tuesday june 6, 2017 8:00 am 5:00 pm documents... · tuesday june 6, 2017 7:30 – 10:00 am chief...
TRANSCRIPT
![Page 1: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/1.jpg)
Tuesday June 6, 2017 8:00 AM – 5:00 PM
WRK 1: Fraud Issues & Answers for Internal Auditors Workshop
John Hall, CPA, Certified Board Advisor President
Hall Consulting, Inc. This “how-to” workshop for audit and anti-fraud professionals will help participants be more
effective in their fraud prevention, detection, and handling responsibilities. Participants will
learn action steps for elevating their fraud risk management skills. We’ll make heavy use of case
examples and their lessons for auditors as well as individual and group brainstorming exercises
and discussion.
In this seminar, participants will:
Learn “next-step” practices in prevention, early detection, and effective incident response.
Learn how to assist management in creating an anti-fraud business environment. Learn three-step fraud detection and develop lists of fraud red flags, indicators, and
symptoms.
Understand the special challenges in contracting, procurement, and related-party relationships.
Develop high-impact fraud risk management audit techniques.
John Hall specializes in skills training programs and conference presentations for internal
auditors, CPAs, management groups, and professional associations. He also coaches internal
audit professionals in how to increase their effectiveness, clarify and meet their business and
personal goals, and move their careers forward. Hall has 40 years of experience as a consultant,
speaker, auditor, and business coach and owner. He has worked in senior leadership positions
in large corporations and international public accounting firms. He wrote The Anti-Fraud Toolkit
and the award-winning book Do What You Can! Simple Steps – Extraordinary Results.
Additionally, he created and facilitates Fraud Detection, Deterrence & Incident Response for Internal Auditors, an IIA seminar.
![Page 2: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/2.jpg)
WRK 2: Start Your Analytics Engine With the Right Foot: Analytics and Visualization
Alex Fung
Director, Analytics Adoption ACL Services, Ltd.
ACL is the leading tool in the market for data analytics geared towards Risk and Audit Professional. In this full-day workshop, learn the basic usage of the tool including importing data, combining data from multiple sources, and performing basic analysis to kick-start your journey to becoming the most sought-after resource within your team and within the entire organization! Besides the basic technical use, you’ll learn to apply ACL to solve analysis objectives using scenario-based case studies. Towards the end, we will cover how you can leverage newly-released capabilities to drive results and adoption: Analysis Apps – get the non-techies up and running without learning all the technical scripting; and Visualizations – immediately spot
anomalies just by looking at the data, literally. In this session, participants will:
Develop and apply planning methodology within the phases of data analysis. Leverage hundreds of built-in data analysis commands, functions, and tools to achieve
analysis objectives.
Import various source files into ACL
Combine data from multiple systems
Encourage knowledge and content-sharing with your colleagues through Analysis Apps.
Engage stakeholders with stimulating, interactive visualizations. Alex Fung oversees the data analytics delivery team in the Customer Success Organization and
manage client portfolios. Prior to being promoted to director, he served as a senior solution
lead, providing solution architecture recommendations for the data analytics products to integrate with the GRC platform for data-driven GRC solutions, ensuring various systems work
with ACL’s products. With over eight years of experience helping clients configure effective audit solutions and management systems, Fung has managed more than 100 projects and
worked on more than 200 engagements across multiple industries including banking, retail, government, insurance, manufacturing, energy, education and more. For the past five years, he
was a key leader/designer and infrastructure architect in one of the largest engagement
![Page 3: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/3.jpg)
projects consisting of accounts payable, purchasing cards, travel and entertainment, general
ledger, property plant and equipment, and central disbursement data analysis.
WRK 3: IDEA - Data Analytics: A Deeper Dive Into Key Functions
Fred Wechselberger Industry Relations Executive Audimation Services, Inc. This session will allow internal auditors with a basic knowledge of data analytics software
(specifically IDEA) to increase their knowledge of key IDEA functions and their uses, to apply the
knowledge to specific audit scenarios, and determine the datasets and data elements needed
perform data-driven analysis. Participants will have a chance to practice audit tests they
developed and discuss next steps to perform with the results of their analysis.
In this session, participants will:
Expand their knowledge of key IDEA functions.
Gain experience on identifying data analytic approaches to several audit test scenarios.
Practice applying data analytic techniques to several datasets commonly received in an internal audit.
Fred Wechselberger has more than 20 years of experience helping organizations implement and use data extraction and analysis software. He brings unique perspectives on the use of CAATs having experience with federal and state bodies including the SEC, Ministries of Finance in Austria and Greece, Central Bank of Nigeria, Government Uganda, in addition to corporate
bodies such as GE, GM, American Express, MMC, Safaricom, Prudential, and many globally recognized CPA firms. As a seasoned speaker, Wechselberger has presented at numerous
industry and trade events across North America and Europe.
![Page 4: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/4.jpg)
Tuesday June 6, 2017 7:30 – 10:00 AM
Chief Audit Executive Roundtable (By Invitation Only)
Tom Austin, CIA
Vice President, Governance Risk & Control
Cisco
This session is an open forum for chief audit executives (or the most senior auditor in an
organization) to bring up topics for discussion among peers. Topics may be submitted in
advance for discussion as well, and these conversations will not be communicated outside of
the session. This format will allow for a free-flowing expression of ideas and opinions on each
topic. Discussion time will be limited, resulting in a fast-paced event to allow time to touch on
all topics raised. Participants will have the opportunity to network and share ideas with fellow
CAEs who may have found effective solutions.
In this session, participants will:
Evolving impact of PCAOB focus areas on management's internal controls work
Cybersecurity and product security involvement by Internal Audit
Fraud risk assessment enhancements
Tom Austin oversees Cisco’s governance, risk, and controls organization that partners with
internal business units. Previously, Austin worked at Applied Materials for 16 years, most
recently as vice president and CFO for the display and solar business segments. Prior to Applied
Materials, Austin worked with PriceWaterhouseCoopers in business assurance and with Merrill
Lynch & Co. in investment banking.
![Page 5: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/5.jpg)
Tuesday June 6, 2017 1:00 – 5:00 PM
WRK 4: The Corporate Culture Check Up
Danny Goldberg, CIA, CCSA, CGEIT, CISA, CRISC, CRMA, CPA
Founder
GoldSRD
The IIA has recently highlighted assessing/auditing corporate culture as a key area that should
be addressed in 2016 and future years. The long list of recent corporate scandals reinforces the
need for executives to keep an eye on organizational culture. At its finest, culture helps an
organization retain great employees and motivates them to do their best and most productive
work. This webinar will take attendees through assessing corporate culture and the pitfalls in
assessing a subjective area.
In this session, participants will:
Learn and understand what corporate culture is
Understand the challenges in assessing a subjective area and how to address this
subjectivity
Discover how corporate culture can significantly impact many areas in an organization,
including internal audit
Danny Goldberg oversees his firm which is a leading provider of staff augmentation, executive
recruiting, and professional development services. He has nearly 20 years of audit experience,
including five as a CAE/audit director at two diverse companies and has been speaking and
training for seven years. Goldberg was named as one of the Fort Worth Business Press 40 Under
40 for 2014, and is the author of People-Centric© Skills: Communication and Interpersonal
Skills for Internal Auditors.
![Page 6: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/6.jpg)
WRK 5: CIA Exam Preparation Course: Part 3 — Internal Audit Knowledge Elements
Raven Catlin, CIA, CFSA, CRMA
Trainer and Owner
Raven Global Training
This Part 3 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the new Part 3 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the most current version of The IIA’s CIA Learning System® self-study print
and online software materials for Part 3. An additional fee of US$315 will be required to attend
this course. A limited number of on-site registrations will be accepted, so please pre-register
for this course.
Course topics will include:
Governance/Business Ethics
Risk Management
Organizational Structure/Business Processes and Risks
Communication
Management/Leadership Principles
IT/Business Continuity
Financial Management
Global Business Environment
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
Raven Catlin is an internationally recognized expert, speaker, and consultant in internal auditing. She has more than 15 years of auditing and seminar facilitation experience. Before
starting Raven Global Training, Catlin was a consultant for Experis and a senior manager at Protiviti. She held internal audit positions with Freddie Mac, Bank of America, and Philip Morris.
Catlin is a contributing author to The IIA’s CIA Learning System.
![Page 7: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/7.jpg)
Wednesday June 7, 2017 8:30 – 9:45 AM
GS 1: Internal Auditors as Trusted Advisors – Leveraging Trust to Foster Organizational
Success
Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA President and Chief Executive Officer The IIA
In this session, IIA President and CEO Richard Chambers discusses the traits of great internal
audit leadership. Based on his new book, Trusted Advisors: Key Attributes of Outstanding
Internal Auditors, Chambers reviews the top character traits of gifted practitioners who have
gained the trust of stakeholders. Based on surveys and interviews of some of the profession’s
most-respected CAEs, Chambers crafts a compelling message on what it takes to become a true
trusted advisor.
In this session, participants will:
• You will learn about the character and leadership traits of the best internal auditors.
• You will learn how to nurture leadership traits within yourself.
• You will hear how these traits are applied in real-world experiences.
Richard Chambers has more than four decades of internal audit and related experience. Chambers was national practice leader in Internal Audit Advisory Services at
PricewaterhouseCoopers; inspector general of the Tennessee Valley Authority; deputy inspector general of the U.S. Postal Service; and director of the U.S. Army Worldwide Internal
Review Organization at the Pentagon. He currently serves on the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Board of Directors; the International
Integrated Reporting Council (IIRC); and The IIA Board of Directors. Previously, he served on the U.S. President’s Council on Integrity and Efficiency; the Audit Board of the City of Orlando, Fla.;
The IIA’s International Internal Audit Standards Board; and The IIA North American Board. Chambers received the Association of Government Accountants (AGA) Frank Greathouse
Distinguished Leadership Award and the National Association of Black Accountants (NABA)
Legacy Award. Accounting Today named him one of the Top 100 Most Influential People in Accounting in 2012, 2013, 2014, and 2015, as well as one of 10 tweeters worth following. The
National Association of Corporate Directors (NACD) named him one of the most influential
![Page 8: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/8.jpg)
leaders in corporate governance in 2013, 2014, and 2015. Chambers authored the award-
winning book, Lessons Learned on the Audit Trail, which is available in four languages.
Wednesday June 7, 2017 10:15 – 11:30 AM
CS 1-1: Emerging Technology Issues In Internal Audit
A. Michael Smith, CISA, CISSP, CPS
Partner
PwC
This session will address emerging technology issues in internal audit, including continuous
auditing, real time auditing, audit automation, blockchain, algorythmic sciences, and
cyber/social. It will consider the effects of these topics on the audit process, approach, and
methodologies and explore creative strategies for dealing with them.
In this session, participants will:
Explore the emerging technology landscape and its impact on internal audit. Obtain key points from each emerging technology topic, but not a detailed audit plan or
approach to each topic. Learn to help change the way their organizations think about internal audit and the
audit process.
A. Michael Smith has over 25 years of experience in IT auditing, cybersecurity, privacy, and
regulatory requirements in the IT space. He is responsible for PwC's IT internal auditing services practice in the U.S. for financial services companies and has led projects in all financial services
sectors. His primary area of focus is designing strategies for deploying technology audit in large financial services organizations. Prior to joining PwC, Smith was the global director of
technology audit for the Bank of New York Mellon.
![Page 9: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/9.jpg)
CS 1-2: Large-scale Cyber Breach, Fraud, and Insider Threat Incidents: Prevention and
Recovery
Matthew Miller
Senior Manager
EY
Defending against known threats is no longer sufficient. Attackers have increasingly turned to
exploiting people, not just technology. Attacks are capable of causing large-scale destruction to
the ecosystems of commercial organizations. The traditional protect-and-control mentality
doesn’t work anymore. It is the breadth of an attack’s impact, separate from an attack’s
sophistication that must drive the depth of response.
In this session, participants will:
Hear about a real-world scenario, based on our team’s work in response to the largest media and entertainment industry hack in history.
Learn what to do in the first 24, 48, and 72 hours following a breach.
Discover the level of effort needed, and what a cross-disciplinary team would look like, to get an organization that is fully compromised back online and able to resume
business. Learn what different teams within the organization should know to prevent insider
threats, fraud, and cyber breaches.
Matthew Miller serves in the forensic technology and discovery services group within the fraud investigation and dispute services practice at EY, assisting organizations with electronically stored information challenges. He was the senior-most project manager for the EMEIA work stream of the largest corporate hacking and incident breach. Miller led a multi-country team providing cyber breach remediation services including: collection, scanning, cleansing, and
advanced forensic data recovery. Miller sits on the E-Discovery/Information Governance Board of Advisors at Benjamin N. Cardozo School of Law.
![Page 10: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/10.jpg)
CS 1-3: Rising From the Ashes of Fraud: Building Stronger City Governance
Ruthe Holden, CIA, CGAP, CRMA, CISA, CPA
Internal Audit Manager
City of Pasadena
Deceitful employee or vendor misconduct damages reputations, reduces resources available to
provide services, and damages employee morale. During this presentation, the City of
Pasadena’s internal audit manager will discuss recent public-sector fraud cases, including the
City of Pasadena’s 11-year, US$6.4 million embezzlement. There have been several recent
government frauds throughout the U.S. Dissecting these frauds provides clues and best
practices to help avoid or mitigate potential frauds in government agencies. She will talk about Pasadena’s road map for responding to the embezzlement.
In this session, participants will:
Understand governance failures by analyzing recent government fraud cases.
Raise their awareness of fraud risks specific to government agencies. Learn how to improve their agency’s fraud deterrence culture.
Be introduced to tools and techniques to detect fraud red flags.
Discuss their role as a fraud fighter.
Ruthe Holden has more than 30 years of experience in federal and local government with 24 years’ experience in internal audit. She has conducted operational, financial, IT, contract, and
regulatory compliance audits. Holden’s specialty areas include internal control assessments, third-party contract audits, defective pricing audits, performance audits, and providing
recommendations to improve programs and processes. Prior to accepting her role in 2015, she
was the chief auditor for Los Angeles County Metropolitan Transportation Authority.
CS 1-4: The Independent Broker-dealer and the Three Lines of Defense
Luis Padilla, CIA
Vice President, Internal Audit
LPL Financial
![Page 11: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/11.jpg)
As an organization's control environment evolves and matures to adapt to complex regulatory
environments, and satisfy internal and external demands for testing and reporting on internal
controls over multiple areas, companies are presented with a “three lines of defense” control
model. This model promotes internal audit’s independence as a third line of defense, sets the
monitoring responsibility into a governance or risk function(s), and assigns control ownership to management.
In this session, participants will:
Distinguish the differences within a “three lines of defense” model.
Identify common challenges and pitfalls during implementation of the model.
Discuss the characteristics and functions of each line.
Deliberate the benefits and challenges of the model.
Luis Padilla manages a team responsible for internal controls testing for Sarbanes -Oxley compliance, SSAE 16 testing, FICCA reporting, and SEC Rule 17a-5 compliance testing. He also leads financial and operational internal audits, as well as assists in special projects, FINRA compliance and enforcement actions, and other regulatory matters. Prior to his role at LPL, Padilla was a senior manager at Deloitte & Touche, LLP, where he was part of the faculty at Deloitte University. He also led assignments in Europe and Asia-Pacific, in the areas of internal audit, third-party contract compliance, royalty audits, inventory control, and finance transformation. Padilla led account reconciliation system selection and implementation
projects, financial close optimization projects, and business process outsourcing projects, among others. Before joining Deloitte, he worked for Capgemini E&Y as a group internal auditor
at offices around the world for compliance with company policies. He started his career with KPMG in financial external audit. Padilla is a volunteer course facilitator for The IIA.
CS 1-5: CIA Exam Preparation Course: Part 3 — Internal Audit Knowledge Elements
Raven Caitlin, CIA, CFSA, CRMA
Trainer and Owner
Raven Global Training
This Part 3 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the new Part 3 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
![Page 12: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/12.jpg)
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the most current version of The IIA’s CIA Learning System® self-study print
and online software materials for Part 3. An additional fee of US$315 will be required to attend
this course. A limited number of on-site registrations will be accepted, so please pre-register
for this course.
Course topics will include:
Governance/Business Ethics
Risk Management
Organizational Structure/Business Processes and Risks
Communication
Management/Leadership Principles
IT/Business Continuity
Financial Management
Global Business Environment
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
Raven Catlin is an internationally recognized expert, speaker, and consultant in internal auditing. She has more than 15 years of auditing and seminar facilitation experience. Before starting Raven Global Training, Catlin was a consultant for Experis and a senior manager at
Protiviti. She held internal audit positions with Freddie Mac, Bank of America, and Philip Morris. Catlin is a contributing author to The IIA’s CIA Learning System.
![Page 13: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/13.jpg)
Wednesday June 7, 2017 12:45 – 2:00 PM
CS 2-1: Auditing the Internet of Things
Matt Stamper, CISA, CIPP-US
Research Director
Risk and Security Management Programs
We are just beginning to see the impact of the Internet of Things (IoT) and its pervasive
influence on our organizations. Beyond the operational effects of deploying the IoT, there are
important considerations related to cybersecurity and, critically for IIA members, how auditing
systems with an IoT scope are addressed. As internal auditors, our ability to retool our audit
programs to address this pervasive digital presence within our organizations will be a critical
competency for continued success in our field.
In this session, participants will:
• Learn the key elements of IoT technologies.
• Understand how the IoT impacts business processes and operations. • Develop strategies for incorporating the IoT into broader audit programs.
• Understand the risk factors associated with the IoT as they relate to core assurance principles.
Matt Stamper brings a broad, multi-disciplinary understanding to cybersecurity best practices
to his clients and has experience with public and early-stage organizations. His diverse domain
knowledge spans IT service management (ITSM), cybersecurity, cloud services, control design
and assessment (Sarbanes-Oxley, HIPAA/HITECH), privacy, governance, ERM, sales
management and individual revenue contribution, and new product and service development.
Stamper is adept at conveying complex cybersecurity and IT concepts to boards of directors,
executive management, as well as professional service providers. His executive-level experience
with managed services, cybersecurity, data centers, networks services, and ITSM provides a
unique perspective on the fast-changing world of enterprise IT, IoT, and cloud services. He is a
co-author of the CISO Desk Reference Guide.
![Page 14: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/14.jpg)
CS 2-2: The Evolving Cyber Threat
Bryan Willett
Supervisory Special Agent
Federal Bureau of Investigations
The cyber threat is constantly evolving; our adversaries change their tactics, techniques, and
procedures daily, leaving network defenders to guess what will be next. SSA Bryan Willett will
take a look at what the future holds, what tools our enemies may use, and what they are
looking to attack next.
In this session participants will:
Understand the future attack surface
Understand who will be targeted
Understand how advances in technology will change the landscape of cyber security
Bryan Willett has been a special agent for almost 13 years and holds several IT security certifications. He is also a licensed attorney. He has worked in several FBI field offices as well as their headquarters in the Cyber Division, investigating cyber crimes, including computer intrusions. Willett is the supervisory special agent for Los Angeles’s Cyber Squad attached to the
multi-agency Electronic Crimes Task Force.
CS 2-3: Auditing Collaboratively: Rethinking the Audit Process to Enhance Value
Jim Pelletier, CIA, CGAP Vice President, Professional Solutions The IIA
Taking the time to understand the personal impact an audit can have on those involved can
have positive results when managed correctly. We’ll cover some of the psychological dynamics
affecting those being audited as well as some aspects of how people think, both of which
auditors can leverage throughout the process. The session will wrap up with how four specific
audit tools can be used to produce long-term, positive impact with every audit.
![Page 15: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/15.jpg)
Jim Pelletier has more than 15 years of internal auditing experience in both the public and
private sectors. In his current role as the Vice President of Professional Solutions for The IIA, he provides direction for The IIA’s Audit Executive Center, the Financial Services Audit Center, the
American Center for Government Auditing, the Environmental, Health and Safety Audit Center, and IIA Quality Services. Prior to joining The IIA, Jim served as City Auditor for the city of Palo
Alto, CA and was the Chief of Audits for the County of San Diego. His diverse auditing experience also includes roles at the California State University System, PETCO Animals Supplies, Inc., State Street Corporation, and General Electric. While serving as a senior audit manager for the County of San Diego, Jim won The IIA’s prestigious John B. Thurston Award for outstanding paper in the field of internal auditing for his article “Adding Risk Back into the Audit Process.” His new book titled “Collaborative Auditing” is available through The IIA Research Foundation.
CS 2-4: Travel and Expense Policy: Current Practices and Controls
Oren Geshuri
Director, Platform Integration Services and Senior Concur Project Manager
Lyndon Group
Travel and expense policies are very much in the spotlight for many organizations, from being
viewed by candidates as a key aspect of a job change and HR departments as a recruiting tool, to
audit committees concerned with organizational Duty of Care.
In this session, participants will:
Learn how to ensure your Travel and Expense Policy addresses current travel-related
risks and reflects current travel trends
Ensure sound and reasonable controls while considering the “total cost” of travel
Benchmark your Travel and Expense Policy against common/best practices
Oren Geshuri has diverse experiences as a result of a variety of positions in the corporate world
and brings both business and legal perspectives to his work. His specialties include contract
negotiation; business process design; international strategy, law, and business; and
technical/functional process integration. Geshuri has applied his expertise with companies
including Paramount Pictures, OG Business Solutions, Warner Bros., and Universal Studios.
![Page 16: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/16.jpg)
CS 2-5: CIA Exam Preparation Course: Part 3 — Internal Audit Knowledge Element
Raven Caitlin, CIA, CFSA, CRMA
Trainer and Owner
Raven Global Training
This Part 3 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the new Part 3 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the most current version of The IIA’s CIA Learning System® self-study print
and online software materials for Part 3. An additional fee of US$315 will be required to attend
this course. A limited number of on-site registrations will be accepted, so please pre-register
for this course.
Course topics will include:
Governance/Business Ethics
Risk Management
Organizational Structure/Business Processes and Risks
Communication
Management/Leadership Principles
IT/Business Continuity
Financial Management
Global Business Environment
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
Raven Catlin is an internationally recognized expert, speaker, and consultant in internal
auditing. She has more than 15 years of auditing and seminar facilitation experience. Before starting Raven Global Training, Catlin was a consultant for Experis and a senior manager at
Protiviti. She held internal audit positions with Freddie Mac, Bank of America, and Philip Morris. Catlin is a contributing author to The IIA’s CIA Learning System.
![Page 17: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/17.jpg)
Wednesday June 7, 2017 2:30 – 3:45 PM
CS 3-1: Auditing Amazon Web Services
Loras Even Principal RSM US LLP
Laura Barnes
Manager, Technology Risk Advisory Services RSMUS LLP
The movement of business systems to cloud-based services continues and AWS is one of the
leading cloud solutions in the market. Business reasons for moving systems into AWS vary
among organizations, but AWS-hosted systems still must be audited from a security
perspective. To audit AWS, auditors must understand the AWS architecture and the tools
available to perform audits more efficiently, focusing more time on critical controls.
In this session, participants will:
• Understand high-level AWS architecture and the three major models of cloud offerings. • Learn how to use AWS automation to provide real-time audit views.
• Explore using tools such as Nessus to capture snapshots of AWS configurations .
Loras Even serves as the security and privacy services leader for the organization’s West region.
He brings more than 37 years of experience in IT, which includes 17 years of focusing on
security and privacy. Even performs a variety of security consulting engagements for clients,
assisting in security planning, evaluating technologies, and recommending security solutions.
Laura Barnes is a manager with the organization’s technology risk advisory services group and
offers over 30 years of diverse complex technology experience in the areas of enterprise
architecture, systems development, systems administration, and database administration. In
addition to the hands-on technology background, she has 12 years of IT auditing experience
and 11 years of technology management experience, which includes holding the position of a
CIO in a large, international high-tech company.
![Page 18: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/18.jpg)
CS 3-2: City of South Mountain: A Case Study of Forensic Audit in Small Government
David Wall, JD, CPA, CFE
Senior Manager CliftonLarsonAllen LLP
In a sleepy little California burg, allegations of fraud in the local government were the last thing
one would expect to find. However, evidence of fraud was encountered by the external auditor, causing him to suspend the annual audit of the City's financial statements, pending resolution
of the questionable transactions. Before long, a full-scale fraud audit was underway, and results revealed a disturbing picture of back-scratching, cons, and rackets worthy of big-city attention.
In this session, participants will: Study a forensic audit that addressed allegations of improprieties in the City's
contracting process, and the conduct of select City contractors.
Review detailed inside information regarding techniques and approaches employed in a government forensic audit.
Explore the bidding and engagement process and communication with the City's point of contact.
Discuss the format and content of findings and observations occurring in a politicized environment.
David Wall has been employed in the areas of financial investigation and fraud audit for over
25 years. He is a fraud specialist leading forensic investigations in governmental entities,
nonprofit organizations, and middle market corporations. He represents a number of
prosecutorial offices, including the Riverside County District Attorney, and works on behalf of
private litigants in state and federal litigation involving fraud, embezzlement, breach of fiduciary duty, fraudulent transfer, and similar claims.
![Page 19: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/19.jpg)
CS 3-3: Understanding The Trustworthiness Equation
Barbara Martin, CIA, CPA, CRMA
Principal
Expert Audit Management, LLC
The trustworthiness equation includes four primary factors: credibility, reliability, relationship strength, and self-interest. This presentation will assist participants in developing a clear
understanding of each of these factors.
In this session, participants will:
Review the components of each factor: o Credibility — technical skills and credentials. o Reliability and objectivity — fact-based presentations, honesty, and consistency. o Relationship strength — delivering meaningful findings and respectful. o Self-interest — putting the interest of the organization first.
Correlate these four factors to internal culture.
Define opportunities and challenges related to these factors.
Learn steps to facilitate the development of the audit function as a trusted adviser. Barbara Martin has more than 20 years of executive management and CAE experience and
founded her company which provides comprehensive internal audit services ranging from crisis management and forensic review to process facilitation in department setup and restructure, risk assessment implementation, and audit performance for a range of private companies and governmental entities Prior to starting her company, as CAE she established three new audit
departments and re-engineered two departments. Martin performs Quality Assurance Reviews for state governments and the Local Government Auditors Association and teaches seminars on
over 30 topics in North America.
CS 3-4: Empowered Professional Skepticism
Noel Haskins-Hafer, CIA, CRMA, CISA, CISM, CGEIT, CRISC, CFE
Compliance Technical Manager, Small Business Group
Intuit, Inc.
![Page 20: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/20.jpg)
From the first day in the business, every auditor hears, “Professional skepticism is critical to
your success.” So why can’t more auditors define the term and identify the tools they use to
increase their ability to apply this core skill? Explore the elements of skepticism and learn some
tools that can increase audit relevance, quality, speed, and value.
In this session, participants will:
Understand the elements of professional skepticism.
Recognize the intersection between skepticism and critical thinking.
Learn new tools for applying critical thinking to audit and consulting engagements.
Noel Haskins-Hafer advises senior leadership on building software that complies with U.S.,
international and industry laws, regulations, and standards. She has created award-winning
audit programs for emerging technologies, designed and overseen anti-money laundering and
fraud management programs, and developed a partner risk assessment methodology. Haskins -
Hafer has represented Intuit at numerous audit industry conferences and was the first industry
representative to San Diego State University’s Center for the Teaching of Critical and Creative
Thinking.
CS 3-5: CIA Exam Preparation Course: Part 3 —Internal Audit Knowledge Elements
Raven Caitlin, CIA, CFSA, CRMA
Trainer and Owner
Raven Global Training
This Part 3 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the new Part 3 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the most current version of The IIA’s CIA Learning System® self-study print
and online software materials for Part 3. An additional fee of US$315 will be required to attend
this course. A limited number of on-site registrations will be accepted, so please pre-register
for this course.
![Page 21: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/21.jpg)
Course topics will include:
Governance/Business Ethics
Risk Management
Organizational Structure/Business Processes and Risks
Communication
Management/Leadership Principles
IT/Business Continuity
Financial Management
Global Business Environment
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
Raven Catlin is an internationally recognized expert, speaker, and consultant in internal auditing. She has more than 15 years of auditing and seminar facilitation experience. Before
starting Raven Global Training, Catlin was a consultant for Experis and a senior manager at Protiviti. She held internal audit positions with Freddie Mac, Bank of America, and Philip Morris.
Catlin is a contributing author to The IIA’s CIA Learning System.
Wednesday June 7, 2017 3:55 – 5:10 PM
CS 4-1: Medical Device Security: The Transition From Patient Privacy To Patient Safety
Adam Brand
Director
Protiviti
Health care security has been heavily focused on patient privacy and protecting patient
information from breach or unauthorized access. But as health care professionals, do we have a
greater responsibility to focus on patient safety? In an effort to increase quality of care, we
have begun to network medical devices and have increased our adoption of mobile and digital
health technology. What happens when our dependence on this life-saving technology
outpaces our ability to secure it?
![Page 22: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/22.jpg)
Adam Brand is a director with Protiviti’s Security and Privacy practice. He has more than 17
years of experience in information technology and security, in areas ranging from compliance to
incident response. Brand has worked closely with internal audit organizations across many
industries in conducting information security reviews and is able to bring a unique perspective
as someone who has been “on the ground” in major breach investigations. He is a frequent
speaker on information security topics at both IIA and information security industry events.
CS 4-2: People-Centric Skills: Crisis Management
Danny Goldberg, CIA, CCSA, CGEIT, CISA, CRISC, CRMA, CPA Founder
GoldSRD
Crisis management is a unique practice that is only necessary at the most dire times. When it is
practiced appropriately, it can save a company from the worst outcomes. This session will take
attendees through the basics of crisis management, who does it well, and the risk/compliance
role in this process.
In this session, participants will:
Learn lessons from companies that mishandled crisis management to the extreme. Discuss how to handle crisis messaging when social media has exposed every facet of
life.
Understand how to deal with the pervasiveness of social media.
Participate in a discussion on handling a significant personal crisis.
Danny Goldberg oversees his firm which is a leading provider of staff augmentation, executive recruiting, and professional development services. He has nearly 20 years of audit experience, including five as a CAE/audit director at two diverse companies and has been speaking and
training for seven years. Goldberg was named as one of the Fort Worth Business Press 40 Under 40 for 2014, and is the author of People-Centric© Skills: Communication and Interpersonal
Skills for Internal Auditors.
![Page 23: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/23.jpg)
CS 4-3: Vendor Management and Information Technology Oversight
Greg Matayoshi
Principal Consultant
TAP International
IT-related vendor requirements, such as SOC1, SOC2, PCI, HIPAA, and Sarbanes-Oxley are often
overlooked in the procurement and vendor management process. This can result in increased
risk to the organization from both a financial and reputational perspective. What can an
organization do to minimize this risk and provide assurance that vendors are meeting their
requirements to manage company/organization information and transactions in a secure and
confidential manner?
In this session, participants will:
Learn about the major IT-related requirement areas with which vendors should comply) SOC, PCI, HIPAA).
Describe the vendor acquisition process and how to mitigate the risk of IT oversight failure.
Discuss vendor monitoring and how to ensure vendors are complying with
requirements.
Greg Matayoshi has over 20 years of professional financial, accounting and IT auditing
experience, having conducted more than 125 audits of financial, retirement, tolling, purchasing,
e-commerce, permitting, and health care systems for state and local agencies. He has
conducted post implementation reviews of information system to identify root causes of
system inaccuracies and reporting issues, including developing logic modeling to enhance
financial reporting.
CS 4-4: Leveraging the COSO Framework Beyond Financial Reporting
Weston Nelson
Director
Moss Adams LLP
![Page 24: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/24.jpg)
Have you considered how you would respond to questions of whether you have an appropriate
internal control framework over FCPA (Foreign Corrupt Practice Act), anti-bribery, anti-
corruption, third-party, or cybersecurity? Or any other compliance, regulatory, or operational
requirement that organizations face today? This session will explore how to practically apply a
consistent framework that can improve alignment between activities.
In this session, participants will:
Acquire a thorough understanding of the COSO Framework.
Develop a flexible compliance approach that is easily adaptive using the COSO Framework.
Identify examples of where to begin using FCPA.
Discuss leveraging and linking into the organization’s larger ERM practice.
Weston Nelson has provided financial compliance, internal control, and risk management
services since 1996. His risk management services include internal audits; Sarbanes-Oxley
compliance, process, and control analysis; IT compliance and strategy; IT governance; ERP
solutions; and anti-bribery. Nelson has a broad-based collaborative approach to risk
management, working with stakeholders to understand business and compliance risks while
developing strategies to improve, remediate, and monitor compliance and risk management
efforts. He has helped companies develop appropriate strategies to address regulatory rules
and compliance with the Public Company Accounting Oversight Board (PCAOB), Control
Objectives for Information and Related Technology (COBIT), Foreign Corrupt Practice Act
(FCPA), and Sarbanes-Oxley. Nelson has led global compliance practices and strategy for
multinational companies in the Fortune 100, Big Four, and regional public accounting
environments. He began his career with a Big Four firm and was most recently the global
finance compliance director for Nike. Nelson previously spent two years at Moss Adams
providing business risk management and control solutions, helping clients implement and
manage Sarbanes-Oxley 404 engagements and internal controls over financial reporting.
CS 4-5: CIA Exam Preparation Course: Part 3 — Internal Audit Knowledge Elements
Raven Caitlin, CIA, CFSA, CRMA
Trainer and Owner
Raven Global Training
![Page 25: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/25.jpg)
This Part 3 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the new Part 3 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the most current version of The IIA’s CIA Learning System® self-study print
and online software materials for Part 3. An additional fee of US$315 will be required to attend
this course. A limited number of on-site registrations will be accepted, so please pre-register
for this course.
Course topics will include:
Governance/Business Ethics
Risk Management
Organizational Structure/Business Processes and Risks
Communication
Management/Leadership Principles
IT/Business Continuity
Financial Management
Global Business Environment
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
Raven Catlin is an internationally recognized expert, speaker, and consultant in internal auditing. She has more than 15 years of auditing and seminar facilitation experience. Before
starting Raven Global Training, Catlin was a consultant for Experis and a senior manager at Protiviti. She held internal audit positions with Freddie Mac, Bank of America, and Philip Morris.
Catlin is a contributing author to The IIA’s CIA Learning System.
![Page 26: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/26.jpg)
Thursday June 8, 2017 8:30 – 9:45 AM
GS 2: Audit Never Sleeps
Angela Witzany, CIA, QIAL, CRMA
Head of Internal Audit
Sparkassen Versicherung AG Vienna Insurance Group
Internal audit practitioners must vigilantly identify and respond to the risks facing their organizations. IIA 2016–17 Global Chairman Angela Witzany will discuss her theme, “Audit Never Sleeps,” to highlight how internal auditors serve as trusted advisers and partners to boards, audit committees, and management by providing round-the-clock assurance on the
strategies and practices organizations adopt to address risks.
In this session, participants will learn the importance of: • Communicating well.
• Adopting an integrated mindset. • Operating transparently and ethically.
• Thinking strategically.
Angela Witzany has been an internal auditor in the insurance sector since 1997, when she
developed Sparkassen Versicherung’s new internal audit function. She has served there as head
of internal audit since 2001, and now has responsibility for internal audit activities in Austria
and Central Eastern Europe. Further, Witzany serves as the Austrian Insurance Association’s
vice president of the Committee of Internal Audit and Control. She is the 2016–17 chair of The
IIA’s Global Board of Directors and has served in numerous leadership roles for about 10 years,
including the Finance Committee, Professional Guidance Advisory Council and on the
Professional Certifications Board. She also served as a board member of the European
Confederation of Institutes of Internal Auditing (ECIIA) and completed a term as vice president
in 2015. Witzany is a frequent speaker and moderator at internal audit conferences and has
written about internal audit-related topics for a number of publications. She is a lecturer and
trainer on internal auditing in the insurance industry at Johannes Kepler University Linz in Austria.
![Page 27: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/27.jpg)
Thursday June 8, 2017 10:15 – 11:30 AM
CS 5-1: Hunting for Hackers: How to Turn the Tables on Attackers
Adam Brand
Director
Protiviti
Would you know if your organization has been hacked? Publicly available data suggests that the
odds are not in your favor. In this session, you will learn from an experienced threat hunter
about the challenges organizations face in detecting breaches. You’ll also learn what threat
hunting is, and how threat hunting can be leveraged in an internal audit context to evaluate an
organization’s breach-detection capabilities.
In this session, participants will:
• Understand the challenges involved in detecting breaches • Define key types of detection technologies and understand their strengths and
limitations • Understand what threat hunting is, and how it can help decrease breach detection time • Understand how threat hunting concepts can be used in an internal audit context to
evaluate an organization’s breach detection capabilities, and provide a point-in-time view on what signs exist of a breach
• Identify the key technology areas and attributes that are relevant to threat hunting, and how signs of a breach can be revealed
Adam Brand is a director with Protiviti’s Security and Privacy practice. He has more than 17
years of experience in information technology and security, in areas ranging from compliance to
incident response. Brand has worked closely with internal audit organizations across many
industries in conducting information security reviews and is able to bring a unique perspective
as someone who has been “on the ground” in major breach investigations. He is a frequent
speaker on information security topics at both IIA and information security industry events.
![Page 28: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/28.jpg)
CS 5-2: Extracting Maximum ROI From Audit Data Analytics
Tom Austin, CIA
Vice President, Governance Risk and Control
Cisco Systems, Inc.
Data analytics is undeniably the present and future of audit. But user adoption has been mediocre
at best. What are some common pitfalls (cultural fit, methodology, quality, etc.) of data analytics
that lead to this phenomenon? Can data analytics be embedded within your audit methodology?
How do you maximize ROI on your data analytics investment?
In this session, participants will:
• Identify barriers to adoption of data analytics. • Design an audit plan to drive analytics adoption.
• Lead the way with federated compliance analytics. • Empower not one but ALL three lines of defense.
Tom Austin oversees Cisco’s governance, risk, and controls organization that partners with
internal business units. Previously, Austin worked at Applied Materials for 16 years, most
recently as vice president and CFO for the display and solar business segments. Prior to Applied
Materials, Austin worked with PriceWaterhouseCoopers in business assurance and with Merrill
Lynch & Co. in investment banking.
CS 5-3: Investigating Contracting and Procurement Fraud
Robert Campbell, CIA, CRMA, CFS
Chief, Office of County Investigations
Los Angeles County Auditor-Controller
Fraud in contracting and procurement can result in significant losses, compromise the
competitive solicitation process, and impair confidence and trust in management's control over
operations. This seminar will examine recent trends in procurement and contracting fraud
through a discussion of real cases, and review the elements of common procurement and
contracting fraud schemes, bid rigging, and contractor-employee conflicts of interest.
![Page 29: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/29.jpg)
In this session, participants will:
Review the elements of common procurement, contracting fraud schemes, and bid rigging.
Discuss strategies for detecting procurement and contracting fraud.
Share investigative tips and lessons learned from real life cases proactive strategies for procurement fraud prevention.
Robert Campbell is responsible for administering the County’s fraud hotline and overseeing
criminal and administrative investigations of fraud, waste, and abuse within Los Angeles County
government. He also oversees the Office of the Chief Health Insurance Portability and
Accountability Act Privacy Officer, and the Office of the Children’s Group Home Ombudsman.
Campbell began his service with Los Angeles County in 1998 with the auditor-controller’s audit
division and has since served in a variety of assignments, including as a supervising investigator
in the Office of County Investigations, as assistant administrative deputy, as the audit chief, and
as assistant auditor-controller where he was responsible for overseeing various divisions
including accounting, disbursements, shared services, and the Office of Investigations.
CS 5-4: Internal Audit’s Role in Sustainability Accounting Disclosures
Doug Hileman, CRMA, CPEA
President
Douglas Hileman Consulting
There are several frameworks for non-financial reporting (NFR). The Sustainability Accounting
Standards Board’s mission is to focus on non-financial (or Sustainability) disclosures that should
be in companies’ financial filings in accordance with current SEC regulations. Whereas other
frameworks have been developed for a range of stakeholders, SASB’s focus is exclusively on the
investment community. SASB completed provisional standards for every sector and industry in
2016, and launched an information portal in 2017. SASB publications mention some roles for
Internal Audit.
![Page 30: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/30.jpg)
In this session, participants will:
Learn a high-level overview of SASB, risks and opportunities arising from Sustainability disclosures
Learn why 2017 is set to be a benchmark year for SASB
Review focus areas the SASB mentions for Internal Audit Learn other ways where Internal Audit can help organizations manage risks and leverage
opportunities in their organizations.
Douglas Hileman has 40 years of experience in compliance, operations, risk management, and
auditing. He has led his firm for nine years, after six years at PwC, nine years in industry, and
over 15 years in management consulting. His firm has clients nationwide and he has led conflict
minerals independent private sector audits (IPSAs) for the SEC conflict minerals rule for four
consecutive years. His firm has innovative approaches to nonfinancial (or “sustainability")
reporting, and safety program management. Hileman is a frequent speaker for IIA events and
other professional meetings nationwide.
CS 5-5: CIA Exam Preparation Course: Part 2 — Internal Audit Practice
Vicki McIntyre, CIA, CFSA, CRMA
President
FirstPlus Resolutions, Inc.
This Part 2 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the Part 2 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions , learn test taking
tips, and will receive the updated Version 4.0 Part 2 IIA CIA Learning System™ self-study print,
e-book, and online materials. An additional fee of US$315 will be required to attend this
course. A limited number of on-site registrations will be accepted, so please pre-register for
this course.
![Page 31: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/31.jpg)
Course topics will include:
Managing the Internal Audit Function Managing Individual Engagements
Fraud Risks and Controls
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
Vicki McIntyre has helped CIA candidates successfully pass their exams for more than 7 years, having taught The IIA's CIA Learning System extensively. McIntyre manages her own internal audit and risk management consulting services firm, and has a combination of internal audit,
financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a
regulatory bank examiner, and a vice president of both finance and risk management. She also performs quality assessments of internal audit activities on behalf of The IIA.
Thursday June 8, 2017 12:45 – 2:00 PM
CS 6-1: Beyond the Spreadsheet: The Use of Data Analytics to Achieve Excellency and
Efficiency
Scott Smith
Sales Engineer
Audimation Services
Data analytics has been around for more than 25 years, yet some professionals seem addicted
to pivot tables and spreadsheets. But data analytics tools are designed to handle large data
sets, have capabilities beyond the basic office software packages, and provide an additional
level of data integrity protection that spreadsheets can't offer. Learn how to apply data
analytics to your analysis and discuss data analytics applications and internal audit best practices.
![Page 32: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/32.jpg)
In this session, participants will:
Compare and contrast the use of data analytics through Excel and a data analytic software.
Understand the benefit and efficiency of the use of data analytics software.
Receive real-time examples of how data analytic software can help identify fraud. Be informed on the use of data analytic software as a core element of continuous
monitoring.
Scott Smith joined the organization in 2009 as an account manager and in 2014, migrated to
the sales engineer role, where he sharez his extensive technical background with prospective
clients who are evaluating IDEA. He presents solutions to key decision makers and helps
professionals determine how to apply data analytics to improve their work performance. Prior
to joining Audimation Services, Smith was the co-owner of a software development company
focused on technical sales, web-based front-end and database development, and also worked
for internet-based companies. Along with many years as a systems analyst and software
developer, Smith was a certified Oracle DBA and developer with emphasis on choosing the
industry leading tools for implementation into the development cycle.
CS 6-2: Emerging Trends in Fraud Investigations
Eugenia Wu
Manager
KPMG
Omid Yazdi
Partner
KPMG
This presentation will discuss the concept of fraud risk factors as well as types of fraud. Based
on a recent global survey, we will review the profile of a fraudster and discuss the approach to
investigating fraud. The session will conclude with an overview of an anti-fraud program and control framework.
![Page 33: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/33.jpg)
In this session, participants will:
Describe characteristics of fraud risk factors
Explain profile of a fraudster based on surveys performed
Provide an overview of types of fraud Discuss means of detection
Discuss recommendations on strong anti-fraud programs and controls.
Eugenia Wu serves in KPMG’s U.S. Forensic Advisory Services Practice. She has 10 years of
professional experience, including the last six years providing forensic accounting services. Wu’s
experience includes providing services in corporate fraud investigations, compliance, fraud and
misconduct risk management, and anti-bribery and corruption services.
Omid Yazdi has 25 years of international experience assisting KPMG’s clients with financial statement audits, fraud risk management, forensic accounting, economic recovery analysis, and litigation advisory services. He has served clients around the world and has led a number of large complex investigations. Yazdi has provided in-depth presentations to boards of directors, the Securities and Exchange Commission, the United States Attorney’s Office, the Federal Bureau of Investigation, and the Securities and Exchange Board of India.
CS 6-3: Culture: Can You Really Audit It?
Mike Fucilli, CIA, QIAL, CGAP, CRMA, CFE
Auditor General
Metropolitan Transportation Authority
In our fast-paced global economy, culture is now one of the top risks facing business leaders
and has a direct impact on financial performance, employee morale, and the achievement of
business goals. In essence audit the culture and you will be auditing the strategy of the
company. This session will explore the risks associated with culture and key ways auditors can
identify solutions to deal with them in their audits.
![Page 34: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/34.jpg)
In this session, participants will:
Define business culture.
Learn to practically incorporate culture concepts into risk assessments and audits.
Identify changing business cultural shifts and their effect on GRC.
Mike Fucilli leads a staff of 85 internal auditors at North America’s largest public transportation
agency, with an operating budget of $15 billion and a capital budget that exceeds $5 billion
annually. He has more than 35 years of internal audit experience, having started his career with
Manufacturers Hanover Trust (now Chase Bank) performing procurement audits of large
government contracts including audits of NASA, the U.S. Army and Air Force, and Voyager 1.
Fucilli has served in various leadership roles at the national and global level for The IIA,
currently serving as the vice president of development of the Internal Audit Foundation. He is
an adjunct professor for Pace University, teaching The IIA’s CIA Learning System for the
Certified Internal Auditor exam.
CS 6-4: Security and Dev Ops in the Financial Sector
Bob Justus
Managing Executive Director, Office of the CISO
OPTIV
Traditional application security approaches must evolve to accommodate more agile
development strategies. Guidelines that would allow the audit function to provide independent
assurance would be helpful, such as those covering application security architecture, trust
model, entry and exit points, data flow and specific areas of security pertaining to the
application (identity, authentication, authorization, roles, confidentiality, integrity, availability, input validation, configuration management, and more).
![Page 35: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/35.jpg)
In this session, participants will:
Reveal how to align the information security program with business goals and strategies, emphasizing application development.
Uncover steps for turning DevOps into Security DevOps.
Discuss maintaining agility for developers and the business with security helping rather than getting in the way.
Learn how audit participates and provides assurance from a third line of defense perspective.
Bob Justus brings more than 26 years of risk management experience to his role leading a team
of CISOs positioned to help clients with all aspects of cybersecurity. Prior to joining Optiv, Justus
served for more than 13 years as CISO and senior vice president of corporate information
security and IS/IT contingency planning for Union Bank-MUFG. In addition, Justus has held
positions in audit, operations, and architecture. Most recently, Justus was CSO and director of
GRC Services for Allgress and Siege Secure, which are governance, risk, and compliance software and services companies.
CS 6-5: CIA Exam Preparation Course: Part 2 — Internal Audit Practice Vicki McIntyre, CIA, CFSA, CRMA President FirstPlus Resolutions, Inc.
This Part 2 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the Part 2 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the updated Version 4.0 Part 2 IIA CIA Learning System™ self-study print,
e-book, and online materials. An additional fee of US$315 will be required to attend this
course. A limited number of on-site registrations will be accepted, so please pre-register for
this course.
![Page 36: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/36.jpg)
Course topics will include:
Managing the Internal Audit Function Managing Individual Engagements
Fraud Risks and Controls
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
Vicki McIntyre has helped CIA candidates successfully pass their exams for more than 7 years, having taught The IIA's CIA Learning System extensively. McIntyre manages her own internal audit and risk management consulting services firm, and has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a vice president of both finance and risk management. She also performs quality assessments of internal audit activities on behalf of The IIA.
![Page 37: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/37.jpg)
Thursday June 8, 2017 2:30 – 3:45 PM
CS 7-1: Conducting a Successful Business Continuity Audit
Dan Kushmak Vice President, Audit & Regulatory Response Manager Union Bank
Phillip Bigge
Vice President, Consulting Services Ripcord Solutions
For many companies, the thought of a business continuity audit is chilling. And one of the
reasons organizations freak out about audits is that many are struggling with their continuity
programs. In this program, you will learn how to audit and help ensure a well-defined and mature BC/DR program is in place (hint: it is not found in the plans).
In this session, participants will:
Learn how to audit a BC/DR program and help turn it into a best-in-class BC/DR
program.
Discover steps to ensure the program has the capability to recover.
Gain an understanding of how to succeed at meeting regulatory and customer demands while meeting organizational objectives.
Daniel Kushmak has over 25 years of IT, information security, risk management, and IT audit
experience. He has held various technical and leadership roles for financial, health care,
insurance, manufacturing, and transportation industry leaders.
Philip Bigge has nearly 20 years of experience working with Fortune 500 companies to build sustainable business continuity, technology disaster recovery, vendor continuity, and crisis
management programs across the globe. He has successfully led these organizations through more than 35 major disasters, and successfully integrated many of these programs into IT risk management divisions.
![Page 38: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/38.jpg)
CS 7-2: The Evolution of Privacy Risks
Eric Dieterich, CIPP, CISA, CISC, CHP Partner Focal-Point Data Risk
As the privacy landscape continues to mature, we need to ensure our privacy programs are
keeping pace. This session will focus on privacy risk assessment best practices and the
implications they can have on the maturity and oversight of your privacy program including
control identification and monitoring through privacy audits. Establishing a clear linkage
between these activities allows an organization to more effectively communicate the
identification of privacy risks, the importance of privacy controls implemented throughout
business operations, and how to monitor and report on the effectiveness of these activities. A
key highlight of the session will be an interactive walkthrough of various privacy risk assessment
activities, establishment of potential privacy controls, measurement of privacy risks, and
reporting mechanisms that can be followed by organizations across industries.
In this session, participants will:
• Gain an understanding emerging privacy/cyber security trends
• Learn dissecting recent regulatory enforcement actions
• Identify privacy risk factors
• Perform a privacy risk assessment
• Learn Audit’s role in communicating privacy risk’s
Eric Dietrich has over 15 years of IT advisory and governance experience with regulatory and
industry standards including GLBA, HIPAA, GAPP and NIST 800-53. He has successfully
developed and implemented privacy programs for leading multinational organizations, assisting
in their efforts to become compliant with local and international data privacy laws. Dietrich has
also performed IT risk assessments, strategic business assessments and audits for org anizations
across various industries.
![Page 39: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/39.jpg)
CS 7-3: Pulse of the Profession: A Focus on Government and the Public Sector
John Wszelaki, CIA, CRMA, CFE Director of ACGA, NA Services
The Institute of Internal Auditors, Global Headquarters Results from the North American Pulse of Internal Audit survey, focusing on the public sector and government auditor perspective, will be discussed in depth during this session. Attendees will learn how to lead courageously and instill confidence from within. In this session, participants will:
Consider risks from company communications not traditionally subject to independent assurance (e.g. analyst presentations, sustainability reporting, operational reporting, etc.).
Gain an understanding of environmental, health and safety risks. View how various internal audit functions are utilizing data analytics.
Consider interpersonal dynamics between internal audit and others in the organization and how that impacts reviews that are conducted.
John Wszelaki is the Director of the American Center for Government Auditing at The Institute
of Internal Auditors, the global professional association and standard-setting body for internal
auditors. Wszelaki is recognized as a long-time leader in advancing the internal audit profession
on the local and national levels, sharing best practice approaches and mentoring fellow
professionals. He also is deeply versed in risk management, internal control, governance, and investigative techniques.
CS 7-4: Expense Reports: Following the Road to Fraud
John Tonsick, CPA, CFE
Deputy General Auditor The Metropolitan Water District of Southern California Expense reports are trivial, right? Small dollars that don’t add up to much in the grand scheme
of things. A pain to prepare, a pain to review, hardly worth the time or attention of a world-
![Page 40: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/40.jpg)
class internal audit function. ACFE’s 2016 Report to the Nations has abundantly proven
otherwise with some staggering statistics. So think again.
In this session, participants will:
• Explore the findings of ACFE’s 2016 Report to the Nations, revealing that expense report fraud represented 14% of all asset misappropriations with median losses of
$40,000. • Discuss revealing details such as the propensity for expense-report fraudsters to be
involved in other, more damaging fraudulent schemes. • Learn how to identify and investigate fraudulent employee expenses.
• Discover effective techniques for minimizing your risk. John Tonsick is a leading expert on fraud, with his unique perspective shaped by more than 35 years of experience as a "Big 4" auditor, consultant, and Fortune 50 executive. He has published numerous articles on the subjects of fraud and corporate governance and is a contributing author to Fraud Casebook: Lessons from the Bad Side of Business. He has been interviewed by MSNBC, the Wall Street Journal, CFO Magazine and the Los Angeles Business Journal. CS 7-5: CIA Exam Preparation Course: Part 2 — Internal Audit Practice
Vicki McIntyre, CIA, CFSA, CRMA
President FirstPlus Resolutions, Inc. This Part 2 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the Part 2 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the updated Version 4.0 Part 2 IIA CIA Learning System™ self-study print,
e-book, and online materials. An additional fee of US$315 will be required to attend this
course. A limited number of on-site registrations will be accepted, so please pre-register for
this course.
![Page 41: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/41.jpg)
Course topics will include:
Managing the Internal Audit Function Managing Individual Engagements
Fraud Risks and Controls
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
Vicki McIntyre has helped CIA candidates successfully pass their exams for more than 7 years, having taught The IIA's CIA Learning System extensively. McIntyre manages her own internal
audit and risk management consulting services firm, and has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a vice president of both finance and risk management. She also performs quality assessments of internal audit activities on behalf of The IIA.
Thursday June 8, 2017 3:55 – 5:10 PM
CS 8-1: Privacy Program Accountability and Risk Management
Nancy L. Apolonio, CIPP/US, CIPT Manager II, Privacy Compliance
Hyundai Capital
Lincoln Guy, CIPP/US, CIPP/C, CIPT, CIPM, FIP Senior Manager, Privacy Compliance
Hyundai Capital America Billy Spears Chief Privacy Officer Hyundai Capital America
With such differences in privacy requirements across borders, it is challenging to determine the
maturity of a privacy program in a consistent manner. On a local level, it is challenging to
translate privacy concerns into business risks that can be measured, communicated, and
![Page 42: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/42.jpg)
managed. This session will include a discussion and demonstration of how one organization
manages accountability with privacy program maturity and manages ongoing privacy risk.
In this session, participants will:
Learn about the challenges and opportunities of making privacy accountability a global discussion.
See a unique, evidence-based approach to privacy program maturity assessments.
Learn the difference between inherent and residual risk and other key risk management terms.
Be introduced to tools and techniques for managing privacy risk.
Nancy Apolonio provides subject matter expertise and in-depth knowledge of privacy
compliance, conducts privacy risk reviews, and balances business needs and privacy risks to
advance business objectives. She is responsible for developing and managing HCA’s privacy
program framework and privacy risk register. Prior to joining HCA, Apolonio delivered a privacy
innovation initiative that saved her organization $1.2 million annually, which received an award
at the TFS’ Innovation Fair in 2015. She is an Oracle Certified Professional.
Lincoln Guy is a compliance professional who has worked for Hyundai Capital America for 12 years. For nearly the last four years, he focused on building a privacy compliance program from
the ground up. He has worked to establish and mature processes around privacy risk identification and mitigation at all stages of the information life cycle. Through risk
management efforts and internal business consultations, Guy advocates for consumer privacy while striving to enable company success.
Billy Spears is responsible for overseeing the information policy, privacy compliance, and
privacy governance practices. As a thought leader and advisor to executive leadership, he
regularly consults on various privacy and information security initiatives discovering methods to minimize cyberrisk and safeguard data. Spears leads HCA’s engagement for privacy related industry initiatives and has experience in both the public and private sectors. Prior to HCA, he held similar roles with General Electric, Dell, the U.S. Department of Homeland Security, and
the U.S. Marine Corps establishing himself as a collaborative business partner who uses technology to transform and simplify business processes.
![Page 43: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/43.jpg)
CS 8-2: Fraud Risk Assessments/Anti-fraud Program
Mark Ruppert, CIA, CISA, CHFP, CPA, CHC, ACS
Director of Internal Audit Cedars-Sinai Health System
John Lefter, CIA, CRMA, CISA Director of Internal Audit Sharp HealthCare Does your organization expect fraud risk assessments? If not, why not? If they don’t, why as the
board or audit committee elected not to realize the importance of this service that internal
audit can provide? This session will provide you with insight into practices at two major health
care organizations with national reputations to protect.
In this session, participants will:
Learn about two large organizations’ approaches to fraud risk management as well as their anti-fraud programs.
Discuss why it is important to perform a periodic overall assessment of the anti -fraud program.
Review a case study of an evaluation of programs to protect the organizations from significant acts of fraud through assessing the seven elements of an effective anti-fraud
program.
Mark Ruppert has more than 30 years of internal audit experience, the past 20+ in health care. He is active in the Association of Healthcare Internal Auditors where he served on the board for
a number of years and served as their chair in 2004. Ruppert has been speaking nationally since 2000, has been published in Compliance Today and New Perspectives on various audit and compliance topics, and has lectured on internal audit for the University of California Los Angeles and Riverside.
John Lefter joined Sharp in 2012 and is responsible for managing all operational, financial, and compliance audits. His previous experience includes positions in public accounting with EY as
well as internal audit experience in the defense and health care industries. Lefter serves on the audit committee for the Zoological Society of San Diego, and a Tech Talk committee member for the Association of Healthcare Internal Auditors.
![Page 44: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/44.jpg)
CS 8-3: Auditing for Impact in the Government Environment
Mike Fucilli, CIA, QIAL, CGAP, CRMA, CFE
Auditor General
Metropolitan Transportation Authority
To be successful, internal auditing must be grounded in management support and acceptance
and on imaginative service to management. This session will explore ways auditors can mount a
continuing campaign to sell their products to executive management and the issues that they
raise will have the business impact that will capture and keep management’s interest.
In this session, participants will:
Learn why audit departments need to focus on impact.
Discuss how auditing the strategy and auditing the business will dramatically increase your impact on your organization.
Learn how to add value through the use of COSO.
Mike Fucilli leads a staff of 85 internal auditors at North America’s largest public transportation
agency, with an operating budget of $15 billion and a capital budget that exceeds $5 billion
annually. He has more than 35 years of internal audit experience, having started his career with
Manufacturers Hanover Trust (now Chase Bank) performing procurement audits of large
government contracts including audits of NASA, the U.S. Army and Air Force, and Voyager 1.
Fucilli has served in various leadership roles at the national and global level for The IIA,
currently serving as the vice president of development of the Internal Audit Foundation. He is
an adjunct professor for Pace University, teaching The IIA’s CIA Learning System for the
Certified Internal Auditor exam.
CS 8-4: Affordable Care Act: Why Internal Audit Is Key in Helping Protect the Company
An Buchhagen, CIA
Director Internal Audit
Raytheon Company
![Page 45: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/45.jpg)
Jennifer Allen
Senior Internal Auditor
Raytheon Company
Robert Alexander, CIA, CRMA
Senior Manager, Internal Audit
Raytheon Company
The first year of reporting under the Employer Mandate has passed, leaving some companies
breathing a sigh of relief. This year, the risks of failing to comply increases significantly as parts
of the ACA become active and penalties are indexed year over year. As the bar is raised,
internal audit needs to assess the company’s risk of not complying with ACA regulations.
In this session, participants will:
Understand the reporting regulations and importance of compliance with the Employer Mandate of the ACA.
Explore internal audit's role in assessing risks, identifying gaps and potential areas impacted (Supply Chain, Human Resources, Timekeeping, Information Technology, Finance, Legal), and advising cross-functional management on potential exposures as the requirements get stricter and penalties increase each year.
Examine strategies to ensure compliance to avoid penalties assessed by the IRS.
Learn how failing to comply may be material to the financial statements. Discuss steps to take once a penalty is assessed by using the appeals process
An Buchhagen directs internal audit plan activities across the company. Her key focus areas
include strategic initiatives, accounting, shared services, supply chain, international business
and finance, human resources, regulatory compliance, and legal. Buchhagen has more than 25
years of business and audit experience.
Jennifer Allen has nearly 10 years of internal audit experience (five in health care) in assessing
the adequacy of internal controls, testing the operating efficiencies of operations, IT general
controls, the reliability of financial reporting, process improvement, and compliance with policies and procedures.
![Page 46: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/46.jpg)
Bob Alexander has more than 25 years of comprehensive financial services and auditing
experience including management, analysis, financial reporting, Sarbanes -Oxley-like activities (nonpublic company) and productivity improvements, as well as conducting and providing
management reports of internal audits.
CS 8-5
CIA Exam Preparation Course: Part 2 — Internal Audit Practice
Vicki McIntyre, CIA, CFSA, CRMA
President
FirstPlus Resolutions, Inc.
This Part 2 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the Part 2 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the updated Version 4.0 Part 2 IIA CIA Learning System™ self-study print,
e-book, and online materials. An additional fee of US$315 will be required to attend this
course. A limited number of on-site registrations will be accepted, so please pre-register for
this course.
Course topics will include:
Managing the Internal Audit Function
Managing Individual Engagements Fraud Risks and Controls
Please note: additional self-study time outside of the classroom will be necessary to prepare for
the exam.
![Page 47: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/47.jpg)
Vicki McIntyre has helped CIA candidates successfully pass their exams for more than 7 years,
having taught The IIA's CIA Learning System extensively. McIntyre manages her own internal audit and risk management consulting services firm, and has a combination of internal audit,
financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a
regulatory bank examiner, and a vice president of both finance and risk management. She also performs quality assessments of internal audit activities on behalf of The IIA.
Friday June 9, 2017 8:30 – 9:45 AM
GS 3: Designing a Future-Focused Audit Engagement That Delivers Results That Matter
Norman Marks, CPA, CRMA
Evangelist
Norman Marks
The new Core Principles for the Effective Practice of Internal Audit talk about how we need to
be "proactive and future-focused". What does that mean and how is it achieved? In this
session, Norman Marks will talk about how internal auditors can design engagements that focus
on the risks of today and tomorrow. What he considers the "risks that matter".
Norman Marks is an advocate for “better run business,” focusing on risk management, internal audit, corporate governance, enterprise performance, and the value of information. He is also a
mentor to individuals and organizations around the world. Marks was the chief audit executive of major global corporations for 20 years and is a globally recognized thought leader in the
professions of internal auditing and risk management. In addition, he has served as chief risk officer, compliance officer, and ethics officer, and managed what would now be called the IT
governance function (information security, contingency planning, methodologies, standards,
etc.). He ran the Sarbanes-Oxley Section 404 programs and investigation units at several companies. Marks has authored four books: World-Class Risk Management; Management’s Guide to Sarbanes-Oxley Section 404: Maximize Value Within Your Organization; World-Class Internal Audit: Tales from my Journey; and How Good Is Your GRC? Twelve Questions to Guide
Executives, Boards, and Practitioners. He is a member of the review boards of several audit and risk management publications (including the magazines of The IIA and ISACA, a frequent
speaker, the author of award-winning articles, and a prolific blogger about better run business, consistently rating as one of a top global influencer.
![Page 48: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/48.jpg)
Friday June 9, 2017 10:15 – 11:30 AM
GS 4: Practical Creativity: From Pie-in-the-Sky to Boots-on-the-Ground
Mike Jacka, CIA
Chief Creative Pilot
FPACTS
The concept of creative auditing is often thought of as an oxymoron. However, the application
of creativity is the cornerstone of innovation, and innovation is the cornerstone of internal
audit's ability to maintain relevance into the future. Based on real-life experiences, this session
will discuss how auditors can instill creativity within themselves and their departments while
also demonstrating how that creativity can be used to develop practical innovations within the
department and the organization.
In this session, participants will:
Gain an understanding of why creativity is important to the profession
Learn techniques that can be used in building a creative environment
Gain an understanding of the roles of creativity and innovation
Learn practical applications for using innovation to improve the internal audit process
Mike Jacka is an award-winning columnist, top-rated presenter, and author known for his work
with Internal Auditor magazine, including the blog “From the Mind of Mike Jacka” and the
magazine’s lighter side pieces. After a 30-year career in internal audit, he is now the Chief
Creative Pilot for Flying Pig Audit, Consulting, and Training Solutions (FPACTS). He is the co-
author of Business Process Mapping: Improving Customer Satisfaction; Auditing Social Media: A
Governance and Risk Guide; and The Marketing Strategy: A Risk and Governance Guide to
Building a Brand. He also recently published Auditing Humor and Other Oxymorons.
![Page 49: Tuesday June 6, 2017 8:00 AM 5:00 PM Documents... · Tuesday June 6, 2017 7:30 – 10:00 AM Chief Audit Executive Roundtable (By Invitation Only) Tom Austin, CIA Vice President, Governance](https://reader033.vdocuments.us/reader033/viewer/2022060212/5f0507e17e708231d410ea2e/html5/thumbnails/49.jpg)
Friday June 9, 2017 12:00 PM – 5:00 PM
Post Conference Workshop
CIA Exam Prep Course: Part 1 — Internal Audit Basics
Vicki McIntyre, CIA, CFSA, CRMA
President
FirstPlus Resolutions, Inc.
This Part 1 CIA course is designed to give candidates a high level introduction and overview of
the topics covered on the Part 1 CIA exam. The course will reinforce your CIA knowledge,
clarify topics, and build exam-day confidence. Taught by CIA-certified instructors, each
attendee will have the opportunity to work through practice exam questions, learn test taking
tips, and will receive the updated Version 4.0 Part 1 IIA CIA Learning System™ self-study print,
e-book, and online materials. An additional fee of US$315 will be required to attend this course. A
limited number of on-site registrations will be accepted, so please pre-register for this course. Course
topics will include:
Mandatory Guidance Internal Control/Risk
Conducting Internal Audit Engagements – Audit Tools and Techniques
Please note: additional self-study time outside of the classroom will be necessary to prepare for the exam.
Vicki McIntyre has helped CIA candidates successfully pass their exams for more than 7 years, having taught The IIA's CIA Learning System extensively. McIntyre manages her own internal
audit and risk management consulting services firm, and has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management
experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a vice president of both finance and risk management. She also performs quality assessments of internal audit activities on behalf of The IIA.