business forum
play

Business Forum HRTC 141-145 2 Business Forum Agenda Welcome - PowerPoint PPT Presentation

1 October 9, 2019 Business Forum HRTC 141-145 2 Business Forum Agenda Welcome Training Advisory Council Post Awards and Grants Partner Group Key Announcements - Finance 3 Training Advisory Council Agenda PDP


  1. 1 October 9, 2019 Business Forum HRTC 141-145

  2. 2 Business Forum Agenda • Welcome • Training Advisory Council • Post Awards and Grants Partner Group • Key Announcements - Finance

  3. 3 Training Advisory Council Agenda • PDP Certificate Update • Peer Learning Network • Skillport e-learning portal demonstration

  4. 4 Training Advisory Council Charge Provide insight and guidance to support the following: • Institutional support for training and development • Elimination of systemic barriers to development • Creation of a robust structure to implement a sustainable environment for training and development • Consistent, positive and professional training and development experiences aligned with our desired culture • Methods and resources for those new to their position • Leveraging collective resources and expertise from around the university to support professional development

  5. 5 Training Advisory Council Representation • Co-Chairs - Lewis Mangen and Michael Greene, University Human Resources • Administrative Senate - Wendy Rogers, University College • Classified Senate – Melanie Quolke, The Patton College of Education • Planning Unit Representatives - MaryBeth Robinson, Regional Higher Education, Zanesville - Maryann Lape, Regional Higher Education, Lancaster - Cheri Sheets, College of Arts & Sciences - Brenda Noftz, Heritage College of Osteopathic Medicine - Lindsey Ward, Student Affairs, Career Services - Janice Bailey-Magill, Russ College of Engineering - Joey Walden, University Libraries - Eileen Theodore-Shusta, University Libraries - April Butterworth, Finance & Administration

  6. 6 PDP Certificate Update October 1, 2019 Accounting Purchasing # Courses 1 3 Completed • Almost 1,100 employees have enrolled in at Phase 1, 5 Being Developed 5 11 least one PDP course since May, 2018. 9 Pilot - 2018 Not Started • Accounting and Purchasing Certificates – four HR Operations Relationships Effectiveness new courses launched in past two months 3 • HR Operations Certificate launched in Phase 3, Y1 5 13 September, most courses available now. 2019 • Relationship-Building, Personal Effectiveness , Leadership Supervision Customer Service and Leadership being designed. Phase 3, Y2 • Skillsoft e-learning content will be integrated 2020 into some certificates Dept. Chairs Administration Estimated completion date Phase 3, Y3 9/30/2021 2021

  7. 7 Peer Learning Network • New format for informal, peer-led learning • Content Leaders provide support for Content Seekers • Workshops, 1:1 assistance, reference materials • Resources will be accessible from PDP website • Initial focus will be on Excel Skills • Details coming soon

  8. 8 Skillport e-Learning Portal • 6,000+ e-learning courses, books and videos • Available to OHIO staff and faculty • Individual professional development needs • Support for PDP certificate programs • Product Demonstration

  9. 9 Discussion Questions • What e-learning course topics would be best to highlight as we introduce Skillport?

  10. 10 Questions? • Lewis Mangen Director, Talent & Organizational Development mangen@ohio.edu (740) 593-1627 • Michael Greene Learning & Development Administrator mgreene@ohio.edu (740) 593-4472

  11. 11 Post Awards and Grants Partner Group Co-chairs: Mike Finney, Voinovich School Cindy Perry, Grants Accounting

  12. 12 Post Awards and Grants Partner Group Charge • The Post Awards and Grants Partner Group is charged with developing solutions to issues that impact the application, implementation and accounting for external awards.

  13. 13 Post Awards and Grants Partner Group Representation • Wendy Kaaz, College of Arts and Sciences • Beth Tragert, College of Health Sciences and Professions • Greg Jolley, Heritage College of Osteopathic Medicine • Melissa Standley, Heritage College of Osteopathic Medicine • Chip Rice, Patton College of Education • Shannon Bruce, Russ College of Engineering and Technology • Mo Valentine, Office of Research and Sponsored Programs • Keith Leffler, Vice President for Research

  14. 14 Post Awards and Grants Partner Group Goals • Roles and Responsibilities Matrix ongoing • Grants Training • Provide recommendations for process improvement • Vacation & Sick Leave Accrual

  15. 15 Roles and Responsibilities Matrix – ongoing project • Provide campus with information on who is responsible for sponsored project management • Policy and procedures currently in development • Web page will be available that will guide users on how to use matrix

  16. 16 Roles and Responsibilities Matrix Managing the Award - Financial

  17. 17 Grants Training • Review upcoming training for Recharge/Service Centers • Requested further training/guidance on Institutional Base Salary

  18. 18 Recommendations for process improvement • Discussion on how Institutional Base Salary is being implemented across planning units • How are proposals being developed? • How is effort being charged? • How is effort being certified?

  19. 19 Vacation & Sick Leave Accrual • Recommendations on sick leave accrual • The accrual of sick leave occurs as researchers work on specific projects but the time/cost is not factored into the direct charges to the project, therefore creating a financial gap

  20. 20 Discussion Questions • Are there post award, grant, sponsored research issues that the broader University community would like to see on this group’s agenda?

  21. 21 Questions? • Mike Finney, finney@ohio.edu • Cindy Perry, perryc@ohio.edu

  22. 22 October 9, 2019 Business Forum Finance Update

  23. 23 Agenda • PCI Compliance • OBI Dashboard Updates • Software Purchase Process • JET Updates • Travel Updates

  24. 24 October 9, 2019 PCI DSS Compliance

  25. 25

  26. 26 What is PCI DSS? PCI DSS stands for Payment Card Industry Data Security Standard, which sets the requirements for organizations and sellers to safely and securely accept, store, process, and transmit cardholder data during credit card transactions to prevent fraud and data breaches.

  27. 27 Who needs to be PCI Compliant? PCI compliance is required by credit card companies to make transactions secure and protect them against identity theft. Any merchant that wants to process, store or transmit credit card data is required to be PCI compliant , according to the PCI Compliance Security Standard Council.

  28. 28 Why do we care about PCI? • Increases customer confidence as they know you are taking the protection of their sensitive information seriously • Protects you from potential costly fines if you were to suffer a breach and not be PCI compliant • Protects your business from brand damage • Decreases your risk of security incidents because you have put in place security measures in becoming PCI compliant

  29. 29

  30. 30 PCI Compliance Levels • Four levels of PCI Compliance – based on # of transactions processed per year • Level 1 – Over 6 million transactions annually • Level 2 – Between 1 and 6 million transactions annually • Level 3 – Between 20,000 and 1 million transactions annually • Level 4 – Less than 20,000 annually

  31. 31 Ohio University Data • 63 Merchant Accounts • During FY19, our merchants processed over 608,000 transactions totaling close to $14m • Level 3 compliance obligation

  32. 32 PCI Level 3 Compliance Validation Requirements Compliance is achieved through a combination of technology and process controls • Annual Self Assessment Questionnaires • Quarterly network scans • Attestation of Compliance Form

  33. 33 PCI Checklist • Safeguard cardholder data by implementing and maintaining a firewall. • Create custom passwords and other unique security measures rather than using the default setting from your vendor-supplied systems. • Safeguard stored cardholder data. • Encrypt cardholder data that is transmitted across open, public networks. • Implement and actively update anti-virus software. • Create and sustain secure systems and applications.

  34. 34 PCI Checklist (cont’d) • Keep cardholder data access limited by need-to-know. • Assign unique identifiers (e.g. logins) to users with digital access to cardholder data. • Restrict physical access to cardholder data. • Document network resources and cardholder data access needs. • Frequently test security systems and processes. • Create an information security policy and procedure manual. • Train employees annually.

Recommend


More recommend