These answers draw in part from “Conducting Internal Audits: A Balancing Act of Clinical and Operational Needs” by Mark Palmieri, Psy.D., BCBA-D (BehaviorLive), and extend it with peer-reviewed research from our library of 27,900+ ABA research articles. Clinical framing, BACB ethics code references, and cross-links below are synthesized by Behaviorist Book Club.
View the original presentation →An internal audit systematically examines organizational processes, clinical practices, and documentation to identify compliance gaps, financial risk, and quality improvement opportunities before they result in denials, regulatory action, or client harm. In ABA specifically, audits typically review authorization compliance, session note quality, billing accuracy, treatment plan currency, and supervision documentation. The goal is to surface problems early, when remediation is easier and less costly, rather than discovering them during an external payer audit or licensing review. Regular internal auditing also supports continuous quality improvement rather than episodic crisis management.
Effective cross-functional KPIs bridge clinical quality and operational performance. Clinical KPIs include treatment plan update compliance rates, session fidelity scores, assessment-to-treatment-plan alignment, and caregiver training completion. Operational KPIs include authorization approval rates, session note conversion timelines, claim submission lag, denial rates by reason code, and re-authorization success rates. Organizations benefit most from tracking both categories and reviewing them jointly — a high fidelity score alongside a high denial rate often signals a documentation quality gap rather than a true clinical failure, and recognizing that distinction drives the right corrective action.
Reporting format should match the audience's decision-making role. Executive leadership benefits from summary dashboards with trend lines and high-level risk flags. Clinical supervisors need team-level breakdowns that allow them to identify which providers or service types are driving metrics. Front-line staff benefit from individual feedback tied to specific, correctable behaviors — a BCBA receiving feedback on documentation quality needs to know which specific elements are deficient, not just that their overall score is below benchmark. Presenting findings alongside context (benchmarks, trends, explanatory factors) reduces defensiveness and supports productive action.
Recurring findings in ABA audits typically include session notes that are vague, templated, or insufficiently tied to treatment plan goals; treatment plans that are not updated within required authorization timeframes; authorization gaps where services were delivered outside approved parameters; supervision documentation that doesn't meet BACB or payer requirements; and caregiver training that was not delivered as documented in the treatment plan. Billing-specific findings often include timely filing errors, procedure code mismatches, and under-documentation of medical necessity. Many of these issues stem from training gaps or workflow failures rather than intentional non-compliance.
A tiered risk framework is the most practical approach. High-risk findings — potential fraud and abuse exposure, immediate client safety risks, systemic documentation falsification — require immediate escalation and may require regulatory reporting. Moderate-risk findings, such as authorization utilization patterns suggesting under-delivery or sporadic documentation deficiencies, warrant formal corrective action plans with defined timelines. Low-risk findings can be addressed through routine training updates and process improvements. The key principle is proportional response: treating every finding as a five-alarm event creates audit fatigue and paralyzes teams, while under-responding to genuine risk creates organizational vulnerability.
Ethics Code 4.09 (Addressing Conditions That Interfere with Service Delivery) requires BCBAs to act when organizational conditions are preventing clients from receiving appropriate services — documenting a finding without corrective action is insufficient. Ethics Code 1.03 (Accountability) requires accurate representation of services and outcomes, which extends to honest reporting of audit findings to leadership. When audit data reveals potential ethics violations by colleagues, Ethics Code 4.11 may require action depending on severity and organizational response. BCBAs with audit responsibilities must navigate the tension between organizational loyalty and their independent professional obligations.
Internal auditing creates a documented record of organizational due diligence. In a payer audit or regulatory investigation, organizations that can demonstrate they identified and corrected compliance issues proactively are treated substantially more favorably than those that appear to have had no oversight function. For individual BCBAs, participation in an audit program demonstrates professional accountability. Documentation of audit activities, findings, and corrective actions also protects against retrospective accusations of knowing participation in non-compliant billing practices — demonstrating you identified and escalated a concern provides a meaningful defense.
Audit frequency should match the risk level of the area being reviewed. Session note quality and authorization compliance, which directly affect cash flow and fraud risk, typically warrant monthly review for high-volume areas. Treatment plan update compliance can often be reviewed on a quarterly cadence. Supervision documentation audits are often tied to the BACB's supervision cycle timelines. New programs, new providers, and high-risk payer contracts may warrant more intensive initial review before transitioning to a maintenance schedule. The key is to establish a structured cadence rather than conducting audits only in response to identified problems.
Utilization management monitors whether authorized services are being delivered at the authorized level — neither under-delivered nor over-delivered relative to what was approved. Internal auditing intersects with utilization management by examining whether utilization data is accurate, whether under-utilization reflects clinical decisions or operational barriers, and whether authorization requests are aligned with actual service delivery. Persistent under-utilization can trigger payer concern about medical necessity at re-authorization, while over-utilization creates billing exposure. BCBAs who understand utilization management can build treatment plans that deliver clinically appropriate services while maintaining authorization alignment.
Denial data is most useful when analyzed by reason code and aggregated across providers and payer types to identify patterns. A cluster of medical necessity denials for specific procedure codes often signals a documentation training need. Timely filing denials point to workflow breakdowns between session delivery and claim submission. Duplicate claim denials suggest billing system errors. Rather than treating each denial as an isolated billing issue, organizations that track denial patterns across quarters can identify the root causes — clinical documentation gaps, training deficiencies, or system failures — and address them at the source. Monthly denial trend analysis shared in clinical-operations joint review meetings is a high-yield practice.
The ABA Clubhouse has 60+ on-demand CEUs including ethics, supervision, and clinical topics like this one. Plus a new live CEU every Wednesday.
Ready to go deeper? This course covers this topic with structured learning objectives and CEU credit.
Conducting Internal Audits: A Balancing Act of Clinical and Operational Needs — Mark Palmieri · 1 BACB Supervision CEUs · $30
Take This Course →We extended these answers with research from our library — dig into the peer-reviewed studies behind the topic, in plain-English summaries written for BCBAs.
200 research articles with practitioner takeaways
188 research articles with practitioner takeaways
149 research articles with practitioner takeaways
1 BACB Supervision CEUs · $30 · BehaviorLive
Research-backed educational guide with practice recommendations
Side-by-side comparison with clinical decision framework
You earn CEUs from a dozen different places. Upload any certificate — from here, your employer, conferences, wherever — and always know exactly where you stand. Learning, Ethics, Supervision, all handled.
No credit card required. Cancel anytime.
All behavior-analytic intervention is individualized. The information on this page is for educational purposes and does not constitute clinical advice. Treatment decisions should be informed by the best available published research, individualized assessment, and obtained with the informed consent of the client or their legal guardian. Behavior analysts are responsible for practicing within the boundaries of their competence and adhering to the BACB Ethics Code for Behavior Analysts.