This appendix provides a reference overview of the roles and responsibilities of campuses, SUNY System Administration, and State partners in implementing the SUNY IRISK framework. It is intended to support consistent understanding of oversight and coordination under the three-tier model.
Function: Owns and administers the I‑RISK framework
Description: Serves as the entry point for Tier 2 and qualified Tier 3 submissions from campuses. Maintains the real time tracking system for visibility, trend analysis, and required reporting. Determines which submissions require further review through automated flags and review by the SUNY International Risk Working Group. Provides periodic, aggregate summary reporting to State partners consistent with the objective of limiting State level review of higher risk cases.
Function: Maintain records and conduct initial screening
Description: Maintain local records of Tier 1 activities through existing travel, research, or international program approval and tracking processes. Conduct prescreening of Tier 2 and Tier 3 engagements to ensure completeness and alignment with campus policies, applicable federal requirements, and institutional expectations. Submit qualifying Tier 2 and Tier 3 activities through the SUNY International Engagement Form or an approved equivalent process, where applicable.
Function: Conduct targeted risk reviews
Description: Reviews flagged Tier 2 and Tier 3 submissions involving designated countries, sensitive or dual use subject matter, senior level government engagement, or other identified risk indicators. May clear activities, request additional information, recommend mitigations or conditions, or recommend escalation where unresolved risk remains.
Function: Receives escalations and provides guidance
Description: Reviews a subset of higher risk cases referred by SUNY System Administration. Retains authority to request additional information as required under State policy.