2013 UC Compliance & Audit Symposium

Session descriptions


Preconference – North (January 28) & South (February 11)

9:00 AM – Noon

Investigations – Forensics
Don Vilfer (Califorensics)
The session’s focus will be on creating an awareness of what data can be retrieved from digital devices and the steps to take to preserve and find evidence. It will provide an overview of computer forensic techniques and strategies, including preservation methods and pitfalls to avoid. Today's smart phones should also always be considered part of your forensic examination plan in investigating and litigating a case. It will discuss types of data on smart phones, techniques for recovering and preserving data, and the challenges and duties to preserve the information. The session will also cover retrieval of email and text messages, location data and more.

11:00 AM – Noon

Ten Things You MUST Know Before Taking Your Laptop Overseas
Brian Warshawsky (UCOP)
Researchers commonly travel internationally with laptops and mobile devices. But what are the legal risks and penalties?  Does it matter what’s on the laptop, or which countries are being visited? Are available exemptions or exceptions overlooked?  What best practices must travelers know? This session will provide the answers, best practices and travel checklists you won’t want to leave behind. 

1:00 – 2:00 PM

Investigations Panel including Police, Audit & Compliance
Paul Berlin, Rick Catalano (UCSF), Leslyn Kraus (UCD), John Lohse (UCOP) (North)
Jeff Young, Ellen Fischer (UCLA), Michael Bathke (UCI), John Lohse (UCOP) (South)
This session will focus on the interplay between workplace investigations and criminal investigations. The panel composed of personnel from audit, police and compliance will raise awareness of the challenges and the pitfalls of investigations where the employee’s misconduct may not only violate UC policy but is also criminal conduct. These cases require close coordination between the work place investigator and our UC Police. The panel will share experience from real life UC investigations.

1:00 – 3:00 PM

Export Control Compliance Tools (and Screening/Classification Techniques)
Brian Warshawsky (UCOP)
UC campuses face many challenges in the increasingly demanding arena of export controls. Many within UC rely on Visual Compliance as their primary compliance tool of choice, but not everyone is aware of its depth and breadth. This presentation will provide an overview of the Visual Compliance tools and resources to assist in commodity classifications, license determinations as well as new features recently added. Attendees will learn to conduct Restricted/Denied Party and Specially Designated Nationals screening in addition to learning how to search current Federal Export Control Regulations and Statutes. Attendees will also learn how to determine ECCN classifications and USML categories of hardware and other potential defense or dual-use items and exemption, exception, exclusion or licensing requirements. Even if you are already well versed on the use of Visual Compliance, this is a great opportunity to provide live training to others at your location who may need to access Visual Compliance.

3:00 – 5:00 PM

International Travel: Tools and Case Study
Cheryl Lloyd, Brian Warshawsky (UCOP)
International travel takes UC personnel all across the globe to many foreign destinations as part of the educational and research experience. However, foreign travel is not without its risks and hazards for the unwary, which in recent years has included tsunamis, hurricanes, and even political unrest and coups d’etat. Fortunately, there are many tools and programs in place to identify in advance potential pitfalls to be avoided at various travel destinations as well as assistance to be provided during times of crisis. This presentation will provide an overview of the tools and resources available as part of the UC Travel Program and attendees will be guided through examples, case studies, and lessons learned.

(Back to top)


Tuesday – North (January 29) & South (February 12)

8:00 – 9:00 AM

Higher Education: Our Future Challenges and Opportunities (General Session)
Charlene Zettel (UC Regent), Sheryl Vacca, Nathan Brostrom (UCOP)(North only)

9:00 – 10:15 AM

Organizational Misconduct: A New Perspective (General Session)
Donald Palmer (UCD)
This session will cover a broad overview of two ways to think about the causes of misconduct in organizations – the established dominant outlook and an emerging alternative perspective. Dr. Palmer will focus in greater detail the emerging alternative perspective, including a deeper consideration of the implications of the emerging alternative perspective for educators, practitioners, and compliance professionals.

10:30 – 11:45 AM

Clery Act Compliance Challenges
Pamela Roskowski (UCSF), Doug Zuidema (UCSC)
The Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (http://saa.ucsf.edu/sites/saa.ucsf.edu/files/PDF/Intro_to_Clery_Act.pdf) is the landmark federal law (Clery Act) that requires colleges and universities across the United States to disclose information about crime on and around their campuses. UCSF Police Chief Pam Roskowski will talk about the efforts and complexity that police departments are faced with in collecting and reporting the campus statistics. In addition to the campus Police Department, certain employees are designated as Campus Security Authorities (CSA) who are responsible for receiving and reporting crimes or incidents. Doug Zuidema is the Director of Student Judicial Affairs at UCSC and will talk about the process and challenges of being a CSA.

Health Care Compliance: Government Views
Claire Castles (Jones Day)
This session will cover a year in review looking at government enforcement and audit trends focused on health systems and academic medical centers. This presentation will highlight compliance trends and emerging issues for the past year and continued trends for the upcoming year. The benefit of this presentation is that it will provide an overview of the current enforcement landscape and allow attendees to better assess and understand potential risk areas. In addition to the historical presentation of enforcement, this presentation will also discuss new audit protocols and focus areas being explored by government agencies for increased enforcement and improved agency collaboration.   

Making Ethical Decisions: Considering UC Values, Standards and Other Factors
Tricia Bertram-Gallant (UCSD)
In the complex ethical environment of the 21st century, organizational members need ethical decision-making skills which can empower them to speak up and act in the face of misconduct and misbehavior, but also avoid engaging in unethical actions themselves. In this interactive session, the presenter will introduce a model of ethical decision-making and then facilitate personal adoption of the model through case study application and decision-making practice. 

Export Control and the Nuances of FRE
Pat Schlesinger (UCB), Brian Warshawsky (UCOP)
Under the US export control regulations, the Fundamental Research Exclusion has long served as the safe harbor by which universities such as UC operate under free from many of the restrictions and licensing requirements associated with export controls. Open access to UC research opportunities and facilities by researchers outside the United States along with the freedom of all UC researchers to broadly share research results with the public are important cornerstones of the UC research environment, and serve as the basis for exercising the Fundamental Research Exclusion when it comes to export control compliance. However, this exclusion from the licensing and access restrictions of the export control regime is not without its boundaries. This presentation will explore the parameters within which Fundamental Research Exclusion exists and the boundaries which often arise in unexpected circumstances.

1:00 – 2:15 PM

Investigation Report Writing
John Lohse (UCOP), Wendi Delmendo (UCD), Bill Cormier (UCLA)
This session will focus on how report writing is absolutely essential to a successful investigation. Preparation for an effective report begins early on in the investigation and continues during the entire investigation. The panelists will focus on practical tips to help ensure that you get it right and will discuss all the key components of a good investigation report.

What You Don’t Know about the Conflict of Interest Code May Hurt You
Dan Scannell (UCOP), Valerie Dixon (UCSD), Stella Ngai (UCOP)(North only), Kathleen Quenneville (UCOP)(South only)
Come enjoy a fast-paced and entertaining summary of key Conflict of Interest (COI) laws and learn about related issues that frequently arise in University settings. The presentation will include an overview of the University’s COI Code and related changes in financial disclosure requirements. Panelists will also discuss when to disqualify yourself from decision-making and recent conflict of interest issues. Attendees will learn to navigate the increasing complex world of COI by utilizing the University’s existing tools and infrastructure.

Fraud Risk Management
Michael Jenson (UCR), Sheryl Vacca (UCOP)
Fraud at the workplace continues to be a constant threat to institutions including the University of California. UC is committed to proactively fight fraud and help safeguard our institution from this growing problem, and each campus is in the process of developing a Fraud Risk Management Program (FRMP) to minimize the potential for and reduce actual losses from fraud. This session will focus on the common types of fraud at UC as well as actual FRMP elements at some UC campuses, with greatest emphasis on the UC Riverside FRMP.

Registration and Results Reporting on ClinicalTrials.gov: The UCSF and UC Davis Experience
Marlene Berro (UCSF), Denise Owensby (UCD)
With clinicaltrials.gov oversight activities increasing, understanding key areas of risk becomes ever more urgent.  ClinicalTrials.gov administration and compliance is managed differently within the UC system. Understanding the registration and results reporting requirements are critical for effective compliance. Attendees will gain a stronger understanding of how campuses are managing clinicaltrials.gov and exchange ideas for best practices UC-wide. We will discuss common areas of concern regarding clinicaltrials.gov compliance, clinicaltrials.gov administration, internal processes and procedures at UCSF and UC Davis.

2:20 – 3:30 PM

Animal Care and Use Regulations: Responding to the Challenges
Alan Ekstrand, Victor Lukas (UCD)(North)
Melanie Fabian, Jeffrey Goodwin, Vincent Caiozzo (UCI)(South)
In this session we will cover the regulations governing the care and use of vertebrate animals in research and the challenges in maintaining a program that simultaneously encourages researcher innovation on the cutting edge of science and ensures the humane and ethical use of animals in full compliance with federal law. We will also discuss some pitfalls and share some practices that have been successful at UC Irvine.

Electronic Medical Records (EMR): New Age Freedom – Panel
Marti Arvin (UCLA), Marion Mallory (UCI)(South only), Eileen Kahaner (UCSF)(North only)
In this session, we will discuss the experience of two Academic Medical Centers in the implementation of their Electronic Medical Record from the compliance perspective, from pre-go live development to post-go live validation. The focus of the discussion will be on avoiding pitfalls in implementation of the EMR to support regulatory compliance, and prevent a New Age ePATH. The session will cover the risks in the implementation of the EMR and strategies for addressing those risks.

Navigating International Partnerships in the UC System: A Compliance Roadmap
Bruce Flynn, Greta Schnetzler, Georgina Lopez, Marlene Berro (UCSF)(North)
Kathryn Atchison, Cindy Fan, Dean Malilay, Craig Squire (UCLA)(South)
With UC campuses expanding international activities in an increased number of locations across the globe understanding key areas of risk becomes ever more urgent.  We will discuss common areas of concern and what tools, internal processes and procedures UC has and is developing. Attendees will gain a stronger understanding of how campuses are managing complex global activities and exchange ideas to begin building best practices across all of our campuses.  

Laboratory Safety at UC:  Past, Present, and Future
Erike Young, Kenneth Smith (UCOP)
On July 2012, the UC Regents reached a settlement with the Los Angeles District Attorney dismissing the criminal charges related to the tragic lab accident that took the life of research associate Sheri Sangji in December 2008. Under the agreement, all UC campuses are required to meet very specific laboratory safety requirements and to certify “substantial compliance” every six months. Learn about the past, present, and future of lab safety, as UC goes beyond compliance to improve the culture of safety in our research operations.

3:45 – 5:00 PM

Compliance, Ethics & the Legal Requirements for Plain Language: How the Right Words Really Matter (General Session)
Deborah Bosley (Plain Language Group)
This session will cover the problems with the way we currently write policies as well as how using plain language can improve communication and compliance. Attendees will learn the ethics of clear communication, how to use plain language, and how to improve compliance and “understandability” of state and University policies. Also discussed will be the strategies for plain language, “before and after” examples from UC compliance documents, and the use of plain language to improve compliance and decrease confusion.

(Back to top)


Wednesday – North (January 30) & South (February 13)

8:00 – 10:30 AM

Billing and Coding Roundtable: Advanced Topics
Ryan Meade (Meade Roach)
This session will cover complex challenges in billing and coding compliance. The speaker will propose five top challenges that academic medical centers around the country face in billing compliance, with a particular emphasis on how compliance professionals handle auditing, review, and corrective action of these matters. The presentation will also present a variety of hypothetical billing compliance situations for an interactive session on other difficult billing compliance subjects. Included in the session will be such topics as the impact of EMR updates on billing, hospital outpatient E/M billing, and coordination of billing in outpatient settings between the hospital and faculty group for the same encounter.

8:00 – 9:15 AM

Campus Auditors and Policy Officers - Reducing Campus Risks through Collaborative Partnerships
Matt Hicks (UCOP), Rick Catalano (UCSF), Meta Clow (UCSB), Wanda Lynn Riley (UCB), Molly Theodossy (UCD)
This session is a panel discussion involving internal audit directors and policy officers from various campuses. The session will discuss how internal audit personnel and policy officers can work together effectively to reduce risk for the university. The panel discussion will address how campuses effectively recognize and communicate trends in audit findings and evaluate the need for policy changes and some specific examples of campus audit/policy officer collaborative successes.

Research Misconduct: Case Study
Marianne Generales (UCSD)
The Responsible Conduct of Research is a critical foundation on which the research enterprise rests, but universities are increasingly challenged by plagiarism, falsification, and fabrication in the digital age. Are we up to the challenge? Do we have the right tools and infrastructure? Are we on the same page with ORI about priorities and processes? What are the barriers to conducting a rigorous inquiry or investigation? This session will discuss three scenarios that tested policy and processes when multiple, difficult cases converged. 

Equal Employment Opportunity Commission (EEOC) & Office of Federal Contract Compliance Programs (OFCCP) Compliance
Mia Belk (UCOP)
This session will cover federal and state anti-discrimination statutes and the obligations of federal contractors, such as the University, to prevent and/or remedy discriminatory employment practices and to take affirmative action to ensure that equal opportunity is provided in all aspects of their employment. Although, California has long since had far reaching anti-discrimination statutes protecting employees, a fundamental understanding of these laws is essential in compiling with these statutes and defending discrimination lawsuits. Also, the Obama Administration has placed an emphasis on enforcing the federal anti-discrimination laws particularly for federal contractors. In the last 3 years there has been a rash of OFCCP audits of UC campuses and more audits are anticipated. These audits are extensive, time consuming and require significant University resources to complete. A fundamental understanding of the process by campus constituents is important in successfully navigating the audit. 

9:20 – 10:30 AM

UC Response to Protests and Recommendations of the Robinson/Edley Report
Lynn Tierney (UCOP)
This session will include a review of the process and progress being made on the Robinson Edley Report Implementation, as well as a highlight of innovative solutions and best practices. The final "Response to Protests on UC Campuses," released last September, includes 49 recommendations and synthesizes months of inquiry into best practices for handling demonstrations, civil disobedience and free-speech issues related to protests throughout the 10 campuses of the UC system.

PHS COI and UC Compliance: How Are We Doing Now?
Jeff Hall (UCOP), Grace Park (UCI)(South only), Elizabeth Boyd (UCSF)(North only)
This session will offer a brief overview of the new PHS COI requirements and newly implemented policies and procedures for UC systemwide and for individual campuses. It will include an interactive discussion of: significant compliance challenges identified by session attendees (possible topics include: determining bias, travel reporting, subrecipient monitoring, retrospective reviews, others) and options that UC campuses and non-UC institutions have developed, or need to develop, to respond to these challenges.

Violence Prevention
Rita Spaur (UCM)
Legislative and UC Regents-supported laws and initiatives require minimum levels of administrative actions in attempt to prevent and to appropriately plan for, respond and recover from acts of violence on university campuses. This discussion will explore those requirements and the UC Merced National award-winning program that ensures compliance particularly around workplace bullying, stalking, domestic violence, and sexual assault.

10:45 AM – Noon

UC Records Management Compliance Concerns
Laurie Sletten (UCOP)
This session will cover a brief overview of risk, in general, and how the Records Retention Schedule Update project is alleviating it. Attendees will learn about UC’s retention schedules, which will empower you to dispose of records no longer needed, providing more space and efficiencies, and eliminating risk. We will discuss recordkeeping risks, records retention schedules, how to use them, the current project to update the schedules, and where you can find UC’s retention schedules.

Now You See It, Now You Don’t: Response to a Data Breach
Cheryl Washington (UCOP), Marti Arvin (UCLA)(South only), Deborah Yano-Fong (UCSF)(North only)
UC campuses and medical centers have to contend with many different types of security breaches involving the exposure of sensitive or legally protected information. Advance preparations can help organizations respond to a data breach by ensuring that appropriate internal and external parties work together to investigate and resolve the incident in a timely manner. During this session we will discuss strategies for preparing, responding, remediating, and conducting a post-review of a data breach.

“Can they do that?” - The Social Media Challenge
Meta Clow (UCSB)
Social media can be an effective tool to inform, educate, and solicit ideas from students, employees, and the public. However, if unrestrained, use of social media can wreak havoc. Attendees will be introduced to some of the challenges posed by social media and learn where to look for the answer to, “Can they do that?” Specifically, we’ll examine several social media issues and outline how to create policy and locate resources that motivate responsible use of social media.

Recordkeeping Matters: FDA Part 11 Compliance
Rachel Nosowsky (UCOP)
This session will review the requirements of FDA regulations for electronic recordkeeping and signatures and also address related federal and state requirements. Attendees will receive a summary of these rules and guidance on options for compliance. Materials to be distributed will include model forms and checklists for use by compliance professionals, IT professionals and their legal advisors in connection with implementation and maintenance of electronic records in research. 

1:10 – 2:00 PM

Export Controls I – Overview of Risks
Brian Warshawsky (UCOP), Marci Copeland (UCI)(South only), Lourdes DeMattos (UCOP)(North only)
Legislation such as the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR), which seek to control access to specific types of technology and associated data to prevent the disclosure or transfer of sensitive information to foreign nationals, present unique challenges to universities operating within an open environment which favors academic freedom. This session will provide an introduction to the key regulatory concepts and definitions under the US export controls regime, an overview of the agencies that provide oversight of these regulations, as well as the policy framework and related issues of importance to the academic community.

How to Kick Start Your Audit Planning and Risk Assessment
Jaime Jue (UCB), David Meier (UCSD)
You’ve been given a somewhat vague audit objective statement and are left scratching your head. What do I with this? Getting a good start to your audit planning and risk assessment procedures can potentially save you time spinning your wheels and rounds of uncomfortable meetings with the Director, Associate Director, or your client. This session will cover tips to transforming hypothetical audit objectives into concrete audit programs through a disciplined risk assessment process. We will also encourage a collaborative discussion of better practices and lessons learned.

2:15 – 3:05 PM

Export Controls II – Auditing Export Controls
Barry Long (UCSC), Terry Hamilton (LBNL), Robert Tarsia (UCSB), Helen Templin (UCI), Brian Warshawsky (UCOP)
Have you considered auditing export control at your campus? Do you have an idea of what you should be aware of before engaging in an export control audit? Others have and this is a great opportunity to get some insight into this topic. In this panel discussion, you will learn about the different audit approaches used and key issues identified from recent export control audits conducted at other campuses. After a brief overview from each of the panelists, you will have an opportunity to ask questions and engage in open discussion. Brian Warshawsky, Systemwide Export Control Officer will also be on the panel and available to answer any more technical questions and address key risks associated with export controls. 

Performance Management: Theories, Realities & Approaches to Auditing
Jennifer Jones (UCB), Todd Kucker (UCM)
As the University embarks on various initiatives to “work smarter”, effective performance management will be a critical enabler in achieving success. In this session, participants will gain an understanding of principles and risks inherent to performance management, and the current state of and initiatives related to performance management across the system. The session will also address potential audit approaches and findings through the example of recent audits performed by UC Berkeley and other locations.

3:10 – 4:00 PM

P200 Plan – Improving & Sustaining the Procurement Process
Haggai Hisgilov (UCOP)
This session will discuss implementation of the new systemwide Procurement Initiative - the P200 Plan - designed to achieve $200 million in annual cost savings within five years by building an internal infrastructure that can improve and sustain the procurement process.

Memorandums of Understanding & Special Agreements: Understanding the Risks
Grace Crickette, Norman Hamill (UCOP)
We will talk about the various ways the Regents of the University of California conduct business in the context of the UC’s Excess Liability Insurance Policy. To begin with, the Territorial Limits of the policy is world‐wide so our discussion applies to any business activity the Regents of the University of California undertakes anywhere in the world.Setting up an operation in a foreign country? We will also highlight the Field Safety Operational Planning tool that addresses possible risks specifically associated with field research and foreign operations. The Web planning tool was developed to assist you in the creation of your own customized Field/foreign operations plan (https://www.uctrips‐insurance.org/ucop/). The use of the planner assists with understanding a variety of risks that occur when operating overseas and guides the user through risk management, compliance, legal, safety and security resources to ensure a successful operation.

4:10 - 8:00 PM
Developing A Consultative Approach to Audits and Special Projects  
Joan Pastor (JPA International)
Internal auditors know the importance of being viewed as "value-added" to the organization as a whole, and as much as possible to the business unit they are working with. In this workshop, attendees will learn the skills to increase both the perception and the reality of providing real assistance, while also gaining their willingness to collaborate as a partner. In the first half, attendees will learn the seven step process for consultative-based auditing, with a focus on the opening meeting, but certainly carrying the same approach throughout the audit. In the second half, attendees will learn how to contract as a consultant to clients for advisory types of projects without compromising independence. The skills and exercises covered in each part can be applied to all types of audits and special projects. The ultimate goal? Increasing the client's buy-in to the tremendous value internal audit bring to functions and projects across the organization.

(Back to top)


Thursday – North (January 31) & South (February 14)

8:30 – 9:20 AM

Navigating Thunderstorms: Managing Risks in the Cloud
Daren Kinser, Jennifer McDonald (UCSD)
This session will provide a general overview of cloud computing, and potential areas of risk for auditors to consider. Cloud computing is remote-based computing in which shared resources, software and information are provided to computers and other devices on-demand. The session will also provide an overview of an example of cloud computing in the University environment – UCSD marketplace. Marketplace is a user-friendly, intuitive shopping environment for goods and services that mimics popular eCommerce shopping sites. Finally, the session will include an interactive discussion, or brainstorming , on significant risks that should be considered in the preliminary survey of an audit of Marketplace.

Emerging Healthcare Issues: How Will They Impact Hospital Reimbursement?
Lori Laubach, Sharon Hartzel (Moss Adams LLP)
This session will focus on the following four major emerging health care issues: Meaningful Use; Value Based Purchasing; Bundled Payments; and Accountable Care Organizations. For each issue, participants will learn about its history and background, how it impacts health care organizations from a financial perspective, and finally, what the major considerations are from an internal audit and compliance perspective. Additionally, they will be provided with information about how to approach auditing these issues within their organization. At the end of the session, participants will be able to walk away with a good understanding of the major emerging health care issues and the risks associated with them. 

9:25 -10:15 AM

Visa Regulations: What Auditors Need to Know
Lynne Yorita (UCLA)
In the aftermath of 9/11, it was determined that many of the perpetrators were in the U.S. on student visas. The Department of Homeland Security was formed and developed the Student and Exchange Visitor Program (SEVP). Now 12 years later, Homeland Security is revising the program and increasing security.  "F", "J", "0", "B" - What are the different visa types? What responsibilities do our campuses have to oversee those individuals that are sponsored by UC to be in this country? What are the risks?

Tips for Success: Outpatient Treatment Site Audits
Sherrie Mancera (UCLA)
Health System outpatient clinics can be described as physician practices that vary by medical specialties. Various methods/systems may be used to schedule appointments, capture demographics, create health records, generate charges, and collect payments.  This session will provide an audit approach for assessing the effectiveness of business process controls related to scheduling patient services, verifying patient financial information, generating charges for services rendered, collecting and securing payments, securing medications, and complying with HIPAA privacy and security guidelines.

10:30 – 11:20 AM

Keeping the Aid Office OFF the Front Page: Financial Aid, Regulations & Audits
Susan Dimotakis (UCLA)
Financial Aid must respond to Federal/State regulations and Institutional policies in a rapidly changing environment while working with thousands of individual families, complicated technologies, and awarding millions of dollars that are subject to different program rules. The internal audit process should be the FAO’s ‘best friend’, to help identify potential risks and provide feedback to University administrators regarding ‘administrative capability’. This session will provide a brief overview of Federal/California State regulations and programs, and discuss Institutional/Foundation policies for restricted gift/endowment funding of scholarships—where are the risks, how can they be mitigated, how can auditors and FAO better partner to keep the Financial Aid Office OFF the front page?

Mobile Device Security—Is There an App for That?
David Curry (UCLA), Greg Loge (UCD)
The session will cover the security risks associated with mobile devices. There will be a review of the current UC policies and guidelines designed to mitigate these risks. Current best practices within the University and for-profit organizations will be identified. These will be for organization- owned devices and personal devices that are being managed by a Bring Your Own Device (BYOD) policy and/or procedure.

11:25 AM – 12:15 PM

Research: Risks and Hot Topics
Karen Allen, Bruce Morgan, Nancy Lewis (UCI)
Maintaining a research enterprise, conducting research and implementing research compliance programs are complex and expensive activities in which all UC campuses are engaged. With the federal government continually revising existing rules, creating new ones and tenaciously focusing on transparency and accountability, it’s not surprising that the risks associated with conduct, administration and management of research are substantially greater than 20 or even 10 years ago. In this session, we will seek to identify the major risks facing each campus’ research enterprise, review the Department of Health and Human Services’ and the National Science Foundation’s Offices of Inspector General plans with regard to grantee research and research compliance programs, and discuss what can be done to reduce risks in these areas. 

Epic Revenue Cycle Auditing—Where Do I Start?
Heidi Collins (UCSF)
All of the UC Medical Centers are in various stages of implementing electronic medical record (EMR) and billing systems that will result in significant changes to workflows and procedures. The EMR is purported to create efficiencies, improve patient care and facilitate accurate charge capture.  However, any major system implementation has an impact on the internal control environment and inherently increases business risk. This session will provide an overview of the revenue cycle functionalities in EPIC, a discussion of the risks for charge capture and billing in an EMR and an examination the controls embedded in the Epic tools and related workflows that help to ensure the completeness and accuracy of billing.

1:15 – 3:00 PM

Accuracy in Research Billing 
Ryan Meade (Meade Roach)
Accurate billing to payers or research studies has become increasingly complex due to a number of factors. The Center for Medicare and Medicaid Services (CMS), National Coverage Decision (NCD) and California Senate Bill (SB) 37 require health care service plans and certain disability insurers to provide coverage for health care services provided to patients diagnosed with cancer and enrolled in a “qualifying” clinical trial. It has been challenging for our campuses to design and implement effective internal controls in the clinical care environment to ensure billing accuracy. This session will provide an overview of regulations and associated research service billing risks including: A brief overview of current UC policy, the NCD and SB37; Medicare Coverage Analysis/Pre enrollment control; Study billing practices, general billing risks and audit techniques.

1:15 – 2:05 PM

International Activities I 
Rowena Manlapaz, Ellen Auriti, Matt Hicks, Bryna Bock (UCOP)
Increasing activities in the international arena is a prominent business strategy among the UC campuses. UC is involved in a range of international activities in foreign lands, including study abroad programs, satellite campuses, overseas scientific and medical research, cross-border consulting, regional alumni and fundraising centers, partnerships with foreign governments and multinational corporations, and more. This session is a panel discussion on key risks and considerations that management should be aware of regarding UC’s involvement in international activities, from a financial, operational and compliance perspective. The panel will include representatives from the Office of General Counsel and the UC Education Abroad Program.

2:10 – 3:00 PM

International Activities II: Emerging Risks & Audit Involvement with International Activities
Wanda Lynn Riley, Jaime Jue (UCB)
This session will cover recent trends and risks associated with collaborating with international partners. The primary focus will be on efforts by institutions to establish a foothold for their campus in foreign locations under their own brand or in collaboration with a foreign university or government. We will provide an overview of the current state of international initiatives by leading research universities and discuss their experiences to date, both successes and lessons learned. We will cover the different types of legal structures used to set up international arrangements and how partners potentially benefit from collaboration. We will also discuss the importance of developing a campus-wide strategic plan and support infrastructure to mitigate business risks uniquely associated with establishing foreign operations. Lastly, we will discuss ways audit can assist senior management, in either advisory or audit capacities, to help ensure that the campus reaches its strategic goals while managing related risks.

3:15 – 4:05 PM

How to Add Value in a Construction Audit
Greg Buchanan, Jim Gillie (UCSD)
Major capital projects are among the largest and most complex financial expenditures at University of California campuses. Significant inherent risks exist throughout the capital project lifecycle that, if left unmitigated, could make it difficult for campuses to control costs. This session will provide an overview of how to add value to your campus through audits of construction contracts and costs, with specific emphasis on contractor bidding and change order costing. This session will be co-presented by the UCSD Facilities Design & Construction Senior Director of Construction Services, who has prior experience working for a contractor, and will provide an insider’s perspective on understanding contract provisions relating to change orders and evaluating change order costs.

Getting Started in Data Analytics
Joe Oringel (Visual Risk IQ)
In Fall 2011, IIA Chief Executive Officer and former public sector Inspector General and Chief Audit Executive Richard Chambers said that, "Internal Auditors who don't use data mining should get on their horse and buggy and go home." Persuasive point of view?  Yes, but the challenge is often how to best get started. This session begins by introducing IIA guidance on data analysis and continuous auditing, and transitions to introduce QuickStart, a proven, practical methodology for getting started data-driven analysis that works for auditors using IDEA, ACL, MS-Office, and other tools. Common barriers to effective use of data analytics, and ways to overcome these barriers will also be provided during the session.

4:10 – 5:00 PM

Online Education: Addressing Emerging Trends and Risks in Higher Education
Wanda Lynn Riley, Jaime Jue (UCB)
This session will cover recent trends and risks associated with campuses providing online education. We will provide an overview of the spectrum of online education offerings, from certificate and graduate degree courses to gateway and hybrid courses. We will discuss current systemwide initiatives (UC Online) and how it may differ from individual initiatives by schools and colleges at various campuses. We will also review the current providers of Massive Open Online Courses (MOOCs) such as Coursera, EdX, and Udacity and discuss the advantages and disadvantages to potential partners given their different business models. We will discuss business and compliance risks associated with contracting with third-parties to provide various stages of development and delivery, such as platform development, course design, marketing, accreditation, revenue sharing, and student support. Lastly, we will discuss ways audit can assist senior management, in either advisory or audit capacities, to help ensure that the campus reaches its strategic goals.  

Effective Use of Data Mining Tools in Audits
Tom Poon, Mike Lee (UCSF), Laura Bishin (UCR)
Using CAATs often enhance the audit projects by allowing for increased scope coverage and trending analysis, however there are many considerations that will impact the benefits of using such tools. We will share past experiences involving P-Card Expenses, Effort Reporting, Travel and Entertainment Expenses, Conflict of Interest and Administration Salaries and Expenses charged to Federal Award to highlight the benefits and pitfalls of using data analytical tools (i.e. ACL and other CAATs) in performing audits and advisory services projects.  

(Back to top)