HKUST Annual Report 2017-18

A N N U A L R E P O R T 2 0 1 7 - 1 8 79 HKUST Financial Risks The University is dependent on funding from the Government and is therefore exposed to a substantial one off reduction in funding or sustained reduction of a significant part of its funding. The University also derives significant income from non-Government sources, such as its self-financed teaching courses where it is dependent on the competiveness of its offering both locally and internationally. The key mitigations for funding risks are maintaining a high academic reputation in both teaching and research, having sufficient cash reserve and pledges for future donations. The University is also exposed to financial risks, mainly market risks on its investments. Investment risk is mitigated by a diversified investment strategy with acceptable risk and return objectives approved by Council and the employment of external advisors and investment managers. The Financial Statements contain further information about financial risks and their mitigation. Reputational Risks The University strives to be a leader in education and research and it is essential it maintains an excellent reputation in these areas and is able to attract and retain the best global talents including students, faculty and staff. The University has broad and robust risk mitigation and assurance in academic areas including the quality of its faculty and UGC’s direct review and assessment. In particular, the University undergoes periodic exercises such as Planning Exercise Proposal (PEP), Research Assessment Exercise (RAE) and Quality Assurance Council (QAC) audits, each containing a broad range of topics including SWOT analysis. Some of the academic endeavors, such as research and growing parts of knowledge transfer, services and education, are also open to international benchmarking and peer review. The University places high importance on full compliance with all relevant regulatory requirements, whether academic, operational, accounting, legal, tax, privacy, environmental, building code or the specific requirements of funders. It would not knowingly breach any requirements. The key mitigations are the employment of seasoned and qualified staff to ensure compliance, use of professional advisers whenever required, internal control procedures and independent audit. It is essential that the University upholds the standards expected of a publicly funded institution. The University has a comprehensive code of conduct policy that all its members must comply with. Student welfare, on and off campus, is paramount and the University has implemented various measures to identify and manage any concerns of students. These include confidential access to team of professionally trained counselors if required. Risks to Operations The University has set itself high academic and non-academic standards, consistent with those of a world-class institution. It strives to ensure its facilities and infrastructure are meeting the expected standard and available at all times. Inevitably there are occasions when the availability or quality of facilities and infrastructure is below the expected standard but this is mitigated by a comprehensive programme of preventative maintenance and in-built infrastructure resilience. Despite all planning and risk management, the University is vulnerable to a disaster whether naturally occurring or deliberately instigated. The University has a business continuity framework in place including tested emergency response procedures and restoration of back-up IT systems if necessary. The University is a complex campus where staff and students, live, work and study with continuous activity to maintain and expand campus facilities. The University has an on-campus medical facility, able to respond to any situations. All contractors on site must comply with Hong Kong Healthy and Safety standards. University sports facilities are suitably supervised with users receiving appropriate training if necessary. Some University operations require the use of hazardous materials, which can cause serious injury or death if not managed correctly. The University has a comprehensive Environmental Health & Safety (EHS) management program designed to manage this risk. As an open community, the University is vulnerable to unauthorized penetration of its IT networks, applications and data with potentially serious consequence. The University has a comprehensive cyber security policy and has implemented a variety of security measures including a dedicated team monitoring compliance with policy and any incidents. The University uses external service providers to perform IT security audits periodically.

RkJQdWJsaXNoZXIy NjM4OTI=