internal audit – adding value

Download Internal Audit – Adding Value

Post on 04-Jan-2016




2 download

Embed Size (px)


Internal Audit – Adding Value. AHIA NW Regional Seminar May 7, 2010. Introductions. Legacy Health 6 hospital system in Portland metro region Management Audit Services (MAS) 4 person department with broad responsibilities Joyce L. Lang 16 years as IA director, 9 in healthcare. Background. - PowerPoint PPT Presentation


  • Internal Audit Adding Value AHIA NW Regional Seminar May 7, 2010

  • **IntroductionsLegacy Health6 hospital system in Portland metro regionManagement Audit Services (MAS)4 person department with broad responsibilitiesJoyce L. Lang16 years as IA director, 9 in healthcare

  • **

    BackgroundAudit Committee Chairs request find out how others add value

    Surveyed a sample of healthcare CAEs

    No definitive answer

    Recurring themes revenue enhancement/ cost savings audits, balanced scorecards

  • **PurposeShare information collected and provide specific examples ofRevenue enhancement/cost savings auditsBalanced ScorecardsShare MAS new approach

    Provide opportunity for peer-to-peer exchange

    So you can take away ideas to formulate your own definition of Adding Value.

  • **Revenue Enhancement and Cost Savings AuditsSourceQueried CAEs who responded to survey for descriptions of specific auditsDiscussion topic at CAE Roundtable in LATypesRevenue Enhancement = ChargesCost Savings = Purchasing, Contracts, Labor and Construction

  • **Revenue Enhancement Audits - Handout

    Audit TopicDollarsImplantable devices$400K/yr, netPharmaceuticalsClinic purchases & immunizations *Administration charges *Not charged *Retail Pharmacies Adjudicated prices$100K/yr1% - $66K$4.5 million$180K

  • **Revenue Enhancement Audits - Handout

    Audit TopicDollarsRadiology Contrast *$18K/yrInfusionCharging *Missing orders, missing start & stop times *$100K/yr$2 million

  • **Cost Savings Audits - Handout

    Audit TopicDollarsPurchasingPricing of supplies under GPO *Bulk purchasing of high cost items *Duplicate payments *$200K$400K/yr$150K recoveredContractsOutsourced collectionPerformance terms$38K$71K recovered

  • **Cost Savings Audits - Handout

    Audit TopicDollarsLabor Abuse of 7/8 minute rule *2 free daysConstructionJob cost billingGeneral conditions not allowableWork reduction cost adjustmentChange orders$714K$194K$361K$170K

  • **Revenue Enhancement and Cost Savings Audits

    Your successes and ideas?

  • **Balanced Scorecard - DefinitionA strategy-focused approach to performance measurement that includes non-financial and financial performance measures that are derived from the organizations strategy and vision.Generally includes objectives and performance measures in the following dimensions:FinancialCustomerInternal processesLearning, innovation, and growth

  • **Balanced Scorecard for IAA Balanced Scorecard Framework for Internal Auditingby Mark L. Frigo, Ph.D., CPA, CMAThe Institute of Internal Auditors Research Foundation, 2002Four dimensions:Board/Audit CommitteeManagement and AuditeesInternal ProcessesInnovation and Capabilities

  • **Balanced Scorecard for IAPerformance Metrics should:Be driven by the internal auditing departments mission and strategyInclude customer measures, internal process measures, and capability and innovation measuresInclude leading indicators (performance drivers) as well as lagging indicators (outcome measures)Leading Training hours per auditorLagging Customer satisfaction survey

  • **Balanced Scorecards - DimensionsFrameworkBoard/Audit CommitteeManagement and AuditeesInternal ProcessesInnovation and CapabilitiesExamples - HandoutCustomer Satisfaction, Internal and External CustomersQuality & Volume, Performance, QualityWorkforce Satisfaction, Associate Engagement, Innovation & LearningFinancial Performance, Cost/Efficiency, Stewardship

  • **Balanced Scorecards - HandoutConsistent Project satisfaction survey results, work plan completionOther surveys Organization satisfaction, employee engagementObservations Timeliness of reports Customer satisfaction or performance?CAATs/data mining People or performance?

  • **Balanced ScorecardsYour observations and comments Anything missing?What measures are essential to you?What should you be measuring but havent?Frequency of measuring and reporting?

  • **Integrating the IIA Standards2100 Nature of WorkThe internal audit activity must evaluate and contribute to the improvement of governance, risk management, and control processes using a systematic and disciplined approach.

  • **Integrating the IIA Standards2110 GovernanceThe internal audit activity must assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives2110.A1 must evaluateorganizations ethics-related objectives, programs, and activities2110.A2 must evaluateinformation technology governance of the organization

  • **Integrating the IIA Standards2120 Risk ManagementThe internal audit activity must evaluate the effectiveness and contribute to the improvement of risk management processes.2120.A1 must evaluate risk exposures regarding (information, E&E, assets, compliance)2120.A2 must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk

  • **Integrating the IIA Standards2130 ControlThe internal audit activity must assist the organization in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement.2130-A1 must evaluate the adequacy and effectiveness of controls in responding to risks regarding (information, E&E, assets, compliance)

  • **Integrating the IIA StandardsInternal auditing is an independent, objective assurance and consulting activity.

    New MAS Charter in February 2010Scope of Work outlines 5 assurance responsibilities the musts in the StandardsCore Audit Program -Frequency-Based Audits - 36 topics (e.g., charges for patient care, purchasing, IT); annual to 5-year cycle; frequency reflects riskAd Hoc Audits Specific high risks (e.g., system implementations, major construction project costs, OIG topics)

  • **Assurance Activity #1Standards MAS CharterEvaluate risk exposures and the adequacy and effectiveness of controls in responding to risks within the organizations governance, operations and information systems regarding the:Reliability and integrity of financial and operational informationEffectiveness and efficiency of operationsSafeguarding of assetsCompliance with laws, regulations and contracts.MAS Work PlanSelected audit projects from Core Audit Program catalog of topics

  • **Assurance Activity #2Standards MAS CharterEvaluate the effectiveness and contribute to the improvement of risk management processes. MAS Work PlanCatalog the external and internal risks to business objectivesAssess impact and likelihood of each risks occurrenceIdentify who is responsible for the risks management and how the risk is managed and monitoredEvaluate the effectiveness of risk management activities.

  • **Assurance Activity #3Standards MAS CharterAssess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives:Appropriate ethics and valuesEffective organizational performance management and accountabilityCommunication of risk and control information to the appropriate areasCoordination and communication of information between the Board, management and auditors.1.MAS Work PlanGovernance process addressed through an assessment of the 10 elements of the Internal Environment, a section of COSO ERM

  • **Assurance Activity #4Standards MAS CharterAssess whether IT Governance of the organization sustains and supports objectives and strategies. MAS Work PlanCatalog attributes of IT Governance and develop a plan for assessing effective implementation of each componentComplete an assessment of at least one component this year and work with IT on improvements, if needed.

  • **Assurance Activity #5Standards MAS CharterEvaluate the potential for the occurrence of fraud and how the organization manages fraud risk. MAS Work PlanManaging the Business Risk of Fraud: A Practical Guide - 5 principles for boards/management to consider in protecting the organization from fraudUse this tool to outline an on-going assessment program and perform initial assessment.

  • **Integrating the IIA Standards

    Questions ?Discussion ?

  • **Thank You !

    Joyce L. Lang, CPA, CIADirector, Management Audit ServicesLegacy Health815 NE Davis St.Portland, OR 97232jlang@lhs.org503-413-3312




View more >