In This Issue

New Officers / BoG

Tips for Earning CPEs

Job Opportunities

Nashville & Florida Seminars

2016 IIA Conferences

From the CAE Bulletin

Gleim Discount Information

Ready to re-hire employees?

Certification Information

Email

RochChapterIIA@gmail.com

2016-17 Rochester IIA Chapter Officers

Michelle Prichard, President

Susan Deasy, Vice President

(Programs)

Jeffrey DeCory, Vice President

(Communications)

Tim Hungerford, Treasurer

Barb Anderson, Secretary

2016-17 Rochester IIA Chapter Board of Governors

Ray Cardella

Sam DeLucia

David Hansen

Lori Flaherty

Teresa O’Hare

Dolores Pastro-Ziobro

Lindsay Prichard

Jamal Redding

Rachel Schlegel

Scott Etter

IIA: Rochester

CHAPTER NEWS – June 2016

Summer Update:

Please enjoy your summer! Our next live event is scheduled to take place in September (further information to come).

Please contact us with any potential program topics of interest at: rochchapteriia@gmail.com

Chapter Volunteer Opportunities

The Rochester IIA Chapter needs volunteers to help with Programs, Events and other Chapter Activities. If you are interested in getting involved, please contact the Rochester IIA at the email listed above.

Student Scholarships

Internal Auditor magazine launched a scholarship program at the beginning of 2016 for undergraduate and graduate students. Six US

$1,000, essay-based scholarships will be offered throughout the year to students who write the most informative and thought-provoking

essays, as judged by The IIA’s Publications Advisory Committee.

See https://iaonline.theiia.org/scholarships for more information.

The following Chapter Officer and Board of Governor positions were effective June 1, 2016:

Michelle Prichard President

Susan Deasy Co-Vice-President, Programs

Jeffrey DeCory Co-Vice-President, Communications

Tim Hungerford Treasurer

Barb Anderson Secretary

And the new/renewing Board members are:

Sam DeLucia Lori Flaherty

Richard Rogers David Hansen

Rachel Schlegel Scott Etter

https://iaonline.theiia.org/cpe-quiz

Please welcome our 2016 – 2017 slate of Chapter Officers and Board of Governors!

Looking to earn CPEs during the summer? Take the Internal Auditor magazine quiz!

CHAPTER OF EXCELLENCE

CIA Learning System

CONGRATULATIONS TO OUR ROCHESTER CHAPTER FOR BECOMING A 2015 CHAPTER OF

EXCELLENCE! The IIA Chapter of Excellence program was introduced in early 2010 to

recognize chapters for their belief in quality education and support of the CIA designation, specifically through The IIA’s CIA Learning System program.

This program not only helps provide CIA training to chapter members across the nation, but proceeds also support other IIA research and training

initiatives around the globe.

CIA Learning System • The IIA's CIA Learning System is a comprehensive training

course designed to provide chapters, members, and the audit community of professionals with information and tools to master the global CIA exam syllabus.

• This premier quality program is aligned with the International Professional Practices Framework (IPPF) to ensure you stay current with the global internal auditing profession and are ready for the CIA exam.

• It combines printed text with online testing tools and online questions.

Career Opportunities

Career Opportunities Members: Advertising your open position is a service that the Rochester Chapter provides as a benefit to members. Please submit your openings to: RochChapterIIA@gmail.com

Companies Postings for this Issue:

• Five Star Bank – Senior Internal Auditor

Description:

The Senior Internal Auditor is responsible for conducting and reporting on scheduled audits, Sarbanes –Oxley Section (SOX) 404 key control testing, investigations and departmental projects. Assignments range throughout varying areas of the Company, including audits technical in nature, highly regulated (consumer compliance), or of non-bank subsidiaries. The Senior Internal Auditor acts as a mentor to others within audit areas of proficiency. The Senior Internal Auditor is responsible to fulfill professional and organization responsibilities as outlined in the Internal Audit Department Manual, including the Standards for the Professional Practice of Internal Auditing and Code of Ethics, as well as the Internal Audit Program Charter. Job-Related Qualifications: Education: Required: Bachelors Degree - Accounting, Finance or related business curriculum with at least 12 hours in Accounting. Prior Experience: Required: 5+ years Type: Bank and/or Public Accounting Audit Experience Preferred: 8+ years Type: Bank and/or Public Accounting Audit Experience Licenses or Accreditation: Required: One or more of the following: • Certified Public Accountant (CPA) • Certified Internal Auditor (CIA) • Certified Bank Auditor (CBA) • Certified Financial Services Auditor (CFSA) • Certified Information Systems Auditor (CISA) • Certified Community Bank Internal Auditor (CCBIA)

For full job description please see attached file

Career Opportunities

Career Opportunities

Career Opportunities - Continued

• Wegmans – Senior Internal IT Auditor

Description:

This position is designed to assist management in effectively meeting company objectives by advising management regarding the effectiveness of company computer systems operations and system controls by completing data analytics. Job-Related Qualifications: Education: Bachelors Degree – Information Technology, Accounting, or Business Administration Prior Experience: Required: At least 4 years of audit experience, with a minimum of 3 years of analytical experience with large amounts of data Licenses or Accreditation / Other Preferred Competencies: Preferred: One or more of the following:

• Certified Information Systems Auditor (CISA) • Certified Fraud Examiner (CFE) • Member of Professional Organization (IIA, ISACA) • Masters in IT, Business Administration, or Math

For full job description please see attached file

Career Opportunities - Continued

• RIT – Senior Internal IT Auditor

Description:

The Associate Internal Auditor assists in, or leads with supervision, the performance of value-added financial, operational, and compliance audits of departments and processes. Other duties include consulting projects, performing engagement-level risk assessments, testing transactions, and analyzing business processes in order to identify opportunities to enhance internal controls and improve the university’s operational and financial performance. Job-Related Qualifications: Education: Bachelor’s degree in accounting or related field is required. Prior Experience: Required: Two to three years of experience in the field of accounting or auditing is required. Must be experienced with analyzing data, identifying risks and recommending solutions to improve business control environments. An understanding of the higher education industry is desirable. Experience communicating with individuals at all levels within an organization is desirable.

For full job description please see attached file

Nashville Seminar

October 18–21, 2016 - Location: MicroTek Training Facility

The following courses are being offered:

October 18-19, 2016

Financial Auditing for Internal Auditors

October 18-21, 2016

Auditor-in-charge Tools and Techniques

Beginning Auditor Tools and Techniques

October 20–21, 2016

Fundamentals of IT Auditing

For more information see the Seminars link under Training & Events at www.theiia.org

Palm Beach Seminar

August 29-01, 2016

Location: The Breakers Palm Beach (register before July 15 to save)

The following courses are being offered:

August 29-30, 2016

Analyzing and Improving Business Processes

Enterprise Risk Management Elements of the Process

Fundamentals of IT Auditing

Operational Auditing: Influencing Positive Change

August 29-September 01, 2016

Audit Manager Tools and Techniques

Auditor In-charge Tools and Techniques

Beginning Auditor Tools and Techniques

August 30-September 01, 2016

COSO Internal Control Certificate

August 31-September 01, 2016

Assessing Risk: Ensuring Internal Audit’s Value

Audit Report Writing

Logging In: Auditing Cybersecurity in an Unsecure World

For more information see the Seminars link under Training & Events at www.theiia.org

Chief Audit Executive

Call for Speakers: IIA speakers receive complimentary registration.

Chief Audit Executive (CAE) Resources

CAEs, also referred to as Heads of Internal Audit or Chief Internal Auditors, may access special resources designed specifically for their needs. Below are links to CAE services offered by The IIA.

Audit Executive Center The IIA's Audit Executive Center is the essential resource to empower chief audit executives to be

more successful. The Center's suite of information, products, and services will enable you to respond

to the unique challenges and emerging risks of the profession.

Nine Mistakes to Avoid When Moving to Cloud Services

From Robert Half Management Resources – June 2016

Ready to Rehire? How to Bring Back Former Employees

Would you rehire a former employee? If so, you’re not alone: A recent Accountemps survey found that 98

percent of human resources managers would welcome back a worker who had left the company on good terms.

Sometimes called “boomerang employees,” rehired workers come with plenty of benefits. They already

understand the company and they don’t need as much hand-holding. Also, you’re familiar with their talents,

skill set, personality and corporate fit, minimizing your chances of making a costly bad hire. In fact, boomerang

employees can be such an asset that some managers and HR departments choose to keep in contact with their

“alumni” as a way to recruit passively.

Here are some questions to ask yourself when you’re considering hiring boomerang employees, along with a

few tips for integrating them back into the office:

When to rehire

Of course, you wouldn’t rehire former workers who left on bad terms. But it’s not always the right move to ask

top performers to come back, either. Here are a few things to think about when former employees want to

return:

Why did the person resign from your company in the first place? If the employee left to take a

higher-level position elsewhere, then rehiring him for an even more senior role could be a smart move

— he’ll likely have valuable new skills and experience to bring to the job. The same is true if the

employee stepped down to further his education or attain a new certification. . Also, if you reluctantly let

someone go during downsizing, it’s wise to consider a rehire during a boom period.

However, if the employee resigned because he was dissatisfied with an aspect of the job — the salary,

benefits package, management, coworkers or company culture, for example — and the situation has not

changed, it’s probably not wise to rehire him. There’s a good chance he’ll soon find himself unhappy on

the job again.

Do you need someone to step in right away? Rehiring former employees can be useful when you have

a time-sensitive assignment or need to replace a departing worker as soon as possible. They’re a known

entity, so you don’t have to spend time checking their references or doing multiple rounds of interviews.

What does your current team say? When you’re considering a rehire, reach out to the employees who

worked closely with the person the first time around. They may have insights into the person’s skills and

fit for the workplace environment that you weren’t aware of.

How to approach rehiring

Even though boomerang employees can be great additions to your staff, there are right and wrong ways to

rehire someone. Keep these do’s and don’ts in mind:

DO meet with other candidates. Even if you think the former worker is the ideal person for the open

position, it never hurts to interview other candidates, as well. There might be one who’s an even better

fit for the job, or one who’d make a good candidate for another open position at your company.

DON’T skip the formal interview. People change. A former employee may have new professional

goals or constraints that prevent him from fulfilling certain job duties, such as traveling or working the

occasional late night. Also, if a boomerang employee has been gone a long time, his skills may not be as

sharp. Use the interview process to dig deeper, especially if the person is applying for a role that’s

different from the one he previously held.

DO clarify expectations. A returning employee may have preconceptions about the role she’s applying

for, based on what it was like when she used to be on staff. If the job duties have evolved or new skills

are required, make sure to explain that.

DON’T forget about other options. There are many types of work arrangements. If you can’t offer the

former employee a full-time position, consider using her talents as a part-time worker, contractor or

project professional.

DO keep the door open. Even if you decide against rehiring a former employee, or the person declines

the job offer, stay in touch. You never know when circumstances — or minds — will change.

As with any job candidate, it’s important to weigh the risks and benefits when contemplating a rehire. The

opportunity to bring back a former top worker might be welcome, but don’t neglect doing your due diligence

before you make the hire.

This article is provided courtesy of Robert Half Management Resources, the premier provider of senior-level accounting,

finance and business systems professionals to supplement companies' project and interim staffing needs. The company has

more than 145 locations worldwide and offers online job search services at www.roberthalfmr.com. Follow our blog at

blog.roberthalfmr.com.

From the CAE Bulletin – June 15th

Social Media Hacks Pose Threat to Workplace Cybersecurity

Data stolen from Myspace and LinkedIn highlights need for employees to use different passwords for work and

social media.

Audit executives should remain vigilant in the face of a growing use of social media for workplace purposes

including marketing, communications, and hiring.

A recent revelation by LinkedIn has been garnering headlines, even though it’s about an incident that

happened in 2012. The social media network originally reported that the emails and passwords for 6.5 million

users had been compromised, but now it’s saying that number could be as high as 170 million, according to

some accounts. In another twist, competing social media network Myspace had reported as many as half a

billion compromised accounts on May 31, and investigators believe the same individual hit both networks and

is selling the information to fraudsters on the internet.

The implications of the breaches on workplace cybersecurity were the subject of an article published June 2 by

the Society for Human Resource Management (SHRM). “The recent sale of online user data stolen from

Myspace and LinkedIn highlights the need for human resource information technology professionals to make

certain that employees aren’t using the same passwords for work and social media,” SHRM’s Aliah D. Wright

wrote in “Myspace, LinkedIn Hacks Could Compromise Workplace Security.”

The article quotes Dodi Glenn, vice president of cyber security for Iowa-based software firm PC Pitstop, about

how hackers work: “While many people may feel Myspace isn’t as popular as Facebook, Twitter, etc., the bigger

problem is password reuse,” Glenn said. “With username and password reuse, an individual may use the same

email address or username and password on site A that they would use on sites B and C. When site A gets

compromised, the hacker uses an underground tool to check other various sites to see if this account login and

password combination exists elsewhere.”

The article quotes internet cyber news operation Naked Security as saying the average professional has to

memorize 19 passwords between personal and work accounts, and says a survey by password management app

Password Boss found that 59 percent of consumers use the same passwords for multiple accounts because it’s

too difficult to remember a different one for each.

A survey last year by Software Advice, an advisory firm that is part of analyst firm Gartner, gauged the various

solutions workplaces are using to combat this situation: 54 percent of respondents said their employers require

them to use complex passwords, 51 percent are required to change passwords regularly, 41 percent said their

systems lock them out after too many failed attempts, 39 percent are not allowed to reuse passwords, and 29

percent are not allowed to use default passwords that come with a system.

User authentication can also be strengthened through tools designed to enhance password security, according

to the study. Experts recommend multi-factor authentication, requiring the user to provide a second piece of

information at sign-in — most commonly a randomly generated, one-time code sent via email or text. Even

Gmail now offers this feature as part of its service. Other tools include a password manager, which enables

users to remember only one master password, or password generators that produce long, complicated strings

of digits and numbers that are difficult for hackers to crack. Adoption rates are low for these tools, however, at

17 percent for multi-factor authentication, 14 percent for password manager, and 13 percent for random

password generator.

The implications for audit professionals are hard-hitting, according to an online article “In Cyber Risk

Management — Is Your Company Ready for Anything?” by Rick Tracy, chief security officer at Virginia-based

technology security firm Telos. He cites the current compromises of the social networks as well as the 2013

data breach at Target, which cost the company $162 million and the resignation of its CEO and CIO. “What

companies can take away from these examples is that a security breach can result in not only millions paid in

settlements, but also Federal Trade Commission fines, the resignation of high-level executives, and loss of

reputation,” Tracy wrote. “A Deloitte report found that security is the second-leading risk to a company’s

reputation, behind ethical issues. The fallout from these breaches can stretch out for years to come.”

The IIA is here to support your growth with tools and services to enhance your value proposition with your stakeholders.

From the IIA Website - Services

Audit Executive Center

The Center offers CAEs exclusive access to a Knowledge Center of

nearly 900 pieces of thought leadership and more than 1,200 tools,

templates, and planning resources. It saves busy executives precious

time by sifting through the onslaught of new information issued weekly

and synthesizing pertinent material in a concise, easy-to-read format.

Global Audit Information Network® (GAIN®) Benchmarking Tool

Take the guesswork out of evaluating how your internal audit

department measures up easily, affordably, and transparently with The

IIA’s GAIN Benchmarking Tool. Compare your audit department’s

size, experience, performance measures and other metrics against the

averages of similar organizations in peer groups that you choose.

American Center for Government Auditing (ACGA)

The ACGA is the premier resource for auditors in the public sector.

Supported by The IIA, the ACGA was established to deliver low-cost,

high-quality professional development; networking opportunities for

knowledge sharing; and ongoing relevant reporting on trends,

benchmarking, and thought leadership in the profession.

Quality Services

Establishing a Quality Assurance and Improvement Program (QAIP)

provides you with the peace of mind that your department in operating

at progressively higher standard and tells stakeholders that your team

“walks the walk.” The IIA offers guidance on establishing a QAIP, as

well as services for assessing your QAIP program.

Trends, Research, and Books

Whether you’re looking to validate your personal compensation or to

remain competitive from a recruitment and retention perspective, The

IIA’s annual Compensation Study puts the information you need in

hand. Additionally the Pulse of the Profession Study identifies trends

and emerging issues in the profession and with its stakeholders. The

IIA Research Foundation provides research reports and books that

explore critical concepts for implementing strategies to position CAEs

as trusted advisors

GLEIM CIA

Discounts

Click Link for Discount: https://www.gleim.com/?promoID=IIARochester