It’s January, a new beginning in many ways. It’s common as a New Year approaches to spend some time thinking about, hopefully celebrating, the past and planning for the future – from both a personal and professional perspective. That review sometimes elicits resolutions – to improve, to make a brighter, better, perhaps happier, healthier and more prosperous New Year. In my mind, that process has all the characteristics of an audit – review and resolve to do better even if you’re already successful.
To remain successful in business, a regular review of operations is imperative. Depending upon the size of the organization, resources, and goals of an audit, one must choose between a self-audit and an external audit – either an external firm or internal auditor outside of IT. There are advantages and disadvantages to both. As a CIO at a few large delivery systems, I preferred the external audit for several reasons. It didn’t consume already busy internal people and there was an expectation of independence and objectivity. People generally trust a 3rd party audit.
Prior to starting an audit, I would meet with all the members of the audit team and representatives from my staff to discuss the importance of candor and the attention to detail by all parties. We discussed the scope and objectives – sometimes with modifications which had to be approved by our Compliance staff – to ensure that we ended up with pragmatic and practical plans for improving operations. The auditor’s team had to agree to allow the audited team to fact-check any observations in reports. Often, it was necessary to explain and occasionally, defend our operational decisions, but that made both teams and the work product stronger. An accurate fact-based report is essential. We encouraged the auditors to review our responses to their recommendations to ensure we met their intent. We both wanted clarity to ensure the recipients of the reports got what was reliable and useful. That mutually respectful approach and objectivity changed what might have been an “us v them” relationship. The true measure of success occurred when the most frequently used pronouns by both teams were “we” and “us”.
Mutual understanding is key to a good audit. We did not, however, feel compelled to implement every recommendation that was made. We used the observations and recommendations as input to our enterprise and facility risk management policies and procedures. We chose a level of risk that was right for us.
Here are the benefits of an audit.
- Risk Management
- Audits help identify potential risks and vulnerabilities in different areas of the organization, such as financial processes, compliance, and information security.
- Leaders can use audit findings to implement risk mitigation strategies and ensure the organization operates within acceptable risk tolerances.
- Performance Improvement
- Audits assess the efficiency and effectiveness of processes and systems, allowing leaders to identify areas for improvement.
- Through recommendations and corrective actions suggested in audit reports, leaders can enhance overall organizational performance and streamline operations.
- Compliance Assurance
- Audits ensure that the organization complies with relevant laws, regulations, and internal policies.
- Leaders can rely on audit reports to demonstrate compliance to stakeholders, regulatory bodies, and customers, fostering trust and credibility.
- Financial Integrity
- Financial audits help leaders ensure the accuracy and reliability of financial statements.
- By maintaining financial integrity, leaders can build trust with investors, shareholders, and other stakeholders, contributing to the organization’s reputation.
- Resource Optimization
- Audits provide insights into resource allocation and utilization, helping leaders identify areas where resources can be optimized.
- Leaders can make informed decisions about resource allocation, ensuring that resources are used efficiently to support organizational goals.
- Fraud Prevention
- Audits can uncover irregularities or signs of fraudulent activities within the organization.
- By addressing and rectifying such issues promptly, leaders can protect the organization’s assets and reputation.
- Continuous Improvement
- Audits promote a culture of continuous improvement by regularly assessing and reassessing various aspects of the organization.
- Leaders can use audit recommendations to implement changes and foster a culture of learning and adaptation.
- Stakeholder Confidence
- Regular audits demonstrate a commitment to transparency and accountability, enhancing stakeholder confidence.
- Stakeholders, including patients, payers, providers, vendors, and employees may have increased trust in leaders who proactively seek to identify and address organizational challenges through audits.
- Risk Management
In summary, auditors and their audits provide leaders with valuable insights into organizational performance, risk management, compliance, clinical and financial integrity. By leveraging audit findings, leaders can make informed decisions, drive improvements, and build trust with stakeholders, ultimately contributing to the long-term success of the organization. Auditors really should be a leader’s best friend.
StarBridge Advisors has an Independent Verification and Validation (IV&V) methodology, an auditing capability, that uses Boehm’s popular Software Engineering Economics to assist healthcare organizations with the most challenging software or system projects regardless of vendor or application. Please reach out to us at Info@StarBridgeAdvisors.com to learn more.