Internal Audit’s Role in Compliance Laurisa Riggan, CPA, CHE Children’s Mercy Hospitals and Clinics September 26, 2000

Similar Characteristics b High Level of Reporting b Direct Access to Board of Directors b Independent b Objective b Effective Communication Skills

Program Guidance Elements b Standards and Procedures b Program Oversight b Education and Training b Communication and Reporting Mechanisms b Monitoring and Auditing b Response and Prevention b Enforcement and Discipline

Standards and Procedures b Identify topics and risk areas b Draft policies and procedures b Review and comment b Conduct baseline assessments

Program Oversight b Compliance Committee b Governing Board

Education and Training b General Awareness Training b Policies and Procedures b High Risk Topics b Targeted Training

Communication and Reporting Mechanisms b Audit work b Informal Network b Program Coverage

Monitoring and Auditing b Required Audits for CIA’s b Monitor Corrective Action Plans b Monitor High Risk Activities b Internal Audits of Compliance Subjects b Program Effectiveness Assessment

Annual Audit Plan b Audit Population b Risk Assessment b Staffing Requirements

Audit Population b OIG Program Guidance b OIG Work Plans b OIG Special Fraud Alerts b Internally Reported Concerns b Interviews b Organizational Chart b Chart of Accounts

Risk Assessment b Quantitative Criteria Variance from BudgetVariance from Budget Percent of Assets, Revenue or ExpensesPercent of Assets, Revenue or Expenses b Qualitative Criteria Potential for Fraud or TheftPotential for Fraud or Theft Potential for Legal or Public ExposurePotential for Legal or Public Exposure Employee TurnoverEmployee Turnover Education/Training Provided in the AreaEducation/Training Provided in the Area

Audit Staffing Requirements b Financial Auditor b Information Systems Auditor b Clinical Auditor b Coding Auditor

Program Reviewers b Independent b Access to resources and information b Prepare/present written reports b Identify necessary corrective action

Assessment Techniques b Site visits b Questionnaires b Personnel interviews b Record and document reviews b Trend analyses

Response and Prevention b Conduct or Assist in Investigations b Sample Selection b Identify Corrective Action Steps

Enforcement and Discipline b Personnel File Review Assuring consistency in disciplineAssuring consistency in discipline Assuring non-retaliationAssuring non-retaliation b Background Investigations Maintaining sanctions databaseMaintaining sanctions database Conducting periodic reviewsConducting periodic reviews

Contact Information Laurisa Riggan, CPA, CHE Children’s Mercy Hospitals and Clinics Kansas City, MO