Corporate Compliance

Understanding compliance tests

Healthcare Auditing Weekly, December 2, 2003

Understanding compliance tests

To design compliance-related audit procedures, start by identifying the significant provisions of laws and regulations. The nature and extent of your compliance testing depends on the type of law or regulations and your assessment of the effectiveness of your organization's compliance controls. To assist you in this process, the General Accounting Office has classified laws and regulations into the following:

·  Transaction-based provisions-Use sampling to select specific transactions for testing compliance. Generally, you should use a random attribute sample for testing transactions, as opposed to dollar-unit sampling.

·  Quantitative-based provisions-Effective compliance controls provide reasonable assurance that accumulated and summarized data is accurate and complete. Otherwise, test the accumulation of data directly for existence, completeness, and summarization. Design these tests to avoid misstatements that exceed expectations. For example, if a regulation's provision that affects a category of costs in a Medicare cost report is significant and if compliance controls are ineffective, test the summarized data directly for the following misstatements in cost report execution: validity, completeness, classification, and summarization.


·  Procedural-based provisions-Obtain sufficient evidence in order to conclude that the entity performed the procedure and therefore complied with the provision. For example, by using t compliance control tests concerning the information a Medicare+Choice entity provided to the fiscal intermediary, you will determine whether the information was provided in accordance with applicable regulation.

For more information on compliance tests, order the book "Guide to Compliance Auditing: Applying OIG Techniques and Tools." Click here for more information or to order.


Most Popular