Sunday Oct 18, 2015 8:30 AM – 5:10 PM WRK-1: The IIA's CIA Learning System CIA Review Vicki McIntyre, CIA, CRMA, CFSA President FirstPlus Resolutions, Inc. This CIA exam preparation course will include a high level introduction and overview of the topics covered on the new 3-part CIA exam. The course will reinforce your CIA knowledge, clarify exam topics, and build exam-day confidence. Taught by an IIA CIA- certified instructor, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the updated Version 4.0 IIA CIA Learning System™ self-study print and online materials for Parts 1-3. Additional self- study time outside of the classroom will be necessary to prepare for the exam. An additional fee and pre-registration will be required to attend this session. Course topics will include: • Part 1 — Internal Audit Basics • Part 2 — Internal Audit Practice • Part 3 — Internal Audit Knowledge Elements *The IIA’s CIA Learning System™ Version 4.0 Full Kit (Parts 1-3) materials are included within the course registration fee. Learning Field: Auditing Learning Level: Intermediate Sunday Oct 18, 2015 1:00 – 5:00 PM WRK-2 Perception Is Reality: Working to Enhance the Image Deanna Sullivan, CIA, CRMA Principal Sullivan Solutions In this session, participants will: • Recognize the social styles of customers and co-workers. • Determine how to improve versatility by adapting individual behavior to enhance communication. • Develop a personal 30-3-30 for personal marketing and the audit process.
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Sunday Oct 18, 2015 8:30 AM – 5:10 PM WRK-1: The IIA's CIA Learning System CIA Review Vicki McIntyre, CIA, CRMA, CFSA President FirstPlus Resolutions, Inc. This CIA exam preparation course will include a high level introduction and overview of the topics covered on the new 3-part CIA exam. The course will reinforce your CIA knowledge, clarify exam topics, and build exam-day confidence. Taught by an IIA CIA-certified instructor, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the updated Version 4.0 IIA CIA Learning System™ self-study print and online materials for Parts 1-3. Additional self-study time outside of the classroom will be necessary to prepare for the exam. An additional fee and pre-registration will be required to attend this session. Course topics will include:
• Part 1 — Internal Audit Basics • Part 2 — Internal Audit Practice • Part 3 — Internal Audit Knowledge Elements
*The IIA’s CIA Learning System™ Version 4.0 Full Kit (Parts 1-3) materials are
included within the course registration fee.
Learning Field: Auditing Learning Level: Intermediate
Sunday Oct 18, 2015 1:00 – 5:00 PM
WRK-2 Perception Is Reality: Working to Enhance the Image Deanna Sullivan, CIA, CRMA Principal Sullivan Solutions In this session, participants will: • Recognize the social styles of customers and co-workers. • Determine how to improve versatility by adapting individual behavior to enhance
communication. • Develop a personal 30-3-30 for personal marketing and the audit process.
• Identify verbal and non-verbal communication which may alienate customers. Deanna Sullivan is an internationally recognized speaker, author, and trainer. Her most popular topics are in the areas of fraud, ethics, leadership, and communications. She has a diverse background ranging from auditing and accounting to consulting and facilitation, and was recently certified as a Zig Ziglar Legacy Trainer. She also delivers courses for The IIA’s On-site Training division. Learning Field: Communication Learning Level: Intermediate WRK-3 High Impact Audit Report Writing Robert Mainardi, CFSA, CRMA President Mainardi & Company In this session, participants will:
• Review of the report writing process, including documenting audit exceptions. • Walk through the five-component approach to documenting an audit exception. • Discuss the true purpose of the audit report and the corresponding critical
information that should be included. • Identify and discuss components of “real action.” • Uncover the keys to successful and timely issuance of audit reports. • Receive formatting tips on how to succinctly report on audit exceptions.
Robert Mainardi started his own company after 21 years of working in the internal audit profession in the financial services industry. He specializes in developing and facilitating custom internal audit training as well as evaluating, creating, and implementing formal audit methodologies including continuous auditing programs. Previously, Mainardi was the vice president of internal audit for the Penn Mutual Life Insurance and also served as a senior audit manager for The Vanguard Group. As a professional speaker and consultant, Mainardi leads programs to help clients develop and maintain world-class internal audit functions. He has served as a distinguished IIA faculty member for more than 20 years as well as a popular speaker numerous IIA and other events. Mainardi has merited the Six Sigma Green Belt certification; earned the Qualification in Control Self-Assessment; and is certified to perform Quality Assessment reviews. Learning Field: Communication Learning Level: Intermediate
Monday Oct 19, 2015 8:30–9:45 a.m. GS 1 Vigilant Leadership: Looking Over the Horizon for Risk, Innovation, and Opportunity Bob Treadway Principal Treadway & Associates, Inc. In this session participants will:
• Learn how to look ahead to act on surprises, see emerging opportunities, tease out breakthrough ideas, and advance your status and effectiveness in your organization.
• Shift focus to the lens of the stakeholder, and pick out the early signals requiring your attention and deeper thinking.
• Look at various factors that could affect your enterprise, team, or career. • Share examples and techniques from decades of work with vigilant individuals
and organizations and learn how to fold them into your own repertoire of abilities and assets.
Bob Treadway is a globally recognized consulting futurist, foresight advisor, and strategy facilitator. For the past 27 years he has helped organizations and individuals look ahead, build robust strategy, plan flexibly, and take action on the future. Clients such as Gillette, Berkshire Hathaway, ExxonMobil, Motorola, the Federal Reserve, Dow, AT&T, ISACA, Hilton, US Gypsum, and the Social Security Administration use his services to help understand uncertainty, think even more strategically, and make better decisions. Learning Field: Personal Development Learning Level: Intermediate
Monday Oct 19, 2015 10:15–11:30 a.m. CS 1-1 The Changing Face of Payments George Thomas Senior Vice President, Chief Audit Executive First Data Corporation In this session, participants will:
• Learn how to assess and leverage opportunities within the payments space.
• Understand key compliance elements of payments processing and data across borders.
• Describe the criteria for conducting risk assessments of payments alternatives. • Develop audit programs to assess the value chain and risks embedded in your
payments solution. • Manage the risk and opportunities in the payments stream.
George Thomas manages the internal audit program spanning operations around the world. He has audit, risk management, finance, and accounting experience in financial services. Most recently Thomas served as vice president and group audit manager with Fifth Third Bank; vice president-audit director at PNC Financial Services; and vice president-accounting with Great Western Bank. He also serves on The IIA’s Financial Services Advisory Board. Learning Field: Business Management & Organization Learning Level: Intermediate CS 1-2 Bring Your Own Device: Risk Management and Audit Considerations for a BYOD-enabled Environment John Maynor Director PricewaterhouseCoopers LLP In this session, participants will:
• Discuss the BYOD issue in terms of benefits and risks. • Hear success stories from those who experience implementation challenges. • Learn how to build a BYOD-aligned audit plan. • Discuss the future of BYOD.
John Maynor is a director with 14 years professional experience in private industry and at PwC. Maynor has experience in building security governance practices within diverse industries, and he has performed HIPAA/HITECH risk assessments for numerous health-care organizations. In addition, he is adept at quickly understanding core business processes of organizations and implementing focused risk management and controls programs. He combines his IT risk management experience and information security knowledge to assist clients in their overall risk management programs. He has performed IT controls review and optimization for clients looking to enhance their control environment. Most recently, Maynor has focused on assisting clients with vendor risk issues, including designing and implementing vendor risk management programs and performing on-site vendor assessments. Before joining PwC, he developed and
maintained information security programs for Fortune 500 companies, including policy and awareness programs. Learning Field: Auditing Learning Level: Intermediate CS 1-3 Using ERM to Improve Strategic Decisions Jim Fitzmaurice Senior Director and Executive Advisor The Corporate Executive Board (CEB) Company In this session, participants will:
• Discuss how the best ERM teams create value with risk insights at key decision points.
• Learn how to influence the development of a firm’s strategy and align risk management against strategic objectives.
• Identify what insight and tools senior company leaders need to make critical decisions with greater confidence.
• Explore how to conduct effective scenario planning exercises. • Find out how to embed risk management discipline in business processes.
Jim Fitzmaurice provides guidance and shares proven tactics that help ERM and internal audit executives improve individual, functional, and corporate performance. Prior to joining CEB, Fitzmaurice served as a subprime mortgage account executive at The Lending Group, as a branch officer at Chevy Chase Bank (Capital One), and worked as a middle-school mathematics teacher. Learning Field: Management Advisory Services Learning Level: Intermediate CS 1-4 Strategy Implementation Capability: The Competitive Edge Richard Chambers, CIA, QIAL, CGAP, CCSA, CRMA President and CEO The IIA In this session, participants will:
• Learn why some companies succeed while others fail in implementing strategic plans.
• Discuss the essential elements of strategic planning.
• Hear seven differentiators that yield a competitive edge. • Identify 10 mistakes that doom corporate strategies. • Discover how to ensure audit plans address strategic risks.
Richard F. Chambers has more than four decades of internal audit and related experience. Previously, Chambers was national practice leader in Internal Audit Advisory Services at PricewaterhouseCoopers; inspector general of the Tennessee Valley Authority; deputy inspector general of the U.S. Postal Service; and director of the U.S. Army Worldwide Internal Review Organization at the Pentagon. He currently serves on the COSO Board of Directors, International Integrated Reporting Council (IIRC), and IIA Board of Directors. Previously, he served on the U.S. President’s Council on Integrity and Efficiency; Audit Board of the City of Orlando, Fla.; IIA Internal Audit Standards Board; and IIA North American Board. Chambers received the Association of Government Accountants (AGA) Frank Greathouse Distinguished Leadership Award and the National Association of Black Accountants (NABA) Legacy Award. Accounting Today named him one of the Top 100 Most Influential People in Accounting as well as one of 10 tweeters worth following. The National Association of Corporate Directors (NACD) named him one of the most influential leaders in corporate governance. In 2014, Chambers authored the award-winning book, Lessons Learned on the Audit Trail. Learning Field: Management Advisory Services Learning Level: Intermediate
Monday Oct. 19, 2015 12:45–2:00 PM CS 2-1 Delivering Value: Performing Project Health Checks in Large-program Governance Carolyn Saint, CIA, CRMA Chief Audit Executive University of Virginia In this session, participants will:
• Benefit from lessons learned from both academic research and the school of hard knocks and new approaches to providing assurance on large program implementation.
• Walk through a rigorous methodology for performing project health checks, receiving practical guidance.
• Learn how to coordinate with project managers, business leaders, and other key stakeholders to deliver value to project sponsors and steering committees.
Carolyn Saint has a deep knowledge and focus on strategic and enterprise risks, process improvement opportunities, and financial stewardship obtained from providing assurance services to clients and Fortune 50 companies. She is a frequent speaker on governance and internal audit topics. Prior to joining 7-Eleven, Saint was vice president of internal audit for Lowe's Companies, Inc., Sears Holdings Corp., Kmart, and Covansys, and also at Deloitte. Learning Field: Auditing Learning Level: Intermediate CS 2-2 Surviving the Fire of a Security Breach Angel J. Nazario Assistant to the Special Agent in Charge United States Secret Service, Miami Field Office Rocco Grillo, CRMA Managing Director, Global Leader Incident Response Protiviti Christopher Collins Cybersecurity & Privacy Federal Bureau of Investigations In this session, participants will:
• Discuss crisis response, legal, reputation, and risk management implications of a major security breach.
• Identify what it takes to proactively prepare, detect, and respond to a breach. • Learn from seasoned professionals who will share their stories and experiences. • Debate that failure is inevitable; proactive preparation is key.
A.J. Nazario began his career with the United States Secret Service (USSS) in 1992. During his 23-year career with the USSS, he has been assigned to the Vice Presidential Protective Division and the USSS James J. Rowley Training Center. Since 2005, he has served as the Assistant to the Special Agent in Charge supervising the Miami Electronic Crimes Task Force. Rocco Grillo leads Protiviti’s global incident response and forensics investigations practice, providing cybersecurity and risk management services. His team of world-class incident responders and forensics examiners have successfully triaged some of the largest data breaches recorded over the last decade. Grillo is a frequent public
speaker and has presented at numerous trade group conferences. He has been quoted as an IT security expert in CNNMoney, The American Banker, The Wall Street Journal, The New York Times, The London Times and other respected industry publications. His professional affiliations include active roles as a board advisor for FS-ISAC, NH-ISAC, the Shared Assessments Program, the CLM – Cyber Liability Committee, and as a board member of the IT Policy Compliance Group. Before joining Protiviti, Grillo helped develop RedSiren Technologies and also served in management positions with Lucent Technologies. Learning Field: Specialized Knowledge & Applications Learning Level: Intermediate CS 2-3 Using a Risk Matrix: A Practical Approach Larry Hubbard, CIA, CCSA Principal Larry Hubbard & Associates In this session, participants will:
• Hear about internal auditing's growing obsession with risks. • Explore the different ways risk matrices are used. • Recognize the common errors made in using a risk matrix to identify controls. • Discuss the one format of risk matrix that is actually useful. • Understand how the risk matrix fits into the COSO internal control and ERM
frameworks.
Larry Hubbard is a professional trainer and consultant with a broad background in accounting, auditing, and finance. Prior to founding his own firm, Hubbard's experience included Mobil Corporation and EY. In addition to conducting his own training seminars, Hubbard conducts training for other organizations, such as The IIA; Watkins, Meegan; and Risk Management Advisory Services. Learning Field: Auditing Learning Level: Advanced CS 2-4 People-Centric Skills: Building an Attractive Team in an Unattractive World (Talent Management) Danny M. Goldberg, CIA, CCSA, CRMA Founder GoldSRD
In this session, participants will:
• Understand the four stages of talent management. • Learn how to face the challenge of a shrinking pool of internal audit candidates
and how to supplement the current talent pool. • Learn key components to building a world-class audit team with limited
resources. • Assess corporate culture and how audit can maximize effectiveness within the
organization.
Danny M. Goldberg is the founder of GoldSRD, an assurance firm providing staff augmentation, executive recruiting, and professional development services. He previously led the professional development practice at Sunera and before joining them, he founded SOFT GRC, an advisory services and professional development firm. Before that, Goldberg was the director of Sarbanes-Oxley compliance and corporate audit at Dr. Pepper Snapple Group. Prior to his tenure there, he served as CAE at Tyler Technologies. Goldberg is a sought-after speaker and writer, presenting at The IIA’s International and All Star conferences as well as other trade organizations including ISACA. He is accredited as the professional commentator on the publication BNA Tax and Accounting Portfolio, Internal Auditing: Fundamental Principles (Accounting Policy and Practice Series), and has co-authored a new book, People-Centric Skills: Interpersonal and Communication Skills for Auditors and Business Professionals. Learning Field: Personnel/HR Learning Level: Intermediate
Monday Oct. 19, 2015 2:30–3:45 p.m.
CS 3-1 Is Your PCI Compliance Really Keeping You Safe? Corbin Del Carlo Director, Regional Leader Security and Privacy Services McGladrey LLP Keith Swiat Director, Security and Privacy Service McGladrey LLP In this session, participants will:
• Learn about the most recent threats and vulnerabilities that result in the theft of card data.
• Find out how card data is being stolen and where it is going. • Learn how PCI v3 has evolved to mitigate threats to card data and make it harder
for attackers to steal information. • Hear real-world examples of how control failures lead to data breaches that
should have been prevented. Corbin Del Carlo serves as the national leader for PCI service line at McGladrey. He performs over 50 Payment Card Industry (PCI) Data Security Standard assessments annually for numerous organizations. Del Carlo also has provided internal and external network penetration testing, internal technology controls reviews, information systems security policy analysis, control evaluations, and technology risk assessments/impact analysis for clients for the past 12 years. Keith Swiat has more than 20 years of experience in information security and is an expert advisor on Payment Card Industry compliance standards (PCI-DSS, PA-DSS, P2PE) for software vendors developing mobile/web/traditional payment applications. Swiat is an active participant in the payment card industry, collaborating with standards organizations, merchants, and software vendors to create new data security standards and guidelines. Learning Field: Business Management & Organization Learning Level: Advanced CS 3-2 Cybersecurity: Is There a Disconnect Between Internal Audit and Stakeholders? Sanjay Deo Principal 24By7Security, LLC. In this session, participants will:
• Focus on the perceived disconnect between internal audit and stakeholders on cybersecurity.
• Learn why publicly traded companies with strong internal audit and compliance departments are victims of global breaches.
• Discuss whether internal audit is in tune with changing business models that drive the companies to move toward the adoption of Internet innovation.
• Talk about CAEs needing to focus on talent acquisition, keeping in mind that technology is no longer a specialty skill.
Sanjay Deo has more than 22 years of Internet security experience and focuses on delivering strategic cybersecurity framework consulting to Internet connected clients in the areas of HIPAA/HITECH, GLBA, ISO27002, Sarbanes-Oxley, and cybersecurity
framework assessments, remediation, and strategic consulting. Prior to 24By7Security, LLC., Deo was president of a managed security services company which serviced one of the largest software companies in the world. He serves on the board of the South Florida CIO Council and is a frequent speaker on the topics ranging from demystifying cloud computing, risks of social media, risks of ePHI in the cloud, and adoption of consistent cybersecurity risk assessment frameworks. Learning Field: Business Management & Organization Learning Level: Intermediate CS 3-3 Business Risk of Fraud Trak Patel IT Compliance Manager Ulta Cosmetics In this session, participants will:
• Learn key strategies and tips to performing a fraud risk assessment. • Hear actions companies are taking to prevent and detect fraud. • Review case studies of actual fraud investigations and lessons learned. • Understand the business implications and after-effects once a fraud has
occurred. Trak Patel has more 17 years of audit experience and currently manages the organization’s IT compliance effort. He is responsible for all of IT Sarbanes-Oxley, PCI, risk management, and IT security. Prior to joining Ulta, he was in various audit roles at Regal Beloit, Snap-on, Sears, United Airlines, and Grant Thornton. His experience as an entrepreneur has brought unique insights in operating the department and driving efficiencies in the businesses at Snap-on and at Regal Beloit. He has experience in Sarbanes-Oxley compliance, operational, financial, IT audits, and FCPA compliance. Learning Field: Management Advisory Services Learning Level: Intermediate CS 3-4 Getting a Seat at the Table: Case Studies on Successful Integration of Acquired Businesses Cindi Hook Senior Vice President, Chief Audit Executive Assurance & Advisory Team Comcast Corporation In this session, participants will:
• Learn tactics of getting upfront involvement with executive management and building credibility.
• Explore the evolution of determining scope and value-add contributions. • Identify and employ the right internal and external skills.
Cindi Hook oversees all internal audit staff, risk management, and the performance of financial, operational, and systems audits, among other responsibilities. She is also the executive sponsor for several companywide finance development programs including the Financial Management Leadership Program (FMLP), CORE (Career Opportunities and Rotational Experience), and the Finance and Accounting intern program. Hook was recently named to Cablefax’s “2013 Most Powerful Women in Cable.” Prior to joining Comcast, she spent 12 years at Dell, Inc., most recently serving as the vice president of global audit and transformation, responsible for the global audit function as well as transformation initiatives for the finance function and supporting businesswide change initiatives. Learning Field: Personal Development Learning Level: Intermediate
Monday Oct 19, 2015 3:55–5:10 p.m.
CS 4-1 Auditing for Impact: How to Find $100 Million in Cost Savings Michael J. Fucilli, CIA, QIAL, CRMA, CGAP Auditor General Metropolitan Transportation Authority In this session, participants will:
• Learn a dynamic, proactive approach to support the organization's vision and goals and get the attention of executive management, the board, and other stakeholders.
• Identify strategies to transform your department from focusing on financial controls and operational compliance risks to strategic/business and operational risks.
• Get the “wow factor” in your audit results through strategic risk assessment techniques that resulted in an audit impact of $100 million for one organization.
• Review case studies of obvious and not-so-obvious cost savings. • Discover how to transform from auditor to valued strategic business partner.
Mike Fucilli leads a staff of 85 professionals for a public sector organization with revenues in excess of $15 billion. He has 36 years of internal audit experience in the private and public sector in industries including banking, defense contracting, and transportation. Fucilli currently sits on The IIA Research Foundation Board of Trustees and served numerous other leadership roles for The IIA. He is a frequent speaker at industry conferences on topics including COSO, risk assessment, internal controls, and quality assurance. Fucilli is an adjunct professor for Pace University where he teaches the CIA review class using The IIA’s CIA Learning System®. Learning Field: Auditing Learning Level: Advanced CS 4-2 Social Media: Risk, Redemption, & Reputation Nejolla Korris InterVeritas International Ltd. Chief Executive Officer In this session, participants will:
• Learn to manage corporate risk from the social media perspective. • Understand the regulatory impact on social media. • Discover ways to use social media to protect the reputation of your brand. • Focus on the importance of use policies for staff, contractors, and third parties. • Explore the legal implications of data leakage via social media.
Nejolla Korris is an international expert in the field of Linguistic Lie Detection. She is skilled in Scientific Content Analysis (SCAN), a technique to determine whether a subject is truthful or deceptive. Korris has analyzed documents for fraud, international security, arson, sexual assault, homicide, and missing persons’ cases and has taught her method around the world to corporations, government agencies, law enforcement and the military. In 2013, Korris launched a series of webinars to link her diverse global clients together and premiered a series of women’s security conferences in various cities throughout Canada. Learning Field: Specialized Knowledge and Application Learning Level: Advanced CS 4-3 Ripped from the Headlines: Case Studies of Major Embezzlements Bethmara Kessler Chief Audit Executive
Campbell Soup Company In this session, participants will:
• Dissect case studies to develop a profile of those who typically commit major embezzlement fraud.
• Gain appreciation and understanding of how major embezzlement fraud happens and its underlying schemes.
• Get ideas to influence your thinking about what you should be doing to prevent or detect major embezzlement fraud before it’s too late.
• Discuss key themes and patterns that emerge and explore ideas that could have prevented or detected the schemes.
Bethmara Kessler has had extensive leadership experience with roles in audit, risk management, information systems, and corporate investigations with EMI Group, Plc., Avon Products, Inc., RJR Nabisco, Inc., Ernst & Young, and Warner Music Group. Earlier in her career, she co-founded The Fraud and Risk Advisory Group, Inc., a consulting firm specializing in fraud and risk prevention, internal audit support, corporate investigations and business process improvement, and previously served as senior vice president of enterprise business risk management at Limited Brands, Inc. Kessler is a popular speaker on a topics related to internal auditing, fraud compliance, and risk and serves on the ACFE Faculty and Advisory Council. She is a contributing author to the ACFE's Fraud Examiner Manual and Fraud Casebook: Lessons From the Bad Side of Business and numerous articles that have appeared in trade and specialty publications. Learning Field: Behavioral Ethics Learning Level: Intermediate CS 4-4 Becoming a Strategic Internal Auditor Paul L. Walker, Ph.D. James J. Schiro / Zurich Chair in Enterprise Risk Management Director, Center for Excellence in ERM St. John's University In this session, participants will:
• Learn the need for auditors to become more strategic. • Understand how other auditors have achieved the objective of providing strategic
guidance. • Learn the skills needed to be a credible strategic advisor. • Build a self-assessment and plan for becoming more strategic.
Dr. Paul Walker co-developed one of the first courses on Enterprise Risk Management (ERM) and has conducted ERM training for executives and boards around the world, including helping boards develop risk oversight practices, benchmarking ERM practices, advising organizations on ERM process development, and identifying black swans and unknown risks. He has also researched ERM at the headquarters of companies such as Wal-Mart, Microsoft, DuPont, Intuit, Harley-Davidson Inc, Raytheon, and others. Dr. Walker has written extensively on risk and ERM including Improving Board Risk Oversight through Best Practices, Making Enterprise Risk Management Pay Off, and Enterprise Risk Management: Pulling it All Together, as well as serving as co-author on a number of articles. Dr. Walker served as a visiting fellow at the London School of Economics Centre for the Analysis of Risk and was a consultant to COSO on their ERM framework. Dr. Walker was selected as a 2011 Deloitte CFO scholar. Learning Field: Personal Development Learning Level: Advanced Tuesday Oct 20, 2015 8:30–9:45 a.m.
GS 2 Positioning Internal Audit for the Future Bethmara Kessler Chief Audit Executive Campbell Soup Company In this session, participants will:
• Discuss if, how, and why our audit functions are devolving rather than evolving. • Ask ourselves how to stay ahead of the curve of the businesses we serve and
how to use that to stay relevant. • Explore challenges as we try to keep pace with businesses that are moving
faster than ever to remain profitable, relevant, and dynamic. • Leverage these insights against thought provoking ideas about work and
processes; talent and teams; and skills and capabilities. Bethmara Kessler has had extensive leadership experience with roles in audit, risk management, information systems, and corporate investigations with EMI Group, Plc., Avon Products, Inc., RJR Nabisco, Inc., Ernst & Young, and Warner Music Group. Earlier in her career, she co-founded The Fraud and Risk Advisory Group, Inc., a consulting firm specializing in fraud and risk prevention, internal audit support, corporate investigations and business process improvement, and previously served as senior vice president of enterprise business risk management at Limited Brands, Inc. Kessler is a popular speaker on a topics related to internal auditing, fraud compliance, and risk and serves on the ACFE Faculty and Advisory Council. She is a contributing author to the
ACFE's Fraud Examiner Manual and Fraud Casebook: Lessons From the Bad Side of Business and numerous articles that have appeared in trade and specialty publications Learning Field: Auditing Learning Level: Intermediate
Tuesday Oct. 20, 2015 10:15–11:15 a.m. CS 5-1 Top Ten Areas to Target in Your Next BSA Audit Theresa Kain Principal McGladrey LLP In this session, participants will:
• Discuss why regularly scheduled audits of compliance programs can become stale or overlook emerging risks.
• Explore an evolving audit approach to support continuous improvement of the BSA Compliance program
• Review 10 specific areas of focus to enhance your next audit plan. • Get an inside look on how to determine whether your compliance committee is
functioning at maximum levels.
Theresa Kain has served in a consulting capacity to the gaming industry for more than 15 years, assisting clients across the country with business process improvement and internal control enhancement-related services. She specializes in performance improvement for gaming operations and has designed, authored, and implemented internal control systems for start-up casinos and has worked with numerous established gaming operations in updating and improving their internal control systems. Kain has worked with over 40 casinos in multiple jurisdictions. Learning Field: Auditing Learning Level: Advanced CS 5-2 High Assurance IT Security Auditing: A Threat Centric View Rik Sorensen Manager, Cyber Security and IT Assurance Services Raymond Chabot Grant Thornton Consulting Inc.
In this session, participants will:
• Walk through the phases of HACSAM from planning to testing and reporting. • Discuss the resources and skills required to execute a HACSAM audit. • Explore how threats operate in real-world scenarios and how to modernize
testing procedures. • Learn about the concept of matching today’s cyber-threats with valid and proven
testing procedures and methodologies. • Examine case studies of proven successes using this approach including
conclusive measurement of an organization’s ability to defend material threats to its operations and IT systems.
Rik Sorensen is recognized for his in-depth knowledge of IT and cybersecurity auditing, cybersecurity threats and attack methods, technical security, IT operations and governance, and thought leadership on cybersecurity, IT strategy, and enterprise evaluation. For more than 10 years, he has provided direction, advice, and subject matter expertise on IT and cybersecurity audit engagements for IT security audit engagements and projects for federal government departments and organizations alike. In addition, Sorensen has worked with senior officials to lead cybersecurity program initiatives at many top-tier federal government departments and private industry firms. As an industry expert, he has spoken at national industry events, technical colleges and institutions, and is a regular resource on providing IT and cybersecurity advice to senior government officials. Learning Field: Specialized Knowledge and Applications Learning Level: Advanced CS 5-3 Ethics for Internal Auditors James Reinhard, CIA Audit Director Simon Property Group, Inc. In this session, participants will:
• Gain an understanding of the IIA Code of Ethics and associated Standards. • Expand your understanding of ethical behavior for internal auditors given various
ethical dilemmas. • Learn traits of good ethical behavior. • Discuss ethical dilemmas faced by class participants. • Examine approaches to deal with ethical dilemmas.
James Reinhard has worked in various industries, including retail, insurance, health care, loan servicing, real estate investment trusts, state and local government, and nonprofit organizations. He is an adjunct instructor at the Kelley School of Business, Indiana University – Purdue University, Indianapolis. He has presented locally and at national events, and served on The IIA’s Professional Issues Committee. Learning Field: Behavioral Ethics Learning Level: Intermediate CS 5-4 Managing Your Team's Work/Life Balance: A Guide for the CAE Harold Silverman, CIA, QIAL, CRMA Vice President, Internal Audit The Wendy’s Company In this session, participants will:
• Learn tips and techniques from an experienced CAE on setting and managing expectations of work/life balance in an internal audit environment.
• Maximize the long term productivity of your internal audit department by attracting and retaining top talent.
• Share in the speaker’s recent personal challenges to manage his own work/life balance priorities.
Harold Silverman previously was vice president of internal audit at Houghton Mifflin Harcourt Publishing Co. Before that, he served as senior manager of internal audit at Raytheon Co., managing the team that performed audits at the corporate locations and divisions in the northeast. Prior to Raytheon, Silverman was an internal audit manager at PricewaterhouseCoopers, and he gained external audit experience at Arthur Andersen. He serves on The IIA’s Executive Committee and as vice chairman of of Professional Certifications. Learning Field: Personal Development Learning Level: Intermediate
Tuesday Oct. 20, 2015 12:45–2:00 p.m. CS 6-1 Data Breaches: When Compliance Is Not Enough Dennis Looney, CIA, CRMA Vice President, Internal Audit Krispy Kreme Doughnuts, Inc.
Matthew Thompson Managing Director, Business Advisory Services Grant Thornton LLP In this session, participants will:
• Explore the differences between compliance and security. • Learn why compliance with different rules/regulations, such as PCI, HIPAA, and
Sarbanes-Oxley, doesn’t ensure an adequate cybersecurity program. • Identify technicalities of each rule/regulation that may leave your data unsecure. • Ask the important questions such as what types of data your company wants to
protect, where that data is located, whom the data should be protected from, and the cost your company is willing to pay to protect it.
Dennis Looney is responsible for corporate internal audit, Sarbanes-Oxley testing, store audits, and loss prevention. Prior to joining Krispy Kreme, he was director of the Jefferson Wells practice in Raleigh, NC. He has experience in retail and distribution, manufacturing, IT, and finance. Looney has held various management positions within Lowe’s Home Improvement, Apex Analytix, and BCE Emergis Technologies. Matt Thompson has extensive experience working in the cybersecurity, IT risk management, and IT audit arenas, having advised organizations of all sizes, from small private companies to large public companies with locations around the world, across a variety of industries. Thompson’s international client experience includes organizations with locations in South America, Europe, and Asia. Learning Field: Social Environment of Business Learning Level: Intermediate CS 6-2 APT: The Threat is Real, Well-funded, and Coming for Your Data Jesse Fernandez Senior IS Audit Specialist Automobile Club of Southern California In this session, participants will:
• Define what an Advanced Persistent Threat, or APT, is and what it isn’t. • Identify the potential financial impact that a successful APT attack can have on
an organization. • Discover the APT’s favored means of attack. • Find out how internal audit can leverage its existing audit plan to help protect the
organization.
Jesse Fernandez with more than 10 years of industry experience, conducts complex information security audits and recently worked with the PCI DSS Standards Council to develop guidance around conducting a PCI DSS risk assessment to ensure document consistency and technical soundness. Learning Field: Business Management & Organization Learning Level: Intermediate CS 6-3 Assessing and Auditing Third Party Risk: A Comprehensive, Risk-based Approach Bill Chippendale, CIA Managing Vice President, Audit Capital One Brian Scherbaum Managing Director of Risk Audit Synchrony Financial In this session, participants will:
• Understand third-party risks and discover how to integrate these risks into the annual audit planning process.
• Explore several methods for assessing these risks within your audit plan using a risk-based approach.
• Learn about opportunities to create a third-party management subject matter expert role within the audit department.
• Discuss the benefits of ensuring quality and consistency of third-party risk coverage through this role.
Brian Scherbaum manages the internal audit coverage of ERM, credit risk management, and operational risk at Synchrony. He has more than 16 years of experience auditing the financial services industry. Prior to joining Synchrony Financial in 2014, Scherbaum was an internal audit director for Capital One overseeing the execution of the company’s credit card internal audit plan. Prior to Capital One, he spent 13 years at HSBC holding a variety of positions within the internal audit department, including senior vice president with responsibility for audit coverage of the retail banking and wealth management businesses within North and South America. Bill Chippendale leads the internal audit function for Capital One’s credit card, mortgage, and auto lending businesses. He has more than 20 years of management consulting and audit experience assisting and leading audit functions for mid-size and large financial services companies, and others. Prior to Capital One, Chippendale
served in an audit and consulting capacity at JPMorgan Chase and Ernst & Young for clients in the financial services industry. Learning Field: Auditing Learning Level: Intermediate CS 6-4 How to Survive and Thrive in the Field of IA: Stories and Practical Tips From a Seasoned Practitioner John R. S. Fraser, CIA, CRMA Ex-Senior Vice President and ex-Chief Risk Officer Hydro One Networks Inc. (Retired) In this session, participants will:
• Get a glimpse into how the profession of auditing and internal auditing in particular has morphed and advanced for the past 50 years.
• Review key principles and attributes of good internal auditing with examples from fraud investigations, continuous auditing, difficulties with untrained audit committees, the pioneering of computer auditing, and of auditing derivatives.
• Receive advice based on three+ decades of surviving and thriving this ever-growing profession, including special tips for leaders in dealing with senior executives and boards of directors.
• Share real-world case studies, bringing color and energy to theories gathered and created over a lifetime.
John Fraser has more than 50 years’ experience in the risk and control field, mostly in the financial services sector, including areas such as finance, fraud, derivatives, safety, environmental, computers, and operations. He is an adjunct professor at York University, where he teaches enterprise risk management in the Masters in Financial Accountability Program. Fraser has co-edited two university textbooks on ERM. Learning Field: Business Management & Organization Learning Level: Advanced
Tuesday Oct. 20, 2015 2:30–3:45 p.m. CS 7-1 Internal Audit's Role in Mergers & Acquisitions Moderator: Sarah Fedele, CIA, CRMA
Principal Deloitte & Touche LLP Panelists: Douglas Meyer Exelon Corporation Internal Audit and Financial Controls Jean Chun Vice President, Global Internal Audit Applied Materials, Inc. Janet Roth Partner Deloitte & Touche LLP Lori Kaczynski, CIA, CRMA Director, Internal Audit & Enterprise Risk Manager Printpack, Inc In this session, participants will:
• Obtain an understanding of the current M&A landscape including a brief overview of global M&A activity and trends.
• Learn about the different roles internal audit plays during an M&A transaction including internal audit integration, risk management, and compliance considerations.
• Hear from a panel of internal audit leaders who have lived through multiple M&A transactions ranging from large and complex to small but impactful.
Doug Meyer has been with Exelon for the past eight years and currently oversees IT internal audit, data analytics, and financial controls. Prior to Exelon, he was with EY for eight years in the assurance and advisory business practice with a focus on IT risks and financial reporting assurance. Over the course of his career, Meyer has participated in various mergers and acquisitions, including taking the lead over internal audit’s role of Exelon’s $9B acquisition of Constellation, numerous retail energy acquisitions, and the pending $7B acquisition of Pepco Holdings. Janet Roth has more than 20 years of experience in financial due diligence and post-merger integration and divestiture. She is a CPA and has led the finance and accounting integration and divestiture work streams on over 25 transactions Jean Chun has led the company’s global internal audit since joining the organization in 2013. Previously, she served as head of internal audit at SanDisk Corporation, senior
director of audit services at Yahoo! Inc., and held various finance positions at Cisco Systems, Inc. She began her career with Arthur Andersen LLP. Lori Kaczynski has many years of experience in a variety of industries and roles in the areas of external auditing, internal auditing, controlling, transaction and technical accounting, financial reporting, analysis, compliance and ethics, enterprisewide risk management, and cash management. In her current role, Kaczynski oversees the company’s global audit, and risk strategies, including corporate compliance, ERM, and other key governance initiatives Her previous experience includes responsibilities with several large multi-nationals, a Fortune 100 Company, and an international accounting firm. Sarah Fedele serves as the national leader for the energy and resources industry, focusing on understanding the trends, regulatory developments, and risks that are affecting the industry and then transforming that information into a risk-intelligent, industry-specific internal audit strategy and plan for clients and prospective clients. With this focus, she has consistently demonstrated the value that internal audit can bring to an organization. Learning Field: Finance Learning Level: Intermediate CS 7-2 Assessing Your Data Analytics Maturity Steve Biskie Managing Director Highwater Advisors In this session, participants will:
• Understand the key activities for getting started with data analytics. • Hear case studies from audit departments that have successfully leveraged data
analysis to improve processes. • Discuss common barriers and techniques for overcoming them. • Review freely available resources that can help move your program forward.
Steve Biskie specializes in transforming inefficient processes and technologies to optimize GRC and audit performance. A leader in the audit and compliance space for more than 20 years, Biskie is a thought leader and expert on implementing high-value, sustainable analytics and continuous audit programs. His advice has been sought by hundreds of organizations in more than a dozen countries, and he has helped more than half of the Fortune Global 50 most admired companies. He has authored dozens of
articles, published a book on auditing the SAP system, and has been invited for several repeat performances at IIA All Star Conference events. Learning Field: Auditing Learning Level: Intermediate CS 7-3 Can You See Fraud? Brenda Buetow Senior Manager, Risk Compliance Crowe Horwath, LLP In this session, participants will:
• Discover a new way to look at your organization’s transactions and other data to help detect fraud.
• Learn how to visualize your data and see accounting transactions that represent suspicious activity.
• Gain a new vision of how to prevent and detect fraud in your organization.
Brenda Buetow is an experienced consultant and white collar crime investigator in Crowe Horwath’s Risk Consulting Services practice. Her 20 years of experience has included participating in and managing numerous investigations involving money laundering and terrorist financing, mortgage fraud, loan fraud, embezzlement, corruption, employee theft, and asset misappropriation. She is a respected fraud investigator who has authored and presented articles at the national and international levels on fraud prevention, detection, and investigation.
Learning Field: Specialized Knowledge and Applications Learning Level: Intermediate CS 7-4 Building a Talent Pipeline: Recruiting, Engaging, & Retaining Value Karen Durkin Executive Coach Aspirations In this session, participants will:
• Learn how recruiting talent can make or break your retention of long-term contributing talent.
• Expand the possibilities in developing professionals so they engage in a career path that supports both organizational and personal objectives.
• Identify ways leaders can support talent management and build a talent pipeline to facilitate business growth.
Karen Durkin has 30 years of expertise in working with business professionals to grow and organizations to get the most ROI out of talent. She brings her experience and enthusiasm as a professional certified coach working with executives and leadership teams as a catalyst for change with personal and organizational growth. Durkin helps organizations see the need for assistance in developing creative solutions for achieving successful results for personal and business growth. She focuses on talent management for profit enhancement, organizational development, and strategic planning. Durkin has consulted for blue-chip companies including ExxonMobil, AT&T, Intel, and Wendy’s International Durkin shared her experience and energy with her staff and clients as a principal at Houldsworth, a CPA firm, and most recently with MGM Resorts International as director of administration of the Finance Shared Services Center. She served as an associate professor in the MBA program at the University of Southern Nevada and currently serves as an adjunct professor in the Executive MBA program and the Global Entrepreneurship Experience Scholar Program at UNLV. Learning Field: Personnel/HR Learning Level: Intermediate
Tuesday Oct. 20, 2015 3:55–5:10 p.m. CS 8-1 Auditing Anti-bribery & Corruption Programs: Compliance’s Expectations of Internal Audit Craig Carter Principal KPMG LLP In this session, participants will:
• Discuss the unique challenges that organizations face in identifying and assessing FCPA risks.
• Identify the foundational components of an effective FCPA program and internal control environment.
• Identify leading practices in addressing the FCPA risks associated with international expansion, adoption of new business models, and growth through acquisition.
Craig Carter has more than 30 years of business experience and has served as a CAE in industry prior to his career in public accounting. He is currently assisting a multinational retailer in redesigning their anti-bribery and corruption (ABC)-related
financial processes by enhancing existing controls and developing new controls to mitigate targeted ABC-related risks. Carter previously served as the internal audit leader of the Southeast region and the contract compliance services (CCS) leader for KPMG's U.S. Midwest Area Advisory practice. In his capacity as lead partner, Carter is also accountable for the delivery of advisory and tax services to several large multinational accounts. Learning Field: Regulatory Ethics Learning Level: Intermediate CS 8-2 Cyber Security and Compliance Utilizing the SANS 20 Critical Controls Michael R. Fiore Managing Director The Incendio Group, Inc. Steven Marscovetra Managing Director The Incendio Group, Inc. In this session, participants will:
• Learn about APTs, or Advanced Persistent Threats – what they are and why to be prepared for them.
• Evaluate whether your current security level is sufficient to repel a motivated attacker specifically targeting an organization.
• Explore the SANS Consensus Audit Guidelines’ outline of 20 Critical Controls developed by top security experts.
• Hear how this set of controls can improve an organization’s security posture, even in the absence of a detailed risk assessment.
Michael Fiore has 37 years of audit experience in financial/technical systems audit and also regulatory and compliance. Prior to co-founding The Incendio Group, he served for eight years at CBIZ Risk & Advisory Services, LLC, as the managing director and IT audit & compliance services practice leader, responsible for leading the IT Sarbanes Oxley Section 404 Internal Control reviews based on the COSO, COBIT, ISO 27002, SANS 20 CC & ITIL frameworks for public companies within the Risk Advisory Services practice. Additionally, Fiore served as the industry leader for banking, insurance, real estate investment trusts, financial services, public sector/government, professional services, and technology industries specializing in network security vulnerability assessments including internal and external penetration, cyberrisk assessments, and more. Prior to joining CBIZ, Fiore worked for nine years at EY as senior manager in the technology and security risk services practice. He served as the industry leader for the
real estate, financial services/insurance, government/public sector industries. Fiore spent the first 20 years of his career with NatWest Bancorp as the head of corporate IT internal audit. Steven Marscovetra has over 18 years of experience in various roles, including IT audit, financial audit, IT infrastructure/project management, and IT administration. Prior to co-founding The Incendio Group, he worked at CBIZ Risk & Advisory Services, LLC as a senior IT and security specialist in an independent consulting role for four years. Prior to joining CBIZ, Marscovetra spent four years with The Norinchukin Bank as the vice president of IT audit, where he established, managed, and executed all aspects of the IT audit function and provided consulting service to improve the security architecture and drive the strategic overhaul of the IT and information security functions. Previously he worked for seven years at JPMorgan Chase, first as a financial auditor, and then as a senior technology officer over IT infrastructure management and support for the General Auditing Department.Marscovetra began his career in public accounting at BDO Seidman as a financial auditor. Learning Field: Management Advisory Services Learning Level: Intermediate CS 8-3 Risk Management Is Dead, Long Live Risk Management Vincent Tophoff Senior Technical Manager International Federation of Accountants (IFAC) In this presentation, participants will:
• Learn why CAEs need to be initiators, facilitators, educators, and assessors of good (risk) management but never risk owners.
• Discuss why an organization’s objectives are to properly set and achieve its goals, to avoid surprises along the way, and to create sustainable value by leaving the effective controls and management of risk to others.
• Explore how to convince organizations to focus on setting and achieving their objectives; and that managing risk is an inseparable and integral part of that.
Vincent Tophoff is a professional accountant by training and one of the governance, risk management, and internal control experts of IFAC. He has co-authored many IFAC publications and participates on behalf of IFAC in the COSO Advisory Council for the revision of the Internal Control–Integrated Framework, the ISO Project Committee that is revising the ISO 31000 Risk Management Standard, and the Canadian Risk Oversight and Governance Board. He also participates in the revision of the OECD Principles of Corporate Governance.
Learning Field: Management Advisory Services Learning Level: Intermediate CS 8-4 Best Practices in Developing Innovative Capabilities in Your Human Capital: A World Class Training Program Joseph Pizzuto Chief Audit Executive General Electric Capital Corporation In this session, participants will:
• Hear about the GE leadership philosophy. • Discuss innovative ways to help people “get there.” • Learn about the benefits of multi-year rotational programs for developing top
talent.
Joe Pizzuto leads a team of 400 audit professionals based in 18 countries providing independent objective assurance on the effectiveness of the firm’s risk management, governance, and controls. Prior to joining GE in 2013, Pizzuto spent 18 years at Citigroup and its subsidiary companies where he held the role of chief auditor for Citibank, N.A., Smith Barney, Travelers Life and Annuity Company, and Citigroup Global Wealth Management. He also served as managing director and regional head of internal audit for Citigroup Latin America. He is a member of the Executive Committee of the Securities Industry and Financial Markets Association (SIFMA) Internal Audit Society, where he served as division President in 2009. Learning Field: Personnel/HR Learning Level: Intermediate
Wednesday Oct. 21, 2015 8:45–9:30 a.m.
GS 3 Internal Audit From the CFO’s Perspective Craig Robinson, CIA Chief Financial Officer Grand Sierra Resort and Casino In this session, participants will:
• Examine the strategy setting process and what part internal audit plays in strategy development.
• Share best practices on how internal audit can get and keep a seat at the table. • Discuss how CFO expectations of internal audit have changed in the recent past.
• Talk about what internal auditing needs to do to stay aligned with the CFO now and in the future.
Craig Robinson has more than 25 years of gaming industry experience, most recently as an industry consultant, starting his career in external audit before moving into internal audit and finance. He served as CAE for two gaming companies and most recently served as CFO at three casino resorts. Robinson held leadership positions with Penn National Gaming, Jefferson Wells, Adams Harris, Argosy Gaming Co., Hollywood Aurora, Carnival Resorts and Casinos, KPMG, and Arthur Andersen. He is the former chairman and current member of The IIA's Gaming Audit Group and has been a featured speaker at numerous IIA conferences, including Gaming, GAM, and All Star. Robinson wrote two editions of Auditing the Casino Floor: A Handbook for Auditing the Casino Cage, Table Games, and Slot Operations, published by The IIA. He serves as an adjunct professor of accountancy for Lewis & Clark Community College and is a past faculty member of the University of Nevada Gaming Management Program. Learning Field: Business Management & Organization Learning Level: Intermediate
Wednesday Oct. 21, 2015 10:15–11:30 a.m. GS 4 The Importance of Accounting and Accountability George D. Martin Executive Director Minority Athletes Networking (MAN) Defensive End, New York Giants (1975 thru 1988) In this session, participants will:
• Discuss teamwork and the importance of collective effort. • Deliberate leadership concepts, as in being the first in and the last out. • Talk about goal setting and establishing personal objectives.
George Martin is a visionary leader as a corporate executive, founder of innovative community organizations, motivational speaker, and former NFL New York Giants team member who identifies challenges and growth opportunities to achieve success. The former American football defensive end played his entire career for the New York Giants (1975–1988) and achieved Super Bowl XXI success as a team captain in 1987. He was a key player in what Coach Bill Parcells called the "greatest football play I've ever seen." In 2004, he was inducted into the Sports Hall of Fame of New Jersey. His impact on the sport of football wasn’t limited to the field. He founded Fairleigh Dickenson University’s first Adult Degree Completion Program for NFL players, which became the prototype for
all NFL teams, and established the first formal substance abuse program for Giants players. He served as president of NFL’s Player’s Association. As Martin’s football career ended, he advanced into corporate America, serving in leadership roles for Tanaseybert, LLC; MONY Sports Financial Services (The Mutual of New York); AXA Sports Financial Services; and as president and executive director of the National Football League Alumni Association. Martin is the co-founder of Minority Athletics Networking (MAN), founder of A Journey for 911, and serves as a board member for NFL-New York Giants Alumni; NFL Youth Football; and New York Sports Museum. He has received numerous community and industry awards for his accomplishments, including the Heisman Humanitarian Award, Sergeants Benevolent Association Heroism Award, and NFL New York Giants Outstanding Alumni. Learning Field: Personal Development Learning Level: Intermediate
Related Documents
