Springfield Audit Trails IIA Springfield - Sapphire Chapter October 2019 1 Inside This Month’s Newsletter... October Training Page 2 Job Openings Page 2 Ransomware in Baltimore Page 3 Registration Tips Page 4 2019-2020 Calendar Page 4 SIAAB Conference Page 5 Welcome to a new chapter year! I hope everyone had a fulfilling and productive summer and each of you had an opportunity to en- joy time with family and friends. As your incoming President, I would like to thank all the cur- rent and past Officers and Board Members for their hard work. We would not be able to provide the Chapter events without your help! We are currently seeking a vol- unteer to act as our Chapter Pho- tographer, and we would like to welcome David Brink as our new Membership Chair. If you are in- terested in getting involved with the Chapter, please reach out to me or any Board Member. Volun- teering is a great way to meet oth- ers within the profession, and we are always looking for new and fresh ideas. Our Chapter’s success depends on the ideas and contri- butions from members like you! It’s crazy to think that fall is upon us, but that means opportunities to earn CPE are right around the corner. Your First Vice President Alex Deal has been working hard through the summer to create a programming lineup with lots of topic variety. As in years past, we will also co-host the annual State Internal Audit Advisory Board (SIAAB) training in October which is a great opportunity to earn CPE at a very reasonable rate. If there is anything I can do as your Chapter President to help serve you better, I encourage each of you to submit any questions or comments. This helps to facilitate strong communication links be- tween our members and the chap- ter leadership. I look forward to seeing you all at a future Chapter event this year! from the Nikki Lanier, CPA The Institute of Internal Auditors Springfield Chapter
6
Embed
The Institute of Internal Auditors Springfield Chapter...The Global Association for the Internal Audit Profession 9,400 8,300 10,900 5,700 7,800 7,300 12,500 The Institute of Internal
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Springfield Audit TrailsIIA Springfield - Sapphire Chapter October 2019
1
Inside This
Month’s
Newsletter...
October Training Page 2
Job Openings Page 2
Ransomware in Baltimore
Page 3
Registration Tips Page 4
2019-2020 Calendar Page 4
SIAAB Conference Page 5
Welcome to a new chapter year! I hope everyone had a fulfilling and productive summer and each of you had an opportunity to en-joy time with family and friends. As your incoming President, I would like to thank all the cur-rent and past Officers and Board Members for their hard work. We would not be able to provide the Chapter events without your help! We are currently seeking a vol-unteer to act as our Chapter Pho-tographer, and we would like to welcome David Brink as our new Membership Chair. If you are in-terested in getting involved with the Chapter, please reach out to me or any Board Member. Volun-teering is a great way to meet oth-ers within the profession, and we are always looking for new and fresh ideas. Our Chapter’s success depends on the ideas and contri-
butions from members like you! It’s crazy to think that fall is upon us, but that means opportunities to earn CPE are right around the corner. Your First Vice President Alex Deal has been working hard through the summer to create a programming lineup with lots of topic variety. As in years past, we will also co-host the annual State Internal Audit Advisory Board (SIAAB) training in October which is a great opportunity to earn CPE at a very reasonable rate. If there is anything I can do as your Chapter President to help serve you better, I encourage each of you to submit any questions or comments. This helps to facilitate strong communication links be-tween our members and the chap-ter leadership. I look forward to seeing you all at a future Chapter event this year!
from the
PRESIDENTNikki Lanier, CPA
The Institute ofInternal AuditorsSpringfield Chapter
IIA Springfield - Sapphire Chapter October 2019
2
October Training Alex Deal, CGAP Happy October, Springfield IIA members! This month we have the annual SIAAB Fall Government Au-diting Conference taking place from October 22 to the 24, providing a maximum of 18 hours of CPE. Here’s a peak at what’s to come at this year’s conference: • Tuesday, October22: Full day conference with a total of 7 hours of CPE, filled with excellent speakers updating us on all things government audit related. • Wednesday, Octo-ber 23: Another full day conference, including a University Auditors Roundtable, for a total of 7 hours of CPE. •Thursday,October24:Ahalf-day morning session of roundtables for a total of 4 CPE hours. Three
roundtables will take place con-currently: Chief Internal Auditors Roundtable, IT Auditors Roundta-ble, and Staff Auditors Roundtable.
The price of the conference is $99 for members and $125 for non-members. For more information and to register, visit https://chapters.theiia.org/springfield/Events/Pages/
2019SIAABFall-Conference.aspx. Additionally, there will be an optional half-day seminar follow-ing lunch on Thursday, October 24.
This year we will hear from Protiviti on Wan-nacry, various other IT related security issues, and how all auditors can strengthen their or-ganization’s IT controls. This event will provide 3 CPE hours and is $40 for members and $55 for non-members. To learn more and to register please visit https://www.ei severywhere.com/ereg/index.php?even-
tid=480876&eb=699110. Hope to see you all at what is sure to be an excellent fall confer-ence!
The Illinois Department of Corrections is seeking a
The Global Association for the Internal Audit Profession
9,4008,300
10,900 5,700
7,800
7,300
12,500
The Institute of Internal Auditors (IIA), established in 1941, serves as the internal audit profession’s:
■ Membership body and networking association. ■ International standard-setter. ■ Sole provider of global certifications. ■ Principal researcher and educator. ■ Chief advocate.
The mission of The IIA is to provide dynamic leadership for the global profession of internal auditing.
The IIA works with the following groups to promote sound corporate governance and ethical practices, and to increase awareness about the value of internal auditing and recognition of The IIA’s International Standards for the Professional Practice of Internal Auditing:
■ Securities and Exchange Commission (SEC)
■ Public Company Accounting Oversight Board (PCAOB)
■ U.S. Government Accountability Office (GAO)
■ National Association of Corporate Directors (NACD)
IIA Global Headquarters1035 Greenwood Blvd., Ste. 401Lake Mary, FL 32746 USAT / +1-407-937-1111 W / www.theiia.orgE / [email protected]
2019-3408
1 Set of Global Standards
62,000+ U.S. MembersMembership as of June 2019
The Global Association for the Internal Audit Profession
9,4008,300
10,900 5,700
7,800
7,300
12,500
The Institute of Internal Auditors (IIA), established in 1941, serves as the internal audit profession’s:
■ Membership body and networking association. ■ International standard-setter. ■ Sole provider of global certifications. ■ Principal researcher and educator. ■ Chief advocate.
The mission of The IIA is to provide dynamic leadership for the global profession of internal auditing.
The IIA works with the following groups to promote sound corporate governance and ethical practices, and to increase awareness about the value of internal auditing and recognition of The IIA’s International Standards for the Professional Practice of Internal Auditing:
■ Securities and Exchange Commission (SEC)
■ Public Company Accounting Oversight Board (PCAOB)
■ U.S. Government Accountability Office (GAO)
■ National Association of Corporate Directors (NACD)
Audit: Baltimore Data Losses Due to Insufficient Backups, Poor Internal ControlsThis article was originally printed on Governing’s website on October 2, 2019, and it was reprinted with the permission of Governing/e.Republic. See the original article at https://www.governing.com/news/headlines/Au-dit-Baltimore-Data-Losses-Due-to-In-sufficient-Backups-Poor-Internal-Con-trols.html.
By Lucas Ropek
A recent audit of Baltimore’s IT de-partment found that the agency lost important data during this year’s ran-somware attack due to poor storage practices. Staff for the Baltimore City Infor-mation and Technology department (BCIT) routinely saved data on their local servers instead of backing it up on an external cloud system, accord-ing to a newly released audit. When the attack hit, some of that data was compromised by the malware. As a result, data that was supposed to aid in the analysis of four perfor-mance measures — metrics meant to determine if the agency was meeting its goals in an efficient and cost-effec-tive manner — could not be account-ed for throughout the 2017-18 fiscal years, according to the report. The news was broken to lawmakers during a city council audit committee meeting last week. “The BCIT was not able to pro-vide documentation to support actual amounts of the four selected perfor-mance measures reported in the Bud-get Books,” the report, filed by audi-tor Josh Pasch, reads. “Due to the lack of data backup, the supporting data for the four selected measures were unavailable.”
“One of the things I’ve learned in my short time here is a great number of Baltimore city employees store en-tity information on their local com-puters. And that’s it,” Pasch reported-ly told councilors at the meeting. Eric Costello, city councilor for the city’s 11th district and head of that committee, said in an interview with Government Technology that these practices were problematic. “It’s a problem on multiple levels, least of which is that this is the agency that is supposed to be educating other agencies on how to effectively man-age IT resources,” Costello said. “One of two things happened: either they weren’t following [existing] protocol or the protocol didn’t exist — both of which are unacceptable.” The BCIT’s performance during and after the ransomware attack has been roundly criticized. The city’s IT director Frank Johnson, who bore the brunt of that criticism, recently took leave without pay, leaving the ongo-
ing recovery efforts in the hands of his deputy, Todd A. Carter. Those recovery efforts, which have been ongoing since May, are nearing completion, officials say. “I think we’re in the final phases of the recovery process. Atlanta, a year later they were still recovering,” said James Bentley, communications offi-cer for the Mayor’s Office, comparing the city’s attack to the one that struck the Georgia state capital last year. Though the Baltimore audit cited failures in the data backups, the city is far from alone when it comes to less than ideal storage practices. In many cases, resource limitations and a lack of personnel training are behind these kinds of oversights. Nick Psaki, federal CTO at Pure Storage, said that while he couldn’t speak to the frequency of this kind of misstep in governments, he did stress
After a ransomware attack earlier this year, an audit of Baltimore’s IT department found poor storage practices that led to the loss of important data.
--- See Ransomware on Pg. 4for Article Continuation
the importance of backing up data in a secure way — especially at a time when ransomware seems to be the cyberattack of choice. “Most of the folks I talk to do indeed back up their data,” he said. “Clearly there’s a huge appetite for improved and modernized data backup and recovery because we’re seeing a huge growth in that space and a lot of new companies have moved into that space in the past few years.” The heightened threat landscape has also diminished the delusion that cyberattacks are some abstract and faraway problem, he add-ed. “Until this year, there’s been the belief that it couldn’t happen to us,” he said. “The real-ity has reared its ugly head and dispelled that myth. Hope is not a method. You have to test this stuff and you have to test it from end to end, and do it rigorously.”
--- Ransomware, Continued from Pg. 3
Springfield Chapter of the Institute of Internal Auditors2019-2020 Program Schedule
You May Pay With a Credit Card
Date
October 22-23, 2019 October 24, 2019
January 23, 2020
February 27, 2020
March 26, 2020
April 30, 2020
May 28, 2020
Speaker
VariousProtiviti
JanBeckmann
Tom Hilton
John HallDanny
GoldbergLinh
Truong
Program
SIAAB ConferenceIT Security Issues
Ethics/Critical Thinking Skills
Fraud Litigation & Prevention
Selling Audit Ideas
TBD
Assessing Corporate Culture
Hours
8:30 - 4:301:00 - 4:00
12:30 - 4:15
12:30 - 4:15
8:30 - 4:15
8:30 - 4:15
8:30 - 4:15
CPE
143
4
4
7
7
7
Members
$99$40$70
$70
$105
$105
$105
Non-Members
$125$55$85
$85
$130
$130
$130
Cancellations should be made at least 24 hours before the meeting to avoid a charge.Meetings will be held at the Northfield Center on Thursdays unless noted differently.
Welcome to the new Chapter year! We have a lot of excit-ing training opportunities this year. I wanted to share a few tips and reminders to ensure event registration goes smooth-ly each time you register this year. • Pleaseuse a correct email address. All correspondence,
including your CPE certificate, will be sent to the email ad-dress as entered when registering. Shortly after registering, you should receive a confirmation email. If you do not, please contact me. • Ifpossible, please register as a group if one payment will
be issued for multiple attendees. I am happy to walk through how to do this if needed. • Invoices – We do not send out invoices for the trainings.
At the end of registering, you can print an invoice to submit for payment. I can also email one if you forget to print it. Please do not hesitate to contact me with questions relat-ed to registration. I am happy to help and look forward to seeing you all at training this year.
SIAAB 2019 Fall GovernmentAuditing ConferenceTuesday & Wednesday, October 22-23
Optional Seminar on Thursday, October 24Northfield Inn, Suites, & Conference Center • Springfield, IL
Co-Sponsored by the Springfield Chapter of the Institute of Internal Auditors
Tuesday’s Highlights • Keynote from Raven Catlin, CIA, CPA, CFSA, CRMA, followed by Agile Auditing in Government • Public Integrity from Lisa Hen-nelly and Jonas Harger, AAGs • GATA Update from Carol Kraus, CPA, CGMS • Insights into Occupational Fraud from Carol Jessup, PhD, CPA, CFE
Institute of Internal AuditorsP.O. Box 205Springfield, IL62705-0205
The Springfield IIA Chapter sends our deepest condolences to member Alana Pierson and her family in the recent pass-ing of her mother and member Darick Clark and his family in the recent passing of his moth-er. We hope you have all the support, care, and strength you need while coping with this loss.