URGENT: Profile Information in Concur - We are aware of an issue currently impacting Concur profiles.
Skip to main content

Tip of the Month

Tip of the Month logo

March 2024

Office of Sponsored Programs – 800.01 – Audits and Reports

The Office of Sponsored Programs (OSP) is responsible for coordinating all audit matters and responses relative to sponsored research, training and public service activities of the University. Federal, state and public firm auditors must make initial contact with OSP when conducting periodic audits or special inquiries relative to contract and grant matters.

Previous Tips

Information Security Incident Management Standard

The University has many legal and ethical obligations to respond and minimize harm when certain kinds of Information Security Incidents happen. This standard describes the minimum requirements for members of the University experiencing a concern that might indicate a Possible Information Security Incident.

Policy 307 – The University of North Carolina Policy on Cash Advance

Cash advances are necessary for efficiency or because they are the only means acceptable to the payment requirements of the service rendered. This policy explains how to obtain the necessary funds to meet payment requirements, appropriate use and settlement of such cash advance funds.

1252.3 – University of North Carolina at Chapel Hill Procedure on Reconciling a Purchase Card (P-Card)

The Group Approver challenges or approves each purchase and confirms allocation of transactions is to the appropriate ConnectCarolina fund source.

If a receipt is not available, the Accountholder must submit a Missing Receipt Affidavit, signed by the Department Head or Business Manager and load it to the related transaction in Works.

The Group Approver acts as the approval authority for each P-Card purchase. If, as the Group Approver, you do not understand the charge or have reason to believe that the charge is not proper:

  • Go to the Accountholder for an explanation.
  • Go to the Department Head or Business Manager to verify that the charge was appropriate.
  • Go to Purchasing to verify that the charge is within applicable laws and University policies.
  • Go to Internal Audit if fraud or abuse is suspected.

The Policy Framework

The Policy Framework sets behavioral expectations across the University. The Policy Framework empowers members of the University community with the knowledge, protection, and flexibility they need to perform their day-to-day roles and responsibilities within certain defined boundaries. The Policy Framework also constrains members of the Carolina community outside of those defined boundaries, thus reducing institutional risk. Finally, the Policy Framework shifts the University to a more proactive policy development and risk management model by formalizing the process by which Policies, Standards, and Procedures are developed, approved, reviewed, published, and communicated; promoting consistency, efficiency, and transparency; and reflecting best practice in higher education.

1505.3 – Procedure for Reconciling a Travel & Expense Card

The University has developed a process that allows T&E Card charges to be reconciled and/or reallocated to other accounts in Concur Expense.

Charges are available to reconcile after the merchant submits the charge, the bank receives and processes the data and then feeds the transaction data to Concur Expense. This normally takes one to three business days. Concur Expense will automatically send email notifications when “new company card transactions arrive.”

Email Domain Policy

Email accounts used to conduct the business of the University require that appropriate security, backup, and records-retention measures be in place. Departments may wish to host or contract for separate email systems using either unc.edu sub-domains (such as “physics.unc.edu”) or entirely separate domains (such as “unclatindepartment.org”). This policy balances that option with the University obligation to ensure that public records and sensitive information are protected appropriately.

1105.2 – Procedure for Overpayment Recovery

Overpayment occurs when compensation that is not owed to an employee is paid in error. The primary cause of employee overpayments is late salary actions; however, this does not negate an employee’s obligation to repay overpaid funds immediately.

Passwords, Pass-phrases, and Other Authentication Methods Standard

Many information security incidents result from unauthorized access to information stored on computers. Frequently, access to such information is controlled through the use of passwords, pass-phrases, and other authentication methods… In accordance with the Information Security Policy this document sets forth password/pass phrase requirements for all UNC-Chapel Hill individual user accounts, administrator accounts, and system accounts.

1229 – University of North Carolina at Chapel Hill Policy on Responsibility for University-Purchased Goods, Services, and Equipment

The administrative head of a University school, department, or division (such as a chairperson of a department), or the principal investigator (PI) of a sponsored research project, is accountable for all supplies, services, materials, and equipment purchased in the school’s, department’s or center’s name, regardless of the source of funds. The administrative head is responsible for developing and implementing the internal controls necessary to protect such materials from theft and abuse, and that accurate records be maintained regarding proper identification and location of movable equipment…

Records Retention and Disposal Policy

The Records Retention and Disposal schedule is a tool for the employees of UNC-Chapel Hill to use when managing the records of the University.

1102.2 – Reporting Payroll Exceptions Procedure

This procedure’s intent is to correct pay records and accurately pay all University of North Carolina at Chapel Hill employees.

Policy in Terms of Use for Administrative Systems

In accordance with the Enterprise Data Governance Policy and Acceptable Use Policy all users who access enterprise data or University systems in performance of their assigned duties, including, but not limited to, viewing, entering, downloading, copying, querying, storing, disclosing, or updating data or information must adhere to the following tenets:

      • Confidentiality: Respecting the confidentiality and privacy rights of individuals whose records they may access. Reporting any known or suspected breaches of University Information in a timely manner according to procedures defined in the Incident Management Policy and the Privacy of Protected Health Information Policy.
      • Ethics: Observing the ethical restrictions that apply to information to which they have access.
      • Policy Adherence: Abiding by applicable laws and University policies with respect to access, use, protection, proper disposal, storage, and disclosure of information.
      • Responsible Access: Accessing and using enterprise data only as required in their conduct of University business.

1229 – University Responsibility for University-Purchased Goods, Services and Equipment

The administrative head of a University, school, department or division (such as a chairperson of a department) or the principal investigator (PI) of a sponsored research project, is accountable for all supplies, services, materials, and equipment purchased in the school’s, department’s or center’s name, regardless of the source of funds.  The administrative head is responsible for developing and implementing the internal controls necessary to protect such materials from theft and abuse, and that accurate records be maintained regarding proper identification and location of movable equipment. Furthermore, the administrative head is responsible for ensuring the goods and/or services provided meet and continue to meet the specifications, terms and conditions indicated on the relevant supplier contract or purchase order (PO).

1218.1 – University of North Carolina at Chapel Hill Procedure on Determining Vendor Documentation

Changes to vendor direct deposit bank accounts need to be confirmed by the department requesting the update, with a known contact for the vendor.  Once departments receive vendor information, they should upload the direct deposit form for vendors and a copy of a voided check or bank letter, through Campus Vendor in ConnectCarolina.

Records Retention and Disposal Policy

The Records Retention and Disposal schedule is a tool for the employees of UNC-Chapel Hill to use when managing the records of the University. It lists records found in an office and gives an assessment of their value by indicating when (and if) those records should be destroyed. The schedule is also an agreement between the office, the University Archives and Records Management Service (UARMS) and the North Carolina Department of Cultural Resources (DCR).

According to G.S. §121-5 and G.S. §132-3, you may destroy public records only with the consent of DCR. DCR has an agreement with UARS to provide records management services to the University of North Carolina at Chapel Hill. This schedule is the primary way DCR gives consent through UARS for the destruction of University records. Without an approved schedule, your office cannot destroy any record, no matter how insignificant.

Office of Sponsored Programs 300.04 – Pre-Submission Compliance Requirements

The University and any persons conducting research on behalf of the institution are required by law to comply with established Federal standards regarding sponsored research. In conjunction, the University is responsible for maintaining compliance through training and education, communication between and among researchers, monitoring, and auditing systems to detect compliance issues, and preventing non-compliance by proactively accessing and responding to compliance concerns.

1226 – University of North Carolina at Chapel Hill Policy on Purchase Authorization

Each school, department, and division within the University is given a budgetary allotment for purchases. The administrative head (dean, director, department head) of each area is fiscally responsible for the appropriate use of this allotment and has the sole authority to make purchases. The administrative head may delegate this authority to another University representative to approve charges against the department’s budget; however, this delegation of authority does not relieve or excuse the budgetary head from their responsibility for the allotted budget.

1218.1 – Procedure on Determining Vendor Documentation

Changes to vendor direct deposit bank accounts need to be confirmed by the department requesting the update, with a known contact for the vendor. Once departments receive vendor information, they should upload the direct deposit form for vendors and a copy of a voided check or bank letter, through Campus Vendor in ConnectCarolina.