top priorities for internal audit in healthcare · pdf filetop priorities for internal audit...

2012 Internal Audit Capabilities and Needs Survey – Healthcare POV

AHIA 31st Annual ConferenceBreakout Session: Leadership Track

Session 1

Top Priorities for Internal Audit in Healthcare Organizations

© 2012 Protiviti Inc. CONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to another third party.

1

Today’s PresentersSusan Haseley is a Managing Director and the Global Industry Leader for Protiviti's Healthcare and Life Sciences practice and also serves as the Dallas Office Market Leader. Susan has over 25 years of experience in providing risk consulting, internal audit and technology consulting services. Susan received her b h l ' d i I f ti S t f Ohi U i it d MBA fbachelor's degree in Information Systems from Ohio University and an MBA from the University of Dallas. She holds the Certified Internal Auditor (CIA), the Certified Information Systems Auditor (CISA), the Project Management Professional (PMP) certifications and is trained as a Six Sigma Green Belt. Susan is a member of the Institute of Internal Auditors (IIA), Information Systems Audit and Control ( ), yAssociation (lSACA), and the Association of Healthcare Internal Auditors (AHIA). She also is a member of AHIP, HFMA, HCCA.

[email protected]

Alex Robison is a Managing Director and serves as Protiviti’s Western Region Healthcare Practice Leader and the firm’s National Healthcare Industry Revenue Assurance and Compliance practice leader. He has more than 15 years professional experience in providing operational, financial, information technology and regulatory consulting and internal audit services to the healthcare industry. Prior to entering consulting, Alex worked for a large multi-regional healthcare system responsible for integrating Managed Care HMO protocols with federally regulated Medicare guidelines for healthcare delivery. Alex is also a Certified Healthcare Compliance professional (CHC) and holds a master’s degree


2

[email protected]

Certified Healthcare Compliance professional (CHC) and holds a master s degree in Healthcare Administration (MHA).

Today’s Presenters – Cont.

Mike Fabrizius is Vice President of Audit Services for the Carolinas HealthCare System. He is a CIA, CPA and MBA. He has been active in the Association of Healthcare Internal Auditors (AHIA) in a variety of volunteer positions, including Chairman of the Board of Directors in 2011. Carolinas HealthCare System provides a full spectrum of healthcare and wellness programs throughout North and South Carolina. Its network of more than 650 care locations includes academic medical centers, hospitals, healthcare pavilions, physician practices, surgical and

Michael Fabrizius@carolinashealthcare org

centers, hospitals, healthcare pavilions, physician practices, surgical and rehabilitation centers, home health agencies, nursing homes and hospice and palliative care.

[email protected]


3

IntroductionAb t th SAbout the Survey

• Ongoing professional development i ti l f t d ' i t l

• Ongoing professional development i ti l f t d ' i t lis essential for today's internal auditors. They are:

– Facing greater demands to improve organizational processes

is essential for today's internal auditors. They are:

– Facing greater demands to improve organizational processesimprove organizational processes

– Ensuring proper risk management and controls are in place

improve organizational processes

– Ensuring proper risk management and controls are in place

– Required to stay informed on the changing dynamics of business and technology

– Required to stay informed on the changing dynamics of business and technology

– Enjoying a broader range of career paths and opportunities

– Innovative thinkers ready to meet id f h ll

– Enjoying a broader range of career paths and opportunities

– Innovative thinkers ready to meet id f h ll


4

a wide range of challengesa wide range of challenges


• For internal auditing professionals to • For internal auditing professionals to g pachieve all of this – and more – a strong level of competency in key areas is required

g pachieve all of this – and more – a strong level of competency in key areas is required

• The purpose of this survey, sixth in the series, was to continue to assess:

• The purpose of this survey, sixth in the series, was to continue to assess:

– How internal auditors perceive their present capabilities

– Where they currently see need for

– How internal auditors perceive their present capabilities

– Where they currently see need for improvement

– How they prioritize those needs

improvement

– How they prioritize those needs


5


• Protiviti conducted the survey from S t b 2011 th h O t b

• Protiviti conducted the survey from S t b 2011 th h O t bSeptember 2011 through October 2011

• The survey included close to 200 topic areas divided into four major

September 2011 through October 2011

• The survey included close to 200 topic areas divided into four majortopic areas divided into four major sections:

– Use of Technology in Auditing Business Process Controls

topic areas divided into four major sections:

– Use of Technology in Auditing Business Process ControlsBusiness Process Controls

– General Technical Knowledge

– Healthcare Technical Knowledge

Business Process Controls

– General Technical Knowledge

– Healthcare Technical Knowledge

– Audit Process Knowledge

– Personal Skills and Capabilities

– Audit Process Knowledge

– Personal Skills and Capabilities


6


• Respondents were asked to rate:

– Their competency in these areas

• Respondents were asked to rate:

– Their competency in these areas on a scale of 1 to 5

– Indicate whether competency was adequate or needs improvement

on a scale of 1 to 5

– Indicate whether competency was adequate or needs improvement

• The survey also assessed the following:

– Competency levels of CAEs

• The survey also assessed the following:

– Competency levels of CAEsCo pete cy e e s o C s

– Differing needs by industries and business size

Three year trends for CAEs and

Co pete cy e e s o C s

– Differing needs by industries and business size

Three year trends for CAEs and– Three-year trends for CAEs and overall results

– Three-year trends for CAEs and overall results


7


• Protiviti distributed the survey to the following groups:

• Protiviti distributed the survey to the following groups:

– Attendees at various conferences

– KnowledgeLeader subscribers and trialers

– Attendees at various conferences

– KnowledgeLeader subscribers and trialers

– Internal audit professionals expressing interest in the survey

• NetReflector online survey software

– Internal audit professionals expressing interest in the survey

• NetReflector online survey software• NetReflector online survey software was used to tabulate the results

• Over 800 respondents participated in this survey

• NetReflector online survey software was used to tabulate the results

• Over 800 respondents participated in this surveyin this survey

• 13% or 104 respondents represent U.S. Healthcare Providers

in this survey

• 13% or 104 respondents represent U.S. Healthcare Providers


8

IntroductionS R d t B kdSurvey Respondent Breakdown

PositionC f (C ) %Chief Audit Executive (CAE) 24%Director of Auditing 15%Audit Manager 21%Audit Staff 17%All Others 23%

Type of OrganizationPublicly Traded 50%Private 23%Private 23%Not-For-Profit 16%Government 8%


9

Other 3%

IntroductionS R d t B kdSurvey Respondent Breakdown

Size of Organization (Gross Annual Revenues)

$20 billi 12%IndustryFi i l S i 17%> $20 billion 12%

$10 billion - $19 billion 8%$5 billion - $9 billion 11%

Financial Services 17%Healthcare Provider (U.S.) 13%

M f t i 12%$1 billion - $4 billion 32%$500 million - $999 million 16%$100 million $499 million 14%

Manufacturing 12%Government/Education/Not-for-profit 9%

All Oth I d t i 49%$100 million - $499 million 14%< $100 million 7%

All Other Industries 49%


10

OverviewT i f FTopics of Focus


11

Use of Technology in Auditing Business Process g

Controls

Use of TechnologyA E l t dAreas Evaluated

IT asset management Time and expense reporting

Vendor negotiation and set-up CTO/vacation tracking

Access controls Facilities leases/improvementsccess co t o s ac t es eases/ p o e e ts

Cash receipts/applications Electronic data interchange (EDI) analysis

Supplier management Validation of employment

Travel and entertainment Credit memo process

Purchasing/purchase order Capital/operating leases

Data/telecom costs Physical security/building access

HR records management Obsolete/expired inventory

Accounts receivable Construction analysis

Revenue recognition Inventory valuation

Billing Intercompany/interbusiness unit sales and transfer pricing

Fixed asset control Inventory master control

Recei ing Book and ph sical in entor differencesReceiving Book and physical inventory differences

Compensation and benefits management Sales contract timing

Accounts payable/cash disbursements Call center/customer service

Credit collection/bad debt Royalties


13

Cash management segregation of duties Warranty repair

Use of Technology T Fi O ll R ltTop Five – Overall Results

"Need to Increase Use of Technology"

R kAreas Evaluated by Respondents Competency

(5-pt. scale)Rank (5 pt. scale)

1 IT asset management 2.9 2 Vendor negotiation and set-up 2.7 3

(ti )Access controls 3.3

C h i t / li ti 2 9(tie) Cash receipts/applications 2.9 4

(tie)Supplier management 2.8

Travel and entertainment 2.9

5Purchasing/purchase order 3.1

D t /t l t 2 85(tie)

Data/telecom costs 2.8 HR records management 2.8

Accounts receivable 3.0


14

Use of Technology S tt DiScatter Diagram


15

Use of Technology S tt Di KScatter Diagram Key

1 IT asset management 19 Time and expense reporting

2 Vendor negotiation and set-up 20 CTO/vacation tracking

3 Access controls 21 Facilities leases/improvements

4 Cash receipts/applications 22 Electronic data interchange (EDI) analysis

5 Supplier management 23 Validation of employment

6 Travel and entertainment 24 Credit memo process

7 Purchasing/purchase order 25 Capital/operating leases

8 Data/telecom costs 26 Physical security/building access

9 HR records management 27 Obsolete/expired inventory

10 Accounts receivable 28 Construction analysis10 Accounts receivable 28 Construction analysis

11 Revenue recognition 29 Inventory valuation

12 Billing 30 Intercompany//interbusiness unit sales and transfer pricing

13 Fixed asset control 31 Inventory master control

14 Receiving 32 Book and physical inventory differences

15 Compensation and benefits management 33 Sales contract timing

16 Accounts payable/cash disbursements 34 Call center/customer service

17 Credit collection /bad debt 35 Royalties


16

17 Credit collection /bad debt 35 Royalties

18 Cash management segregation of duties 36 Warranty repair

Use of Technology T Fi CAE R ltTop Five – CAE Results

"Need to Increase Use of Technology" Rank Areas Evaluated by Respondents Competency

(5-pt. scale)1 IT asset management 2.82

(tie)Cash receipts/applications 2.8

Supplier management 2.63 Purchasing/purchase order 3.04 Access controls 3.2

5 (tie)

Accounts receivable 2.9Revenue recognition 2.7Data/telecom costs 2 7Data/telecom costs 2.7


17

Use of Technology C Si B kd

Rank Small < $1B Medium $1B-9B Large > $10B

1Vendor negotiation and set-up

IT asset management Vendor negotiation and set p

Company Size Breakdown

1 IT asset management Vendor negotiation and set-upAccess controls

2

IT asset management Access controls

Data/telecom costsCash receipts/applications

Cash receipts/applications

Purchasing/purchase orderPurchasing/purchase order

3 Travel and entertainmentTravel and entertainment Supplier management

Supplier management HR records management

Supplier management Data/telecom costs IT asset management

4Accounts receivable Vendor negotiation and set-up

Revenue recognition

CTO/vacation tracking

Purchasing/purchase order

HR records management

5

Billing Compensation and benefits management

HR records management

Fixed asset control

Compensation and benefits management


18

• Circled items are consistent top five items by company size

Use of Technology Ad i i t ti th A dit PAdministrating the Audit Process

• More than one out of three organizations – 35 percent – are not utilizing any sort of software application to administrate their audit processespp p

– 37 percent of those who do so, are using basic word processing or spreadsheet software

– Just one in four of those who are not using technology plan to implement oneJust one in four of those who are not using technology plan to implement one within the next 12 months

– While more large companies tend to use a software application as part of their audit processes, nearly one in five (18 percent) do not

• Most respondents – 87 percent – noted that the tool they use delivers significant or moderate value to the audit process


19

Use of Technology P t D t t M it d I ti t F dPrevent, Detect, Monitor and Investigate Fraud

50%No we do not use technology to monitor for fraud

Do you utilize results from your organization’s fraud risk assessment to identify business processes that need to be monitored for fraud?

31%

50%

Yes, we monitor high-risk processes using technology.

No, we do not use technology to monitor for fraud.

19%

0% 10% 20% 30% 40% 50%

Yes, we monitor high-risk and medium risk processes using technology.


20

Use of Technology C ti A diti d C ti M it iContinuous Auditing and Continuous Monitoring

Who utilizes continuous auditing and continuous monitoring the most in your organization?

Executive management Mid level management Internal audit Other

4% 13% 70% 13%Continuous Auditing

6% 36% 44% 14%

0% 20% 40% 60% 80% 100%

Continuous Monitoring


21

Key Questions to Consider – Healthcare Commentary

• Is the internal audit function partnering effectively with the CIO and IT department to assure that IT assets are managed and controlled appropriately? Are you aware of any

I th ffi i t i l t th it li i d ti f

assure that IT assets are managed and controlled appropriately? Are you aware of any gaps in the IT asset management process that should be addressed? Does the audit team have relevant and appropriate experience to handle technical matters?

• Is there a sufficient process in place to assess the security policies and practices of vendors that work with your organization? Does the organization have confidence that vendors’ access controls and privacy standards exceed or are on par with its own? Are vendor access controls terminated when vendor relationships end?

• Does the internal audit function have appropriate technology tools to audit effectively business processes such as expense management, purchase orders, suppliers and accounts receivable, among other areas?

• How are internal auditors leveraging technology to prevent, detect, monitor and investigate fraud?


22

• Have all significant classes of mobile devices been considered?

General Technical Knowledge Overallg

General Technical KnowledgeA E l t dAreas Evaluated

Social media applications GTAG 14 - Auditing User-developed Applications

Cloud computing Practice Guide - Auditing the Control Environment

GTAG 13 - Fraud Prevention and Detection in an Automated World GTAG 5 - Managing and Auditing Privacy Risks

Fraud risk management COBIT

GTAG 16 - Data Analysis Technologies GTAG 9 - Identity and Access Management

ISO 31000 (risk management) GTAG 12 - Auditing IT Projects

Practice Guide - Assessing the Adequacy of Risk Management

Practice Guide - Assisting Small Internal Audit Activities in Implementing the International Standards for the Professional Practice of Internal Auditing

Practice Guide - Measuring Internal Audit Effectiveness and Efficiency Six sigma

International Financial Reporting Standards (IFRS) GTAG 11 - Developing the IT Audit Plan

The Guide to the Assessment of IT Risk (GAIT) GTAG 2 - Change and Patch Management Controls

GTAG 6 - Managing and Auditing IT Vulnerabilities GTAG 1 - Understanding IT Controls

GTAG 15 - Information Security Governance GTAG 4 - Management of IT Auditing

GTAG 3 - Continuous Auditing GTAG 7 - IT Outsourcing

ISO 27000 (information security) GTAG 10 Business Continuity Management


24

ISO 27000 (information security) GTAG 10 - Business Continuity Management

IT governance GTAG 8 - Auditing Application Controls

General Technical KnowledgeA E l t dAreas EvaluatedReporting on Controls at a Service Organization – SSAE 16 / AU 324 (replaces SAS 70) Fair value accounting

Practice Advisory 2050-3 - Relying on the Work of Other Assurance Providers FASB Accounting Standards CodificationTMAssurance Providers

COSO Enterprise Risk Management Framework Tax laws (in your applicable region/ country)

ISO 9000 (quality management and quality assurance) Corporate governance standards (or local country equivalent)

Recently Enacted IIA Standards (effective January 1, 2009) -Functional Reporting Interpretation (Standard 1110)

Revenue Arrangements with Multiple Deliverables (EITF 08-1 (ASU 2009 13))Functional Reporting Interpretation (Standard 1110) (ASU 2009-13))

Evaluating executive compensation risk of Regulation S-K U.S. GAAP (or local country equivalent)

Recently Enacted IIA Standard (effective January 1, 2009) - Audit Opinions and Conclusions (Standards 2010.A2 and 2410.A1) Foreign Corrupt Practices Act (FCPA)

AU S ti 322 Th A dit ’ C id ti f th I t lBoard risk oversight (SEC Item 407(h) of Regulation S-K) AU Section 322 – The Auditor’s Consideration of the Internal Audit Function in an Audit of Financial Statements

Recently Enacted IIA Standard (effective January 1, 2009) -Overall Opinions (Standard 2450) COSO Internal Control Framework

Practice Advisory 1312-3 - Independence of External Assessment T i h P i S Stock-based compensationTeam in the Private Sector Stock based compensation

Country-specific Enterprise Risk Management Framework Standards for the Professional Practice of Internal Auditing (IIA Standards)

Practice Advisory 1312-4 - Independence of the External Assessment Team in the Public Sector UK Bribery Act


25

Extensible Business Reporting Language (XBRL) Sarbanes-Oxley (Sections 301, 302, and 404)

ISO 14000 (environmental management)

General Technical Knowledge T Fi O ll R lt

"Need to Improve" Rank Areas Evaluated by Respondents Competency

(5-pt. scale)

Top Five – Overall Results

1 Social media applications 2.6

2 Cloud computing 2.6

3 GTAG 13 - Fraud Prevention and Detection in an Automated World 2.9 Automated World

4 Fraud risk management 3.3

5 GTAG 16 - Data Analysis Technologies 2.9


26

General Technical KnowledgeS tt DiScatter Diagram


27

General Technical KnowledgeS tt Di KScatter Diagram Key

1 Social media applications 16 GTAG 14 - Auditing User-developed Applications

2 Cloud computing 17 Practice Guide: Auditing the Control Environment

3 GTAG 13 - Fraud Prevention and Detection in an Automated World 18 GTAG 5 - Managing and Auditing Privacy Risks

4 Fraud risk management 19 COBIT

5 GTAG 16 - Data Analysis Technologies 20 GTAG 9 - Identity and Access Managementy g y g

6 ISO 31000 (risk management) 21 GTAG 12 - Auditing IT Projects

7 Practice Guide - Assessing the Adequacy of Risk Management 22Practice Guide - Assisting Small Internal Audit Activities in Implementing the International Standards for the Professional Practice of Internal Auditing

8 Practice Guide - Measuring Internal Audit Effectiveness and Efficiency 23 Six sigma

9 International Financial Reporting Standards (IFRS) 24 GTAG 11 - Developing the IT Audit Plan

10 The Guide to the Assessment of IT Risk (GAIT) 25 GTAG 2 - Change and Patch Management Controls

11 GTAG 6 - Managing and Auditing IT Vulnerabilities 26 GTAG 1 - Understanding IT Controls

12 GTAG 15 - Information Security Governance 27 GTAG 4 - Management of IT Auditing

13 GTAG 3 - Continuous auditing 28 GTAG 7 - IT Outsourcing


28

14 ISO 27000 (information security) 29 GTAG 10 - Business Continuity Management

15 IT governance 30 GTAG 8 - Auditing Application Controls

General Technical KnowledgeS tt Di KScatter Diagram Key

31 Reporting on Controls at a Service Organization – SSAE 16 / AU 324 (replaces SAS 70) 45 Fair value accounting

Practice Advisory 2050-3 - Relying on the Work of Other S S C f TM32 Practice Advisory 2050 3 Relying on the Work of Other Assurance Providers 46 FASB Accounting Standards CodificationTM

33 COSO Enterprise Risk Management Framework 47 Tax laws (in your applicable region/ country)

34 ISO 9000 (quality management and quality assurance) 48 Corporate governance standards (or local country equivalent)

Recently Enacted IIA Standards (effective January 1 2009) - Revenue Arrangements with Multiple Deliverables (EITF 08-135 Recently Enacted IIA Standards (effective January 1, 2009) -Functional Reporting Interpretation (Standard 1110) 49 Revenue Arrangements with Multiple Deliverables (EITF 08-1

(ASU 2009-13))

36 Evaluating executive compensation risk of Regulation S-K 50 U.S. GAAP (or local country equivalent)

37Recently Enacted IIA Standard (effective January 1, 2009) -Audit Opinions and Conclusions (Standards 2010.A2 and 2410.A1)

51 Foreign Corrupt Practices Act (FCPA))

38 Board risk oversight (SEC Item 407(h) of Regulation S-K) 52 AU Section 322 – The Auditor’s Consideration of the Internal Audit Function in an Audit of Financial Statements

39 Recently Enacted IIA Standard (effective January 1, 2009) -Overall Opinions (Standard 2450) 53 COSO Internal Control Framework

40 Practice Advisory 1312-3 - Independence of External 54 St k b d ti40 y pAssessment Team in the Private Sector 54 Stock-based compensation

41 Country-specific Enterprise Risk Management Framework 55 Standards for the Professional Practice of Internal Auditing (IIA Standards)

42 Practice Advisory 1312-4 - Independence of the External Assessment Team in the Public Sector 56 UK Bribery Act


29

43 Extensible Business Reporting Language (XBRL) 57 Sarbanes-Oxley (Sections 301, 302, and 404)

44 ISO 14000 (environmental management)

General Technical KnowledgeTh Y C i O ll R ltThree Year Comparison – Overall Results

Rank 2012 2011 2010

IFRS

1 Social media applications GAITGTAG 13 - Fraud Prevention and Detection in an Automated World

2 Cloud computing ISO 31000 IFRSp g

3 GTAG 13 - Fraud Prevention and Detection in an Automated World

Penalties in Administrative Proceedings (§ 929P) XBRL

4 Fraud risk management Six sigma ISO 27000

5 GTAG 16 - Data Analysis T h l i

Hedging by Employees and Directors (§ 955)

COBIT5 Technologies COBITGTAG 15 - Information Security

Governance


30

• No consistent top five items for 2012, 2011 and 2010

General Technical KnowledgeC Si B kdCompany Size Breakdown

Rank Small < $1B Medium $1B-9B Large > $10B

1 Social media applications Social media applications Social media applications

2 Cloud computing Cloud computing ISO 31000 (risk management)

3

GTAG 13 - Fraud Prevention and Detection in an Automated World GTAG 13 - Fraud Prevention and

Detection in an Automated World

Evaluating executive compensation risk of Regulation S-K

GTAG 16 - Data Analysis Fraud risk managementTechnologies Fraud risk management

4 The Guide to the Assessment of IT Risk (GAIT) Fraud risk management Country-specific enterprise risk

management framework

Fraud risk management ISO 31000 (risk management) ISO 9000 (quality management and quality assurance)

5

g ( g ) quality assurance)

IT governance GTAG 16 - Data Analysis Technologies

Board risk oversight (SEC Item 407(h) of Regulation S-K)

Practice Guide - Assessing the Adequacy of Risk Management Practice Guide - Assessing the 0 ( ) o egu at o S )dequacy o s a age e t Practice Guide - Assessing the

Adequacy of Risk ManagementPractice Guide - Measuring Internal Audit Effectiveness and Efficiency


31

• Circled items are consistent top five items by company size

General Technical Knowledge T Fi CAE R ltTop Five – CAE Results

"Need to Improve"


(5 pt. scale)Rank (5 pt. scale)



3 GTAG 13 Fraud Prevention and Detection in an Automated World 3 13 GTAG 13 - Fraud Prevention and Detection in an Automated World 3.1

4 GTAG 16 - Data Analysis Technologies 3.0

5 International Financial Reporting Standards (IFRS) 2.9


32

General Technical KnowledgeTh Y C i CAE R ltThree Year Comparison – CAE Results

Rank 2012 2011 2010

1 Social media applications IFRS GAIT

2 Cloud computing GTAG 13 - Fraud Prevention and Detection in an Automated World XBRL

3 GTAG 13 - Fraud Prevention and D t ti i A t t d W ld

Penalties in Administrative Proceedings (§ 929P)

IFRS3 Detection in an Automated World IFRSHedging by Employees and Directors

(§ 955)

4GTAG 16 - Data Analysis

Technologies

GTAG 14 - Auditing User-developed Applications

COBITGTAG 15 Information SecurityGTAG 15 - Information Security

Governance

5 IFRSGTAG 3 – Continuous Auditing

ISO 27000 GTAG 12 - Auditing IT Projects


33

• Circled items are consistent top five items for 2012, 2011 and 2010

Addressing and Managing Existing and Emerging Risks H lth I d t R lt G l T h i l K l d

"Need to Improve"


(5 pt. scale)

Healthcare Industry Results - General Technical Knowledge

Rank (5 pt. scale)



3 GTAG 16 Data Analysis Technologies 3 03(tie)

GTAG 16 - Data Analysis Technologies 3.0

Fraud risk management 3.4

4(tie) GTAG 13 - Fraud Prevention and Detection in an Automated World 3.1(tie)

5(tie)

GTAG 3 – Continuous Auditing 3.2

GTAG 12 – Auditing IT Projects 3.0


34

General Discussion

Meeting Today’s Challenges

Meeting Today’s ChallengesP i t f Di iPoints for Discussion

• Do you agree with these findings?

• What areas are you weakest in related to the following topics?y g p

- Use of Technology in Auditing Business Process Controls

- General Technical Knowledge

• Are there other professional competencies that you want to improve upon?

• What other comments or questions do you have?What other comments or questions do you have?


37

Questions?


38

Thank you for joining us!

[email protected] Alex. [email protected]

Managing Director Protiviti – Dallas

+1 (469) 374-2435

Managing Director Protiviti – Phoenix

+ 1 (602) 273-8022( )

[email protected]

( )

Vice President of Audit Services for the Carolinas HealthCare System

Past Board Chair, AHIA – Denver,

+1 (704) 512-5928


39


40

Save the Date: August 25-28August 25 28,

2013

32nd Annual Conference Chicago, IL


41

top priorities for internal audit in healthcare · pdf filetop priorities for internal audit...

Documents