using a business operations management approach to control, analyze, and improve your information...
TRANSCRIPT
![Page 1: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/1.jpg)
Using a Business Operations Management Approach to
Control, Analyze, and Improve Your Information
John Gatto, CISA, CRISC, Divisional VP Audit Services at HCSC
Bobby Koritala, Sr VP of Operations at Infogix, Inc.
![Page 2: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/2.jpg)
BiographyJohn Gatto, CISA, CRISC,
Divisional Vice President
Audit Services - HCSC
John Gatto has been with Health Care Service Corporation (HCSC) in Chicago, IL since December, 2005. He is responsible for all aspects of
IT Audit for the four Plans comprising HCSC (Illinois, Texas, New Mexico and Oklahoma) and encompasses NAIC / MAR compliance and
testing, risk based audits, advisory engagements for new development projects, coordination of SSAE #16 reviews and E&Y
Year-End Financial Audits. John is a member of a number of Steering Committees within the IT area of HCSC.
![Page 3: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/3.jpg)
BiographyBobby Koritala
Sr Vice President of Operations
Infogix, Inc.
Bobby Koritala joined Infogix in 2009 and leads the Marketing and Product Development Group. Prior to this, Bobby served as the
Director of Risk Technology Solutions at Protiviti, Vice-President of Investments at Open Prairie Ventures, Director of Applied Technology
at Blue Cross Blue Shield, Director of Product Development at Lexis Nexis, and Senior Manager, Software Development at SPSS. Bobby
has a Bachelor of Arts degree in computer science and physics from Coe College, a Master of Science degree from the University of
Wisconsin, and an MBA from Kellogg School of Management.
![Page 4: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/4.jpg)
4 04/18/23
We Impact Millions of People. Every Day.
Health insurance claims Property insurance billing Utility billing Bank statements Gift cards Mortgages Purchases at stores Credit card transactions
![Page 5: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/5.jpg)
Why Do We Exist?
5 04/18/23
To provide solutions that transform the operations of our customers….thus allowing them to focus on what is most important…….their customers.
![Page 6: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/6.jpg)
6 04/18/23
Our Business Operations Management Suite
Key Performance and Risk Indicators
Real-Time Process Performance
Operational Intelligence
Operational Reporting
Analytics
Balancing Reconciliation Exception
Management
![Page 7: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/7.jpg)
7 04/18/23
Who We Help
Insight
Control
Executives/Leadership
Directors/Managers
Analysts/Developers
![Page 8: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/8.jpg)
8 04/18/23
Functional Areas We Serve
• Operations• Finance• IT
![Page 9: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/9.jpg)
9 04/18/23
Environmental Challenges in Core Processes
• Lack of real-time operational reporting
• Lack of visibility into your process level information
• Disparate systems and platforms
• Product centric information silos
• Multiple manual steps and semi-automated controls
![Page 10: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/10.jpg)
10 04/18/23
Our Solutions at Work
ManagementProcesses
GovernanceProcesses
![Page 11: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/11.jpg)
Presentation Objectives
1104/18/23
![Page 12: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/12.jpg)
Presentation Objectives
1204/18/23
![Page 13: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/13.jpg)
HCSC Environment
• Very complex infrastructure• Very complex applications• Mainframe and distributed
• Batch• On-line / real time
• Thousands of interface files• ACA expanding that problem
1304/18/23
![Page 14: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/14.jpg)
Relationship
1404/18/23
![Page 15: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/15.jpg)
15
Infogix Solutions Timeline
Implemented ACR Summary
Implemented ACR Detail
on MVS
Implemented Insight on
13 Interfaces
Developed Data Integrity Policy
Started ACR 4.2 Upgrade
Added Insight to all
1,856 ACR Controls
1982 1993 2009 2010 2011
04/18/23
![Page 16: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/16.jpg)
• Many problems arising
• New Solutions Needed
1604/18/23
![Page 17: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/17.jpg)
Presentation Objectives
1704/18/23
![Page 18: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/18.jpg)
NAIC MAR and IT Audit
1804/18/23
![Page 19: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/19.jpg)
What is NAIC MAR?
1904/18/23
![Page 20: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/20.jpg)
HCSC Audit Plan
2004/18/23
![Page 21: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/21.jpg)
NAIC MAR Interfaces
2104/18/23
![Page 22: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/22.jpg)
22
MAR Interface
Data transmission or feed into a financially significant application, job, or process.
SYSTEM AData IT Controls Data
Duplicate File
Balancing
Missing File
SYSTEM B
04/18/23
![Page 23: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/23.jpg)
23
Interface Metrics
04/18/23
![Page 24: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/24.jpg)
2012 MAR Overview
Application Interfaces ITG GC’s Non-ITG GC’s
50 unique targetsystems
110 interfaces balancing duplicate file missing file
5 reports for adminpurposes
Actuary Dearborn National Hallmark Provider Services
IAM (68 applications) Reliance for E&Y
SOC-1 – 25 Financial -19
Non-reliance - 24 Risk Management Strategic Planning Physical Security Incident Management Change Management Release Management IT Operations AS/400 SDM
2404/18/23
![Page 25: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/25.jpg)
25
Interface Audits - Back in The Day…
John Gatto, 2006
04/18/23
![Page 26: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/26.jpg)
Real Ugly
26
![Page 27: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/27.jpg)
Real Ugly
2704/18/23
![Page 28: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/28.jpg)
28
Interface Audit Challenges
04/18/23
![Page 29: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/29.jpg)
Presentation Objectives
2904/18/23
![Page 30: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/30.jpg)
Use of Insight
![Page 31: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/31.jpg)
Using Insight
ITG Corporate Governanc
e
IT Audit
3104/18/23
![Page 32: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/32.jpg)
32
NAIC MAR Project and Insight
• Identified Deficiencies by Internal and External Audit
• Implemented 3 Types of Controls– Missing File Check– Duplicate File Check– Balancing
• Developed coordinated process with Corporate Governance, Internal Controls Evaluation, Internal Audit and ITG Controls group.
• Needed ease of monitoring and testing
04/18/23
![Page 33: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/33.jpg)
Benefits of Insight
3304/18/23
![Page 34: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/34.jpg)
View of Controls labeled by Source to Target System
A red gauge indicates an error. The green gauge indicates no errors. An empty gauge indicates that the controls haven’t processed yet for the time frame specified within the filter.
3404/18/23
![Page 35: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/35.jpg)
Subview:
Balancing, Duplicate Check and Missing File Checks
3504/18/23
![Page 36: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/36.jpg)
Execution Results: Job Name, Execution Date, Time and Return Code
3604/18/23
![Page 37: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/37.jpg)
Drill Down to Return Code and Error Message
3704/18/23
![Page 38: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/38.jpg)
ACR Reports – Detailed Information
3804/18/23
![Page 39: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/39.jpg)
Resolution Notes
3904/18/23
![Page 40: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/40.jpg)
Looking Ahead
4004/18/23
![Page 41: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/41.jpg)
4104/18/23
![Page 42: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/42.jpg)
42
Looking Ahead
• Implement ACR Unix Controls
• Insight Upgrade 6.3: Send Non ACR Controls to Insight
• Insight Upgrade 6.3: Link to Help Desk
• Continued Development of ACR and Insight Controls
04/18/23
![Page 43: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/43.jpg)
43 04/18/23
Typical Areas of Application
Claims Data Warehouse Actuarial
Reserves Billing Statements Payments Commissions Provider
Services
Member Services General Ledger Financial Reporting Compliance SOX NAIC MAR Audit Enrollment
![Page 44: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/44.jpg)
44 04/18/23
How We are Different
• Provide real-time end-to-end process level performance measurement and visibility
• Real-time operational insight into errors and process inefficiencies caused by disparate systems and product silos
• Automate reporting, reconciliations, and controls across your critical business processes
![Page 45: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/45.jpg)
45 04/18/23
Putting it all Together
InfogixBusiness Operations
Management Solution
![Page 46: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/46.jpg)
46 04/18/23
Sampling of Our Customers
![Page 47: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/47.jpg)
47 04/18/23
About Infogix
Based in Chicago area Many customer relationships > 20
years Customers include:
• 20 of the Fortune 100• 7/10 of top Commercial Banks• 6/10 of top P & C Insurers • 3/10 of top Health Insurers
![Page 48: Using a Business Operations Management Approach to Control, Analyze, and Improve Your Information John Gatto, CISA, CRISC, Divisional VP Audit Services](https://reader030.vdocuments.us/reader030/viewer/2022032722/56649ce15503460f949ac3be/html5/thumbnails/48.jpg)
48 04/18/23
Questions?