The Seventh Annual Pharmaceutical Regulatory and Compliance Congress

The Seventh Annual Pharmaceutical Regulatory and Compliance Congress and Best Practices Forum November 9, 2006 Washington, DC. 3. 06. Integrating Compliance with Business: Integrating Compliance Auditing & Monitoring with Internal Audit Facilitator Presenters Sheryl Vacca West Coast Practice Leader Life Science and Health Care Regulatory Practice Deloitte & Touche LLP David Chandler Director Corporate Compliance Amgen Wayne Davey Director Corporate Audit Amgen

Disclaimer The information presented and discussed represents the opinions of the authors/presenters and, although descriptive of general activities, they do not necessarily reflect the views of either Amgen or Deloitte & Touche LLP 2 © 2006 Deloitte & Touche LLP. All rights reserved.

Outline n Overview of Corporate Compliance and Corporate Audit at Amgen n This Session will discuss how Amgen’s Corporate Compliance and Corporate Audit have worked together n The presenters will provide insights into – The Corporate Compliance Program Structure – The Approach that Corporate Compliance and Corporate Audit have taken in defining Role and Responsibilities 3 © 2006 Deloitte & Touche LLP. All rights reserved.

Wayne Davey As Executive Director of Corporate Audit for Amgen, Wayne Davey works with the General Auditor, senior company management, and the audit function staff to provide independent, objective assurance and consulting services designed to add value and improve the operations of Amgen. Upon joining Amgen in June 2004, he became the Project Leader for Amgen’s successful Sarbanes-Oxley compliance and certification efforts. He is currently assigned to lead all worldwide operational and compliance audits. Prior to his current position at Amgen, Wayne was the CFO and VP of Business Operations at the Rockwell Scientific Company (RSC), a privately-held technology company with approximately $110 million in annual sales. Prior to his position at RSC, he served as Director of Corporate Accounting for Rockwell International and then later in a similar position at Hughes Electronics. Wayne received a BS degree from the University of Arizona and an MBA degree from UCLA. 4 © 2006 Deloitte & Touche LLP. All rights reserved.

David Chandler is a Director of Corporate Compliance over the Outcomes and Analysis program at Amgen Inc. His responsibilities include the selection and deployment of a unified audit management system, analysis of audit data within and across audit organizations, and reporting on critical audit findings to executive management. Prior to his current position he was the Manager of the Compliance and Regulatory program at 3 M Pharmaceuticals where his responsibilities included monitoring and developing compliance programs for c. GMP, GCP, GLP, HIPAA, Pharmacovigilance, PDMA, WLF, Ph. RMA Code of Conduct, OIG Guidance, Medical Education, State reporting requirements, and grant and consultant activities. Previous position included Manager of Toxicology at 3 M Corporation, Director of the Hazardous Materials Program for the State of Oregon and Principle/Director of the Chemical and Risk Information System and Associate Professor at Oregon Health Sciences University. David holds a Ph. D. in Pharmacology/Toxicology from the University of California, Davis, and an MBA from the University of St. Thomas. 5 © 2006 Deloitte & Touche LLP. All rights reserved.

Sheryl Vacca is the West Coast Practice Leader in the Life Sciences Regulatory Practice at Deloitte & Touche LLP. Sheryl is also the National Lead for Health Care Internal Audit for Deloitte. Sheryl has been in life science for 28 years and has a significant amount of experience in regulatory compliance, auditing and monitoring and dispute areas in life sciences. She has been involved with the development of compliance and operational controls, internal audit and has expertise in providing advice on regulatory compliance issues for life science focusing on internal control process, key risk areas in regulatory compliance, financial and compliance due diligence, operational design and litigation support including voluntary disclosures to enforcement agencies. Sheryl is a nationally recognized speaker and has published on compliance related topics, including auditing and monitoring concepts, quality of care, compliance program elements and compliance program effectiveness. Ms. Vacca is a Past President and current Board Member of the Health Care Compliance Association. Ms. Vacca has her BSN and also holds a master’s degree in administration. She is also a member of the Editorial Board for the Journal of Health Care Compliance, published by Aspen Publishers. 6 © 2006 Deloitte & Touche LLP. All rights reserved.

Amgen’s Corporate Compliance Model is Based on Embedded Compliance Functions with Centralized Oversight Board Compliance Committee Structure Corporate Compliance Department Compliance Council CEO Staff Steering Committees Embedded Compliance Functions Key Compliance Obligations All Amgen staff members and contractors Manufacturing & Distribution Research & Development Healthcare & Competition § Good Manufacturing Practices (GMP) § Good Clinical Practices (GCP) § Anti-kickback/ Sponsorship Laws § Anti-trust/ Competition § Drug Safety / Pharmacovigilance § Pricing & Reimbursement § Promotional Activities § Import/Export Controls § Good Laboratory Practices (GLP) § DEA Licensure § Animal Research (USDA) Corporate § Affirmative Action / EEO § Anti-corruption § Environmental, Health & Safety § Good Records Practices § Privacy § Validation 7 © 2006 Deloitte & Touche LLP. All rights reserved.

Corporate Audit has Responsibility for General and Financial Audits Board of Directors K. K. Shearer Sharer CEO Audit Committee R. Nanula CFO KPMG E&Y Corporate Audit Direct link to Audit Committee provides • Independence for Financial Reviews Direct link To Senior Management provides • Strategic Direction for Operational Reviews • Exposure & Development Opportunities 8 © 2006 Deloitte & Touche LLP. All rights reserved.

Corporate Audit has Responsibility for General and Financial Audits, Consulting and Investigations Audits • Audit Plan developed from an assessment or management request • Broad scope designed to provide assurance as to the internal control environment • Results shared with Sr. management, Audit Committee and E&Y • Examples: - Financial reporting / Sarbanes Oxley - Information Systems - 3 rd Party Vendors Consulting Investigations • • Management requests Controls designed and new system/processes Memo’s issued; no ratings given Examples: - Push-to-Purchase - SOX - ERP • Narrowly focused • Conducted in response to specific allegations • Results may be shared with management 9 © 2006 Deloitte & Touche LLP. All rights reserved.

For Selected Compliance Audits Where Corporate Audit Will Be Conducting the Audit the Following Roles and Responsibilities Have Been Determined Audit Policy Step Process Step Corporate Compliance/Law Corporate Audit n/a Develop catalog of key legal obligations Lead n/a Develop risk survey Lead Participate n/a Conduct risk assessment of controls for all significant compliance risks Lead Participate n/a Prioritize risk area/gaps Co-Lead (with Embedded Compliance Officer) Participate Annual Compliance Risk Assessment (Planning) Pre-audit process analysis (alignment of risk assessment and test plan) Co-Lead (with Embedded Compliance Officer) Co-Lead Audit Execution Audit execution Participate Lead Audit Report/Communication Analyze findings Co-Lead Audit Report/Communication Issue Report to CCO Participate/Review Lead Audit Report/Communication Issue Report to Auditee Lead Participate Follow-up Plan and Closure Corrective Action Proposed by Auditee and Accepted Co-Lead Follow-up Conduct Compliance or Financial Investigations Lead Compliance Investigation Lead Financial Investigations Follow-up Conduct Non-Investigation Follow-up Compliance Audits Co-Lead Follow-up Monitor Corrective Action Participate 10 © 2006 Deloitte & Touche LLP. All rights reserved.

QUESTIONS? 11 © 2006 Deloitte & Touche LLP. All rights reserved.

About Amgen discovers, develops and delivers innovative human therapeutics. A biotechnology pioneer since 1980, Amgen was one of the first companies to realize the new science's promise by bringing safe and effective medicines from lab, to manufacturing plant, to patient. Amgen therapeutics have changed the practice of medicine, helping millions of people around the world in the fight against cancer, kidney disease, rheumatoid arthritis, and other serious illnesses. With a broad and deep pipeline of potential new medicines, Amgen remains committed to advancing science to dramatically improve people's lives. To learn more about our pioneering science and our vital medicines, visit www. amgen. com. About Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, its member firms and their respective subsidiaries and affiliates. As a Swiss Verein (association), neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other’s acts or omissions. Each of the member firms is a separate and independent legal entity operating under the names “Deloitte”, “Deloitte & Touche”, “Deloitte Touche Tohmatsu” or other related names. Services are provided by the member firms or their subsidiaries or affiliates and not by the Deloitte Touche Tohmatsu Verein. Deloitte & Touche USA LLP is the U. S. member firm of Deloitte Touche Tohmatsu. In the U. S. , services are provided by the subsidiaries of Deloitte & Touche USA LLP (Deloitte & Touche LLP, Deloitte Consulting LLP, Deloitte Financial Advisory Services LLP, Deloitte Tax LLP and their subsidiaries), and not by Deloitte & Touche USA LLP. 12 © 2006 Deloitte & Touche LLP. All rights reserved.