Risk Assessment Survey - Harris Health (FY22) Question Title * 1. What significant organizational changes or capital expenditures are planned in your area for the next 12 months? Question Title * 2. List the most significant challenges COVID-19 has caused for your area. Question Title * 3. What metrics do you use to manage your business? Question Title * 4. What do you see as the top three internal or external risks/concerns that could impact your ability to achieve the business objectives within your area AND why? *Risks may be related to topics including, but not limited to: Patient care quality and safety Regulatory changes Revenue cycle Financial management Third-party vendor management Privacy/identity management Business continuity and disaster recovery Cybersecurity Question Title * 4a. Are these risks being appropriately managed? Yes No If response is YES, then how are these risks being managed? Question Title * 4b. Which risk area(s) would benefit most from an independent assessment by Internal Audit? Please explain why. Question Title * 5. What concerns do you have about information technology within your area or in the Harris Health System as a whole? Examples include, but are not limited to, access to data, security over systems/data, availability of data, IT training, new implementations etc. Question Title * 6. Are you aware of any of the following occurring within your department or in other areas of the Harris Health System? Yes No Intentional manipulation of financial statements Intentional manipulation of financial statements Yes Intentional manipulation of financial statements No Fictitious vendors Fictitious vendors Yes Fictitious vendors No Contracts improperly awarded Contracts improperly awarded Yes Contracts improperly awarded No Inflated vendor invoices Inflated vendor invoices Yes Inflated vendor invoices No Theft by employees, vendors, or others Theft by employees, vendors, or others Yes Theft by employees, vendors, or others No Fraud or kickbacks Fraud or kickbacks Yes Fraud or kickbacks No Conflicts of interest Conflicts of interest Yes Conflicts of interest No Billing for patient services not rendered Billing for patient services not rendered Yes Billing for patient services not rendered No Performing medically unnecessary services Performing medically unnecessary services Yes Performing medically unnecessary services No Separately billing for bundled services Separately billing for bundled services Yes Separately billing for bundled services No Drug diversion Drug diversion Yes Drug diversion No Medicare/Medicaid fraud Medicare/Medicaid fraud Yes Medicare/Medicaid fraud No Research Misconduct Research Misconduct Yes Research Misconduct No Other (please specify) Question Title * 6. Are you aware of any of the following occurring within your department or in other areas of the Harris Health System? Yes No Intentional manipulation of financial statements Intentional manipulation of financial statements Yes Intentional manipulation of financial statements No Fictitious vendors Fictitious vendors Yes Fictitious vendors No Contracts improperly awarded Contracts improperly awarded Yes Contracts improperly awarded No Inflated vendor invoices Inflated vendor invoices Yes Inflated vendor invoices No Theft by employees, vendors, or others Theft by employees, vendors, or others Yes Theft by employees, vendors, or others No Fraud or kickbacks Fraud or kickbacks Yes Fraud or kickbacks No Conflicts of interest Conflicts of interest Yes Conflicts of interest No Billing for patient services not rendered Billing for patient services not rendered Yes Billing for patient services not rendered No Performing medically unnecessary services Performing medically unnecessary services Yes Performing medically unnecessary services No Separately billing for bundled services Separately billing for bundled services Yes Separately billing for bundled services No Drug diversion Drug diversion Yes Drug diversion No Medicare/Medicaid fraud Medicare/Medicaid fraud Yes Medicare/Medicaid fraud No Research Misconduct Research Misconduct Yes Research Misconduct No Other (please specify) Question Title * 7. Are there any other topics you would like to discuss with Internal Audit, apart from this survey? A ‘Yes’ to this question will result in a virtual meeting request from the Assistant Audit Director. Yes No We appreciate your input. Thank you for taking the time to participate! Done