• Assist with maintaining the Internal Controls Assessment Program (iCap). • Evaluate design and operating effectiveness of internal (SOX) controls by performing audit procedures. • Develop conclusions based on objective evidence and formulate recommendations to address control weaknesses. • Provide visible leadership, dedicated support, and mentorship to process owners. • Work with outside auditors to support the external audit function.

• Conduct assessments of medical services to validate their appropriateness using established criteria and guidelines, ensuring the medical necessity of treatments (e.g., CMS, Milliman Care Guidelines, InterQual, or health plan specific guidelines/criteria). • Examine and evaluate patient records to verify the quality of patient care and the necessity of provided services. • Offer clinical expertise and serve as a clinical reference for non-clinical staff members. • Input and manage essential clinical details within various medical management platforms. • Keep up-to-date with regulatory prerequisites (such as URAC) and state standards for utilization review. • Apply clinical reasoning to determine the suitable evidence-based guidelines. • Foster efficient and high-quality patient care by effectively communicating with management teams, physicians, and the Medical Director.

• Oversee work performed by the BH audit program to ensure that EXL’s standard of accuracy is met. • Audits are performed by validating the accuracy of the coding billed in relation to the medical documentation. • Determine if a discrepancy exists in the coding and documents the findings. • Undertake a quality review of random and targeted coding audits to check the accuracy and completeness of audits performed.

• Develop, implement, and maintain compliance policies and procedures • Collaborate in the development and maintenance of an information security policy set, including standards and processes that fit the organization at all levels and ensure the confidentiality, integrity, and availability of the enterprises’ information • Seek and confirm management approval as required • Liaise with Service Delivery and Product Development to ensure that information security architecture standards, policies, and procedures are available and enacted consistently across application development projects, programs, and eDiscovery workflows • Assist in conducting regular audits and assessments to ensure adherence to regulatory requirements • Ensure operational compliance of the information assurance and privacy compliance programs, including but not limited to SOC II, ISO 27001, and HIPAA • Monitor and analyze regulatory changes and their impact on the company • Develop and maintain a working knowledge of company's service offerings and products within the eDiscovery industry • Provide training and support to employees on compliance-related matters within an eDiscovery framework • Investigate and resolve compliance issues and complaints • Prepare and submit compliance reports to regulatory bodies and senior management • Collaborate with client services, sales, legal, finance, and other departments to ensure comprehensive compliance coverage • Maintain up-to-date knowledge of industry best practices and regulatory developments • Manage incoming security assessments from clients and ensure timely responses • Review and assess vendors within the contracting platform to ensure compliance with company standards • Oversee and maintain risk register, ensuring timely resolutions of open risks • Ensure that strategic information security and risk guidance is provided to third-party suppliers in accordance with internal frameworks and ensure compliance with enterprise and/or client required controls • Coordinate with stakeholders, subject matter experts, and external regulators with enterprise incident management, including the identification, reporting, control, and recovery of incidents • Work with stakeholders to ensure that availability of information is considered in Business Continuity and Disaster Recovery planning • Coordinate with IT leadership on IT/DR plan development and facilitate tabletop exercises • Participate in the Information Security Steering Counsel and provide guidance to non-technical members of the council to ensure all members’ effectiveness • Build sound, collaborative business relationships across the enterprise to enable a strong understanding and close alignment with business needs, direction, and risk appetite • Foster continuous improvement of enterprise’s information security and privacy compliance through accurate, timely and effective metrics and corrective action programs • Ability to plan, scope and estimate work effort to produce high quality deliverables in time/on budget • Perform other related duties as assigned