LOS ANGELES COUNTY
DEPARTMENT OF MENTAL HEALTH
  Policy 106.18 Annual Subrecipient Risk Assessment
 
  PROCEDURES
  1. Risk Assessment Section 
     
    1. The Risk assessment tool includes, but is not limited to, the following elements:
       
      1. Contract and Fiscal Monitoring Audit Reports;
      2. Evaluations of Internal Controls;
      3. Clinical Monitoring Reviews;
      4. Legal Entity Providers' Financial Statement Reports;
      5. Legal Entity Providers' Single Audit Reports;
      6. County Contractor Alert Reporting Database (DMH Policy 1000.04); and
      7. Other appropriate auditing and monitoring techniques.
         
    2. Compliance, Privacy, and Audit Services (CPAS) shall request a current version of the Single Audit Grant Inventory List from Contract Management by May 1st of each year.
       
    3. Contract Management shall provide the completed Single Audit Grant Inventory List by May 15th of each year.
       
    4. CPAS shall review and, if needed, revise Annual Subrecipient Risk Assessment Evaluation Form. The checklist includes risk factors, responsible divisions, descriptions, risk levels, the weighted risk percentage, and Rate Scale.
       
    5. CPAS shall review from subrecipients all single audit reports, audited financial statements, any financial and/or contract compliance audits/reviews or monitoring reports related to current, previous, and preceding fiscal years conducted by an independent contracted Certified Public Accountant (CPA) firm.
       
    6. CPAS shall send the Annual Subrecipient Risk Assessment Evaluation Form to the responsible divisions: Clinical Operations, Contract Management (CM), and Finance by May 18th of each year.
       
      1. Note: Assigned Points and Comments should be completed by responsible staff.
         
    7. Department managers/responsible employees shall complete the Annual Subrecipient Risk Assessment Evaluation Form, approve, and return the form to CPAS by June 7th of each year.
       
    8. CPAS shall convert the Risk Assessment Scores (points 1-5 assigned by appropriate managers/responsible employees) to weighted percentages to determine the rating scale levels.
       
    9. CPAS shall present results of risk assessment to responsible staff (completed Annual Subrecipient Risk Assessment Evaluation Form) by June 30th of each year. Chief Deputy Director, Deputy Directors, Medical Director, Administrative Deputy, Finance Director, and Compliance Officer shall receive the complete Annual Subrecipient Risk Assessment Evaluation Form that includes all the providers' results.
       
    10. CPAS shall retain the Annual Subrecipient Risk Assessment Evaluation Form and all supporting documents on file (both in paper and electronic format) for period of 10 years, for audit by the independent contracted CPA Firm who performed the Los Angeles County Single Audit.
       
  2. Risk-Based Monitoring Plan Section
     
    1. Each fiscal year, after completing the Annual Subrecipient Risk Assessment Form, CPAS shall review and if needed revise the Subrecipient Risk-Based Monitoring Plan based on the results of assessment, by August 31st of each year.
       
    2. CPAS shall send the revised Risk-Based Monitoring Plan to the responsible divisions (Program, Contract Monitoring, and Finance) for approval within two (2) weeks. After receiving the approval of Subrecipient Risk-Based Monitoring Plan from the responsible managers, CPAS shall send the final approved versions of the Subrecipient Risk-Based Monitoring Plan to the appropriate Deputy Directors and Mental Health Program Manager III, whose teams should closely monitor if their provider is Medium or High risk.
       
    3. CPAS shall follow up on the implementation status of recommended actions defined in the Subrecipient Risk-Based Monitoring Plan the last day of February of following year.