iia: rochester · 2016-17 rochester iia ... specifically through the iia’s cia learning system...
TRANSCRIPT
In This Issue
New Officers / BoG
Tips for Earning CPEs
Job Opportunities
Nashville & Florida Seminars
2016 IIA Conferences
From the CAE Bulletin
Gleim Discount Information
Ready to re-hire employees?
Certification Information
2016-17 Rochester IIA Chapter Officers
Michelle Prichard, President
Susan Deasy, Vice President
(Programs)
Jeffrey DeCory, Vice President
(Communications)
Tim Hungerford, Treasurer
Barb Anderson, Secretary
2016-17 Rochester IIA Chapter Board of Governors
Ray Cardella
Sam DeLucia
David Hansen
Lori Flaherty
Teresa O’Hare
Dolores Pastro-Ziobro
Lindsay Prichard
Jamal Redding
Rachel Schlegel
Scott Etter
IIA: Rochester
CHAPTER NEWS – June 2016
Summer Update:
Please enjoy your summer! Our next live event is scheduled to take place in September (further information to come).
Please contact us with any potential program topics of interest at: [email protected]
Chapter Volunteer Opportunities
The Rochester IIA Chapter needs volunteers to help with Programs, Events and other Chapter Activities. If you are interested in getting involved, please contact the Rochester IIA at the email listed above.
Student Scholarships
Internal Auditor magazine launched a scholarship program at the beginning of 2016 for undergraduate and graduate students. Six US
$1,000, essay-based scholarships will be offered throughout the year to students who write the most informative and thought-provoking
essays, as judged by The IIA’s Publications Advisory Committee.
See https://iaonline.theiia.org/scholarships for more information.
The following Chapter Officer and Board of Governor positions were effective June 1, 2016:
Michelle Prichard President
Susan Deasy Co-Vice-President, Programs
Jeffrey DeCory Co-Vice-President, Communications
Tim Hungerford Treasurer
Barb Anderson Secretary
And the new/renewing Board members are:
Sam DeLucia Lori Flaherty
Richard Rogers David Hansen
Rachel Schlegel Scott Etter
https://iaonline.theiia.org/cpe-quiz
Please welcome our 2016 – 2017 slate of Chapter Officers and Board of Governors!
Looking to earn CPEs during the summer? Take the Internal Auditor magazine quiz!
CHAPTER OF EXCELLENCE
CIA Learning System
CONGRATULATIONS TO OUR ROCHESTER CHAPTER FOR BECOMING A 2015 CHAPTER OF
EXCELLENCE! The IIA Chapter of Excellence program was introduced in early 2010 to
recognize chapters for their belief in quality education and support of the CIA designation, specifically through The IIA’s CIA Learning System program.
This program not only helps provide CIA training to chapter members across the nation, but proceeds also support other IIA research and training
initiatives around the globe.
CIA Learning System • The IIA's CIA Learning System is a comprehensive training
course designed to provide chapters, members, and the audit community of professionals with information and tools to master the global CIA exam syllabus.
• This premier quality program is aligned with the International Professional Practices Framework (IPPF) to ensure you stay current with the global internal auditing profession and are ready for the CIA exam.
• It combines printed text with online testing tools and online questions.
Career Opportunities
Career Opportunities Members: Advertising your open position is a service that the Rochester Chapter provides as a benefit to members. Please submit your openings to: [email protected]
Companies Postings for this Issue:
• Five Star Bank – Senior Internal Auditor
Description:
The Senior Internal Auditor is responsible for conducting and reporting on scheduled audits, Sarbanes –Oxley Section (SOX) 404 key control testing, investigations and departmental projects. Assignments range throughout varying areas of the Company, including audits technical in nature, highly regulated (consumer compliance), or of non-bank subsidiaries. The Senior Internal Auditor acts as a mentor to others within audit areas of proficiency. The Senior Internal Auditor is responsible to fulfill professional and organization responsibilities as outlined in the Internal Audit Department Manual, including the Standards for the Professional Practice of Internal Auditing and Code of Ethics, as well as the Internal Audit Program Charter. Job-Related Qualifications: Education: Required: Bachelors Degree - Accounting, Finance or related business curriculum with at least 12 hours in Accounting. Prior Experience: Required: 5+ years Type: Bank and/or Public Accounting Audit Experience Preferred: 8+ years Type: Bank and/or Public Accounting Audit Experience Licenses or Accreditation: Required: One or more of the following: • Certified Public Accountant (CPA) • Certified Internal Auditor (CIA) • Certified Bank Auditor (CBA) • Certified Financial Services Auditor (CFSA) • Certified Information Systems Auditor (CISA) • Certified Community Bank Internal Auditor (CCBIA)
For full job description please see attached file
Career Opportunities
Career Opportunities
Career Opportunities - Continued
• Wegmans – Senior Internal IT Auditor
Description:
This position is designed to assist management in effectively meeting company objectives by advising management regarding the effectiveness of company computer systems operations and system controls by completing data analytics. Job-Related Qualifications: Education: Bachelors Degree – Information Technology, Accounting, or Business Administration Prior Experience: Required: At least 4 years of audit experience, with a minimum of 3 years of analytical experience with large amounts of data Licenses or Accreditation / Other Preferred Competencies: Preferred: One or more of the following:
• Certified Information Systems Auditor (CISA) • Certified Fraud Examiner (CFE) • Member of Professional Organization (IIA, ISACA) • Masters in IT, Business Administration, or Math
For full job description please see attached file
Career Opportunities - Continued
• RIT – Senior Internal IT Auditor
Description:
The Associate Internal Auditor assists in, or leads with supervision, the performance of value-added financial, operational, and compliance audits of departments and processes. Other duties include consulting projects, performing engagement-level risk assessments, testing transactions, and analyzing business processes in order to identify opportunities to enhance internal controls and improve the university’s operational and financial performance. Job-Related Qualifications: Education: Bachelor’s degree in accounting or related field is required. Prior Experience: Required: Two to three years of experience in the field of accounting or auditing is required. Must be experienced with analyzing data, identifying risks and recommending solutions to improve business control environments. An understanding of the higher education industry is desirable. Experience communicating with individuals at all levels within an organization is desirable.
For full job description please see attached file
Nashville Seminar
October 18–21, 2016 - Location: MicroTek Training Facility
The following courses are being offered:
October 18-19, 2016
Financial Auditing for Internal Auditors
October 18-21, 2016
Auditor-in-charge Tools and Techniques
Beginning Auditor Tools and Techniques
October 20–21, 2016
Fundamentals of IT Auditing
For more information see the Seminars link under Training & Events at www.theiia.org
Palm Beach Seminar
August 29-01, 2016
Location: The Breakers Palm Beach (register before July 15 to save)
The following courses are being offered:
August 29-30, 2016
Analyzing and Improving Business Processes
Enterprise Risk Management Elements of the Process
Fundamentals of IT Auditing
Operational Auditing: Influencing Positive Change
August 29-September 01, 2016
Audit Manager Tools and Techniques
Auditor In-charge Tools and Techniques
Beginning Auditor Tools and Techniques
August 30-September 01, 2016
COSO Internal Control Certificate
August 31-September 01, 2016
Assessing Risk: Ensuring Internal Audit’s Value
Audit Report Writing
Logging In: Auditing Cybersecurity in an Unsecure World
For more information see the Seminars link under Training & Events at www.theiia.org
Chief Audit Executive
Call for Speakers: IIA speakers receive complimentary registration.
Chief Audit Executive (CAE) Resources
CAEs, also referred to as Heads of Internal Audit or Chief Internal Auditors, may access special resources designed specifically for their needs. Below are links to CAE services offered by The IIA.
Audit Executive Center The IIA's Audit Executive Center is the essential resource to empower chief audit executives to be
more successful. The Center's suite of information, products, and services will enable you to respond
to the unique challenges and emerging risks of the profession.
Nine Mistakes to Avoid When Moving to Cloud Services
From Robert Half Management Resources – June 2016
Ready to Rehire? How to Bring Back Former Employees
Would you rehire a former employee? If so, you’re not alone: A recent Accountemps survey found that 98
percent of human resources managers would welcome back a worker who had left the company on good terms.
Sometimes called “boomerang employees,” rehired workers come with plenty of benefits. They already
understand the company and they don’t need as much hand-holding. Also, you’re familiar with their talents,
skill set, personality and corporate fit, minimizing your chances of making a costly bad hire. In fact, boomerang
employees can be such an asset that some managers and HR departments choose to keep in contact with their
“alumni” as a way to recruit passively.
Here are some questions to ask yourself when you’re considering hiring boomerang employees, along with a
few tips for integrating them back into the office:
When to rehire
Of course, you wouldn’t rehire former workers who left on bad terms. But it’s not always the right move to ask
top performers to come back, either. Here are a few things to think about when former employees want to
return:
Why did the person resign from your company in the first place? If the employee left to take a
higher-level position elsewhere, then rehiring him for an even more senior role could be a smart move
— he’ll likely have valuable new skills and experience to bring to the job. The same is true if the
employee stepped down to further his education or attain a new certification. . Also, if you reluctantly let
someone go during downsizing, it’s wise to consider a rehire during a boom period.
However, if the employee resigned because he was dissatisfied with an aspect of the job — the salary,
benefits package, management, coworkers or company culture, for example — and the situation has not
changed, it’s probably not wise to rehire him. There’s a good chance he’ll soon find himself unhappy on
the job again.
Do you need someone to step in right away? Rehiring former employees can be useful when you have
a time-sensitive assignment or need to replace a departing worker as soon as possible. They’re a known
entity, so you don’t have to spend time checking their references or doing multiple rounds of interviews.
What does your current team say? When you’re considering a rehire, reach out to the employees who
worked closely with the person the first time around. They may have insights into the person’s skills and
fit for the workplace environment that you weren’t aware of.
How to approach rehiring
Even though boomerang employees can be great additions to your staff, there are right and wrong ways to
rehire someone. Keep these do’s and don’ts in mind:
DO meet with other candidates. Even if you think the former worker is the ideal person for the open
position, it never hurts to interview other candidates, as well. There might be one who’s an even better
fit for the job, or one who’d make a good candidate for another open position at your company.
DON’T skip the formal interview. People change. A former employee may have new professional
goals or constraints that prevent him from fulfilling certain job duties, such as traveling or working the
occasional late night. Also, if a boomerang employee has been gone a long time, his skills may not be as
sharp. Use the interview process to dig deeper, especially if the person is applying for a role that’s
different from the one he previously held.
DO clarify expectations. A returning employee may have preconceptions about the role she’s applying
for, based on what it was like when she used to be on staff. If the job duties have evolved or new skills
are required, make sure to explain that.
DON’T forget about other options. There are many types of work arrangements. If you can’t offer the
former employee a full-time position, consider using her talents as a part-time worker, contractor or
project professional.
DO keep the door open. Even if you decide against rehiring a former employee, or the person declines
the job offer, stay in touch. You never know when circumstances — or minds — will change.
As with any job candidate, it’s important to weigh the risks and benefits when contemplating a rehire. The
opportunity to bring back a former top worker might be welcome, but don’t neglect doing your due diligence
before you make the hire.
This article is provided courtesy of Robert Half Management Resources, the premier provider of senior-level accounting,
finance and business systems professionals to supplement companies' project and interim staffing needs. The company has
more than 145 locations worldwide and offers online job search services at www.roberthalfmr.com. Follow our blog at
blog.roberthalfmr.com.
From the CAE Bulletin – June 15th
Social Media Hacks Pose Threat to Workplace Cybersecurity
Data stolen from Myspace and LinkedIn highlights need for employees to use different passwords for work and
social media.
Audit executives should remain vigilant in the face of a growing use of social media for workplace purposes
including marketing, communications, and hiring.
A recent revelation by LinkedIn has been garnering headlines, even though it’s about an incident that
happened in 2012. The social media network originally reported that the emails and passwords for 6.5 million
users had been compromised, but now it’s saying that number could be as high as 170 million, according to
some accounts. In another twist, competing social media network Myspace had reported as many as half a
billion compromised accounts on May 31, and investigators believe the same individual hit both networks and
is selling the information to fraudsters on the internet.
The implications of the breaches on workplace cybersecurity were the subject of an article published June 2 by
the Society for Human Resource Management (SHRM). “The recent sale of online user data stolen from
Myspace and LinkedIn highlights the need for human resource information technology professionals to make
certain that employees aren’t using the same passwords for work and social media,” SHRM’s Aliah D. Wright
wrote in “Myspace, LinkedIn Hacks Could Compromise Workplace Security.”
The article quotes Dodi Glenn, vice president of cyber security for Iowa-based software firm PC Pitstop, about
how hackers work: “While many people may feel Myspace isn’t as popular as Facebook, Twitter, etc., the bigger
problem is password reuse,” Glenn said. “With username and password reuse, an individual may use the same
email address or username and password on site A that they would use on sites B and C. When site A gets
compromised, the hacker uses an underground tool to check other various sites to see if this account login and
password combination exists elsewhere.”
The article quotes internet cyber news operation Naked Security as saying the average professional has to
memorize 19 passwords between personal and work accounts, and says a survey by password management app
Password Boss found that 59 percent of consumers use the same passwords for multiple accounts because it’s
too difficult to remember a different one for each.
A survey last year by Software Advice, an advisory firm that is part of analyst firm Gartner, gauged the various
solutions workplaces are using to combat this situation: 54 percent of respondents said their employers require
them to use complex passwords, 51 percent are required to change passwords regularly, 41 percent said their
systems lock them out after too many failed attempts, 39 percent are not allowed to reuse passwords, and 29
percent are not allowed to use default passwords that come with a system.
User authentication can also be strengthened through tools designed to enhance password security, according
to the study. Experts recommend multi-factor authentication, requiring the user to provide a second piece of
information at sign-in — most commonly a randomly generated, one-time code sent via email or text. Even
Gmail now offers this feature as part of its service. Other tools include a password manager, which enables
users to remember only one master password, or password generators that produce long, complicated strings
of digits and numbers that are difficult for hackers to crack. Adoption rates are low for these tools, however, at
17 percent for multi-factor authentication, 14 percent for password manager, and 13 percent for random
password generator.
The implications for audit professionals are hard-hitting, according to an online article “In Cyber Risk
Management — Is Your Company Ready for Anything?” by Rick Tracy, chief security officer at Virginia-based
technology security firm Telos. He cites the current compromises of the social networks as well as the 2013
data breach at Target, which cost the company $162 million and the resignation of its CEO and CIO. “What
companies can take away from these examples is that a security breach can result in not only millions paid in
settlements, but also Federal Trade Commission fines, the resignation of high-level executives, and loss of
reputation,” Tracy wrote. “A Deloitte report found that security is the second-leading risk to a company’s
reputation, behind ethical issues. The fallout from these breaches can stretch out for years to come.”
The IIA is here to support your growth with tools and services to enhance your value proposition with your stakeholders.
From the IIA Website - Services
Audit Executive Center
The Center offers CAEs exclusive access to a Knowledge Center of
nearly 900 pieces of thought leadership and more than 1,200 tools,
templates, and planning resources. It saves busy executives precious
time by sifting through the onslaught of new information issued weekly
and synthesizing pertinent material in a concise, easy-to-read format.
Global Audit Information Network® (GAIN®) Benchmarking Tool
Take the guesswork out of evaluating how your internal audit
department measures up easily, affordably, and transparently with The
IIA’s GAIN Benchmarking Tool. Compare your audit department’s
size, experience, performance measures and other metrics against the
averages of similar organizations in peer groups that you choose.
American Center for Government Auditing (ACGA)
The ACGA is the premier resource for auditors in the public sector.
Supported by The IIA, the ACGA was established to deliver low-cost,
high-quality professional development; networking opportunities for
knowledge sharing; and ongoing relevant reporting on trends,
benchmarking, and thought leadership in the profession.
Quality Services
Establishing a Quality Assurance and Improvement Program (QAIP)
provides you with the peace of mind that your department in operating
at progressively higher standard and tells stakeholders that your team
“walks the walk.” The IIA offers guidance on establishing a QAIP, as
well as services for assessing your QAIP program.
Trends, Research, and Books
Whether you’re looking to validate your personal compensation or to
remain competitive from a recruitment and retention perspective, The
IIA’s annual Compensation Study puts the information you need in
hand. Additionally the Pulse of the Profession Study identifies trends
and emerging issues in the profession and with its stakeholders. The
IIA Research Foundation provides research reports and books that
explore critical concepts for implementing strategies to position CAEs
as trusted advisors
GLEIM CIA
Discounts
Click Link for Discount: https://www.gleim.com/?promoID=IIARochester