Download Printable ProgramConference-at-a-G​lance​​​​​​​​​



The IIA’s 2021 International Conference program will feature outstanding speakers whose shared goal is to deliver a world-class event reflective of The IIA's high standards of excellence.

Educational Streams


The Future of Internal Audit

Risk, Controls, and Compliance

Data for Intelligent Auditing

Cybersecurity and Technology

Essential Skills: Beyond the Audit


*Indicates sessions that will be included in the ​All Access (Rebroadcast) viewing option.

​Monday, 14 June 2021

Ms. Indranee Rajah
Minister in the Prime Minister’s Office,
Second Minister for Finance and National  Development
Singapore

Ms. Indranee Rajah Bio being finalized

Marcus East
Former eCommerce Executive, Apple
Technical Director, Google
USA

Marcus East is an international technology and product executive and CDO/CIO/CTO with nearly 30 years of experience of working in information technology, specializing in digital product, digital transformations, and electronic commerce. He has two degrees: a Bachelor’s with Honors in Management & Information Technology (Modular) from London Guildhall and a Master’s in Management from the University of Cambridge. He is also a full member of the Chartered Management Institute, a Fellow of the British Computer Society Chartered Institute for IT, and holds the Institute of Directors’ Certificate in Company Direction.

East started his career with IBM, where he spent six years honing his consulting and strategy skills before joining Omnicom’s agency.com, where he spent two years learning about the importance of user experience and further developing his management skills. Since then, he has held senior digital leadership positions for a number of major brands, including Comic Relief, Apple, National Geographic, and now Google.

He is passionate about the potential for digital technology to transform society for the better, and is particularly interested in ‘social tech,’ where people and organizations are using innovative technology to tackle difficult social problems.

East is part of Google’s Office of the CTO, which is a team that sits at the intersection of Google technology and its largest customers’ challenges. He acts as a ‘virtual CTO’ for them to help deepen their understanding of technology, while bringing customer insight back into Google to aid product development, with a particular emphasis on Google Cloud.

NASBA CPE Credit: 1.2

​10:30 – 11:00 a.m.
Networking Break in the Virtual Exhibit Hall
11:00 a.m.  – 12:00 p.m.​​​​​ ​Concurrent Session Tracks

Phil Leifermann
Business Development Director
TeamMate
Canada

Shagen Ganason
Head, Internal Audit
AIA New Zealand
New Zealand

Shagen Ganason will speak on how internal audit is supporting AIA NZ to thrive in three areas: providing live assurance while conforming with IIA professional standards; providing real-time and continuous resources through a data analytics program; and balancing technical with soft skills to ensure internal audit has the depth and breadth to excel. Colleen Knuff will share insights from the Touchstone Research for Internal Audit that parallel Shagen’s journey and how other teams are overcoming similar challenges.

In this session, participants will:

  • Learn how to link live assurance with the IIA Standards.
  • How a data analytics program can be real-time.
  • Understand why balancing soft skills with technical skills will be required in the future.

Phil Leifermann Bio being finalized

Shagen Ganason Bio being finalized

NASBA CPE Credit: 1.2

Natasha Williams, CIA, CFE, GRCA, GRCP
Senior Manager, Global Compliance
Bio-Rad Laboratories
USA

With an increasing number of ABAC (Anti-Bribery, Anti-Corruption) laws across the globe requiring organizations to not only control fraud and corruption internally, but also the conduct of their third-party business partners globally, third-party auditing is the next frontier in anti-corruption risk management. This session focuses on detecting and mitigating third-party fraud and corruption risks across the channel by establishing a viable and effective audit and monitoring program.

In this session, participants will:

  • Develop an effective audit program that is adjustable to different sized organizations.
  • Assess the company’s risk appetite when dealing with a multitude of third-party business partners in various countries across the globe to create a quick, yet effective risk assessment that gets results.
  • Detect fraud and corruption and perform credible audits by gaining access to books and records.
  • Easily identify the most commonly abused accounts where fraudulent transactions are usually hidden.
  • Identify common pitfalls and red flags.
  • Maintain a successful ongoing compliant partnership, with a focus on continuous monitoring techniques.

Natasha Williams is a globally certified audit and compliance professional with over 20 years of combined experience in auditing, banking, compliance, risk assessment, fraud examination, and accounting. She served nearly half a decade with KPMG LLP, working on various consulting and startup SOX engagements prior to joining Bio-Rad Laboratories in 2005. Her specialty is auditing, compliance, risk management, fraud prevention and detection, and overall development of strong internal controls. Williams managed a global team and has performed and supervised over 300 audits in more than 60 countries throughout Europe, Eastern Europe, Latin America, Africa, the Middle East, Asia, and Australia. She has experience consulting small startups as well as working with large, matrixed, complex, multi-location, and global companies.  

Williams is on the Board of Directors for an international educational startup in Palo Alto, CA. She also shares her knowledge and expertise by speaking about fraud, corruption, and compliance at events across the US and the globe, in such places as the UAE, Mexico, Vietnam, Thailand, and Brazil. In addition, Williams is co-author of a book to be released in early 2021, Voices of the 21st Century Woman. The 2021 theme will be Rise and Resilience of the 21st Century Woman, where her story will be one out of forty from women across the globe.

NASBA CPE Credit: 1.2

Mikaela Pisani
Data Scientist
Rootstrap
Uruguay

This presentation will provide answers to the following questions: What is data science? How do you get value from the data? What is the difference between artificial intelligence, machine learning, and deep learning? What are the steps in a data science project? Why is it important to assume that humans have bias?

In this session, participants will:

  • Identify different strategies to extract value from data.
  • Learn that the most important part of the data science process is to understand the problem, understand the data, and understand the business.
  • Apply the techniques learned with real cases and then share ideas.

Mikaela Pisani is a curious data scientist who is always searching for opportunities to grow. Pisani studied computer engineering in Uruguay. After getting her degree in computer engineering, with a focus in data, in her country of Uruguay, she applied for a Fulbright Scholarship and earned a master’s degree in data science from Texas Tech University, USA. This path of study provider her with many tools for attacking different problems that arise in processing data.

Currently, Pisani works at Rootstrap as a data scientist, overcoming challenges every day in order to deliver value from data. In addition, she works as a research assistant at ORT University, solving machine learning problems. She is a member of Girls In Tech, a global nonprofit organization focused on the engagement, education, and empowerment of women in technology, performing workshops for children and providing information about STEAM.

NASBA CPE Credit: 1.2

Sajay Rai, CPA, CISSP, CISM
President and Chief Executive Officer
Securely Yours LLC
USA

Sajay Rai served as project leader for The IIA’s recently published GTAG, IT Essentials for Internal Auditors. This session on IT essentials will be very helpful for internal auditors who are new to the profession or are thinking of transitioning from a traditional internal audit role to an IT audit role. This session will discuss the recently announced IT construct and provide IT essentials information in numerous categories, including IT governance, IT infrastructure, network, applications, and other relevant IT topics.

In this session, participants will:

  • Understand the basic IT knowledge required for all internal auditors.
  • Gain insights into The IIA’s IT construct and its related fields.
  • Learn IT infrastructure, network, and application technical information, as well as how to use these technologies during an audit.
  • Discuss some of other relevant topics related to IT.

Sajay Rai has more than 30 years of experience in information technology, specializing in cybersecurity, privacy, network architecture, business continuity, disaster recovery, IT audit, and information risk. He is the founder and CEO of Securely Yours LLC. Previously, Rai was a cybersecurity and risk partner with Ernst & Young LLP. Prior, at IBM, he served as an executive of the national business continuity and contingency consulting practice, and was instrumental in starting the company’s information security consulting practice. Rai has co-authored three books: Security and Auditing of Smart Devices; Sawyer’s Guide for Internal Auditors, 6th Edition; and Defending the Digital Frontier: A Security Agenda. As a member of The IIA’s Global Technology Committee, he has led the publication of several GTAGs. Rai is a frequent speaker at national and international conferences. He serves on the board of The IIA’s Detroit Chapter, ISACA’s Detroit Chapter, and the  Society of Information Management’s Detroit Chapter. He is an adjunct professor at Oakland University and Walsh College. He serves on the advisory board of Walsh College’s Accountancy Department and Wayne State’s IT Advisory Board.

NASBA CPE Credit: 1.2

Antonio Martinez Marroquin
Vice President and Head, Internal Audit
DKSH Management Pte Ltd.
Singapore

The relationship between internal audit and business stakeholders remains complex, despite being critical for effective corporate governance purposes. Internal audit aspires to be a trusted advisor… but it is oftentimes not a regular guest at the C-suite table; and it is frequently still considered that business collaboration can compromise independent assurance.

This session will provide concrete ideas for anyone interested in developing more collaborative relationships with business stakeholders and scaling new heights with internal audit.

In this session, participants will:

  • Reflect on different bases of power and how internal audit can use them most effectively.
  • Explore concrete strategies to develop collaborative relationships and be warned of related risks and opportunities.
  • Acquire specific ideas for internal audit to establish its independence without falling into isolation.
  • Understand how internal audit can promote ‘values-based integrity’ beyond the more traditional ‘rules-based integrity.’

Antonio Martinez is head of internal audit at DKSH, the leading market expansion services provider with a focus on Asia.

Based in Singapore, Martinez reports to the chairman of the Board and is responsible for assisting the audit committee and senior management with independently evaluating the group’s governance mechanisms, risk management processes, and internal control systems. Previously, at Novartis, he had increasing responsibilities within finance and internal audit across various countries, holding positions such as regional head of internal audit for Asia Pacific, country chief financial officer (CCFO) for the Philippines, and head of financial operations and control for China.

From 2012 to 2017, Martinez was an invited member of the internal audit workgroup created by the Singapore Accountancy Commission. In 2013, he was elected Governor of the Singapore Institute of Internal Auditors Board, and in 2015, he was elected Vice President of that Board for a term of two years.

Martinez holds a Master in Business Administration (MBA) from ESADE Business School, a Master in International Management from the Community of European Management Schools (CEMS), and an Executive Master of Science in Organizational Psychology from City University of New York. He lives in Singapore with his Swiss wife and their three daughters, who were born in Beijing, Manila, and Singapore.

NASBA CPE Credit: 1.2

​12:00 – 1:30 p.m.
Networking Break in the Virtual Exhibit Hall
12:30  – 1:30 p.m.​​​​​ ​Concurrent Session Tracks

Phil Leifermann
Business Development Director
TeamMate
Canada

Shagen Ganason
Head, Internal Audit
AIA New Zealand
New Zealand

Shagen Ganason will speak on how internal audit is supporting AIA NZ to thrive in three areas: providing live assurance while conforming with IIA professional standards; providing real-time and continuous resources through a data analytics program; and balancing technical with soft skills to ensure internal audit has the depth and breadth to excel. Colleen Knuff will share insights from the Touchstone Research for Internal Audit that parallel Shagen’s journey and how other teams are overcoming similar challenges.

In this session, participants will:

  • Learn how to link live assurance with the IIA Standards.
  • How a data analytics program can be real-time.
  • Understand why balancing soft skills with technical skills will be required in the future.

Phil Leifermann Bio being finalized

Shagen Ganason Bio being finalized

NASBA CPE Credit: 1.2

Natasha Williams, CIA, CFE, GRCA, GRCP
Senior Manager, Global Compliance
Bio-Rad Laboratories
USA

With an increasing number of ABAC (Anti-Bribery, Anti-Corruption) laws across the globe requiring organizations to not only control fraud and corruption internally, but also the conduct of their third-party business partners globally, third-party auditing is the next frontier in anti-corruption risk management. This session focuses on detecting and mitigating third-party fraud and corruption risks across the channel by establishing a viable and effective audit and monitoring program.

In this session, participants will:

  • Develop an effective audit program that is adjustable to different sized organizations.
  • Assess the company’s risk appetite when dealing with a multitude of third-party business partners in various countries across the globe to create a quick, yet effective risk assessment that gets results.
  • Detect fraud and corruption and perform credible audits by gaining access to books and records.
  • Easily identify the most commonly abused accounts where fraudulent transactions are usually hidden.
  • Identify common pitfalls and red flags.
  • Maintain a successful ongoing compliant partnership, with a focus on continuous monitoring techniques.

Natasha Williams is a globally certified audit and compliance professional with over 20 years of combined experience in auditing, banking, compliance, risk assessment, fraud examination, and accounting. She served nearly half a decade with KPMG LLP, working on various consulting and startup SOX engagements prior to joining Bio-Rad Laboratories in 2005. Her specialty is auditing, compliance, risk management, fraud prevention and detection, and overall development of strong internal controls. Williams managed a global team and has performed and supervised over 300 audits in more than 60 countries throughout Europe, Eastern Europe, Latin America, Africa, the Middle East, Asia, and Australia. She has experience consulting small startups as well as working with large, matrixed, complex, multi-location, and global companies.  

Williams is on the Board of Directors for an international educational startup in Palo Alto, CA. She also shares her knowledge and expertise by speaking about fraud, corruption, and compliance at events across the US and the globe, in such places as the UAE, Mexico, Vietnam, Thailand, and Brazil. In addition, Williams is co-author of a book to be released in early 2021, Voices of the 21st Century Woman. The 2021 theme will be Rise and Resilience of the 21st Century Woman, where her story will be one out of forty from women across the globe.

NASBA CPE Credit: 1.2

Mikaela Pisani
Data Scientist
Rootstrap
Uruguay

This presentation will provide answers to the following questions: What is data science? How do you get value from the data? What is the difference between artificial intelligence, machine learning, and deep learning? What are the steps in a data science project? Why is it important to assume that humans have bias?

In this session, participants will:

  • Identify different strategies to extract value from data.
  • Learn that the most important part of the data science process is to understand the problem, understand the data, and understand the business.
  • Apply the techniques learned with real cases and then share ideas.

Mikaela Pisani is a curious data scientist who is always searching for opportunities to grow. Pisani studied computer engineering in Uruguay. After getting her degree in computer engineering, with a focus in data, in her country of Uruguay, she applied for a Fulbright Scholarship and earned a master’s degree in data science from Texas Tech University, USA. This path of study provider her with many tools for attacking different problems that arise in processing data.

Currently, Pisani works at Rootstrap as a data scientist, overcoming challenges every day in order to deliver value from data. In addition, she works as a research assistant at ORT University, solving machine learning problems. She is a member of Girls In Tech, a global nonprofit organization focused on the engagement, education, and empowerment of women in technology, performing workshops for children and providing information about STEAM.

NASBA CPE Credit: 1.2

Sajay Rai, CPA, CISSP, CISM
President and Chief Executive Officer
Securely Yours LLC
USA

Sajay Rai served as project leader for The IIA’s recently published GTAG, IT Essentials for Internal Auditors. This session on IT essentials will be very helpful for internal auditors who are new to the profession or are thinking of transitioning from a traditional internal audit role to an IT audit role. This session will discuss the recently announced IT construct and provide IT essentials information in numerous categories, including IT governance, IT infrastructure, network, applications, and other relevant IT topics.

In this session, participants will:

  • Understand the basic IT knowledge required for all internal auditors.
  • Gain insights into The IIA’s IT construct and its related fields.
  • Learn IT infrastructure, network, and application technical information, as well as how to use these technologies during an audit.
  • Discuss some of other relevant topics related to IT.

Sajay Rai has more than 30 years of experience in information technology, specializing in cybersecurity, privacy, network architecture, business continuity, disaster recovery, IT audit, and information risk. He is the founder and CEO of Securely Yours LLC. Previously, Rai was a cybersecurity and risk partner with Ernst & Young LLP. Prior, at IBM, he served as an executive of the national business continuity and contingency consulting practice, and was instrumental in starting the company’s information security consulting practice. Rai has co-authored three books: Security and Auditing of Smart Devices; Sawyer’s Guide for Internal Auditors, 6th Edition; and Defending the Digital Frontier: A Security Agenda. As a member of The IIA’s Global Technology Committee, he has led the publication of several GTAGs. Rai is a frequent speaker at national and international conferences. He serves on the board of The IIA’s Detroit Chapter, ISACA’s Detroit Chapter, and the  Society of Information Management’s Detroit Chapter. He is an adjunct professor at Oakland University and Walsh College. He serves on the advisory board of Walsh College’s Accountancy Department and Wayne State’s IT Advisory Board.

NASBA CPE Credit: 1.2

Antonio Martinez Marroquin
Vice President and Head, Internal Audit
DKSH Management Pte Ltd.
Singapore

The relationship between internal audit and business stakeholders remains complex, despite being critical for effective corporate governance purposes. Internal audit aspires to be a trusted advisor… but it is oftentimes not a regular guest at the C-suite table; and it is frequently still considered that business collaboration can compromise independent assurance.

This session will provide concrete ideas for anyone interested in developing more collaborative relationships with business stakeholders and scaling new heights with internal audit.

In this session, participants will:

  • Reflect on different bases of power and how internal audit can use them most effectively.
  • Explore concrete strategies to develop collaborative relationships and be warned of related risks and opportunities.
  • Acquire specific ideas for internal audit to establish its independence without falling into isolation.
  • Understand how internal audit can promote ‘values-based integrity’ beyond the more traditional ‘rules-based integrity.’

Antonio Martinez is head of internal audit at DKSH, the leading market expansion services provider with a focus on Asia.

Based in Singapore, Martinez reports to the chairman of the Board and is responsible for assisting the audit committee and senior management with independently evaluating the group’s governance mechanisms, risk management processes, and internal control systems. Previously, at Novartis, he had increasing responsibilities within finance and internal audit across various countries, holding positions such as regional head of internal audit for Asia Pacific, country chief financial officer (CCFO) for the Philippines, and head of financial operations and control for China.

From 2012 to 2017, Martinez was an invited member of the internal audit workgroup created by the Singapore Accountancy Commission. In 2013, he was elected Governor of the Singapore Institute of Internal Auditors Board, and in 2015, he was elected Vice President of that Board for a term of two years.

Martinez holds a Master in Business Administration (MBA) from ESADE Business School, a Master in International Management from the Community of European Management Schools (CEMS), and an Executive Master of Science in Organizational Psychology from City University of New York. He lives in Singapore with his Swiss wife and their three daughters, who were born in Beijing, Manila, and Singapore.

NASBA CPE Credit: 1.2

​Tuesday, 15 June 2021

​9:15 - 9:30 a.m.
2021 International Conference Day Two Welcome

Inga Beale
Former CEO of Lloyd’s of London and Workplace Equality Advocate
England

Moderator:
Anthony Pugliese
President and Chief Executive Officer
The Institute of Internal Auditors
USA

Inga Beale Bio being finalized

Anthony J. Pugliese is president and CEO of The Institute of Internal Auditors (IIA), the internal audit profession’s most widely recognized advocate, educator, and provider of standards, guidance, and certifications. Over a career spanning more than 30 years, Pugliese has been a strategic, hands-on leader, directed strategic expansions into major global markets, pioneered innovative educational initiatives aimed at enhancing members’ professional growth, overseen the internal audit function of a major organization, and defined cultural norms toward greater diversity, equity, and inclusiveness (DE&I).

As CEO of The IIA, he drives the vision and management of a nearly 80-year-old organization with more than 200,000 members, 156 chapters, and 112 affiliates in nearly 200 countries and territories. His focus is on enhancing membership services, creating new approaches to learning and competency development programs, fulfilling The IIA’s multimillion-dollar digital transformation initiative, and enhancing the value of internal audit, particularly in its role of addressing organizational risks and opportunities.

A seasoned executive and skilled association strategist with a passion for innovation and technological advancement, Pugliese most recently was President and CEO of the California Society of CPAs, the largest state CPA organization in the United States, with more than 45,000 members. From 1997 through 2018, he served in key leadership positions at what is now the Association of International Certified Professional Accountants, the world’s largest accounting professional organization. His roles included executive vice president of membership, technology, and learning; chief operating officer and senior vice president of the American Institute of Certified Public Accountants, where he oversaw the AICPA’s $50 million relocation to North Carolina; and vice president of business reporting and member innovation.

Pugliese advocates a culture that promotes innovation, collaboration, empowerment, diversity, and achievement. In 2020, Pugliese led development of a Diversity, Equity and Inclusion Committee at CalCPA to identify and address racial and other inequities in the accounting profession. That effort led to development of a groundbreaking study, in collaboration with the Institute of Management Accountants (IMA), to examine race and ethnicity, gender, and LGBTQIA (lesbian, gay, bisexual, transgender, queer, intersex and asexual) orientation in the U.S. accounting profession. Pugliese is long active in the community, from mentoring students to leading business partnerships, such as chambers of commerce.

A graduate of the University of North Florida (Jacksonville), Pugliese has been repeatedly recognized as one of the most influential people in accounting, appearing most recently on the cover of Accounting Today. He holds the AICPA's Chartered Global Management Accountant (CGMA) and Certified Information Technology Professional (CITP) credentials, and is licensed as a CPA in California, Georgia, and North Carolina.

NASBA CPE Credit: 1.2

​10:30 – 11:00 a.m.
Networking Break in the Virtual Exhibit Hall
11:00 a.m.  – 12:00 p.m.​​​​​ ​Concurrent Session Tracks

Veron Wong, CA
Partner, Enterprise Risk Consulting, Singapore Internal Audit Leader
Ernst & Young Advisory Pte. Ltd.
Singapore

Aloysius Fua
Assurance Executive
Ernst & Young Advisory Pte. Ltd.
Singapore

Disruption from the pandemic, evolving business landscapes, digitization, and more vocal stakeholders have accelerated the transformation of internal audit to be more agile, forward-looking, and technology-enabled. This panel discussion provides practical insights on internal audit’s transformation across various aspects and on the adoption of innovative practices, such as continuous risk and control assurance, analytics, and robotic process automation, to focus on risks that matter, increasing internal audit’s effectiveness and value to the organization.

In this session, participants will:

  • Discover the opportunity for a more agile internal audit operating model in the aspects of technology adoption, execution, and methodology; risk assessment; skillsets; and interaction with management. 
  • Gain practical insights from multi-perspective discussions among clients and consultants on the adoption of agile and innovative internal audit practices across various sectors.
  • Understand the implications of an evolving risk universe for internal audit functions.
  • Apply the practices and navigate challenges to transform their internal audit functions to create greater value within their organizations.

Veron Wong leads the enterprise risk team for the consulting practice in EY Singapore. She has more than 17 years of experience in enterprise risk management, internal audit, and business process re-engineering projects for various clients across different industries. She has led many ERM implementation projects for first adopters, as well as assisted other organizations in the areas of internal audit, adopting advanced techniques to further their maturity.

Wong has also conducted seminars and training on risk management and internal audit of the future for corporations of different sizes and sector. As a thought leader in the risk and internal audit space, she has conducted sessions with business leaders and practitioners on ways to evolve their ERM and internal audit programs to achieve greater value, such as integrating sustainability and technology considerations into their existing framework.

Wong has international experience leading large-scale projects with a high degree of complexity for major clients across Asia, Oceania, Europe, and US. She served many different clients in risk management and internal audit work over many sectors. She had commercial internal audit experience, performing reviews for entities across Asia Pacific and Europe in her previous stint.

NASBA CPE Credit: 1.2

Anand Bhakta
Senior Director, Risk Solutions
AuditBoard
USA

Jason Sechrist
Director, Compliance and Audit Solutions
AuditBoard
USA

Cyber threats and attacks continue to increase in number and complexity — all while the business world grows more digitized and connected. As businesses and technology have evolved, so has the COSO Enterprise Risk Management (ERM) Framework. One of the foundational drivers behind the update of the ERM Framework was the need to address the evolution of risk management in the cyber age and for organizations to improve their approach to managing cyber risk.

This session will provide an overview on cyber risk management through principles defined in the COSO Enterprise Risk Management Framework. In this session, we will review the importance of leveraging these COSO ERM Framework principles to manage cyber risk, dig into details on how to integrate cyber risk management with enterprise risk management, and explore anticipated future developments in ERM and cyber risk.

In this session, participants will:

  • Define key updates to the COSO ERM Framework.
  • Identify the importance of leveraging COSO ERM Framework principles to manage cyber risk.
  • Discuss best practices for leveraging the COSO ERM Framework to integrate cyber risk management with enterprise risk management.
  • Explore anticipated future developments of ERM and cyber risk.

Anand Bhakta is the senior director of risk solutions at AuditBoard, a cloud-based platform to help enterprises streamline and automate internal audit, risk, and compliance activities. He has 15+ years of IT audit and consulting experience. Specializing in risks and controls related to the implementation of ERP systems, he has helped various multinational companies evaluate and/or implement application controls in ERP systems, including Oracle Financials, SAP, and PeopleSoft. Bhakta is recognized for his ability to develop and implement agile auditing programs and data analysis tools. Additionally, he has assisted clients in complying with Sarbanes-Oxley from both an advisory and attestation perspective.

Jason Sechrist is director of audit solutions at AuditBoard, where he works with internal audit and compliance teams to help automate the administrative tasks of audit, risk, and compliance activities. Previously, as global head of internal audit at Rackspace Managed Cloud Company, his responsibilities included developing and executing on a risk-based audit plan for the company’s data centers and office locations across the Americas, Europe, and Asia. Sechrist started his auditing career with PwC, advising CTOs, CISOs, compliance managers, and system engineers at software and cloud service providers. He has spoken at The IIA’s GAM and All Star conferences as well as various ISACA and IIA local chapter events.

NASBA CPE Credit: 1.2

Yi Hsin (Doris) Wang, CIA, CGAP, CRMA, CPA
Chairman, Accounting Research and Development Foundation
Professor of Accountancy, National Taipei University
Taiwan

Tsan-Hsing Chiou
Assistant Auditor General and Director
National Audit Office
Taiwan

Ching-Shin Chou
Senior Auditor and Section Chief
National Audit Office
Taiwan

The government has started to implement digital government systems in Taiwan. So the National Audit Office (NAO) has actively applied audit intelligence to improve oversight, insight, and foresight functions. In this session, several real cases will be discussed, including a performance evaluation of public parking lots using big data analysis and an application of blockchain framework bank confirmation. In addition, the XBRL and how to enhance the transparency of public information will be discussed.

In this session, participants will:

  • Describe the criteria for performance evaluation of public parking lots by using big data analysis.
  • Apply a blockchain-based framework of the bank confirmation for government agencies.
  • Develop plans for the applications of artificial intelligence and audit intelligence to the metropolis bicycle system.

Yi Hsin (Doris) Wang, a professor of accountancy at National Taipei University, has devoted her teaching and research to big data analysis, accounting intelligence, corporate governance, risk management, internal control, and internal audit. Dr. Wang has been chairman of the Accounting Research and Development Foundation since 2014. Dr. Wang was honored with the 2018 ACIIA Award for Outstanding Contribution in the Field of Internal Auditing in Malaysia. She developed the internal control framework and balanced score card performance system as director of National Taipei University library. 

Dr. Wang was a member of the Internal Audit Foundation Trustees of The IIA Global and a member of The IIA Global board. In addition, she has been a board member of First Financial Holding Corporation for more than 10 years. She is also chairperson of the audit committee of Transcends Information, a listing company of Taiwan Stock Market. She has actively attended and made presentations for international conferences, including Data Amplified 2018 (XBRL International Conference) in Dubai,  ACIIA 2018 in  Malaysia, 2019 IFASS meeting in Buenos Aires, and ACIIA 2019 CAE Forum.

Tsan-Hsing Chiou Bio being finalized

Ching-Shin Chou Bio being finalized

NASBA CPE Credit: 1.2

Dr. Christiaan Roos
Head, Cyber Security and Technology Risk
Adept Advisory
South Africa

Traditional IT audit techniques are not always effective in identifying cyber security control weaknesses. Ethical hacking tools and techniques can be used to uncover unknown control weaknesses, increase automation of testing, and perform full population assessments. An ethical hacking mindset also assists an IT auditor to think more practically about how an attacker would compromise defense in depth layers. The presenter argues that ethical hacking is a mandatory skill required to conduct cyber security audits.

In this session, participants will:

  • Gain a basic understanding of the concept ethical hacking.
  • Be presented examples of ethical hacking tools and techniques that can be used to supplement traditional IT audit techniques.
  • Define a methodology and approach to apply ethical hacking as part of cyber security audits.

Dr. Christiaan Roos is a seasoned cyber security, IT audit, and data analytics specialist. He has more than 22 years of experience in the banking and telecommunications industry. He has managed audit teams 3 to 15 resources. His broad background encompasses internal auditing, IT auditing, continuous auditing, cyber security, ethical hacking, vulnerability management, threat intelligence, corporate information security functions, data analytics, IT governance, data architecture, and cloud governance. Dr. Roos has presented at seminars and conferences and lectured on topics such as IT governance, IT auditing, ethical hacking, cyber security, and continuous auditing. He is currently the head of cyber security and technology risk at Adept Advisory.

NASBA CPE Credit: 1.2

Justin Gwin, CIA, CRMA, CISA, CPA, CRISC

Managing Director
BDO
USA

Steve Roth, CIA, CPA
Vice President, Internal Audit and ERM
Norwegian Cruise Line
USA

Too often, audit reports appear to showcase internal audit procedures and provide overly detailed findings that are of no interest to the intended reader. Many internal auditors feel the need to capture all testing results in an audit report. However, it’s worth noting that The IIA’s Standards do NOT require an audit report, but rather simply state: “Internal auditors must communicate the results of engagements.” Additionally, a written audit report can become a point of contention with management, which erodes our relationships, causes budget overruns, and delays the delivery of results to stakeholders. All can be avoided. This session will explore effective communication of audit results as well as techniques for developing succinct written reports.

In this session, participants will:

  • Establish criteria to identify internal audit projects which require written reports and those that do not.
  • Develop communication skills to deliver results verbally without the need for a written report.
  • Learn techniques to effectively tell a story and highlight key issues within an audit report.

Justin Gwin leads BDO’s risk advisory services practice in Florida. He has more than 16 years of experience in financial, operational, and IT-related controls testing. His specialties include internal audit, business process control assessments, compliance reviews, information technology and security evaluations, risk management assurance, Service Organization Control (SOC) reporting, SOX compliance, and external quality assessment reviews. Gwin has significant experience helping clients manage and mitigate risk across a wide variety of industries, including manufacturing/distribution, banking, insurance, real estate, nonprofit, professional services, technology, and more.

Prior to joining BDO, he led the governance, risk management, and internal audit service for a regional accounting firm in Florida. He also served as an outsourced chief audit executive for multiple organizations. In addition, Gwin spent four years at Mazars in London, working extensively in the insurance sector, conducting internal audits of underwriting, claims, re-insurance, governance, and Coverholder/TPA audits. While abroad, he also performed internal audits, SOX testing, and compliance and controls evaluations for multiple global corporations and client offices throughout Europe. Gwin has extensive experience assisting clients of all sizes with identification and remediation of Internal Controls over Financial Reporting (ICFR), including collaborating with management to determine effective solutions based on resources available to the organization. He has earned multiple certifications and is also certified in COSO Internal Controls.

Steve Roth has 27+ years of internal and external auditing experience. During his tenure with Prestige Cruise/Norwegian Cruise Line, he has held the roles of vice president, senior director, and key ethics contact, overseeing development of the internal audit function, SOX compliance program, and ERM efforts. Previously, as creator of Audit Assessment Group, Roth conducted 25+ assessments of internal audit activities nationwide and led internal audit functions on an interim basis. Prior, as internal audit manager at Royal Caribbean Cruises, he helped establish a nationally recognized audit department. Roth began his career at Deloitte & Touche as a senior financial auditor. He currently serves on the board of IIA–Miami and as an adjunct professor at Florida International University.

NASBA CPE Credit: 1.2

12:00 - 12:30 p.m. Networking Break in VirtualExhibit Hall
12:30 - 1:30 p.m. Concurrent Session Tracks​​

Gil Ber, CIA, CPA, CRISC
Chief Audit Executive
EL AL Israel Airlines
Israel

This presentation will center on creativity and innovation in internal audit and their influence on the future of the profession in coming years. The session will introduce new ideas and insights that may have not been heard in the context of internal audit, including the impact of the evolution on internal audit, AX, behavioral audit, wisdom of the crowd, and using TED principles in audit.

In this session, participants will:

  • Discuss examples of innovation and creative thinking in audit.
  • Gain practical tools for achieving creativity and innovation in audit.

Gil Ber is vice president and chief audit executive of EL AL Israel Airlines. He has more than 20 years of experience in internal and external audit, risk management, SOX implementation, and fraud investigation in various sectors. In addition to his work at EL AL, he lectures in Israel (at Ben Gurion, Tel Aviv, and Haifa Universities) and globally (at industry conferences). Ber also serves on several IIA–Israel committees and is a volunteer member of the audit and risk management committee of the Israel Foundation for Handicapped Children. Prior to EL AL, he was a partner at Ernst & Young Israel.

NASBA CPE Credit: 1.2

Robert B. Hirth, Jr.
Senior Managing Director, Protiviti
Chairman Emeritus, Committee of Sponsoring Organizations of the Treadway Commission (COSO)
Co-Vice Chair of the SASB Standards Board
Sector Chair for Technology & Communications
USA

Environmental, Social, and Governance (ESG) performance, reporting, and assurance have gained center stage around the world as organizations seek to better understand the needs and concerns of a variety of stakeholders, improve their own performance, and better communicate their ability to create long term sustainable value. Internal audit can play a valuable role in providing expanded ERM activity, objective assurance, and consulting as their organizations start, evolve, and continuously improve their ESG activities

In this session, participants will:

  • Learn about the latest drivers and application of ESG activity that enhance organizational value and sustainability for key internal and external stakeholders.
  • Gain insight into the most current ESG reporting techniques and leading practices as well as reporting frameworks used by leading organizations globally.
  • See how internal audit can add substantial value to ESG activities and reporting though expanded ERM, objective assurance, and consulting activities.

Bob Hirth was appointed to the nine-member standard setting board of the Sustainability Accounting Standards Board (SASB) upon its formation in 2017 and serves as a vice chair of the board. He currently heads SASB’s technology and communications sector committee and is a member of the services, healthcare and extractive and minerals processing sector committees.          

Serving as COSO chair from June 2013 to February 2018, Hirth’s activities included leading COSO’s project on revising its Enterprise Risk Management Framework, which was released in September 2017; issuing COSO’s Guide on Fraud Risk Management; and actively promoting COSO’s 2013 Internal Control Integrated Framework around the world and through the media. He initiated COSO’s guidance on ERM/ESG integration, which was issued in 2018. He has worked on assignments and made presentations in 20+ countries, serving 50+ organizations and working closely with board members, C-level executives, university professors, finance and accounting personnel, and public accounting firm partners and employees.

He is a senior managing director of Protiviti, a global internal audit and business risk consulting firm that operates in 22 countries. Prior to that, he was executive vice president of global internal audit and a member of the firm’s six-person executive management team for the first ten years of Protiviti’s development.

In 2013, Hirth was inducted into The IIA’s American Hall of Distinguished Audit Practitioners. In 2014 and 2015, he served as the chairman of The IIA’s IPPF re-look task force.

NASBA CPE Credit: 1.2

Vincent Cheang
Director, Internal Audit
GIC Pte Ltd.
Singapore

The session will examine real-life use cases of how data science is applied in internal audit, including techniques like natural language processing, supervised and unsupervised machine learning, and deep learning. The session will walk through specific use cases and explain how the data science technique works, providing the audience with a good appreciation of how these techniques are actually  applied in a real-world scenario by explaining how the techniques are translated from a theoretical to a practical application in the internal audit context.

In this session, participants will:

  • Appreciate and understand the data science concept.
  • Learn how these are applied to specific use cases in internal audit.
  • Realize the significant impact and assurance that data science can offer to internal audit.

Vincent Cheang is a director of internal audit, leading the department in fostering a strong corporate governance and control environment in GIC. He focuses on employing best practice audit methodologies and being a trusted business partner to other functional areas to bring about positive changes to GIC’s control environment. Recently, Cheang has focused on moving the internal audit function into the digital space as a champion of data science adoption in internal audit. Prior to joining GIC, he held various internal audit positions in Barclays Bank, Deutsche Bank AG, and Societe Generale.

NASBA CPE Credit: 1.2

Kamal Dua, CPA, CGMA, FCA
Senior Vice President and Chief Audit Executive
Leidos Inc.
USA

Krish Krithivasan
Chief Executive Officer
OEQ Inc.
USA

Every aspect of a company’s value chain (Porter), COSO Internal Control Framework’s three categories of objectives (Operating, Reporting and Compliance), and The IIA’s Three Lines Model are intricately influenced by cybersecurity and related risks. Boards, audit committees, and business leaders look to internal audit to align these initiatives. How can internal audit integrate cybersecurity risk assessment into each aspect of the annual internal audit plan — financial, operational, technology, and compliance?

In this session, participants will:

  • Identify cybersecurity risks across the corporation using value chain, COSO Internal Control Framework, and The IIA’s Three Lines Model as underlying frameworks.
  • Review a cybersecurity risk assessment model to develop the internal audit plan influenced by assessing cyber-related risks.
  • Analyze techniques and options for integrating cybersecurity risk assessments into most audits.
  • Develop a 90-day action plan using provided enablers.

Kamal Dua is a senior vice president and the chief audit executive for Leidos. Reporting to the audit and finance committee of the board of directors, he leads Leidos’ internal audit function responsible for the performance of financial, operational, information systems, and cybersecurity audits across the enterprise to improve risk management and related mitigation strategies.

An experienced finance, compliance, and risk management professional, Dua brings 30+ years of governance and audit experience to Leidos. He previously worked at Harris Corporation where he was vice president of internal audit and compliance. Prior, he held internal audit leadership positions at Cable & Wireless Communications PLC and Comcast Corporation. At Mitchell & Titus LLP, the largest minority controlled CPA firm in the U.S., he led the advisory services practice.

Dua is a Certified Public Accountant in the U.S. and Fellow Chartered Accountant in the U.K. He is a member of the American Institute of CPAs and the Institute of Chartered Accountants in England & Wales. He earned an M.B.A. from Long Island University, an M.S. In information Systems Engineering from Polytechnic University (now NYU), and an M.S. in Sustainability Management from Columbia University in New York City. He has also completed The Wharton School’s Advanced Management Program. Currently Dua is a candidate for an M.S. in Cybersecurity from the University of South Florida.

Krish Krithivasan Bio being finalized

NASBA CPE Credit: 1.2

Marc Eulerich, CIA
Professor of Internal Audit
University of Duisburg-Essen
Germany

This session presents current research findings about one of the main unanswered questions of our profession: What is the value of internal auditing? This question is of special relevance not only for internal audit’s stakeholders, like the C-suite, audit committee, or auditee, but also for every single internal auditor and the whole profession. This session presents results from a global study by the IIARF based on interviews and surveys. We try to answer the following questions: How do internal auditors and internal audit functions define their added value to the organization? How do internal auditors and internal audit functions measure their added value? How do internal auditors and internal audit functions communicate their added value? What are the expectations of stakeholders?

In this session, participants will:

  • Learn about the expected value of management and board.
  • Understand multiple perspectives of internal audit’s value.
  • Learn how to align internal audit functions’ activities to maximize the added value.
  • Explore how to create a transparent measurement and communication model for internal audit functions’ added value.

Prof. Dr. Marc Eulerich has been a professor of internal auditing at the Mercator School of Management, University Duisburg-Essen, since 2011. The professorship is sponsored by the German Institute of Internal Auditors with an explicit focus on internal auditing research and teaching. He is program coordinator for the Internal Auditing Education Partnership Program and chair of the scientific committee of the German IIA. He has published numerous scientific and practitioner articles and books about corporate governance, internal auditing, and strategy. His research is published in Auditing, Accounting Horizons, Journal of Information Systems, Accounting History Review, Managerial Auditing Journal, International Journal of Auditing, Internal Auditor magazine, and numerous other journals. He is qualified as a Certified Internal Auditor (CIA). Dr. Eulerich also supports the global profession of internal audit with numerous talks and consulting projects to intensify the relationship between theory and practice.

NASBA CPE Credit: 1.2

​Session Details Being Finalized

NASBA CPE Credit: 4.2

​Wednesday, 16 June 2021

​9:15 - 9:30 a.m.
2021 International Conference Day Two Welcome

Dr. Ayesha Khanna
Expert in Artificial Intelligence, Smart Cities, and Fintech
Singapore

Dr. Ayesha Khanna Bio being finalized

NASBA CPE Credit: 1.2

​10:30 – 11:00 a.m.
Networking Break in the Virtual Exhibit Hall
11:00 a.m.  – 12:00 p.m.​​​​​ ​Concurrent Session Tracks

Mara Ash, CIA, CGAP, CRMA, CGFM
Chief Executive Officer
Business & Financial Management Solutions, LLC
USA

What does the auditor of the future look like? What skill sets do they need? How do we look beyond an accounting degree to find great auditors? According to The IIA’s annual report, critical thinking is a top skill needed by every auditor. We need to look beyond accounting and finance — rote skills — and consider other disciplines. IT use is on the rise across all operations… we need tech-savvy auditors who can understand how processes work. Moving beyond the “typical” auditor background and skills or standard audit rotation allows managers to cast a wider net when recruiting new staff. Discover innovative ways to recruit new auditors that consider critical thinking and process analysis.

In this session, participants will:

  • Explore the internal audit environment of the future.
  • Theorize the new auditor skill set.
  • Get tips on training existing auditors to thrive in the new audit environment.
  • Consider new engaging recruitment strategies for the future auditor.

Mara Ash, CIA, CGAP, CRMA, CGFM serves as the chief executive officer and president of the board of directors of Business & Financial Management Solutions, LLC. She has 25+ years of financial management and audit experience in the government and private sectors. Her unique background with both public and private sectors brings a wealth of knowledge and innovation that enables BFS to provide optimal solutions. Her expertise covers the crucial elements of business and financial operations that create strategic alignments, enhance transparency, cultivate sustainable growth, and ensure compliance.

Ash is a federal compliance expert, with in-depth experience helping state and local agencies build compliance programs and processes that align capabilities with compliance regulations. Her processes, tools, and training ensure agencies can integrate an end-to-end process that staff can execute.

She is a member of The Institute of Internal Auditors (IIA) and the Association of Government Accountants (AGA), where she has held various leadership positions. She currently serves as chairman of The IIA’s Public Sector Audit Committee. Ash believes in success built on efficiency, effectiveness, and transparency. Her goal is to help organizations improve service delivery, ensure compliance, enhance transparency, and reduce costs.

NASBA CPE Credit: 1.2

Jorge Badillo, CIA, QIAL, CCSA, CGAP, CRMA, CISA
Internal Audit Manager
SCM Minera Lumina Copper Chile
Chile

The session will present, in a practical way, the key steps, tools, and techniques of fraud risk management, including a description of the main tools and deliverables, using suggested templates.

In this session, participants will:

  • Explain fraud risk management phases and purposes.
  • Learn about key fraud risk management tools and techniques.
  • Know how to use/apply fraud risk management tools (inventory, evaluation, risk, control matrix, heat map, and action plans).
  • Identify the main fraud risk management deliverables.

Jorge Badillo has 24+ years of experience in auditing in private and public sector: internal, financial, performance, forensic, and information technology. Currently, he is an internal audit manager in the Japanese mining company, SCM Minera Lumina Copper Chile.

Prior to his current role, Badillo was an internal audit manager in Sierra Gorda SCM located in Chile (joint venture: KGHM (Poland) and Sumitomo (Japan)); before that, he was a regional internal audit manager for South America in the Canadian mining company, Kinross Gold Corporation. He also worked in the United Nations Ecuador (comptroller of the international organization for migration mission in Ecuador), Ernst & Young (advisory manager), and Internal Revenue Service in Ecuador (chief audit executive). In 2012, Badillo applied for the position of general comptroller of the Republic of Ecuador. He was chairman of the board of The IIA–Ecuador and is member of the board of The IIA–Chile.

NASBA CPE Credit: 1.2

Jason Bier, CIA, CISA
Senior Vice President and Head, IT Audit
LPL Financial
USA

Robert Hayes
Vice President, Audit Data Analytics
LPL Financial
USA

Christina Mehltretter
Senior Vice President, Internal Audit
LPL Financial
USA

The use of data and analytics in internal audit is continuously trending upwards. Join us for an opportunity to discuss establishing, evolving, and sustaining a data analytics program.

In this interactive session, LPL Financial will share their journey to incorporating data analytics into their audit methodology, including team adoption and training, stakeholder engagement, and challenges encountered along the way. Speakers will specify practical strategies for implementation, provide illustrative examples, and utilize polling and Q&A.

In this session, participants will:

  • Cultivate ideas of how to jump-start implementation of data analytics in internal audit, including the capabilities, technologies, and methodologies required.
  • Discuss real-life examples of establishing strategic partnerships with firm stakeholders and communicating the value provided by incorporating data analytics.
  • Become familiar with common pitfalls faced when introducing data analytics into internal audit.
  • Identify practical, innovative audits using data analytics to promote enhanced assurance.

Jason Bier leads the technology audit team at LPL Financial (LPL). In his current role, he is responsible for development and execution of the technology audit plan and managing relationships with senior IT leadership throughout the organization. Prior, Bier worked at Marsh & McLennan Companies for 19 years, leaving as head of IT audit. While at MMC, he performed audits in a variety of areas, including operations, finance, compliance, and technology. Bier was an inaugural member of the IT audit team and helped develop the team to a staff of 21 auditors completing a wide range of technology audits globally. He volunteers as part of his local IIA chapter in Charlotte and has joined numerous panels to talk to students and jobseekers about the internal audit profession.

Robert Hayes is responsible for managing all internal audit data analytics activities at LPL Financial. In this role, he provides strategic direction to the internal audit team to mature the use of data analytics. Hayes also strategically partners with internal stakeholders to increase risk education and awareness through the use of data and analytics. Prior to joining LPL, he held a position in the corporate internal audit department at Graham Holdings, previously the Washington Post Company. During his time at Graham Holdings, Hayes assisted with the integration of data analytics into the internal audit methodology. He has 10+ years of experience in internal audit data analytics across multiple industries, including financial services, healthcare, and education.

Christina Mehltretter leads the internal audit function for compliance, legal and risk (CLR), finance, human capital (HC) and the private trust company (PTC) at LPL Financial (LPL) and its affiliates. In her current role, she is responsible for development and execution of the internal audit plan in these areas. Mehltretter is also responsible for managing relationships with senior leadership throughout the organization. Prior to joining LPL, she was a senior manager at Ernst & Young LLP (EY). At EY, her primary focus was assisting clients with their internal audit and Sarbanes-Oxley compliance groups. Mehltretter assisted multiple internal audit functions in complying with The IIA’s International Professional Practices Framework (IPPF), OCC-Strong, OCC Heightened Standards, FRB SR 13-1, and Basel guidance. She has 10+ years of experience in the financial services industry with banks, broker-dealers, and asset managers.

NASBA CPE Credit: 1.2

Sung Jin Ahn
Deputy General Manager
KEPCO KPS
South Korea

This session will introduce a purpose, work process, system configuration diagram of Virtual K-Virtual Audit ‘LANSeon Audit,’  and preparations, including equipment, system, video conference program, etc. Procedures and methods will be explained in detail for headquarters and offices, encompassing main schedules, priming, listening, interview, coaching, probing, crossing, eSigning, confirming, closing, and managing, as well as audit of overseas business sites, notice on security management, preparation checklist, etc.

In this session, participants will:

  • Discover the concept of Virtual K-Virtual Audit ‘LANSeon Audit.’
  • Introduce a Virtual K-Virtual Audit ‘LANSeon Audit’ system within the company.
  • Learn how to conduct virtual audit in their own organization.
  • Gain insight into the culture of non-face-to-face work and expansion of all work within the organization to non-face-to-face work.

Sung Jin Ahn has been working in the audit office for about two years, constructing a virtual audit system and producing and revising manuals on K-Virtual Audit ‘LANSeon Audit.’

NASBA CPE Credit: 1.2

Woon Teck Tay, CIA, CRMA, FCA Singapore, FCPA Australia, FSID, FCMI UK, MAICD, AIPAS
Managing Director
RSM Risk Advisory Pte Ltd.
Singapore

In the current disruptive landscape, what is internal audit’s value proposition? While assurance is an essential role, internal audit can provide significant value as a consulting resource to both the board of directors and executive management. This session looks at how the internal audit function can be a trusted advisor that is not only proactive and insightful, but also strategically aligned and business focused. Conversations will be held with internal audit stakeholder(s) during this session.

In this session, participants will:

  • Appraise the impact of disruption to businesses/organizations with the illustration of corporate cases. 
  • Evaluate the strategy and approach of re-thinking or re-inventing the focus of internal audit to be proactive and insightful as well as strategically aligned and business focused. 
  • Establish the value proposition of internal audit as a trusted advisor in a disruptive landscape through conversations with internal audit stakeholder(s), such as audit committee members and/or CEOs.

Woon Teck is currently the managing director of Ram’s risk advisory division. He works closely with boards and C-suites in designing risk management frameworks that link corporate strategies to risk management activities, corporate governance, and internal control activities. In addition, Tay is concurrently an executive director with RSM’s corporate advisory division, advising clients on corporate strategies, succession planning, profit improvements, and cross-border M&A transactions in the UK, US, Canada, China, and ASEAN countries.

Currently, Tay serves as a council member of the Institute of Valuers and Appraisers of Singapore, Chartered Management Institute Singapore, Society of Modern Management, and Australian Institute of Company Directors, Singapore. He is also active in the social enterprises sector, advising on corporate governance, risk management, and internal control processes. 

Previously, as an adjunct faculty member at Singapore Management University, he designed and taught the corporate advisory program for both the Bachelor of Accountancy and Masters in Professional Accounting programs. Tay co-authored a workbook, “Risk Governance for the Third Sector,” to guide the boards of the Third Sector in getting started on implementing effective risk governance and internal control practices. He also co-authored the “Doing Business in ASEAN” Guidebook jointly published by RSM, Rajah & Tann Asia, and United Overseas Bank.

NASBA CPE Credit: 1.2

​12:00 – 1:30 p.m.
Networking Break in the Virtual Exhibit Hall
12:30  – 1:30 p.m.​​​​​ ​Concurrent Session Tracks

Gordon Braun
Managing Director
Protiviti
USA

The objectives of a next-generation internal audit department may be straightforward and include improving assurance by increasing focus on key risks, making internal audit more efficient, and/or providing deeper, more valuable insights from internal audit’s activities and processes. However, next-generation internal audit groups will need to introduce a variety of different governance structures, methodologies, and enabling technologies to keep pace with an evolving risk landscape and rising stakeholder expectations.

In this session, participants will:

  • Highlight what leading internal audit organizations are doing to evolve and transform. 
  • Explain a model that can be used to either begin or accelerate a path to becoming “NextGen.”
  • Provide an overview of practical implementation successes and challenges through a Protiviti client’s own journey.

Gordon Braun is a managing director at Protiviti, leading the Minneapolis office. For 20+ years, he has been providing risk consulting services across several industries. He is an active leader of Protiviti’s central area internal audit and financial advisory practice and has a particular focus on assisting clients with the assessment and management of business risks associated with technology deployment and maintenance. Braun has served as an engagement leader on multiple outsourced and co-sourced internal audit engagements. He earned his B.A. in English and Computer Applications from the University of Notre Dame and his M.B.A. in Finance and Economics from the University of Chicago Booth School of Business. Braun has presented at many chapters of both The IIA and ISACA, national webinars, SAP conferences, and multiple universities across the Midwest. He is also currently serves on multiple nonprofit boards.

NASBA CPE Credit: 1.2

Hiroshi Yanase, CIA, CCSA, CFE
Chief Internal Auditor
Simmons Co., Ltd.
Japan

Tae Fujii
Manager
Simmons Co., Ltd.
Japan

The IIA issued an important update to the Three Lines Model in July 2020. The old model focused on the defense area, whereas the new one goes beyond that and contributes to the achievement of objectives. The new three lines model consists of the principles, key roles, and relationships among core ones. This session will convey the meaning of the model in a plain way and address the complexities of the real world by using the model.

In this session, participants will:

  • Explain the major difference between the new and old models by making a comparison.
  • Clarify the advancement of the new model.
  • Indicate how to apply the new model to the real world.

Hiroshi Yanase is a highly accomplished professional with full experience and knowledge in audit, accounting, and business in general. Yanase possesses strong leadership skills in coaching team member on audit engagement, including audit planning, onsite audits, and audit reporting. Yanase applies extensive communication skills to build strong relationships with audit clients. Yanase’s nearly 13-year background in audit encompasses J-SOX, internal audit, compliance and risk management audit, and governance audit, not only in Japan, but also in foreign countries such as China, Taiwan, and the US.

Tae Fujii Bio being finalized

NASBA CPE Credit: 1.2

Mark Harrison, CIA, CRMA
Managing Director
Sententia Consulting
Australia

The session will provide practical advice, including a tested set of normative criteria, for how to undertake a useful “post-event” analysis of an organization’s handling of the COVID-19 pandemic. The session will discuss different approaches and objectives of such reviews as well as how such projects can add most value to an organization, and provide a set of criteria that can be used to determine what “good” looks like in a pandemic response. The session will utilize real-life practical experiences and examples to provide the audience with genuine “tricks and tips” for adding value to their organizations in such a review.

In this session, participants will:

  • Learn how to conduct a useful post-event assessment of an organization’s response to the COVID-19 pandemic (or other).
  • Understand better how a pandemic impacts an organization, to allow for tailored focusing of a post-event assessment of an organization’s response to the COVID-19 pandemic (or other).
  • Learn from practical experience on what to do and what not do if conducting a “post-event” analysis after COVID-19.

Mark Harrison is a highly experienced internal auditor with 25+ years of experience as a consultant and chief audit executive, having working in more than one dozen countries around the world. He brings a breadth of industry experience and deep business acumen to provide practical, insightful, and tailored advice the goes to the root cause of complex business challenges and provides relevant roadmaps for business and technology improvement. He has a strong command of the technical standards of both internal audit and IT audit that gives organizations confidence of technical excellence. Professionally, Harrison is the president of the Asian Confederation of Institutes of Internal Auditors, the immediate past president of The IIA–Australia, and has served globally on the Professional Issues Committee, the Global Professional Development Committee, and is currently on the Institute Relations Committee. He was chairman of The IIA’s International Conference in 2017 when it was held in Sydney, Australia. Harrison is considered a global leader in governance advice, having worked with some of the most complex global organizations in the public and private sectors.

NASBA CPE Credit: 1.2

Deniz Appelbaum, PhD
Assistant Professor
Montclair State University
(Fastpath)
USA

Drones are evolving in many industries today, and auditing is no exception. Auditors not already gaining from the potential of drone-empowered applications in their audit programs could be left behind if they do not adapt and adopt. To expand your understanding of the potential of drones today in auditing, join this presentation. Attendees will gain the resources they need to stay current with the latest drone advancements and scale new heights in delivering increased value to their organization.

In this session, participants will:

  • Acquire knowledge about current business and potential audit use of drones.
  • Understand how drones have permeated many industries.
  • Follow a data-driven procedure for applying drones to an audit for measurable results.
  • Develop ideas for quick applications of drones in the audit process.

Dr. Deniz Appelbaum is an assistant professor of the Department of Accounting and Finance at the Feliciano School of Business of Montclair State University. She has published manuscripts in Accounting Horizons, Journal of Emerging Technologies in Accounting, Auditing: Journal of Practice and Theory, and other academic and practitioner journals, based on her research regarding analytics, big data, blockchain, and automation in financial auditing and fraud detection. She presents frequently at the American Accounting Association and more recently with The IIA–Canada. The accounting and auditing professions are currently undergoing huge disruptions due to technical innovations, and Dr. Appelbaum is devoted to assisting her audience in preparing for these changes.

NASBA CPE Credit: 1.2

Terri Rogers, CIA, CPA
Chief Audit Executive
United Community Bank
USA

Emotional Intelligence Squared (EI2) provides not only the basics of EI, but lessons in taking this oft elusive skill to the next level to apply to both talent management and stakeholder communication. Join this session and raise your emotional intelligence to the next level! A skill applicable to all relationships that is certain to enrich your career as well as improve your audit team and overall results. A must-have in the leader’s toolbox.

In this session, participants will:

  • Define the basics of emotional intelligence.
  • Differentiate between trusting their gut and leveraging their emotional intelligence.
  • Assess their own EI level.
  • Obtain useful tools and tips to apply EI to talent management and stakeholder relationships.

Terri Rogers is the chief audit executive at United Community Banks (UCBI), a $15 billion southeast regional US bank providing retail and corporate banking services through 163+ banking offices in Florida, Georgia, South Carolina, North Carolina, and Tennessee. Before joining UCBI, Rogers was with Huntington National Bank, FirstMerit Bank, and KeyBank, where she served in various audit roles; most recently, as senior audit manager with a focus on auditing commercial lending, international banking, credit risk, capital, derivatives, stress testing, and SEC reporting. Additionally, she spent 10 years as administrator of internal controls over financial reporting. Rogers has used emotional intelligence throughout her career, even before truly knowing what it was. EI2 has helped her level up and improve talent management and stakeholder relationships. She currently holds Certified Public Accountant and Certified Bank Auditor certifications. She has served on the boards of various nonprofit organizations.

NASBA CPE Credit: 1.2

​Thursday, 17 June 2021

​9:15 - 9:30 a.m.
2021 International Conference Day Four Welcome

Keren Elazari
Cybersecurity Analyst, Author, and Friendly Hacker
Israel

Keren Elazari Bio being finalized

NASBA CPE Credit: 1.2

​10:30 – 11:00 a.m.
Networking Break in the Virtual Exhibit Hall
11:00 a.m.  – 12:00 p.m.​​​​​ ​Concurrent Session Tracks
10:30 - 11:00 a.m. Networking Break​​​​ in Virtual Exhibit Hall
​11:00 a.m. - 12:00 p.m.
Concurrent Session Tracks​​​​​​​

Cristián Briones Maira, CSM, CCXP
Agile Culture Director
Innova Agile
Chile

Eladio Piña Gálvez, CSM
Audit Manager, Banco de Chile
President, IIA–Chile
Chile

The workshop will contextualize how agility and scrum can be implemented in audit to develop self-organized, multidisciplinary, and collaborative teams focused not only on processes, but also on system analysis. The session will use participatory methodologies and technologies that allow interaction in teams.

In this session, participants will:

  • Gain an understanding of the relevance of agility and scrum in the current management model and its relationship to auditing.
  • Hear examples of specific cases and results of implementing the scrum model for auditing.
  • Assess the scrum model for auditing, its conceptual framework, and the basic elements that comprise it.
  • Learn about concrete tools and actions for introducing agile and scrum practices in audit work.

Cristián Briones Maira is director of digital culture at Innova Agile. He created the Change Model Canvas change management model and scrum’s first audit management model. Maira has acted as an executive coach, facilitator, and advisor to implement teams, culture, and agile philosophy in IT, business, and audit areas for Colombian, Argentinean, and Chilean companies, including Derco, Enel, Banco de Chile, Banco Santander, ENAP, Itaú, and Esmax. He has also been a rapporteur at conferences in 15+ cities, a professor at the University of Chile, and a consultant partner with Deloitte, Digital Bank, Orion Solutions, and Metricarts.

Eladio Piña has 20+ years of experience in internal audit. He is currently audit manager at Banco de Chile and was previously audit manager at Citibank. Piña is president of The IIA–Chile and vice president of the Latin American Internal Audit and Risk Assessment Committee of FELABAN. He is Audit Coach, Product Owner, and Scrum Master certified, and was scrum’s first co-creator in the audit management model. He has also been a speaker at many Latin American conferences.

NASBA CPE Credit: 1.2

Syeda Mehar Zehra, CAMS
MLRO and Head, AML and Compliance
HBL Currency Exchange
Pakistan

The current era of rapid development of regulatory requirements by global regulators has increased the importance of enhancing anti-money laundering (AML)/FCC/regulatory compliance activities to accomplish better results on an enterprise level. Thus, audit (internal or external) has greater responsibility for identifying issues and verifying rectification exercises for smooth, business-as-usual activities. The session will cover the AML, FCC, and regulatory compliance framework and the critical role of the audit function in achieving the strategic goals of an organization.

In this session, participants will:

  • Learn how regulatory requirements are increasing pressure on AML/FCC/regulatory compliance departments.
  • Understand the importance of implementing FCC/regulatory compliance policy and procedures.
  • Gain insights on how to control the cost of compliance.
  • Uncover the role of audit in AML/FCC/regulatory compliance.
  • Discuss the importance of a strategic approach to achieve the AML/FCC/regulatory compliance objectives of an organization.

Syeda Mehar Zehra is a MLRO and head of AML and sanctions compliance at HBL Currency Exchange Pakistan. She has more than 10 years of diversified FCC and regulatory compliance experience in industry, consultancy, and auditing with multinational financial institutions and a Big Four firm. Zehra frequently speaks to the financial crime compliance (FCC) community at Association of Certified Anti-Money Laundering Specialists (ACAMS) conferences on FCC, technology, and auditing. Recently, she was recognized as an ACAMS lead subject matter expert and as a key content advisor for ACAMS certificate curriculum development. A valued author, she has been featured in ACAMS Today and Forbes, discussing FCC and innovative technologies. She is also an IIA member.

Zehra started her FCC career with Standard Chartered Pakistan, where she carried out core-level FCC analysis on real-world cases, which inspired her to pursue her Certified Anti-Money Laundering Specialist (CAMS) certification in 2012. Zehra became Pakistan’s first female CAMS recipient. She had been also part of Standard Chartered’s FCC team in the UAE. A belief in excellence prompted her to enter the world of audit. She joined KPMG Pakistan, where she has developed a financial crime risk management framework and conducted consultancy and audit engagements with KPMG USA, Pakistan, and UAE.

Zehra’s academic achievements include a Bachelor of Science degree in computer engineering and a Master of Business and Management degree.

NASBA CPE Credit: 1.2

Anya Drake
Director
Protiviti
USA

Continuous monitoring is not a new concept, but historically, organizations have largely failed to realize its full potential because of a lack of collaboration across the three lines of defense, sufficient technology, access to data, or innovative thinking. How can organizations overcome these roadblocks and start moving towards continuous monitoring?

We recommend starting with the proven strategic approach of recalibrating the goals by identifying high-impact areas, bridging the implementation gap with next-gen advanced analytics and methods, and quantifying and socializing the benefits of continuous monitoring.

In this session, participants will:

  • Outline the benefits of continuous monitoring compared to traditional cyclical audits.
  • Recognize the benefits of working across the three lines of defense within the organization.
  • Describe how to operationalize a continuous monitoring program based on real-world examples.
  • Understand why an agile mind-set is important to this process.

Anya Drake is a director with Protiviti’s internal audit and financial advisory practice, focused on the audit analytics solution. She also leads the next-gen audit advanced analytics initiative. Most recently, she built and led the data analytics program within the internal audit department of a global professional services organization. With 15+ years of combined industry and consulting experience in the financial and professional services industry, Drake enjoys working with internal audit organizations in designing smart analytics strategy, helping to implement the most optimal approach, and executing on continuous and automated analytics methodology.

NASBA CPE Credit: 1.2

<p><strong>Larry Hertzog Butler, CIA, CRMA, CPA, CGMA,  CRISC</strong><br>
  <strong>Head, Internal Audit </strong><br>
  <strong>Delivery Hero SE</strong><br>
  <strong>Germany</strong></p>
<p><strong>Dr. Dominik Förschler, PhD, Dr. rer.  pol., CIA, CRMA</strong><br>
  <strong>Managing Director and Senior Equity  Partner </strong><br>
  <strong>ARC Institute </strong><br>
  <strong>Germany</strong></p>
<p>In  a world of digital transformation, new forms of communication and interaction  are required to engage our stakeholders. Gamification enables learning and  training via networked learning environments. We present a case study that  demonstrates the success of gamification in the important topic of IT security  and defense against social engineering risk.</p>
<p>In  this session, participants will: </p>
<ul>
  <li>Understand gamification and simulations for  experience-based learning. </li>
  <li>Identify motivational elements and why  gamified-based learning is so successful for adults.</li>
  <li>Learn how risks in the area of IT security and  social engineering can be significantly mitigated based on a practical case  study.</li>
  <li>Develop a digital learning strategy for their audit  team.</li>
</ul>
<p><strong>Larry Herzog Butler </strong><em>Bio being finalized</em></p>
<p><strong>Dr. Dominik Förschler</strong> was previously  executive assistant to the president of the University of Frankfurt am Main; he  now leads the spin-off Audit Research Center | ARC Institute as managing  director. As executive research director and chairman of the digital  transformation board, he is also responsible for the development of new  learning methods, such as serious business games. Dr. Förschler&rsquo;s  more than 20 years of professional international experience at Deutsche Bank,  Canadian Imperial Bank CIBC, and BMW in Toronto, Chicago, New York, Madrid, and  London includes responsible management positions, especially in internal audit.  Today he is a well-known speaker, author of numerous expert books and articles  in the field of internal audit and human resources development in prestigious  professional journals, and editor of the book series Internal Audit Strategy.</p>
<p><em>NASBA CPE Credit: 1.2</em></p>


Sharon Messerschmidt, CIA, CPA, MPA
Director, General Audit
Public Service Commission, Government of Canada
Canada

Jo-Anne Vallee
Audit Director
Public Service Commission, Government of Canada
Canada

Diverse and inclusive public sector organizations produce better results for citizens. In Canada, a groundbreaking audit was conducted to determine the extent to which recruitment processes produced a representative public service, to identify barriers, and to provide recommendations to remove biases in staffing processes.

A real-world example will be presented that harnessed the power of data to shine a light on diversity and inclusion in the public sector and to show how the commitment of an audit team through challenging circumstances can produce real results to change the lives of citizens.

In this session, participants will:

  • Learn how to use data analytics to deliver results that can inform policy change.
  • Understand the importance of stakeholder consultations to develop recommendations that promote real change.
  • Appreciate the rewards and understand the pitfalls of leading an audit team through a complex and untested territory.

Sharon Messerschmidt has extensive experience as a chief audit executive in national government as a special advisor on audit and risk management to the United Nations. She was the technical lead on the UN’s Joint Inspection Unit review of the State of Internal Audit in the United Nations System in 2016. In the Canadian government, Messerschmidt has led several internal audit transformations by implementing agile approaches in IT audits, imbedding the impact of culture in audit planning, and improving internal audit professional practices to contribute to demonstrable organizational improvement. She has been called on to implement and provide advice to UN organizations on the three lines of defense, audit maturity assessment models, risk benchmarking, and risk culture. She understands the complexity of developing risk-based audit plans and maturity models to assess and improve performance across diverse operations in the public sector. Messerschmidt has presented at several IIA conferences at the national and international levels. In her career, she has provided advice and guidance to dozens of organizations as a chief audit executive and senior public sector advisor. She holds a CIA designation, is a professional accountant, and holds a master’s degree in public administration.

Jo-Anne Vallee Bio being finalized

NASBA CPE Credit: 1.2

12:00 - 12:30 p.m. Networking Break​​​​ in the Virtual Exhibit Hall
​12:30 - 1:30 p.m.
Concurrent Session Tracks​​​​​​​

Laval Wong Sick Wah, CIA, FCA
Chief Internal Audit Officer
Asian Infrastructure Investment Bank (AIIB)
China

The first five years that AIIB spent to build an innovative 21st century multilateral development bank involved many stages: forming, storming, norming, and performing; dealing with orthodoxies and silos; sharing internal audit’s first advisory engagement; COSO 2013 Framework on Internal Control; preparing AIIB for the changes; and using the Kotter 8-step Process.

In this session, participants will:

  • Understand the role of internal audit during the setting up of a new multilateral bank.
  • Gain insights into maintaining a balance between providing assurance and advisory services during the formative years.
  • Learn how the Kotter 8-step Process was applied in AIIB’s first advisory engagement.
  • Hear about building team spirit (flight of the geese).

Laval Wong Sick Wah is currently the chief internal audit officer of Asian Infrastructure Investment Bank (AIIB) based in Beijing, China. In this role, he is responsible for setting up the internal audit function to provided assurance, consulting, and training (ACT). Prior to joining AIIB, Wah was head of group audit for Asia Pacific and Middle East at ABN AMRO Bank NV, based in Singapore. His extensive auditing experience was gained through senior leadership positions in financial institutions. His background includes setting up and leading the internal audit department of a foreign bank in Singapore and a multilateral development bank in Beijing. Wah served on the board of The IIA–Singapore as governor, treasurer and as president from 2002 to 2004. In these leadership roles, he led advocacy programs that saw 800+ internal auditors globally complying with The IIA’s Standards for Quality Assurance and Improvement Programs (QAIPs).

NASBA CPE Credit: 1.2

Aidan Parisian
Vice President, Customer Strategy
Fastpath
USA

Frank Vukovits
Director, Strategic Partnerships
Fastpath
USA

While most of us are focused on the rising threat of external factors, don’t forget that just over half of fraud and error is committed by insiders. Internal controls, often thought of as a ‘check the box’ exercise due to regulatory pressure, are the most effective form of risk prevention you can have. From ‘Tone at the Top’ to ethics trainings to front-line control performance, the three lines of defense have never been more relevant.

In this session, participants will:

  • Understand the difference between internal and external threats.
  • Explore the different types of controls and control objectives.
  • Examine real-life stories about some actual perpetrated frauds from internal threats.
  • Obtain tools and tricks for having conversations with leadership.

Aidan Parisian has a passion for learning  along with equal knowledge of business/operational process and the system/technology for “making it go,” which puts him in a unique position to fundamentally understand the mechanisms an organization relies upon to achieve key objectives. As vice president of customer strategy for Fastpath, Parisian is focused on ensuring customers have the right solutions in place to manage GRC needs. Prior to Fastpath, he worked in external and internal audit, including the position of senior manager of internal audit for Pure Storage. Before that, he was a director at PwC, leading multiple large internal audit engagements, from scoping and risk assessment through testing delivery, external auditor relationship management, and issue remediation. Additionally, Parisian was a co-leader of the PwC NetSuite Center of Excellence. He has experience with both large and small companies in differing stages of maturity, from private to public. He is a sought-after speaker, have presented numerous times at GAM, GRC, OpenWorld, SuiteWorld, ISACA Fall Conference, and other auditing conferences.

Frank Vukovits has 30 years of experience as an auditor, business software user, and vendor of audit and security software. He has implemented and managed numerous ERP projects and now combines his software and audit knowledge as director of strategic partnerships at Fastpath. Prior to his time working with Microsoft business applications, he was in corporate IT audit for GTE/Verizon for 12 years. Vukovits has presented educational sessions publicly at user groups and audit events for the past two decades. He previously served on Internal Auditor magazine’s editorial board and was an IIA distinguished faculty member.

NASBA CPE Credit: 1.2

Chien Siang Yu
Chief Innovation and Trust Officer 
Amaris AI
Singapore

The presentation will highlight a key government-initiated AI cybersecurity innovation project that will develop policy guidance, procurement requirements, AI robustness framework, testing tools, and defensive measures against AI attacks that could compromise corporate, embedded, and smart nation AI systems. Despite rapid proliferation, most AI systems have no defenses against such AI attacks and hence, there is a need for urgent education, as the vulnerability is not just serious but would impact overall AI usage, governance, and compliance measures. This would be like the first emergence of computer viruses, when microcomputers were getting to be popular in 1980s.

In this session, participants will:

  • Be introduced to AI.
  • Understand different types of AI adversarial attacks and implications.
  • Acknowledge what would be “Bad AI.”
  • Uncover what we should expect as future compliance and governance requirements.

Chien Siang Yu is the chief innovation and trust officer for Amaris AI, an AI startup that offers full-stack AI as a service, and he is currently also a professor (ICT) at SIT. He was the chief innovation officer (CIO) of a department in the Ministry of Home Affairs and later of Certis Cisco. In this role, he pioneered embedded AI and low-cost edge systems, and led a malware and IoT security lab as well as a robotics and drones lab. Prior to this, he was the most senior computer security consultant at the Singapore government. He has been working in the Civil Service since 1981 and was awarded National Day Honours, the Public Administration Medal (Silver) in 1993, and the (Silver) Bar in 2004. He was also given the Cybersecurity Hall of Fame in 2018, an inaugural professional category award from AISP and supported by the Cyber Security Agency. He has been active in the fields of IT leadership, innovation development and its related cultural transformation, and IT security for more than 35 years. During this time, he led numerous national-level IT projects in information security, e.g. the Electronic Road Pricing (ERP), Standard Operating Environment (SOE), IoT security via the ANSES project, and homeland security, developing workflow and people identification operational systems. He was instrumental in evolving advanced systems architecture used in the public service and the fundamental mechanisms required for their large systems rollout. He is also an adjunct professor at NUS.

NASBA CPE Credit: 1.2

Wai Khin Hoi, CISSP, CRISC, CISM, CBCP, FCMI
Director, Technology Consulting
RSM Risk Advisory Pte Ltd.
Singapore

COVID-19 has spurred digital transformation. Businesses are adopting technology to overcome challenges, adapt to new norms, and unlock new growth areas. The new and rapid adoption of technology includes cloud computing, e-commerce, m-commerce, blockchain, and IoT. Internal audit has to focus on new and emerging risks to provide assurance and deliver value to businesses. The session looks at audit strategies and approaches for addressing the risks in a rapidly evolving technology landscape.

In this session, participants will:

  • Evaluate the risks associated with cloud computing, e-commerce, m-commerce, blockchain, and IoT.
  • Discuss audit strategies and approaches for assessing the adequacy and effectiveness of controls established by businesses to mitigate risks.
  • Get tips for building and establishing trust as an advisor to the organization.

Wai Khin Hoi has 20+ years of overseas and local experience in information systems, specializing in the areas of information security and business continuity. He has an extensive background in managing risk/audit/security programs to meet legal, human resources, audit, IT, risk management, and information security requirements by constantly innovating ideas to implement value-added security programs to support organizational objectives and build frameworks for security beyond compliance. His global experiences included assisting organizations in IT due diligence audits, Sarbanes-Oxley 404 IT general computer control audits, IT diagnostic audits for merger and acquisition processes, ISO 27001 certification projects, and compliance with internal and external IT audit requirements.

Prior to joining RSM in Singapore, Hoi was the information security officer for a global B2B company, managing security, business continuity, PDPA, and audit programs. His experiences also include working as a data protection officer for a leading semiconductor manufacturer, tasked with protecting highly confidential R&D IP information. Last but not least, he also worked for PricewaterhouseCoopers Taiwan, providing audit assurance, security, and business continuity advisory services.

NASBA CPE Credit: 1.2

Mike Fucilli, CIA, QIAL. CRMA, CGAP, CFE
Principal Consultant
MAS Audit Services
USA

The long history of public sector failures has seen billions of dollars lost, embarrassment, redundancy, and a loss in public trust. Even though leaders are familiar with past failures, they have been repeated. Internal audit is in the perfect situation to provide the proper scrutiny and assist management in understanding governance, risk, and controls and help management avoid the “mega failure phenomena.”

In this session, participants will:

  • Understand the need for increased efficiency and cost-effectiveness to control and reduce public spending.
  • Be introduced to performance measurements associated with emphasis on and accountability for results.
  • Focus on improvement of organizational performance and ability to implement and adapt to change.

Michael J. Fucilli has a 40-year background in internal auditing that includes financial services, public sector, defense contracting, inventory management, technology, COSO, and SOX reporting. He has 20+ years of chief audit executive experience. He is also an instructor for St. John’s University, where he teaches The IIA’s CIA Learning System for the Certified Internal Auditor exam. Fucilli has hands-on experience in conducting operational, risk management, and governance audits of major corporations’ operations, including, revenue, core operations, HR, pensions, medical costs, finance, procurement, occupational safety, and technology, including major system implementations. Over the last ten years, he and his team have identified more than $2 billion in cost efficiencies in accordance with the COSO Framework.

Fucilli has provided training for IIA chapters and institutes worldwide, MISTI, CFE Association, AICPA, top 100 corporations, and major federal and state government agencies. He has presented courses and made presentations throughout North America, Europe, Asia, and the Caribbean. A sought-after passionate and energetic speaker, he has received the highest ratings by participants. Fucilli spoke at the last five IIA International Conferences and is a subject matter speaker on all facets of internal auditing and consulting projects.

NASBA CPE Credit: 1.2

​Session Details Being Finalized

NASBA CPE Credit: 1.2
​​​​​
9:15 - 9:30 a.m.
2021 International Conference Day Five Welcome

Ranjit Singh Taram Singh, CIA, CRMA
2020–21 IIA Director of Global Services of the Global Board
Malaysia

Jenitha John, CIA, QIAL
2020–21 IIA Chairman of the Global Board
South Africa

Ranjit Singh Taram Singh Bio being finalized

Jenitha John is 2020-21 Chair of The Institute of Internal Auditors (IIA) Global Board of Directors. In this role, John serves as an officer of the Global Board, is chairman of the Supervisory Committee, and presides over the Global Assembly. She has more than 27 years of experience in internal auditing, including as a Chief Audit Executive. Before becoming Chairman of The IIA Global Board, John’s volunteer roles included serving as the Global Board’s Senior Vice Chair (2019- 20), as well as serving on the IPPF Relook Task Force, Committee of Research and Education Advisors, Financial Services Guidance Committee, and on the Global Board’s Executive Committee as 2018-19 Vice Chairman-Professional Certifications, and 2017-18 Vice Chairman-Professional Practices. John also led a global task force on the recently updated Three Lines Model (formerly Three Lines of Defense). John paralleled her executive role by having served as a non-executive director of both public- and private-sector entities. A seasoned executive with experience in industries ranging from utilities to telecommunications, agriculture, health care, insurance, automobile, information technology, and financial services, she currently serves as a non-executive director and Audit Committee Chairman of listed company boards in South Africa. Recognized as “South Africa’s Internal Auditor of the Year” in 2014, John has addressed conferences around the globe on a wide array of topics, such as internal audit’s role in governance, combined assurance, women in leadership, the impact of AI and robotics on industries, emerging issues in the financial services industry, and the value of key performance indicators. In addition, John actively participates in mentoring circles, panel discussions, and networking sessions throughout the world, and strongly believes in developing young minds. John is a Certified Internal Auditor (CIA) and has received the Qualification in Internal Audit Leadership (QIAL) designation. Other professional credentials include CA(SA), South African Institute of Chartered Accountants; CD(SA), Institute of Directors (Chartered Director); and SEP, Senior Executive Program, Harvard Business School. John received a bachelor’s degree from the University of KwaZulu-Natal and an Honors degree from the University of South Africa, majoring in financial accounting, management accounting, taxation, auditing and economics. For her chairman’s year theme, John chose “Reimagining Resilience” to emphasize the role agility plays in internal audit every day, but particularly during times of crisis.

NASBA CPE Credit: 1.2

10:30 - 11:00 a.m.
Networking Break in the Virtual Exhibit Hall
​11:00 a.m. - 12:00 p.m.
​Concurrent Session Tracks

Imran Zia, CIA, CRMA, ACA, FCCA, CISA, CFE, GRCP
Director, Audit and Assurance
Government of British Columbia
Canada

The world of business is changing at an incredible speed. New technologies, demands, and solutions are challenging organizations and their leaders to rethink, refocus, and reinvent. This new reality challenges the perception and tolerance of key stakeholders towards the organizational management of risk and leads to the question: How have recent events in the corporate environment impacted the role of internal audit now and in the future? To survive and thrive, the internal audit profession needs a much higher tolerance and preparedness for uncertainty. The profession must quickly respond and adapt to this “New Normal.” Added to this global dimension, this session will put a new spotlight on the rapidly evolving role of internal audit professionals, explain how internal audit should respond to the dynamic business environment, re-think ways of aligning with change, and focus on the strategy that internal audit can adopt to accelerate its evolution from where it is to where it should be.

In this session, participants will:

  • Learn to develop a future-focused approach towards internal auditing, focusing on where the risk is going to be, instead of where it has been.
  • Explore true “value creation” for key stakeholders, including what is real value and how to deliver what matters the most.
  • Discover ways to turn insights into outsights (being able to predict the weather, rather than just reporting it).
  • Determine how internal audit professionals should respond to the dynamic business environment and re-think ways of aligning with the change.

Imran Zia is a seasoned professional who has established a reputation as a transformational leader. His expertise encompasses all aspects of internal audit and risk management. He has served various national and multinational organizations as an internal audit leader and currently works for the Government of British Columbia, Canada as director of audit and assurance. Zia is a proud winner of the “Internal Audit Excellence Award” from ICAEW (Institute of Chartered Accountants in England & Wales). He is actively involved in the profession, contributing as a subject matter expert, authoring professional articles, presenting at IIA national and international conferences, and participating in professional podcasts and forums globally.

NASBA CPE Credit: 1.2

Tim Klatte
Head, Forensic Advisory Services
Grant Thornton
China

Jack Wei
Partner
Grant Thornton
China

Based on a recent ACFE survey, corporate fraud isn’t typically detected until 5-8 months after it starts. This means we will have a clear picture of fraud taking place from now until right around the time of the conference, providing the global audience with insights on a timely topic. Given what’s happening in China and Asia, and that COVID-19 began in Wuhan, China, China is ahead of the rest of the world in dealing with fraud issues. This presentation will discuss the state of the world today, describing approaches to use to look for fraud areas along with ideas for mitigating fraud before it occurs, including strengthening or even changing the internal control environment and related monitoring.

In this session, participants will:

  • Examine indicators of fraud in the COVID-19 era.
  • Identify where internal controls and corporate governance may require alteration in the completely changed and sometimes remote work environment.
  • Determine approaches to mitigate fraud.

Tim Klatte is a multilingual (English, Mandarin, Japanese) Doctor of Business Administration graduate who is currently leading the Shanghai forensic advisory services business for Grant Thornton China. He has more than 26 years of China-related experience, including nearly 15 years working in Shanghai for two leading global accounting firms and a premier Chinese investment management company. With both Deloitte and Grant Thornton, Klatte has focused on forensic advisory to develop, manage, and enhance ethics and compliance programs. Leveraging risk management consulting and his strong academic background, he effectively prioritizes and builds sustainable ethics and compliance programs for clients in China’s complex and changing business environment. His expertise spans multi-industry compliance operations (including policy management, monitoring, training, and communications, whistle blower hotline, integrity due diligence, security issues, eDiscovery, cyber security, forensic investigations, data analytics, and executive reporting). He has conducted 500+ investigations and corporate intelligence projects across multiple industries and in all regions of China. He has written for AmCham Insights and European Chamber EuroBiz since 2017 and is currently co-authoring a book on corporate compliance in China titled, “Ethically Powered.” His affiliations include: chairman, AmCham Ethics & Compliance Committee; vice-chairman, China Committee, American Bar Association; adjunct MBA professor, Webster University, Shanghai; associate member, Association of Certified Fraud Examiners; and finance committee volunteer, Shanghai American School. He has delivered presentations on Taking Charge in Fighting Digital White Collar Crime With Technology and Law; Tying Technology to Advance Legal and Accounting Investigations to the Next Level, and others.

Jack Wei Bio being finalized

NASBA CPE Credit: 1.2

Arvind Mehta, CISA, C-EH, CDPPM
Vice President, IT Audit and Analytics
EXL Services, Inc.
USA

Examples of artificial intelligence gone wrong are increasingly making the headlines. A major corporation’s AI-powered CEO search showed bias against women; AI algorithms for know your customer (KYC) did not yield the right results. Does this mean the promise of AI is unreal? Absolutely not. What it means is that every AI deployment must include checks, balances, and quality controls to mitigate bias before it impacts output. How can auditors ensure AI models are unbiased?

In this session, participants will:

  • Learn how to determine if bias has crept into their artificial intelligence algorithm.
  • Understand best practices for protecting against bias.
  • Discover what they need to know about ethics and bias in artificial intelligence.

Arvind Mehta is vice president and head of audit transformation and data privacy at EXL Services Inc. As part of EXL’s leadership team, he partners with global risk and compliance executives from Fortune 500 organizations to advance analytics and robotics within internal audit. In addition to working with large financial institutions and healthcare companies to transform risk and compliance using advanced analytics, robotics, automation, and GRC platform implementations, he has helped legal and privacy teams implement FCPA, anti-bribery and corruption, GDPR, and CCPA initiatives. Mehta frequently speaks and writes for The IIA and ISACA.

NASBA CPE Credit: 1.2

Robert Luu
Acting Managing Director and Client Partnership, Asia-Pacific and Japan
Galvanize
Singapore

The COVID-19 pandemic has forced organizations to adapt to the new realities of remote work, social distancing, and alternative working arrangements. The new policies introduced to govern these situations have stretched the limits of existing technology and operating capabilities — creating increasing exposure to existing and new IT risks. IT risk and assurance professionals must drive an effective and informed IT-risk response. They also need to provide real-time insights into critical IT control areas for business decision-making. This is where quantifiable key risk indicators (KRIs) become very important, as they provide early warning signals when risks move in an unfavorable direction.

In this session, participants will:

  • Know why KPIs, KRIs, and KCIs are important in today’s shifting IT risk environment. 
  • Go through examples of leading, lagging, and current KRIs and what makes them most effective. 
  • Learn how to establish the right KRIs for IT governance at their organization. 
  • Understand how InfoSec and audit teams can collaborate to report on IT risk.

Robert Luu Bio being finalized

NASBA CPE Credit: 1.2

Maciej Piołunowicz, CIA
Head, Internal Audit
Bank Gospodarstwa Krajowego
Poland

Training and development is key for auditors. We need to have up-to-date technical knowledge to properly audit different businesses. We require soft competencies — like negotiation, communication, and report writing. And we must be able to manage stress in our very tough job. How can we achieve that? What other aspects, besides formal training, can be useful? And most importantly, how can we create a culture that auditors will thrive in and want to be a part of?

In this session, participants will:

  • Find out about cultural transformation that took place in BGK (State Development Bank of Poland).
  • Analyze what ways and tools are best to use for internal auditors’ development.
  • Select the methods and actions organizations should use to ensure internal auditors do not leave.
  • Discuss the key ingredients for creating a cultural climate that is good for internal auditors.

Maciej Piołunowicz has 15+ years of experience as an internal auditor in banks. Since 2010, he’s been chief audit executive of Bank Gospodarstwa Krajowego (State Development Bank of Poland), one of the largest banks in Poland, where he manages a team of 21 internal auditors. Earlier, he worked in internal audit in BZ WBK (currently the Polish branch of Santander Bank, and the third largest bank in Poland) and National Bank of Poland (Polish central bank). He is a lecturer at post-graduate studies on internal audit at the Warsaw School of Economics (SGH), the most widely known and the best economic university in Poland. He is a former Vice-Chairman of IIA–Poland, where he was responsible for cooperation with financial sector auditors and communication with IIA members. He has cooperated in different forms with IIA Poland for almost two decades. He holds the CIA designation.

Piołunowicz is an author of articles on internal audit and corporate governance published by leading Polish magazines. He has conducted a number of presentations, and led or participated in panel discussions during conferences organized both in Poland and abroad; in Poland most notably during annual, financial, and IT conferences organized by IIA–Poland and at meetings of the financial services auditors’ branch of IIA–Poland. He was also a speaker during an international conference in Latvia in 2019, hosted a webinar for IIA–Bulgaria in 2020, and as CAE of BGK, he’s delivered presentations at meetings in Frankfurt, Brussels, Paris, and Rome.

NASBA CPE Credit: 1.2

12:00 - 12:30 p.m. ​Networking Break in the Virtual Exhibit Hall

Afshin Molavi
Senior Fellow, Foreign Policy Institute
Johns Hopkins University School of Advanced International Studies (SAIS)
USA

Afshin Molavi Bio being finalized

NASBA CPE Credit: 1.2

*Indicates sessions that will be included in the ​All Access (Rebroadcast) viewing option.

Schedule Changes​

At times, it may be necessary to cancel, reschedule, or substitute an event, conference session, speaker, conference, and/or topic after registration has been confirmed. The IIA will provide advance notification of any changes once notice has been received.