Governance, Audit, Risk & Compliance Department (GARC), established in Riphah International University Islamabad in May 2019, provides an oversight and insight of Corporate Management, Policy Management, Internal Audits, Risk management and ensures conformity with laws and policies implemented in the University.

GARC department prominently handles Compliance section of IIMCT, RHS and RIU to ensure implementation of policies and industry best practices. GARC-RIU has deployed its team of 20 members across university campuses in Lahore, Islamabad, Faisalabad, and Rawalpindi and shall soon be deployed in Sahiwal. The Departments core is to manage transactions related to procurement, financial and non-financial matters of the Riphah Health Services and its 4 teaching hospitals. 

GARC stands for its scope in Governance, Risk-based Internal Audit, Enterprise Risk Management and Compliance Management.

• For Governance: Corporate Management includes strategy devising, policy management, committees’ framework, regulatory advices, trainings and ERP implementation.
• For Risk-based Internal Audit: planning, execution, and reporting of audit plan and Adhoc assignments are carried out to identify the control weaknesses in the environment and control system.
• For Enterprise Risk Management: GARC ensures identification, evaluation and management of risk based on the risk universe implemented for the entity
• For Compliance Management: GARC plays role in full-cycle transactional flow to ensure policies and procedures, and industry best practices are followed

Key Objectives of the Department:

• Stability: Establishing GARC gives resolution to immediate and long-term risk exposure while allowing for an agile and scalable control environment.
• Optimization: Non-value adding activities are eliminated and value-adding activities are streamlined to reduce time and any undesirable variations.
• Transparency: GARC allows the ability to view a more complete picture of the organization and processes, allowing owners to have access and control over necessary content to understand the business unit profile and applicable risks and challenges
• Reduced cost: Lower costs contribute to the overall ROI gains represented by effective GARC activities. There is also reduced costs in maintaining duplicated controls, tests, issues, actions, and reporting across multiple disciplines.
• Consistency: Improved alignment of objectives with mission, vision, and value of the organization, resulting in better decision-making agility and confidence.

Achievements

• In three years, 126 audit reports are issued with over 1 billion financial exposures addressed. 
• Designed policy manuals and delegation authority of 5 departments including Human development services, Finance, Procurement, IT, and Marketing and Admission team. 
• Lead the Organization restructuring IIMCT and RIU. 
• 32,500 transaction reports were reviewed and issued with an exposure value of approximately 5 billion rupees. 
• Viewed and issued reports of nearly 400 contracts and MOU.