學門類別
最新個案
- Leadership Imperatives in an AI World
- Vodafone Idea Merger - Unpacking IS Integration Strategies
- V21 Landmarks Pvt. Ltd: Scaling Newer Heights in Real Estate Entrepreneurship
- Snapchat’s Dilemma: Growth or Financial Sustainability
- Did I Just Cross the Line and Harass a Colleague?
- Predicting the Future Impacts of AI: McLuhan’s Tetrad Framework
- Porsche Drive (A) and (B): Student Spreadsheet
- Porsche Drive (B): Vehicle Subscription Strategy
- TNT Assignment: Financial Ratio Code Cracker
- Winsol: An Opportunity For Solar Expansion
Midwest Health System: Information System Risks and Controls
內容大綱
In 2017, the chief information officer (CIO) of Midwest Health System (Midwest), a major health care provider in a central town in the United States, noticed that incorrect billing, data theft, waste, fraud, and abuse in the health care industry had increased over the years. Compliance requirements related to various rules and regulations had also posed increasing challenges. The CIO wanted to meet with his colleagues in the information systems and audit groups to review risks related to information technology and the billing and collection process—the most critical process in terms of its impact on Midwest’s operations and financial statements. His plan was to modify and strengthen existing controls and to institute new ones to mitigate the significant risks identified. The CIO believed that better controls would enable Midwest to improve patient satisfaction and reduce loss of revenues due to incorrect billing, fraud, and other factors by ensuring better security processes while complying with various rules and regulations.
學習目標
This case is intended for use in both undergraduate- and graduate-level courses in auditing, management information systems, and accounting information systems. The case can also be used in a graduate information systems auditing course. By working through the case and assignment questions, students will have the opportunity to do the following:<ul><li>Describe a hospital’s operations and information technology systems.</li><li>Outline general information technology risks and controls.</li><li>Identify risks and envision controls related to the billing and collection process.</li><li>Explain how to test the operating effectiveness of controls in the billing and collection process.</li><li>Define the concept of residual risks and identify such risks.</li></ul>