or the Purchasing Department to ascertain the licensing status, before purchasing or duplicating the software. Managers should ensure that their departments are in compliance with licensing rules for the various types of software used in their departments. General Rules for Copyright
52. I am aware and have informed my department staff that unauthorized downloading, storage or sharing of copyrighted materials (music, movies, intellectual property, etc.) is a violation of Federal copyright law, unless expressly permitted by the copyright owner.	UTSA Handbook of Operating Procedures - Reproduction of Copyright Materials UTSA's File Sharing Standard UTSA's Information Resources Acceptable Use Policy	State-owned computer equipment, including personal computers/servers and the UTSA network, may not be used to download or share copyrighted files. In some cases, companies may permit the purchaser of a CD/DVD to make a single backup copy or may allow transferring of music files to a portable device.
53. There is a process in my department to restrict access to confidential information stored in computers and on paper.	Secure Password Procedures - Code of Ethics	Do not share passwords. Lock up confidential information and restrict access. Identify those within your office or department who might use confidential information and be sure they have been trained in the rules regarding privacy. Be sure that backup tapes and computers with confidential information are not available to those who are not approved to handle such records. Do not transmit personally identifiable information via e-mail or through other electronic means.
54. I am aware and have informed my department staff to report information security incidents to the Office of Information Technology Security Team.	UTSA Incident Management Standards	An incident is the use of a computer to violate statutes or regulations; such misuse frequently results in disciplinary action. Be familiar with the Information Security policies and be sure that any irregular use of computing is reported. The OIT Security team can be reached at these numbers: 458-5899, 458-7216 and 458-7218. If there is no answer, you may call 458-4555 and the staff will locate a member of the team. UTSA's OIT Security Team will help you become familiar with the standards and practices that will help maintain security.
55. I am aware and have informed my department staff to follow UTSA procedures, including calling the Help Desk, when installing new computers or hooking up servers.	UTSA Network Access Standards	Always check IT procedures before connecting to the network or installing new hardware. Follow the standard, check with the OIT Help Desk and contact the OIT Security Team if you have specific questions. In order to protect the integrity of the university’s network, devices which have been connected without prior approval may be removed or otherwise be prevented from connecting to the network.
56. I am aware and have informed my department staff that Social Security Numbers must be handled in a confidential manner.	UTS 165	SSNs should not be displayed on documents, computer screens, PDAs, etc., that can be seen by the general public unless required by law. Mailed materials containing SSNs should be designed so that SSNs do not show through the envelope window. SSNs are not to be sent over the internet or via email unless encrypted or otherwise secured. Access to records containing SSNs should be limited to employees who need access for performance of job duties. Records with SSNs should not be stored on computers or other electronic devices that are not secured against unauthorized access. SSNs should not be shared with third parties unless they have been formally authorized by UTSA. Notice required by the Federal Privacy Act must be given each time the institution requests disclosure of an SSN, except when the institution is already in possession of an individual’s SSN and requests it for verification purposes. Records and media (disks, hard drives, etc.) containing SSNs must be discarded in a way that protects the confidentiality of SSNs. Each employee must promptly report inappropriate or suspected disclosure of SSNs to his/her supervisor, who is to report such disclosures to the Information Security Officer, Annette Evans at 458-5899.
57. My department systems (paper and electronic) have been evaluated to ensure that all SSNs being stored are necessary, that adequate physical and technical safeguards are in place and access is limited to those employees who need SSN information to perform their job responsibilities.	UTS 165	Annette Evans, Information Security Officer, 458-5899


Updated 09/12/08 Please E-mail Erica.Garcia@utsa.edu with questions or comments.