September 2019

Know Your Stuff

The UNC-Chapel Hill Information Technology Acceptable Use Policy, Item #7: Users must not use University IT to violate copyright, patent, trademark, or other intellectual property rights. Examples of such violations would include engaging in the unauthorized copying, distributing, altering or translating of copyrighted materials, software, music or other media without the express permission of the copyright holder or as otherwise allowed by law.

Information on the Digital Millennium Copyright Act is available from Copyright.gov as well as comprehensive access to documents pertaining to title 17 of the Copyright Law of the United States. Additional information may be found on the home page of the University’s Copyright Committee.

The UNC-Chapel Hill community is governed by a variety of official policies, procedures and standards which have been developed and implemented at University and Unit levels.  All University and Unit policies that currently govern UNC-Chapel Hill can be found at the Policies website.  Of these items, the Department of Finance has scripted nearly 150 Policies and Procedures and oversees more than 100 forms that are designed to keep internal controls and processes in place.  Although employees are encouraged to frequently check the policy website to make sure its department processes are current, managers should also systematically review general practices of frequently-used policies with their staff, as well as inform them of changes and updates.  For more hints on how to keep your staff in compliance, read this article from HR Insights.

Previous Tips

Stay In Tune: Keep Your Policy Knowledge Fresh

The UNC-Chapel Hill community is governed by a variety of official policies, procedures and standards which have been developed and implemented at University and Unit levels.  All University and Unit policies that currently govern UNC-Chapel Hill can be found at the Policies website.  Of these items, the Department of Finance has scripted nearly 150 Policies and Procedures and oversees more than 100 forms that are designed to keep internal controls and processes in place.  Although employees are encouraged to frequently check the policy website to make sure its department processes are current, managers should also systematically review general practices of frequently-used policies with their staff, as well as inform them of changes and updates.  For more hints on how to keep your staff in compliance, read this article from HR Insights.

UNC-CH Finance Policy 107: Customer Financial Record Safeguards

In order to protect customer information and data, and to comply with relevant federal laws, the Internal Auditor’s office and OUC propose certain practices regarding the University’s maintenance and safeguard of customer financial information. These practices affect the University areas that interact with such data.

Each University department is responsible for securing customer information in accordance with all privacy guidelines.  Additionally, a written security policy and procedure document that details the information security policies and processes is maintained by each relevant area and will be made available to the Coordinators or Internal Auditor’s office upon request.

ITS Information Security Controls Standard – lists the minimum requirements for different technological devices using sensitive information.

UNC-Chapel Hill Information Classification Standard Policy

See Tier 3 and Compliance

Failure to comply with this standard may put University information assets at risk and may have disciplinary consequences for employees, up to and including termination of employment . . . Contractors, vendors, and others who fail to adhere to this standard may face termination of their business relationships with UNC-Chapel Hill.
Violation of this standard may also carry the risk of civil or criminal penalties.

Policy 104 – University of North Carolina at Chapel Hill Policy on Misuse of University Property or Funds

It is important for employees to exercise care and sound judgment in the use of University property and funds in order to maintain public trust. A University employee who has information or evidence of a misuse of University property or funds is required by North Carolina state law to report the misuse. Misuse includes damage, theft or inappropriate use of property and embezzlement of funds.

Policy 1212 UNC-CH Policy on Solicitation by Sales Representatives

Unsolicited and/or non-approved solicitations of University business by outside sales representatives are unwarranted and not desired. The University follows the State policy that requires goods and services be obtained from either State term contracts, by competitive bidding, or the small order process for procurements less than $5,000. In order to conduct formal business with the University, a sales representative must first register with the State of North Carolina to participate in the formal bid process. Prospective vendors are required to first make contact with Purchasing Services to gain an understanding of the rules for conducting business with the University before meeting with prospective customers at their campus location.

1252.3 – Procedure on Reconciling a Purchasing Card (P-Card)

Specific Duties of Approver

The Group Approver acts as the approval authority for each P-Card purchase. If, as the Group Approver, you do not understand the charge or have reason to believe that the charge is not proper:

  • Go to the Accountholder for an explanation.
  • Go to the Department Head or Business Manager to verify that the charge was appropriate.
  • Go to Purchasing to verify that the charge is within applicable laws and University policies.
  • Go to Internal Audit if fraud or abuse is suspected.

For more information on the role of the approver, see Procedure 1252.3.

University of North Carolina at Chapel Hill Basic Spending Guidelines 2018

This helpful guide covers acceptable funding sources that can be used for specific purposes at the University and details restrictions on state funding and other reimbursement items.  Anyone who routinely processing invoices at the University should read the booklet in its entirety and be familiar with applicable rules to the University’s spending.  It’s also a good idea to keep a bookmark on the resource to refresh knowledge when needed.

200.4 University of North Carolina at Chapel Hill Policy on Principal Investigator (PI) Overall Responsibilities.

Principal Investigators (PIs) are responsible for the overall proposal preparation, and administrative, technical and fiscal management of sponsored project/s. These obligations include, but are not limited to, the management of the project within funding limitations, adherence to reporting requirements and ensuring that the sponsor is notified regarding a change in project status or significant conditions that may affect the sponsored project.

Policy:  1301 University Procedure on University Business Travel

University officers, faculty, staff and employed students may have their travel expenses reimbursed by the University, subject to the limitations contained in these regulations. Students, who are not University employees, may be reimbursed subject to these limitations, provided approval by the department head was obtained in advance. Non-University employees traveling on University business whose expenses are paid or reimbursed by University funds are subject to all University travel regulations, including statutory subsistence allowances. . .

To comply with auditing guidelines, all University travel advance/reimbursement requests must be certified as true and accurate by the traveler. To accomplish this, cover pages accompanying travel requests must be personally signed and dated by the traveler. Any request missing the traveler’s signature will be deemed incomplete and will not be processed.

Procedure 1218.1 – UNC Procedure on Determining Vendor Documentation

Changes to vendor direct deposit bank accounts need to be confirmed by the department requesting the update, with a known contact for the vendor.  Also, submit the direct deposit form for vendors and a copy of a voided check or bank letter, through Campus Vendor in ConnectCarolina.

Policy 1229 – University Responsibility for University-Purchased Goods, Services, and Equipment

The administrative head of a University, school, department or division (such as a chairperson of a department) or the principal investigator (PI) of a sponsored research project, is accountable for all supplies, services, materials, and equipment purchased in the school’s, department’s or center’s name, regardless of the source of funds.  The administrative head is responsible for developing and implementing the internal controls necessary to protect such materials from theft and abuse, and that accurate records be maintained regarding proper identification and location of movable equipment. Furthermore, the administrative head is responsible for ensuring the goods and/or services provided meet and continue to meet the specifications, terms and conditions indicated on the relevant supplier contract or purchase order (PO).

Policy 1213: Prohibition of Gifts or Favors from Vendors

It is unlawful for a State employee to willfully receive or accept gifts or favors from vendors. This includes travel coordinators who are prohibited from accepting free tickets or other personal benefits from travel agencies.

University faculty, staff, or students involved in preparing plans, specifications, or estimates for University contracts, awarding or administering such contracts, or inspecting or supervising construction may not accept gifts or favors from any vendor who has a current contract with the University, has performed under a contract within the past year, or is anticipated to bid on such a contract in the future.  For more, see Policy 1213.

Policy: University of North Carolina at Chapel Hill Information Security Controls Standard

This standard defines the minimum security controls for Information Technology systems in use at UNC-Chapel Hill. Units within the University may apply stricter controls to protect information and systems in their areas of responsibility. The standard applies to each UNC-Chapel Hill Affiliate for any covered system under their control.

Policy 306 University of North Carolina at Chapel Hill Policy on Imprest Checking (Bank) Accounts

Departments are required to perform monthly reconciliation of the imprest checking account to the fund source in ConnectCarolina and reconcile the checkbook to the bank statement. The bank reconciliation should include the following controls:

  • Identifying, resolving and clearing reconciling items.
  • Notifying Cash Management in Accounting Services of any unauthorized activity.
  • Evidence of supervisor review and sign off on the reconciliation.
  • Assigning the duties of writing checks and reconciling the imprest account to two different individuals.
  • Documenting any communications or discussions with the bank employee regarding the account.