Corporate Compliance

Validity and reliability of computer-based data

Healthcare Auditing Weekly, October 20, 2003

When computer-processed data is critical to accomplishing an audit objective, you need to ensure that the data is reliable and relevant. For example, when your principal audit objective is to have a reliable computer-based system, conduct a system review of general and application controls. This is important, whether the data is provided to you, or whether you independently extract it.

Consider the method the General Accounting Office (GAO) uses to assess the reliability of computer-based data. The GAO's publication, "Assessing the Reliability of Computer-Based Data" (GAO/OP-8.1.3, September 1990), provides the following guidance for these assessments:

1. Determine how computer-based data will be used and how it will affect the audit objective
2. Find out what is known about the data and the system that produced it
3. Obtain an understanding of relevant system controls, which can reduce risk to an acceptable level
4. Test the data for reliability
5. Disclose the data source and how you established data reliability, or qualify the report if data reliability cannot be established

Editor's note: This is an excerpt from the book "Guide to Compliance Auditing: Applying OIG Techniques and Tools," published by HCPro. This book provides compliance officers and internal auditors with the same principles and tried-and-true techniques that the Office of Inspector General uses to conduct audits of the Medicare and Medicaid programs. Click here for more information or to order.


Most Popular