Frequently Asked Questions

---

 Controls are the actions implemented by management, the board, and other stakeholders to manage risk and increase the likelihood of achieving the established objectives and goals of the organization. They are based on the rules that specify the purpose, scope, and procedures of the organization, as well as the accountability and authority of the participants. 

Sarbanes-Oxley Act, or SOX, is a U.S. federal law that was enacted in 2002 which is a U.S. law that aims to prevent corporate fraud and protect investors. It was passed in 2002 after some massive companies cheated on their financial reports and caused huge losses. SOX sets strict rules and punishments for public companies, their leaders, and their auditors, to make sure they report their finances honestly and accurately. SOX also created the  Public Company Accounting Oversight Board (PCAOB) which is an independent body that checks and regulates the audits of public companies. SOX covers many areas of how a company should run its business and report its finances, and has eleven parts. 

• Ask the vendor for proof of their risk, security, and compliance practices, such as certificates, tests, and audits

• Check the vendor’s background, reputation, finances, and legal status, using a scorecard and a team

• Make a contract with the vendor that defines the expectations, responsibilities, and metrics, as well as the terms for ending, resolving, and compensating

• Keep an eye on the vendor’s activities, performance, and compliance, using audits, reviews, and reports

• Clinical risks: These are the risks related to the quality, safety, and effectiveness of patient care, such as behavioral health, infection control, medication management, and patient satisfaction.
• Financial and operational risks: These are the risks related to the financial performance, efficiency, and sustainability of the organization, such as billing and collections, charge capture, denials management, and supply chain.
• Legal and regulatory compliance risks: These are the risks related to the adherence to laws, regulations, and standards that govern the healthcare industry, such as HIPAA, fraud, waste and abuse, and new regulations.
• Technology risks: These are the risks related to the use, security, and reliability of information systems and data, such as electronic health records, information security, data governance, and cyberattacks.

Fraud is a serious threat to all kinds of organizations, no matter how big or small they are. Whether you are a public or private company, a government agency, or a non-profit entity, you need to protect yourself from fraudsters. 

A survey of over 2000 fraud cases in 2022 showed that the median loss per company was $117,000 and the average loss per case was $1,786,000. These numbers show how crucial internal controls are for any organization to prevent fraud. Process Strategies can help you strengthen your internal controls by identifying and fixing the weaknesses in your policies and procedures. . Call us today @ (213) 296-3004.

No matter what kind of business you run, if you have an entrepreneurial mindset and a creative vision, we can help you succeed. With our extensive experience in working with new and small businesses, we can guide you through the challenges and risks of starting a business and help you avoid common mistakes.  Contact Process Strategies at (213) 296-3004 today and set up an appointment to meet us and take the first steps into tomorrow.  

U.S. regulators such as the S.E.C., and the courts are levying increasingly heavy fines against companies without adequate internal controls. They see this as a strategy for fighting fraud.   With decades of experience, our staff can create and implement the controls you need. Contact Process Strategies @ (213) 296-3004. 

It's not a matter of if, it’s a matter when and how much.  According to the Association of Certified Fraud Examiners: “Over the years study after study has shown that organizations with anti-fraud controls in place experienced smaller fraud losses and detected fraud more quickly than organizations without them.”  If you are concerned about fraud in your organization, contact Process Strategies @ (213) 296-3004.  We will design, implement, and monitor the internal controls you need to prevent fraud.

Data management protocols are the rules and methods that protect data from fraud and harm. They vary depending on the type and context of data, such as web, email, mobile, network, or wireless data. Some examples are:

• HTTPS: encrypts web communication and verifies server identity
• S/MIME: encrypts and signs email messages and verifies sender identity
• OAuth: lets users authorize third-party apps to access their data from other services
• VPN: creates a secure and encrypted connection between a device and a network
• WPA2: secures wireless networks with advanced encryption and authentication 

 Payroll fraud is when someone cheats on the payroll system to get more money or benefits. It can hurt your business a lot. To stop payroll fraud, you need to have good controls and checks on your payroll system. Some of the things you can do are:

• Split the payroll tasks among different people, and limit who can see and change the payroll data
• Check the payroll data and bank statements often, and compare them with the budget and the past data
• Use a safe and trustworthy payroll software that can keep track of and report on the payroll data and changes
• Check the background and identity of all the workers, and keep a list of who is working and who is not
• Check and update the payroll rules and processes regularly, and teach the staff about the payroll fraud risks and how to avoid them

These steps can help you prevent and catch payroll fraud and save your business from harm. Let us know if you need help.