Download Printable ProgramConference-at-a-G​lance​​​​​​​​​



The IIA’s 2020 International Conference program will feature outstanding speakers whose shared goal is to deliver a world-class event reflective of The IIA's high standards of excellence.

Educational Streams




In Conversation With

Soundbite Sessions

Global Insights, Cybersecurity, Privacy, and Technology

L.E.A.D (Lead, Explore, and Disrupt)




Sunday, 1 Nov 2020
​7:30 a.m. – 6:00 p.m.​​​​​ ​Registration
1:00 – 5:00 p.m. Pre-conference Workshops

Michael-Anthony Peet
Vice President, Head of Audit Global & Analytics

ABB
USA  

Steve Biskie
Director, Risk Advisory Services
RSM
USA

The topic of automation, and RPA specifically, has been taking the business world by storm. What might not be initially obvious is how automation and analytics often go hand-in-hand, particularly in the context of an audit. Sometimes a “bot” might pull and organize data that can then be assessed via data analytics, whereas other times an analytic might identify the “suspect” that the bot then needs to gather different information around.

In this session, participants will:

  • Understand how RPA technologies differ from other technologies that offer automation capabilities.
  • See multiple use-cases of the ideal hand-off between data analytics and RPA.
  • Review common pitfalls and how to avoid or mitigate them.
  • Perform a hands-on live “opportunity scan” to see how to visualize and report on automation priorities.

Michael-Anthony Peet's Bio Being Finalized

Steve Biskie has been working in audit, compliance, and IT risk management for over 23 years. His IT experience includes public accounting, private industry, and specialized risk management consulting firms. Considered an international expert in SAP audit and risk management issues, Biskie has published numerous audit-related topics for SAP Professional Journal and written articles for SAP GRC Expert. He authored Surviving an SAP Audit and was an expert reviewer for Security, Audit, and Control Features: SAP ERP (Third and Fourth Editions). He is a thought leader in audit analytics and continuous monitoring, and is a four-time IIA All Star speaker.

Steve Morang, CIA, CRMA, CFE, CCEP
Senior Manager, Fraud and Forensics
Frank, Rimerman + Co. LLP
USA

Sanya Morang
Adjunct Professor
Golden Gate University
USA

How do people get seduced into fraud? How do fraudsters use seduction to deceive people? Seduction is an indirect form of power; when it is raised to the level of an art, it has toppled governments, won elections, and enslaved great minds. Understanding how fraudsters use seduction in everyday settings will unlock the mysteries behind their ability to circumvent even the strongest internal control systems.

In this session, participants will:

  • Discover the power behind the seduction of fraud and how to use this knowledge to bridge the gap between fraud prevention, ethics, and human nature.
  • Describe the attributes of the “Seduction of Fraud Diamond” and how they help to analyze fraud schemes.
  • Develop an understanding of the personality similarities between historical seducers and modern-day fraudsters.

Steve Morang is a global leader in fraud prevention, detection, investigation, ethics, and compliance. He speaks frequently at local, regional, national, and international conferences, and recently co-developed a new series of sessions titled “The Seduction of Fraud.” Over the past 20 years, Morang has developed multiple methodologies to help organizations stay ahead of the latest trends in fraud. He has been featured in publications such as Forbes, American Banker, and Fraud Magazine. Additionally, Morang authors Fraud Magazine’s Big Frauds column and is an adjunct professor of fraud and ethics at Golden Gate University.

Sanya Morang is an expert on human nature and behavior and co-founder of the Seduction of Fraud. She is an adjunct professor at Golden Gate University, as well as vice president of research and development for the San Francisco chapter of the ACFE. Morang has prior experience in the fashion, cosmetics, and airline industries.

3:00 – 3:30 p.m. Networking Break with Refreshments in Exhibit Hall
Monday, 2 November 2020
​7:00 a.m. – 6​:00 p.m. ​Registration and Customer Relations
​​7:00 – 8:00 a.m.
​Continental Breakfast and Networking with Exhibitors
8:00 – 8:30 a.m. Opening Remarks

Seth Mattison
Workforce Trends Expert
Co-founder and Chief Officer Movement
Luminate Labs
USA

The workforce is moving inexorably toward greater diversity. There’s a good chance you’re working alongside three and possibly even four generations of talent. This dynamic can create crippling challenges or game-changing advantages for teams that learn to recognize, understand, value, and ultimately tap the strategic perspective that lies within every generation. Seth Mattison will explore today’s biggest workforce trends and the histories, personalities, strengths, and challenges of each unique generational group.

In this session, participants will:

  • Understand how fresh eyes and seasoned wisdom will be a fierce force in the new world of work, and how Gen-Power will help you harness it.
  • Hear about counterintuitive perspectives on today’s unique generations.
  • Gain deep insights into behaviors and trends impacting engagement.
  • Learn strategies for influencing and persuading across generations.
  • Discover communication tactics positioned to resonate with every generation.

Seth Mattison is an internationally renowned expert and author on workforce trends, generational dynamics, and business strategy. As co-founder and chief movement officer of Luminate Labs, he advises many of the world’s leading brands and organizations on key shifts happening around talent management, change and innovation, leadership, and the future of work. His ideas have been featured in such publications as The Wall Street Journal, Forbes, The Huffington Post, and The Globe and Mail, and he was named among the Editors’ Picks for Speakers to Watch in 2017. For the past decade, Mattison has shared his insights with thousands of business leaders around the world and has received accolades from many of the world’s best brands, including MasterCard, Johnson & Johnson, Microsoft, Kraft Foods, AT&T, PepsiCo, GE Energy, Cisco, State Farm, Merrill Lynch, Dow, and Disney.


9:45 – 10:20 a.m. Networking Break​ with Refreshments in Exhibit Hall
10:15 – 11:05 a.m.​ Concurrent Session Tracks​​​​

Sriram Padmanabhan, QIAL, CA, CISA
Chief Auditor, Technology
Citi
USA

Heather Haboush
Chief Auditor
and Chief Operating Officer
Citigroup
USA

Join us for a unique opportunity to discuss diversity and inclusion (D&I) in the workplace. During the session, speakers will touch on the benefits of increased D&I on individuals and the organization, and will offer concrete and actionable solutions to create and sustain a diverse and inclusive culture.

In this session, participants will:

  • Uncover the benefits of a more diverse and inclusive work environment.
  • Discuss how Citi and Citi’s internal audit team are fostering D&I.
  • Explore ideas and methods on how to increase D&I at any organization or team.

Sriram Padmanabhan sets overall strategic direction for Citi’s technology audit function and is responsible for audits of Citi’s data quality program. Padmanabhan, a member of Citigroup’s internal audit executive management team, leads a team of approximately 200+ audit professionals based across 26 locations. Previously, he was regional head of audit for Middle East and Africa at Standard Chartered Bank (SCB). In addition to internal audit, Padmanabhan had leadership roles in various businesses and functions such as consumer banking, operations and technology, finance, compliance, and risk, and he worked in many countries; he was also chair of the audit committee for an SCB subsidiary.

Heather Haboush brings 25+ years of financial services industry experience to her role as head of strategy for internal audit at Citigroup. She is responsible for developing and executing internal audit’s multi-year strategy, including regulatory engagement and emerging risks. Haboush previously drove process improvements and efficient deployment of internal audit resources as COO for internal audit. Prior, as finance lead for Citi’s global functions, including finance, risk, legal, HR, compliance, and internal audit, she spearheaded numerous global projects that increased efficiency and supported finance transformation initiatives. Haboush also served as head of planning, responsible for Citi’s multi-year strategic plan. Her background includes investment banking and strategic planning for an internet startup.

Moderator:
Scott Norton, CPA
Senior Vice President, and Head of Internal Audit
Bayview Asset Management
USA

Scott Norton joined Bayview Asset Management in 2018 as senior vice president and head of internal audit. He was previously the chief auditor for BankUnited Inc., a publicly traded bank holding company with more than $30 billion in assets. Norton began his career as an external auditor for PricewaterhouseCoopers and later held executive positions in the consulting divisions of both Grant Thornton and Protiviti. He serves on the board of The IIA’s Miami chapter.


A. Storytelling via Digitized Audit Reports

Larry C. Herzog Butler, CIA, CRMA, CPA, CGMA, CRISC
Senior Director, Internal Audit
Delivery Hero SE
GERMANY

Some audit reports are prepared in Word. Some in PowerPoint. How engaging are these reports to executive management and the audit committee? This session explores how a small internal audit function’s use of storytelling to digitalize its reports resulted in greater engagement and collaboration.

In this session, participants will:

  • Distinguish between the various internal audit reporting needs of stakeholders.
  • Understand the power of storytelling through audit engagement and audit committee reports.
  • Learn how to begin to develop dashboards that engage stakeholders.
  • Develop ideas for audit reporting via digital formats.

Larry C. Herzog Butler is senior director of internal audit for Delivery Hero SE, a company that in 2017 completed one of Europe’s most successful IPOs. Formerly with Deloitte & Touche, he has 20+ years of experience providing audit, compliance, business process improvement, enterprise risk management, and advisory services. His background encompasses planning and executing internal audits and Sarbanes-Oxley engagements, reporting to audit committees, managing key stakeholder relationships, training audit staff, and strengthening internal controls over financial reporting. Butler has volunteered extensively with The IIA, including formerly serving as president of IIA–Los Angeles and currently sitting on the chapter’s Board of Governors.


B. Trail Blazers Use Technology to Their Advantage

Colleen Knuff
Senior Director, Product Management
Wolters Kluwer - TeamMate
CANADA

Standard practice — wait until fieldwork is done, then write the report. What if you could continuously report your findings to management, collaborate on their responses, track how your communications change over time, and publish at the end of fieldwork? Agility in reporting requires rethinking how we communicate what we know and when. It also requires us to leave our biases at the door.

In this session, participants will:

  • Learn why continuous delivery of findings and collaboration on responses creates speed to delivery.
  • Discover why giving stakeholders direct access to findings promotes an “anytime, anywhere” approach to communication and collaboration.
  • Understand how real-time reporting can only be achieved if we stay away from secondary tools.
  • Identify the benefits of natural language processing (NLP) assistance, especially sentiment analysis, when editing audit reports to ensure our message matches our data.

Colleen Knuff has served as a product manager for TeamMate software for almost 20 years. Her focus is to ensure the needs of assurance professionals are met while delivering value based on professional standard requirements, changes to technology, and internal auditor feedback globally. She leads a global product management team focused on innovative solutions to real market problems, with heavy emphasis on voice of customer, contextual design, and user observation. Previously, as internal audit senior manager with PricewaterhouseCoopers, Knuff worked on a wide variety of internal audit projects, including strategic business processes, operational audits, IT audits, outsource vendor audits, and business operations, across multiple clients.

Komitas Stepanyan, PhD, CRMA, CRISC
Deputy Head Internal Audit
Central Bank of Armenia
ARMENIA

It is now commonly accepted that it’s no longer a matter of "if" but "when" an organization will suffer a cyberattack. Cyber resilience is the ability to prepare for, respond to, and recover from cyberattacks. This session will cover several important aspects of cyber resilience and how internal audit can bring value by auditing cyber resilience.

In this session, participants will:

  • Consider whether cyber resilience is merely wordplay or a valuable concept.
  • Evaluate internal audit’s role in cyber resilience.
  • Discuss cyber resilience as a challenging engagement for internal audit.
  • Assess possible audit approaches to cyber resilience.

Komitas Stepanyan has almost 20 years of experience in internal audit, IT audit, information security, and information technologies. He has been deputy chief audit executive of Central Bank of Armenia’s IT audit division for more than nine years. He serves on the board of IIA–Armenia and the advisory board of CyberCentral. Stepanyan is a published author of numerous scientific articles, and he has spoken at several international events. He also provides IMF and World Bank with expertise on IT and cyber risk management, regulation and supervision, and IT fraud examination. Stepanyan has conducted and led many technical assistance and capacity-building missions, covering diverse countries and topics.

Brian Christensen, CPA
Executive Vice President,
Global Internal Audit
Protiviti
USA

Digital activities and tools such as advanced analytics, automated processes, process mining insights, AI, and machine learning enable internal auditors to translate an increasingly overwhelming amount of data into meaningful, impactful analysis. Coupled with divergent and critical thinking, these capabilities have the potential to steepen the value-delivery curve significantly for auditors. This presentation will offer key observations and recommendations on how internal audit can deliver more value in the digital age.

In this session, participants will:

  • Outline the digital tools internal audit needs to address business priorities and deliver meaningful results through the audit plan.
  • Discuss how a next-generation internal audit strategy can align with the company’s risk profile and stakeholder expectations.
  • Describe how CAEs can deploy data and technology-enabled processes and capabilities that facilitate delivery of cost-effective, value-added assurance.

Brian Christensen is a founding managing director at Protiviti and currently serves as global leader of the firm’s internal audit and financial advisory practice. He is also president of the Internal Audit Foundation. Christensen was recognized by Consulting Magazine as one of the Top 25 Consultants in 2017 in the leadership category and by the National Association of Corporate Directors (NACD) in the 2019 NACD 100 as one of the top contributors on corporate governance. He was previously a partner with Arthur Andersen.

​11:05 – 11:20 a.m. Transition Break
11:20 a.m. – 12:35 p.m.​​​​​ ​Concurrent Session Tracks

Moderator:
Claire Chong
Industry Specialist
CaseWare IDEA
CANADA

Claire Chong brings more than 15 years of experience in internal audit, finance, and assurance and advisory services to her role as industry strategist. Serving as an industry subject matter expert, she helps drive the development and delivery of value-added analytics solutions. Prior to joining CaseWare IDEA, Claire held audit management positions in public, private, and government enterprises in a variety of industries, including gaming and lottery, exhibitions and events, consumer packaged goods, commercial real estate, and professional services.

Presenter:
Lenny Block, CIA, CPA
Vice President, Internal Audit
Nasdaq
USA

Sometimes people seek therapy to help overcome a barrier preventing them from achieving a goal. A similar approach can be applied to learning how to succeed with data analytics. This presentation’s interview format allows for sharing of expertise in incorporating analytics into the audit process. Use cases will illustrate how to overcome barriers, encourage team adoption, and gather data. Guidance will be prescribed to analytics challenges that attendees care to share.

In this session, participants will:

  • Learn how to apply an “ask the doctor”’ approach to obtain precise prescriptions (recommended solutions) to help overcome data analytics challenges (or fears).
  • Identify the data available to them and learn how to get it.
  • Grow analytics expertise organically within their audit teams.
  • Expand their focus beyond numerical data.

Lenny Block is vice president of internal audit at Nasdaq. He brings a background of more than 35 years in internal audit, business process reengineering, database design, and project management. Block has extensive practical experience in managing all phases of an internal audit, ensuring regulatory compliance and financial reporting integrity, and improving operational effectiveness for Nasdaq-owned entities worldwide. He also leads internal audit‘s data analytics program and donates his expertise on foreign corrupt practices compliance to the corporate ethics team. Block also teaches auditing as a member of Southern New Hampshire University’s adjunct faculty. He previously worked in the nonprofit, mortgage-backed securities, and telecommunications industries.

Moderator:
Patricia Miller, Owner
PKMiller Risk Consulting
USA

Patty Miller is the owner of PKMiller Risk Consulting, LLC and has significant management and consulting experience. In her 14 years with Deloitte, she served as the lead risk services partner on significant technology and consumer clients. Her many IIA volunteer roles have included Chairman from 2008–09, executive committee member, and Chair of the Standards Board. She is a frequent speaker and trainer, and has led and co-authored research projects for The IIA. Miller is the recipient of the William G. Bishop III Lifetime Achievement, Victor Z. Brink, and American Hall of Distinguished Audit Practitioners Awards.


A. Session Title Being Finalized

Tracie Marquardt, CPA
Audit Communication Specialist
Quality Assurance Communication
GERMANY

Session Description Being Finalized

Tracie Marquardt is Europe’s leading audit communication specialist, empowering international internal audit teams to become more effective in their global communication so they achieve better results, more efficiently than ever before. Her clients become agents of positive change within their organizations whose contributions to organizational success are recognized at the C-level. Marquardt partners with client audit teams from her bases in Heidelberg, Germany, and Kingston, Ontario, Canada. She is a Deloitte alumnus and the immediate past president of the Heidelberg chapter of Toastmasters International.


B. Examining the Myths of Business Ethics: Do Internal Auditors Fall Prey to Them As Well?

Matej Drascek, CIA, CRMA
Chief Internal Auditor and
Chief Audit Executive
LON Bank
SLOVENIA

Ethics represents a cornerstone of internal auditing, not only as a profession but also as providing assurance of an organization’s ethical practices. With recent corporate scandals and low public trust in corporations, internal auditors should take a step back and look at tacit truths/ common myths about business ethics and whether they are indeed helping organizations to become more ethical. This presentation will draw on different research, with emphasis in behavior ethics.

In this session, participants will:

  • Distinguish between actual truths and myths about business ethics, including the code of conduct supporting ethical behavior; the compliance program helping the organization become more ethical; whistleblowing tools reducing the risks of unethical behavior, etc.
  • Explore tools for enabling better auditing these myths and mitigating related risks.
  • Discuss ideas to help their organization become more ethical.

Matej Drašček is chief audit executive for a regional retail bank in Slovenia. In addition to having served as a teaching assistant and guest lecturer for several universities and faculties, he has published numerous professional and scientific international articles on internal audit, human resources, business ethics, and strategic management. Drašček has spoken at domestic and international conferences, presenting new tools and insights in internal audit, strategic management, and ethics. He won The IIA’s William S. Smith Award for highest score in the CIA exam.


C. Fraud and Ethics: Do Generational Differences Matter?

Ann M. Butera, CRP
President
The Whole Person Project
USA

“Work hard and you will be rewarded.” “Respect those with authority.” As the new breed of employee joins our teams, these business values are changing fast. Raised in a disposable, technologically advanced, quantitative age, these employees have different expectations and perspectives. This interactive session will explore how generational differences affect ethical decision-making, as well as techniques you can use immediately when identifying potential fraud risk and evaluating ethical situations.

In this session, participants will:

  • Understand the behavioral characteristics of three different generations in the workplace.
  • Describe the impact of generational differences on fraud risk assessment.
  • Explain the effect of generational differences on ethical decision making.

Ann M. Butera is president of The Whole Person Project, Inc., and an organizational development consulting firm that enables auditors to improve their organizations’ risk management practices. Known for providing practical advice with a sense of humor, she develops behavior-changing training programs for first and second line of defense and internal audit departments. Butera is a former audit committee member for a financial services firm. She frequently speaks at IIA conferences and chapter meetings, writes for Protiviti’s KnowledgeLeader column, and leads webinars. She also authored the book, “Mastering the Five Tiers of Audit Competency: The Essence of Effective Auditing.”

Marinus Hommes, CPA
Lead Partner, Risk & Compliance
RSM
NETHERLANDS

Lotte Schieving
Privacy Officer
Municipality of Deventer
NETHERLANDS

Many projects in the public domain innovate with smart digital solutions to create new standards for sustainability and mobility, or new economic opportunities. These innovative projects require cooperation between partners, suppliers, clients, and the government. Governments often serve as suppliers of vast collections of personal information, but also have their responsibilities to the public.

In this session, participants will:

  • Discuss the cornerstones for successful and innovative privacy by design.
  • Learn tips for embedding appropriate privacy protection.
  • Understand how to incorporate privacy into a robust design to build successful public innovative projects without setting unnecessary restrictions on public innovation.
  • Hear about lessons learned in some larger projects.

Marinus Hommes is a partner and risk advisory lead for RSM in The Netherlands. He has more than 25 years of experience as senior audit partner, IT audit partner, and risk services partner. Prior to RSM, Hommes established his own consulting firm and worked at Deloitte and PwC in the international practice. His current advisory and assurance projects are mainly in the fields of security and privacy and related compliance and legislative standards; these projects include ensuring logistics services security for a large defense industry program across Europe; providing data protection services for several local governments and organizations; and serving as ISO27000 lead auditor for several clients.

Lotte Schieving is a privacy officer for the Municipality of Deventer in The Netherlands. In this role, she implements privacy by design frameworks in public organizations. Her experience encompasses privacy risk assessments and internal auditing. She previously worked as a privacy officer for the Dutch Council for Refugees and as a legal advisor for the Dutch Public Prosecutor’s office.

J. Craig Carter
Director
Gradient
USA

Greg Jordan
Chief Audit Executive
Nationwide Insurance
USA

Data quality, integrity, analysis, and modeling are fundamental to building competitive advantage. Organizations increasingly rely on data-backed decision-making to redefine their processes and business models. Internal audit must do the same to improve value, innovation, and focus on risks that matter. Machine learning enables dynamic refinement of internal audit’s focus, role, and positioning, elevating the function’s value and relevance while engaging new stakeholders.

In this session, participants will:

  • Understand how internal audit can leverage machine learning to reevaluate the audit universe, stratify audit coverage, identify and assess emerging risk on a continuous basis, and automate audit procedures.
  • Learn where to start, including obtaining and validating data, identifying machine learning use cases, developing predictive models and advanced analytics, interpreting results, and enhancing reporting, continuous monitoring, and continuous auditing.
  • Gain insights into expected results, discover what skill sets are required and where internal audit can find them, and evaluate the role of machine learning in the high-performing internal audit function of tomorrow.

Craig Carter has 20 years of experience in the high-tech industry as a chief audit executive, as well as 17 years as a Big Four partner, serving most recently as KPMG’s global leader of internal audit innovation. He is a founding director of Gradient Transformative Solutions, a data science firm specializing in machine learning solutions to business problems. Carter currently serves as a partner in Internal Audit Executive Services (IAES), assisting CAEs, CFOs, and audit committees in optimizing risk coverage and enhancing the effectiveness of their internal audit functions. He also presents frequently at national and regional IIA conferences.

Greg Jordan has held several business and finance leadership roles at Nationwide. As SVP and CAE, he oversees Nationwide’s office of internal audit, including reviewing and communicating the results of internal audit work and serving as a business partner and strategic advisor on various business cabinets. Jordan was previously VP and CFO for exclusive channel western operations and VP of product management for Nationwide Financial’s fixed and offshore annuities. Earlier, he was VP of strategic planning, VP of operations, and controller at Midland Life Insurance Company/Swiss Re, and a senior manager in EY’s insurance and financial services practice group. Jordan is a member of The IIA’s International Exam Development Committee.

​​
​12:45 – 2:00 p.m.
Lunch followed by Dessert and Networking Break with Exhibitors
2​:00 – 2:50​ p.m. Concurrent Session Tracks

Moderator:
Gregory T. Grocholski, CIA
Vice President, Chief Audit Executive
Saudi Basic Industries Corporation (SABIC)
SAUDI ARABIA

Greg Grocholski is responsible for leading and managing the internal audit department on a global level, to ensure the implementation of internal audit best practices worldwide, as well as to coach the company’s internal audit employees to maximize their contributions to achieving the company’s objectives. Grocholski is internationally respected in the audit field and is affiliated to ISACA, for which he has served in various leadership roles. Prior to SABIC, Grocholski attained an impressive track record in the global chemicals industry with more than 30 years of service at The Dow Chemical Company. He achieved numerous promotions in the audit and finance functions, most recently holding the posts of CAE and global director of business finance.

Presenter:
Naohiro Mouri
Executive Vice President and Chief Auditor
AIG
USA

This session will offer a discussion on how the internal audit group at AIG is changing auditor mindset and audit methodology, as well as using robotic process automation (RPA) and data analytics (DA) to achieve greater audit coverage with fewer resources.

In this session, participants will:

  • Hear how AIG’s internal audit group is changing auditor mindset and audit methodology.
  • Learn how AIG uses RPA and DA to increase coverage and efficiency.

Naohiro Mouri is the immediate past chairman of The IIA’s global board. His 27 years of internal audit experience includes both audit execution and management at AIG, MetLife, JP Morgan, Shinsei Bank, Morgan Stanley, Deutsche Bank, and BNP. He began his career at Arthur Andersen. Mouri has spoken at local, regional, and international IIA conferences and taught internal audit courses at Meiji University, Senshu University, and Yokohama National University. He co-authored a book about internal audit in banking that was published in Japanese and Chinese.

A. Strategies for Engaging Your Team in Change

Rachel Tressy
Senior Vice President and Chief Auditor
Voya Financial
USA

Our profession is in a time of unprecedented change. The change needs to come from within, with full engagement from your whole team (no matter what size). This session will discuss ways to move your team forward together through these important times.

In this session, participants will:

  • Review some of the changes we are all facing in the internal audit profession.
  • Discuss strategies for involving their team in the changes.
  • Share successes and failures in recent change management experiences.

Rachel Tressy is senior vice president, and chief audit executive at Voya Financial, responsible for providing internal audits and advisory services for evaluation of the company’s internal control environment. She previously spent 15 years at Cigna in both audit and business roles. Tressy has sought to build relationships with business partners and partners throughout her career to demonstrate the value that strong partnerships bring to companies. She started her career at Ernst & Young in audit and advisory services. She is also active on a nonprofit board of trustees.>


B. How to Put the Success in Succession Planning

Sue Ulrey, CIA, QIAL, CRMA, CRISC, CFE, FCA
National Practice Leader
MMY
USA

Talented people will eventually move on — either by choice or by circumstance — and they must be replaced. Studies and surveys have shown that most companies do not have robust succession plans. Managing the succession of talent is critical to achieving your organizational goals.

In this session, participants will:

  • Understand the value of succession planning for skill development and talent retention.
  • Discover strategies to attract and retain top talent.
  • Recognize the top 10 most common competency gaps.
  • Learn how to develop a successful succession plan.
  • Plan their own leadership development solutions.

Sue Ulrey is an internal audit executive with 25+ years of practitioner and consulting experience in banking, insurance, and healthcare. Innovative and solutions-focused, she drives organizational improvement through audit and data analytics, while promoting strong ethics and governance. Ulrey excels in structuring and strengthening operational and financial processes and controls to maximize long-term performance, growth, and profitability. Leveraging her expertise in project management, strategic planning, best practice evaluation, internal audit QAR, contract/regulatory compliance, vendor oversight/compliance, and finance, risk, internal audit, and governance reviews. Ulrey has managed 100+ large-scale IT and data analytics projects and conducted 100+ contract compliance reviews in the last 10 years.

Peter Hughes
Assistant Auditor-Controller
County of Los Angeles, Department of Auditor-Controller
USA

Robert Campbell, CIA, CRMA, CFE
Chief, Office of County Investigations
County of Los Angeles, Department of Auditor-Controller
USA

All auditors know that their internet is subject to hacking, but few know exactly how easy it is for hackers to penetrate the most common vulnerabilities of any network, or how easy and effective the ‘counter-defense’ or ‘antidote’ is to implement. Recent breeches will be examined and a hack attack will be simulated, providing hands-on exposure to the most common hacker schemes in real-time.

In this session, participants will:

  • Learn how to identify the three most common vulnerabilities of the typical network.
  • Understand a proven approach for countering the hacker schemes most frequently used to penetrate networks.
  • Get tips for customizing, promoting, and implementing a proven training program that includes ongoing compliance testing conducted via simulated and controlled hacks.

Dr. Peter Hughes, Assistant Auditor-Controller/CAE for Los Angeles County, oversees 150 auditors. Peter was the controller at Caltech, assistant controller at CBS, and director of internal audit at Orange County, Caltech, NASA’s Jet Propulsion Lab, and the Oregon University System. His transformation of Orange County’s audit committee and internal audit activities into world-class leaders played a key role in its unprecedented recovery (OC is now triple A rated) from the largest municipal bankruptcy in the country’s history. He serves on IIA’s Public Sector Audit Committee and was the 2010 AICPA’s CPA of the Year.

Robert Campbell is chief of the Office of County Investigations for Los Angeles County (LAC). He leads a staff of 30 law enforcement professionals in administering the countywide fraud hotline and conducting criminal and administrative investigations of waste, fraud, and abuse. Campbell also has extensive experience in information security and privacy matters and formerly directed LAC’s HIPAA compliance program. He is president of The IIA’s Beach Cities Chapter in Long Beach, California, and a frequent speaker at IIA conferences.

Burke Willis
Specialist Leader
Deloitte & Touche LLP
USA

Deanna Caruso
Audit Manager
General Motors
USA

Ali Rana
Audit Tools Manager
General Motors
USA

Colin Loomis, CISA, CISSP
Senior Manager
Deloitte & Touche
USA

In an interactive session using role play, attendees will see what it feels like to work in an internal audit function trying to learn and implement agile principles and methods. The session will begin with a brief overview of Agile and one organization’s journey adopting it, then move quickly on to three scenarios based on actual challenges encountered. Each scenario will conclude with a debrief and Q&A.

In this session, participants will:

  • Learn about common challenges faced by an internal audit function implementing Agile.
  • Develop their own views about how to tackle these challenges.
  • Share their opinions via real-time polling and see and evaluate results from the group.
  • Learn how the co-presenters’ organizations solved these challenges.

Burke Willis is a specialist leader for Deloitte Risk & Financial Advisory. With strong coaching, facilitation, and leadership skills, and 25+ years of experience helping organizations analyze and improve performance, he transforms traditional internal audit groups into well-functioning agile teams. An extensive background working on and leading IT-enabled business transformation projects as both an external consultant and internal technology manager at Fortune 500 companies has enabled Burke to anticipate needs and steer organizations through their transformation journeys to achieve higher-quality, more risk-focused, and more efficient audits, as well as increased satisfaction and perception of value from both business stakeholders and audit staff.

Deanna Caruso has more than 17 years of experience in external audit, corporate accounting, operational finance, and internal audit. She is currently an audit manager in the corporate functions, financial audit, and anti-fraud service line of the internal audit group at General Motors (GM). She is responsible for overseeing the execution of internal audits, consultative reviews, and special projects. Prior to her work at GM, Caruso spent more than seven years at Deloitte in audit and enterprise risk services as an external auditor focused on both manufacturing and automotive retail clients.

Ali Rana focuses on improving how data, technology, and GRC tools support the audit function as a manager in General Motors’ audit services group. He has 15+ years of internal and external audit experience, evaluating risks and controls associated with critical business processes and IT systems. Having held people-leader roles and interacted with audit/compliance functions in Fortune 500 companies, Rana has a unique perspective on audit transformation and adopting practices to position internal audit as a value-added partner. Most recently, he has been involved in several optimization projects within the audit groups at United Airlines and General Motors, with a focus on adopting agile practices.

Colin Loomis is a senior manager within risk and financial advisory at Deloitte with more than nine years of internal audit experience. His focus is on leading audits over areas such as cyber, SOX, and SAP. Additionally, he has supported teams on digital finance transformation with RPA implementations. Throughout his career, Loomis has served numerous Fortune Global 500 companies in the automotive, manufacturing, and technology industries. He also completed a two-year secondment with Deloitte Belgium.

​​
2:50 – 3:25 p.m. Networking Break with Refreshments in Exhibit Hall
3:25 – 4:25 p.m. Concurrent Session Tracks​​

Sudhakar Sathiyamurthy, CRISC, CISA, CGEIT, CIPP/US, ITIL Expert
Managing Director, Cyber
Grant Thornton LLP
USA

The convergence of rapidly emerging technologies, heightened standards/expectations, jurisdictions with complex/conflicting obligations, workforce optimization, and demand for cost reductions are redefining the international cyber compliance landscape, a trend which is expected to intensify in magnitude in the future. A pointed approach to compliance is reactionary, often failing to scale to international standards for cyber compliance. Compliance modernization helps navigate risks/opportunities and manage international cyber compliance standards effectively.

In this session, participants will:

  • Examine compliance modernization from governance, process, and technology standpoints.
  • Identify factors that define cyber compliance modernization and the operating model for driving efficiencies.
  • Explore practical considerations and real-life case studies for transforming cyber compliance operations through robotic process automation (RPA).
  • Build a business case and blueprint for employing automation in the cyber compliance framework to drive value.

Sudhakar Sathiyamurthy is an experienced leader with wide-ranging global experience in helping organizations and risk leaders plan and execute on their digital and cyber risk goals and strategies. His leadership in risk advisory spans more than 14 years. Sathiyamurthy has a track record of excellence in building new market offerings on cyber risk strategy and transformation, privacy and data protection, and risk tech strategy and automation; serving clients with nimble and practical cybersecurity solutions; and growing business through standing-up new service capabilities and scaling-up existing capabilities.

Moderator:
Brian Tremblay, CIA, CISA
Director, Internal Audit
Acacia Communications, Inc.
USA

Brian Tremblay leads the compliance practice at Onapsis, helping customers understand and navigate the increasing overlap of compliance, cybersecurity, and business continuity related to IT general controls and regulatory/compliance matters such as SOX and GDPR. Previously, as CAE for Acacia Communications, he founded and led the internal audit function, helped prepare the organization to go public (including implementing SOX), and facilitated ERM implementation. Previously, as director of internal audit at Iron Mountain, Tremblay oversaw all audits and projects within North America as well as liaised with global quality managers. Prior, he built out an internal audit department and executed a SOX implementation at Houghton Mifflin Harcourt, and worked at Raytheon and Deloitte.


A. Blockchain Organizations and Impact to Internal Audit

Jared Shaw, CFA
Head of Internal Audit
Gemini
USA

Musheer Alambath
Senior Manager
EY
USA

Within the blockchain ecosystem, there exist many types of organizations that interact with the blockchain, which could be categorized within three major groups: (1) public and private blockchain providers; (2) cryptocurrency exchanges and wallet providers; and (3) blockchain technology adopters. This session aims to provide an overview of risk drivers within these different blockchain organizations and their impact to internal audit.

In this session, participants will:

  • Identify key differences and similarities of the three types of blockchain organizations.
  • Describe the specific risks of each of the blockchain organizations.
  • Hear tips for managing internal audit challenges in these organizations.
  • Develop ideas for a proactive approach to resolving challenges and being well-prepared.

Jared Shaw is the head of internal audit at Gemini, a licensed digital asset exchange and custodian serving both individuals and institutions. His proven track record of success has spanned wide range of positions within the U.S. military, financial services, and consulting. A common thread throughout these experiences is his focus on leadership, cross-functional service delivery, and operational efficiency. Shaw has been building and leading teams for the past 20 years, since starting training as an Air Force officer. He has published thought leadership and presented on topics covering blockchain and cryptocurrency risks and the role of internal audit in a blockchain environment.

Musheer Alambath is researching the impact of blockchain on financial services and banking as a Stanford Sloan Fellow. He has presented at TEDx conferences on ideas connected to his research topic. Alambath has 12+ years of industry/consulting experience and has worked on internal audit projects on four continents. He is currently a senior manager within EY’s risk advisory services practice. Previously, he led internal audit teams across multiple geographies as a vice president at a large global bank. Alambath served on the board of The IIA’s Examination Committee. He is passionate about empowering people through education to positively impact the lives of disenfranchised people worldwide.


B. Technology Risks of Blockchain

Jeannette Russell-Shepherd, CIA, CPA, CISA, CISSP
Manager
Friedman LLP
USA

Everyone has heard the word blockchain, but what are the technology risks that auditors should consider when assessing this technology? I will discuss key technology risks to consider when assessing, reviewing, or auditing a blockchain solution, including security, availability, confidentiality, privacy, and processing integrity. Discussion will cover specific use cases, difficulties enterprise and startup companies have encountered while implementing these solutions, and how auditors can advise their clients.

In this session, participants will:

  • Understand standard use cases of blockchain solutions.
  • Determine key considerations for assessing blockchain solutions.
  • Learn how to identify and describe risks when using blockchain, especially data risks.

Jeannette Russell-Shepherd is a manager within Friedman LLP’s governance, risk, and compliance services practice. She has served clients in a range of industries, with a focus on financial services, technology, and digital currency companies. She partners with CyZen, Friedman’s cybersecurity consultants, and the digital currency practice on auditing and advising companies invested in and/or supporting digital currencies and blockchain technology. Russell-Shepherd is experienced in performing IT audits and reviews, conducting SOC 1 and SOC 2 readiness assessments and reporting for service organizations, and providing IT governance risk and compliance services. She previously worked at PwC within risk assurance and on their blockchain validation solution.

Neil Frazer
Vice President, Internal Audit
Knoll, Inc.
USA

Mike Varney, CIA, CPA
Partner
Crowe LLP
USA

Crowe, in partnership with a client, will present on how to begin the process of implementing a data analytics program within your internal audit department. We will attempt to cut through the hype by utilizing a real-world case study outlining tactical steps for beginning to utilize data analytics to support internal audit activities.

In this session, participants will:

  • Identify usable data within their organization to begin a program.
  • Define a structured approach to starting a program.
  • Determine measureable results/outcomes to define the program’s success.

Neil Frazer is an internal audit executive with 20+ years of experience in internal audit, risk management, and accounting with multinational public and private companies as well as a public accounting firm. He has an extensive background in the manufacturing and logistics industry sectors and has established and transformed audit departments in Europe and the U.S. during his career. Recently, Frazer has focused his transformation efforts on embedding data analytics and robotic process automation into both audit and business control processes to increase the effectiveness of business controls and the coverage of audit activities in an economical manner.

Mike Varney has 20+ years of experience in internal audit, risk management, accounting, and financial reporting management with Fortune 1000 global and domestic companies as well as accounting firms. Recently, he has focused on helping clients institute data analytics programs or assess their existing programs. Varney has also participated on a team that defined Crowe’s approach to implementing and developing audit activities utilizing data analytics. His background has encompassed establishing internal audit functions, designing and executing annual audit plans, and leading business process development, including vendor management review procedures, supply chain review, data privacy, and data analytics programs. Varney serves The IIA on both local and North America committees.

Nancy Haig, CIA, CCSA, CFSA, CRMA, CFE, CBA, CRISC, CCEP
Global Director, Internal Audit and Compliance
Alvarez & Marsal
USA

Karen Brady, CIA, CRMA
Corporate Vice President and Chief Compliance Officer
Baptist Health South Florida
USA

Benito Ybarra, CIA, CISA, CFE, CCEP
Chief Audit and Compliance Officer
Texas Department of Transportation
USA

A panel of three CAEs (two who are current BOD members) will discuss their roles as head of both the compliance and internal audit function, including how their careers evolved, the skills they needed, and the challenges they faced.

In this session, participants will:

  • Learn the differences between the CAE and CCO (chief compliance officer) roles.
  • Consider the challenges to be overcome in leading both functions.
  • Decide whether or not this would be a desirable career path, based on the skills needed for both positions.

Nancy Haig is an award-winning author and speaker, and is currently the head of internal audit and compliance for a global consulting firm. Her expertise includes leading risk-based internal audit and compliance teams in the financial services, health care, pharmaceutical, and professional services industries. An advocate of the internal audit profession, Haig not only mentors those interested in pursuing a career in internal auditing, but also serves as a volunteer leader for The IIA as a director on both the Global and North American boards.

Karen Brady has been with Baptist Health for more than 20 years, and has implemented a robust, world-class, and award winning compliance and internal audit program. Under her leadership, Baptist Health has been recognized by the Ethisphere Institute as one on the World’s Most Ethical Companies for the past six years. Brady began her career with Ernst & Young, serving in various executive positions within the hospitality industry, including controller and CAE. She has served as a volunteer leader of The IIA as a member of both the North American and Global Boards.  Brady is past president of the Florida Health Care Compliance Association and serves as the chair of the Finance Committee on the Board of Riverside House, a charitable organization.

Benito Ybarra serves as Chief Audit and Compliance Officer at the Texas Dept. of Transportation (TxDOT). Ybarra oversees TxDOT's Internal Audit and Compliance divisions. These functions are aimed at improving organization practices, risk management, accountability and governance through value-driven audits, reviews, investigations and advisory services engagements.

Prior to joining TxDOT in September 2011, Ybarra worked at Dell Inc. and Texas Guaranteed Student Loan Corporation. He has earned designations as a Certified Internal Auditor, Certified Information Systems Auditor, Certified Fraud Examiner and Certified Compliance and Ethics Professional, as a result of his more than 20 years of audit and investigations experience.

In addition to sitting on the Institute of Internal Auditors' (IIA) Global Board of Directors, Ybarra is the senior vice chairman of the IIA's North American Board.

​​​
​4:10 – 4:25 p.m. Transition Break

Kevin Mitnick

Kevin Mitnick
World's Most Famous Hacker, Global Bestselling Author, and Chief Executive Officer
Mitnick Security Consulting
USA

In this engaging and demonstration-rich experience, Kevin Mitnick illustrates how a hacker’s thought process works and how they ply their tradecraft. You just might realize that you have — like almost everyone else on the planet —a misplaced reliance on security technology, which has now become ineffective against a motivated hacker using a technique called “social engineering.”

In this session, participants will:

  • Learn how they can be influenced into unknowingly helping hackers break into their organization’s computers. 
  • Discover how easily they can become unsuspecting victims who can be manipulated into handing over the keys the kingdom, if they haven’t done so already.

Kevin Mitnick is the world’s most famous former hacker and a global bestselling author whose books are available in over 50 countries and 20 languages. Once one of the FBI’s Most Wanted for hacking into 40+ major corporations just for the challenge and not for monetary gain, he is now a trusted security consultant to businesses and governments worldwide. Also, as chief hacking officer of KnowBe4, he helps produce security awareness training to counteract social engineering and improve security effectiveness. He has been a commentator, security analyst, or interview subject for almost every major news outlet around the globe. Mitnick’s presentations, akin to technology magic shows, include the latest hacking techniques along with expert commentary on issues related to information security and awareness.

​5:45 – 6:45 p.m. Welcome Reception
Tuesday, 3 November 2020
​7:00 a.m. – 5:00 p.m. ​Registration and Customer Relations
​​7:00 – 8:00 a.m.
​Continental Breakfast and Networking with Exhibitors in Exhibit Hall
​8:00 - 8:30 a.m.
​Opening Announcements
​​​

Dan HeathDan Heath
Co-author of Four New York Times Bestselling Books
USA

Why do some big changes happen easily while many small changes prove impossible? Because our mind is divided into two different systems — an analytical mind and an emotional mind — that are often in conflict, particularly in situations of change. Building on this research, and based on the New York Times bestseller, Switch, Dan Heath reveals a simple, three-part framework that will help you change things in tough times.

In this session, participants will:

  • Learn where to start and what to do when they face resistance in facilitating change, whether simple or complex, in their families, businesses, and communities.
  • Learn valuable tips targeted to any change leader who is struggling to make progress.
  • Gain specific tools — and inspiration — needed to make change happen.

Dan Heath is a senior fellow at Duke University’s Center for the Advancement of Social Entrepreneurship (CASE), which supports entrepreneurs who fight for social good. He is the founder of Thinkwell, an innovative education company, and co-author of four New York Times bestsellers: Made to Stick, Switch, Decisive, and The Power of Moments. A former case writer for Harvard Business School, Heath was named in 2013 to the Thinkers 50, a ranking of the world’s 50 most influential management thinkers, and also to Fast Company magazine’s list of the Most Creative People in Business. He has delivered keynotes or workshops for countless executive teams across 26 countries on six continents.

​9:45 – 10:15 a.m. Networking Break​​​​ with Refreshments in Exhibit Hall
​10:15 – 11:05 a.m. Concurrent Session Tracks​​​​​​​

Stacey Schabel, CIA, CPA, Series 6
Vice President, Internal Audit
Jackson National Life
USA

Sarah Saunders
Assistant Vice President, Internal Audit
Jackson National Life
USA

Engaging real-time, rather than looking backward, helps audit teams better protect their organizations from materializing risks and allows them to provide boards, audit committees, and other stakeholders with insight and value when it’s needed, and before problems arise. This presentation will showcase practical tools and assurance approaches used to deliver real-time insight over strategic changes, business as usual activities, and key organizational projects.

In this session, participants will:

  • Become familiar with the types of assurance stakeholders value most.
  • Explore how to assess and develop audit team skills and resources necessary to support conducting real-time assurance.
  • Learn how to implement and amend audit methodology and reporting capabilities in support of real-time assurance.
  • Discover tips and techniques for communicating methodology changes and value to management, audit committees, and other key stakeholders.

Stacey Schabel leads an internal audit team in examining and evaluating the key processes and controls supporting the North American operations of Prudential plc, including Jackson, its subsidiaries, and affiliates. She assists in protecting the organization’s assets, reputation, and sustainability by assessing and reporting on the overall effectiveness of risk management, control, and governance processes. Schabel serves on The IIA’s Global Financial Services Guidance Committee, chairs the IIA–Lansing Chief Audit Executive Engagement Committee, and presents regularly at industry conferences. She was recognized by the MICPA and AICPA as a ‘2019 Woman to Watch,’ by Digital Insurance as a ‘2018 Women in Insurance Leadership,’ and by Crain’s Detroit Business as a ‘2018 Notable Woman in Finance.’

Sarah Saunders is an assistant vice president of internal audit at Jackson, focusing on finance, financial risk, and asset management. She has 15+ years of internal audit experience within financial services and consulting. Saunders is a district advisor and member of the North American chapter relations committee for The IIA.

A. Sustainability and ESG Reporting Update

Bob Hirth
Board Member, and Co-vice Chair
Sustainability Accounting Standards Board
USA

Are you up-to-date with the latest in sustainability and environmental, social, and governance (ESG) reporting, as well as internal audit’s role? This presentation will provide examples of ESG risk/materiality assessment, objective assurance, and third-party assurance from leading organizations worldwide. It will cover the latest concepts and techniques in sustainability and ESG reporting used by these organizations, along with effective ESG board oversight and reporting techniques.

In this session, participants will:

  • Learn why the board must focus on and be involved in ESG and sustainability.
  • Understand how internal audit’s involvement in ESG reporting can add value.
  • Hear about third-party assurance concepts and see the latest examples of this assurance reporting to the public.
  • Gain insights into effectively applying COSO’s recent ERM/ESG guidance.

Bob Hirth was appointed to the nine-member standard setting board of the SASB upon its formation in 2017. He currently heads SASB’s Technology and Communications sector committee and is a member of the Services, Healthcare, and Extractive and Minerals processing sector committees. SASB disclosure and reporting standards are considered a suitable framework in several jurisdictions and have been developed for 79 industries.

Serving as COSO Chair from June 2013 to February 2018, Hirth’s activities included leading COSO’s project on revising its Enterprise Risk Management Framework (which was released in September 2017), issuing COSO’s Guide on Fraud Risk Management, and actively promoting COSO’s 2013 Internal Control Integrated Framework around the world and through the media. He has worked on assignments and made presentations in over 20 countries, serving more than 50 organizations and working closely with board members, C-level executives, university professors, finance and accounting personnel, and public accounting firm partners and employees. He was a leader in forming Protiviti and led its global internal audit practice during the firm’s first ten years of development.

In 2013, Hirth was inducted into The IIA’s American Hall of Distinguished Audit Practitioners. In 2014 and 2015, he served as Chairman of the IIA’s IPPF re-look task force and has been a Trustee of the IIA Research Foundation. He served two terms on the Standing Advisory Group (SAG) of the Public Company Accounting Oversight Board (PCAOB). He graduated from Southern Methodist University in Dallas, Texas, with a concentration in accounting.


B. Future-proofing the Internal Auditor’s Role: The Rise of ESG Risks and Opportunities

Rodney Irwin
Managing Director
World Business Council for Sustainable Development (WBCSD)
SWITZERLAND

More than 180 CEOs have committed to lead their companies for the benefit of all stakeholders — customers, employees, suppliers, communities, shareholders. In the past two years, billions of dollars have been lost due to environmental, social, and governance (ESG)-related risks, including adverse weather, supply chain disruption, product recalls, insurance claims, and ethical violations. How can internal audit help support and future-proof business against this shifting agenda?

In this session, participants will:

  • Understand the importance of ESG-related risks and opportunities.
  • Consider the role that internal audit can play in managing and controlling ESG issues.

Discuss challenges facing the profession today, along with tools and guidance available to overcome these challenges.

Dr. Rodney Irwin is WBCSD’s managing director of redefining value and education and a member of the senior management team. He leads projects in enterprise risk management, assurance, materiality, and integrated and mandatory reporting, along with projects designed to advance the measurement and valuation of ESG impacts and dependencies on business. Irwin is the link between WBCSD members and standard/regulation setters. Additionally, he is the course director for WBCSD’s leadership program and manages the relationship with WBCSD’s education partners. Irwin also teaches at Leuphana University, Lancaster University Management School, and Yale School of Management. He sits on the IIRC, the Climate Disclosure Standards Board, and the sustainability council of several global businesses.

Adlith Mondejar, CISA 
Risk Advisory Manager
Focal Point Data Risk
USA

Alexander Tabares, CISSP, CISM, G-CIH
Director, Threat Intelligence
Carnival Cruise Lines
USA

Donel Martinez, CISA
Risk Advisory Director 
Focal Point Data Risk
USA

Although network security has been around since the 90s and information security budgets have increased, malicious individuals continue exploiting vulnerabilities. In a data breach, can your company answer these questions? 1) Who stole the data? 2) What data was stolen? 3) When was it stolen? 4) How much of it was stolen? Your company may not have true visibility of its data lifecycle, preventing it from containing or assessing impact.

In this session, participants will:

  • Learn why traditional security (i.e., perimeter, endpoint, and application controls) is not sufficient in the current environment.
  • Distinguish between various types of failures in what had been regarded as effective control environment standards and best practices via real-life examples of now-infamous data breaches.
  • Describe options available to solidify the control environment around data security through access control, privileged access management solutions, and database activity monitoring.
  • List “minimum standard of care” based on recent court cases and regulatory settlements.

Adlith Mondejar never saw herself as an internal auditor prior to joining Focal Point almost five years ago. Today, she combines her natural aptitudes and learned skills to be a “creative” auditor who finds strategic ways to identify and manage risk across various areas of an organization. Never short of ideas, she is against the “let’s do it like last year” mentality and finds ways to improve everything she touches.

Alexander Tabares is a security and regulatory compliance professional with a wide range of security operations experience. Currently the director of threat intelligence for global information security and compliance (GISCS), Tabares has worked through all the different levels of security at Carnival Corporation, sharpening his skills with every new position. His knowledge encompasses SOX and PCI-DSS regulatory mandates, security operations, security management, vulnerability management, design-implementation, identity and access management, web application security, incident response, security monitoring and project management. He also has expertise in developing and maintaining relationships across different organizational verticals.

Donel Martinez is focused on helping IT teams overcome their struggles with compliance requirements. With his solid understanding of the challenges and rationale behind cybersecurity, data privacy, and regulatory efforts, he seeks to bridge the gap between the expectation of how to implement controls and the reality of what IT is able to execute. His mission is to help companies adjust to the constant “new normal” in compliance that is dictated by increasing regulation, digitalization, and never-ending technological advances.

Els Heesakkers, CPA, CA
Senior Auditor
CZ
NETHERLANDS

Maureen Vermeij-de Vries, CPA
Chief Audit Executive
CZ
NETHERLANDS

This session will inspire CAEs and managers with new insights to substantively enhance the practice of the internal auditing profession, challenge colleagues around the world to continue furthering their professionalization, and share good practices. Attendees will learn how the Internal Audit Ambition Model (IA AM) supports the formulation of a road map to achieve stated ambitions. The model provides visual guidance for conducting regular self-assessments, facilitating communication with stakeholders, and benchmarking with peers.

In this session, participants will:

  • Formulate and express their internal audit function’s ambitions on challenging themes and topics.
  • Assess the current state of their internal audit function and verify its compliance with the IPPF.
  • Reinvent dialogue between the CAE and stakeholders to promote the independence and performance of the internal audit function, as well as reinforce its desired ambition level and relevance.
  • Measure and debate with peers, use the IA AM as a benchmark tool, and give insight into the state of internal audit.

Els Heesakkers is senior auditor of professional practices for CZ’s internal audit department. With 18 years of experience in internal audit, she is greatly interested in improving the function’s quality and added value and in increasing broader recognition of the profession. She is a member and the secretary of the Internal Audit Ambition Model (IA AM) taskforce and a member of the Benchmarking Committee of IIA–Netherlands. She presents the IA AM in IIA introductory training for CAEs new to their role, and also as a lecturer for Tilburg University’s Post Master Accountancy (PMA) internal audit program. As IA AM founder, she has introduced the model at several conferences.

Maureen Vermeij-de Vries is chief audit executive at CZ, the #3 health insurance company of the Netherlands. She entered the internal audit profession 14 years ago following nine years as an external accountant at PricewaterhouseCoopers. She is chair of the Taskforce IA AM and president of the membership group of Internal and Government Auditors of the Royal Netherlands Institute of Chartered Accountants. As a member of the board of Post Master Accountancy at Tilburg University, Vermeij-de Vries coordinates requirements for the accountant practice program and monitors quality; this role gave her the opportunity to develop an internal audit program that is included in the chartered accountant exam.

​​​​​
​11:05 – 11:20 a.m.
Transition Break
11:20 a.m.​ – 12:35 p.m.
Concurrent Session Tracks

Moderator:
Tim Berichon, CISA, CGMA
Director, CAE Services
The Institute of Internal Auditors
USA

Tim Berichon is a finance leader and speaker whose diverse, in-depth experience in financial, operational, and compliance activities has spanned multiple divisions, processes, technologies, and international geographies. Adept at improving processes, controls, employee engagement, and customer service, he possesses a 30-year background in finance and operational management and leadership that includes internal audit, operational finance, public accounting, and strategic alliances. Berichon has provided internal audit leadership for multibillion-dollar global public companies, and operational finance leadership in both small and larger business units, including a $250m complex, international assignment.

Mike Jacka, CIA
Chief Creative Pilot
FPACTS
USA

Harold Silverman, CIA, CRMA, QIAL
Managing Director, Chief Audit Executive Services
The Institute of Internal Auditors
USA

In a session that promises to be as entertaining as it is insightful, two highly experienced and opinionated internal audit thought leaders will go face to face in a point/counterpoint debate on various topics facing internal auditors in the 2020s. Specific topics will be determined by the moderator, with input from attendees in the audience. The debaters will have no prior knowledge of the topics to be discussed.

In this session, participants will:

  • Gain insights into the concepts and principles driving the future of internal audit.
  • Consider the pros and cons of hot topics within the profession.
  • Develop more grounded opinions related to those topics.

Mike Jacka is chief creative pilot for FPACTS, a group dedicated to advancing internal audit skills. During a 30+-year internal audit career, he has been responsible for developing fraud investigation procedures for a 100-person audit shop, overseeing Farmers’ western regional auditing operations, and designing auditor training programs for a global organization of 200+ staff members. Jacka is a top-rated presenter, award-winning columnist, and contributor to Internal Auditor magazine, as well as co-author of two books published through the Internal Audit Foundation (Auditing Social Media: A Governance and Risk Guide, and Message, Brand, and Dollars – Auditing Marketing Operations, both in their second editions).

Harold Silverman previously was vice president of internal audit at The Wendy’s Company.  Prior to Wendy’s, he was the vice president of internal audit at Houghton Mifflin Harcourt Publishing Co. Before that, he served as senior manager of internal audit at Raytheon Co. Prior to Raytheon, Silverman was an internal audit manager at PricewaterhouseCoopers, and he gained external audit experience at Arthur Andersen.

Moderator:
Rob Valdez, CPA, CISA, CISM
Director, Cybersecurity Automation
Kaufman Rossin
USA

Roberto Valdez specializes in providing cybersecurity and automation services that help financial services, healthcare, and technology businesses mitigate risk, protect information, achieve strategic objectives, defend against cyber threats such as phishing and ransomware, and increase efficiency and quality through process engineering and robotic process automation (RPA). His engagements balance business needs with the requirements of compliance frameworks such as SOC 1, 2, 3; HIPAA; SOX; FINRA; and FFIEC. In addition, Valdez oversees Kaufman Rossin’s PhishNet security education training and awareness program. He has been featured in numerous publications and is also an adjunct professor for Florida Atlantic University.


A. Implementing a Robotic Process Automation Audit Program
Daniel Pokidaylo, CIA, CISA
Head of Information Technology, and Analytics Audit
The Clearing House
USA

Everyone has heard of robotic process automation, or RPA, but how do we, as auditors, begin to implement an RPA program? What skillsets and tools do we need to begin, and how do we get management on board with our vision?

In this session, participants will:

  • See how an RPA program can be implemented, from planning through completion.
  • View real examples of what an RPA project/audit looks like.
  • Understand the skillsets that are required to begin developing an RPA program.
  • Develop ideas for RPA scripts that can be run at their enterprise.

Daniel Pokidaylo is the head of information technology audit at The Clearing House (TCH), a systemically important financial market utility (SIFMU) and the only private sector ACH and wire operator in the U.S., clearing and settling nearly $2 trillion in U.S. dollar payments daily. During his time at TCH, Pokidaylo has implemented a new cloud-based GRC platform to automate audit workflows, regulatory reporting, and MIS reporting for executive management. Additionally, he leads the robotic process automation team in working closely with TCH operations and technology partners to connect to key financial and operational applications to perform continuous controls testing and business monitoring.


B. Use of RPA and Process Mining in Auditing
Justin Pawlowski, CIA, CCSA, CRMA, CMA
Head of Internal Audit
ALSO Holding AG
GERMANY

Marc Eulerich, CIA
Professor, Internal Auditing
University of Duisburg-Essen
GERMANY

Robotic process automation and process mining show potential for enabling internal audit functions to increase their efficiency and effectiveness. Recent research from 2019 and early 2020, including new audit bots for automating and enhancing the audit function, will be demonstrated, and benefits will be quantified and qualified. In addition, cornerstones on how to advance from buzzwords to helpful tools will be shared.

In this session, participants will:

  • Explore the application of robotic process automation and process mining to internal auditing.
  • Learn about successful use cases in automation and enhancement of audit procedures, as well as failed/poor use cases in internal auditing.
  • Discover how to avoid common pitfalls and how to exploit value potential.
  • Leverage current research to streamline their own internal audit function.

Justin Pawlowski is head of internal audit at ALSO Holding AG, a listed distribution and logistics company for IT, consumer electronics, and telecommunications (ICT) based in Emmen, Switzerland, with annual revenues of more than 10bn USD across Europe. Before joining ALSO, the Frankfurt-based graduate of the Berlin School of Economics & Law and Goethe Business School worked as senior manager for governance and assurance services at KPMG in Germany and for IBM Germany in Berlin with assignments in Spain and the USA. His focus lies on applying modern technology in internal auditing, including data analytics, process mining, and RPA. Pawlowski is challenging manual proceedings from the past to come up with new ideas and ways of auditing, and he shared insights around using process mining in internal auditing at The IIA International Conference 2017 in Sydney, Australia. He is a member of the German chapter of The IIA (DIIR) and currently serves on The IIA IT Guidance Committee. In 2015, he was recognized as an Emerging Leader by Internal Auditor magazine.

Dr. Marc Eulerich has been a professor of internal auditing at the University of Duisburg-Essen since 2011. The professorship is sponsored by the German Institute of Internal Auditors, with an explicit focus on internal auditing research and teaching. Dr. Eulerich is program coordinator for the Internal Auditing Education Partnership (IAEP) program and chair of the scientific committee for IIA–Germany. He has published numerous scientific and practitioner articles and books about internal auditing, corporate governance, and strategy. His research is published in Accounting Horizons, Journal of Information Systems, Accounting History Review, Managerial Auditing Journal, International Journal of Auditing, and numerous other journals.  


C. Audit the Future: Using Robotics and Data Automation to Predictively Manage Future Risks
Sergiu Cernautan, CPA, CISA
Senior Director, Product Strategy
Galvanize
CANADA

Is your entire audit plan focused on what happened in the past? This session will review real case studies of how audit teams are using data automation techniques to predictively assess risk then getting ahead to control and manage future risks. Learn the immediately actionable methodologies these organizations have put in place so that internal audit is directly supporting the CEO in navigating the future risk landscape.

In this session, participants will:

  • Explore the principles of risk prediction and how to systematically assess future risk levels.
  • Discover skills, models, and technologies that will enable an auditor to quantify and communicate risk predictions.
  • Evaluate example risk prediction dashboards and reports to consider what might resonate with their organization's management and board.
  • Self-assess their current capabilities and articulate the gap to develop an impactful risk prediction program.

Sergiu Cernautan is senior director of product strategy at Galvanize, responsible for product strategy, the strategic partnership program, and market influencer relationship management for the company’s industry-leading software products. He has 20+ years of external audit, internal audit, and risk and regulatory compliance consulting experience. After working at Deloitte and KPMG for more than 14 years, Cernautan co-founded Straight Talk Consulting Ltd., a firm providing GRC consulting services. His background covers financial, operational, and systems auditing. He specializes in the areas of internal controls over financial reporting, regulatory compliance, business process control reviews, general computer controls, litigation claims support, and data analytics.

Nathan Anderson, CISA, CRISC
Senior Director, Internal Audit
McDonald’s Corporation
USA

Titus Weijma
Global Technology & Digital Audit Lead
McDonald’s Corporation
USA

Testing cybersecurity controls has long been the domain of penetration testers, who IT audit teams would hire. However, the tools for testing cybersecurity controls are more accessible than ever, and the time has come for IT audit to cross the chasm and begin testing the effectiveness of these technical controls. This session will cover basic tools and techniques for testing cybersecurity controls that your IT audit team can adopt.

In this session participants will:

  • Understand leadership’s cybersecurity questions and audit’s potential for answering them.
  • Gain insight into the skillset, mindset, approach, and specific tools required to test cybersecurity controls.
  • Learn — through interactivity —the top five tools that their team can begin using to assess cybersecurity controls.
  • Explore the next set of tools and supporting resources that will help their team become an effective, independent cybersecurity testing function.

Nathan Anderson has 20 years of technology risk, software consulting, and IT audit experience. As technology and digital audit team leader for McDonald’s, he oversees a global team performing audits over privacy, cloud security, fraud data analytics, cybersecurity, data quality and integrity, and third-party governance. The team is working to enable technical testing of cybersecurity controls and increase the use of data analytics to identify fraud and inappropriate spend within back-office financial processes. Anderson also manages the IT aspect of Sarbanes-Oxley compliance across six countries. His primary area of focus is cybersecurity and privacy. Prior to McDonald’s, he led the IT audit function at Sears Holdings.

Titus Weijma’s Bio Being Finalized

Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA
President and Chief Executive Officer
The Institute of Internal Auditors Inc.
USA

The 2020s will almost certainly pose significant new challenges and opportunities for internal audit. Risks are evolving at an unprecedented rate, and internal auditors at all levels must prepare for what lies ahead. It’s often said that the best way to predict the future is to study the past. We must look where we’ve been, where we are now, and, importantly, where we are headed. Our mission is to determine how we will get there.

In this session, participants will:

  • Understand the rise of “Uber” auditing, whereby practitioners with specific skills offer their services through short-term, on-demand contracts.
  • Assess the increasingly significant role of data ethics and artificial intelligence governance in how work gets done.
  • Recognized today’s young internal auditors as tech-savvy, tech-fearless, and motivated to integrate technology into audit and governance strategies.
  • Discover how internal audit is advancing beyond the “bean counter” stereotype by addressing emerging risks, embracing technology, and providing insight and foresight.
  • Gain insight into how internal audit serves both the public interest and the organization by supporting good governance.

Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA, is president and CEO of The Institute of Internal Auditors (IIA), the global professional association and standard-setting body for internal auditors. Chambers has more than four decades of internal audit and association management experience, mostly in leadership positions. Prior to taking the helm of The IIA in 2009, he was national practice leader in Internal Audit Advisory Services at PricewaterhouseCoopers; inspector general of the Tennessee Valley Authority; deputy inspector general of the U.S. Postal Service; and director of the U.S. Army Worldwide Internal Review Organization at the Pentagon. He currently serves on the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Board of Directors; the International Integrated Reporting Council (IIRC); and The IIA Board of Directors, as well as the Georgia State University School of Accountancy Advisory Council and the University of Alabama Culverhouse School of Accountancy’s Professional Advisory Board. Chambers also has served on the U.S. President’s Council on Integrity and Efficiency. Accounting Today ranks Chambers as one of the Top 100 Most Influential People shaping the accounting profession, and he is recognized by the National Association of Corporate Directors (NACD) as one of the most influential leaders in corporate governance. In 2016, Chambers was honored by American City Business Journals’ Orlando Business Journal as a top CEO of the Year. Chambers is an award-winning author, writing The Speed of Risk: Lessons Learned on the Audit Trail, 2nd Edition (2019), Trusted Advisors: Key Attributes of Outstanding Internal Auditors (2017); and Lessons Learned on the Audit Trail (2014), which is currently available in five languages.

​​​​​
12:35 – 1:50 p.m.
Lunch followed by Dessert and Networking Break with Exhibitors
​​1:50 – 2:50​ p.m. ​Concurrent Session Tracks

Moderator:
William Michalisin
Executive Vice President and Chief Operating Officer
The Institute of Internal Auditors
USA

William Michalisin is the Executive Vice President & Chief Operating Officer for The Institute of Internal Auditors (IIA), the global professional association and standard-setting body for internal auditors. The IIA serves more than 200,000 members in over 200 countries and territories and acts as the internal audit profession’s recognized advocate, educator, and provider of standards, guidance, and certifications globally.

In his current role, Michalisin leads operations and core services offered to IIA members globally, including, Membership, Certifications, Training & Conferences, Standards & Guidance and Professional Knowledge, Advocacy & Government Relations, Chapter and Institute Relations, Partnerships, Sales and Business Development. 

Prior to joining The IIA, Michalisin was Industry Marketing Leader for Consumer & Industrial Products at Deloitte, which included responsibilities for cross-functional delivery within aerospace and defense, automotive, consumer products, process and industrial products, retail and distribution, and travel, hospitality, and leisure sectors.  Earlier in his career, Michalisin was a consultant delivering business process strategy, risk management and fraud/forensic investigation services at both Deloitte Consulting and Accenture, to clients in multiple industry sectors.

Michalisin graduated magna cum laude from Columbia University with a master’s in Strategic Communications and has a bachelor’s degree in International Relations and Economics from Bucknell University.  He also has his CIA designation and is a member of the Institute of Internal Auditors.

Presenter:
Mike Fucilli, CIA, QIAL, CGAP, CRMA, CFE
Former Auditor General, Metropolitan Transportation Authority
Staff Instructor, St. John’s University
USA

While CEOs appreciate internal auditors’ strong business skills, they are also placing great emphasis on “soft skills” such as seeing the big picture. We will discuss how to bring out these traits and demonstrate your leadership skills through coachability (the ability to accept and implement feedback); emotional intelligence (the ability to understand and manage your own emotions); motivation (sufficient drive to achieve your full potential); and temperament (attitude and personality).

In this session, participants will:

  • Explore how to become more extroverted while remaining true to themselves.
  • Gain insights for shifting from auditor to trusted advisor.
  • Discover how to gain a “seat at the table.”

Mike Fucilli has about 35 years of internal auditing experience in the private and public sector. He has since retired as Auditor General at Metropolitan Transportation Authority, where he managed a staff of 85 professionals for a public sector organization with revenues in excess of $15 billion. Fucilli has served on The IIA’s North American and Global Boards and is a frequent speaker and presenter for The IIA.

Moderator:
Sarah Antonelli
Manager, Internal Audit
Jackson Health System
USA

Sarah Antonelli’s Bio Being Finalized


A. Assessing and Measuring Corporate Culture
Linh S. Truong, CIA, CPA, CISA
Speaker and Trainer
GoldSRD
USA

In the words of Peter Drucker, “Culture eats strategy for breakfast.” The role that a company’s culture plays in its success or failure has become increasingly clear over the past 20 years and can be seen in headlines from Enron to Wells Fargo. Auditors should be able to assess the moral compass of an organization’s culture.

In this session participants will:

  • Receive a roadmap for assessing and ranking their company’s culture.
  • Understand the key areas that drive corporate culture and how to assess those areas.
  • Identify the red flags of an unhealthy culture, which could be indicators of unethical behavior.
  • Learn a method for measuring and rating the health of a company’s corporate culture.

Linh Truong is currently an executive advisor and professional speaker, focusing on such topics as governance, corporate culture, auditing best practices, and implementing agile auditing. In her more than 25 years of audit experience, Truong served as chief audit executive for Orthofix Medical, Kosmos Energy, and Alon USA, building each company’s respective audit function from ground zero. She also worked at large international companies, including Xerox, Credit Suisse Group, and KPMG. Truong has spearheaded both ERM initiatives and fraud risk assessments at multiple companies.


B. How to Audit Culture and (Ethical) Behavior With Relevance and Due Professional Care
Peter Hartog, Manager, Professional Practices
IIA Netherlands
NETHERLANDS

Culture and behavior are extremely important to accomplish the goals of any organization. Culture is seen as an essential part of governance. But how do you audit this? How do you ensure you can objectively measure and assess behavior and culture? “It's there, but you can't grasp it.” You can, however, audit it! This session provides various techniques for objectively measuring behavior, depending on stakeholder demands.

In this session, participants will:

  • Distinguish between different relevant audit objectives, scopes, and questions when auditing culture and behavior.
  • Learn new methodologies and techniques for auditing culture and (ethical) behavior.
  • Understand relevant predefined models from social sciences to measure culture and behavior.
  • Apply techniques to gain insight into the underlying drivers of behavior, like group dynamics and mindsets.

Peter Hartog joined IIA–Netherlands in 2018 as manager of professional practices. He is presently engaged in developing and sharing knowledge on a wide range of topics related to the internal auditing profession. Hartog previously worked for 25 years as a consultant on internal auditing and management control, mainly at KPMG and ACS. He is an experienced lecturer with a demonstrated history in the higher education industry, including the Erasmus School of Accounting & Assurance. His background includes serving as an audit executive responsible for IT and operational audits and as a second line manager responsible for compliance and for risk management.

Stephen Head
Director
Experis Finance
USA

Michael Manzi
Chief Information Security Officer
Movement Mortgage
USA

Auditing the many cyber defense technologies currently being deployed to defend organizations against cyber-attack is extremely challenging. In response to the growing frequency and severity of cyber-attacks, organizations are implementing a new generation of security tools that did not exist a few years ago. This presentation will examine new and emerging tools for defending against cyber-attacks, how they work, who the leading players are, and how these technologies can be audited.

In this session, participants will:

  • Gain insights into the new generation of cyber defense tools, how they work, and how they are changing the security landscape within the organization.
  • Learn key success factors for deploying these tools, which, if ignored, may lead to openings that can be exploited by attackers.
  • Receive practical tips for auditing these new tools based on actual cases in which these technologies were audited.

Stephen Head is director of IT risk advisory services and serves as the national cyber risk leader for Experis Finance. He has broad-based experience in cyber risk, regulatory compliance, IT governance, and aligning controls with multiple standards and frameworks. Formerly the information security practice leader for a multinational financial services company, Head has taught advanced cybersecurity courses at both the graduate and undergraduate level. He is the author of the two internationally recognized books: Internal Auditing Manual and Practical IT Auditing. He served as international chair of the ISACA Standards Board, on the AICPA National Accreditation Commission, and on the AICPA Information Technology Executive Committee.

Michael Manzi’s Bio Being Finalized

Moderator:
Larry Harrington
Retired Chief Audit Executive
Raytheon
USA

Larry Harrington was chief audit executive at Raytheon Company from 2004 until his retirement in 2018. Previously, he was CAE at several Fortune 250 companies and served as a vice president within finance, human resources, and operations. Harrington has volunteered with The IIA for 30+ years, serving as president of the Greater Boston chapter, co-chair of the International Conference in Boston, and chairman of both the North American and Global boards. He was named to the American Hall of Distinguished Internal Audit Practitioners and received the Victor Z. Brink Award for Distinguished Service. Harrington has spoken on internal auditing, leadership, career development, and diversity and inclusion in 30+ countries.

Panelists:
Valentina Kostenyuk
Senior Lead Internal Auditor
Avangrid Renewables
USA

Puja Shah, CIA, CCSA, CFSA, CRMA
Executive DirectorUBS
USA

In support of The IIA’s diversity goals, this panel of three female professionals — facilitated by former Chairman of the Board Larry Harrington — will discuss how to generate influence, manage across generational gaps, and promote diversity to propel the next generation of internal auditors. The panelists come from different cultures and levels of experience, but possess a shared background in internal audit and a passion for the profession.

In this session, participants will:

  • Learn how to manage by influence and cross-directionally (managing up/down, peer, etc.).
  • Hear tips for overcoming generational gaps to develop, motivate, and manage emerging leaders and millennials.
  • Discover how to promote diversity in their team and work with gender/culture/age bias.

Valentina Kostenyuk is a lead/senior auditor at Avangrid Renewables. Her nine years in internal audit have focused on operational auditing and SOX compliance across all segments of the energy industry. Passionate about the profession, Kostenyuk was featured in Internal Auditor magazine’s “2015 Emerging Leaders.” She served as president of IIA–Portland and is currently the district representative for the West District chapters. As chair of the North America Emerging Leaders Task Force, she is spearheading the development of a national mentorship program for young professionals in The IIA. Kostenyuk has been a speaker/facilitator at numerous IIA events.

Puja Shah has 10+ years of internal audit experience, emphasizing financial, operational, and risk audits and regulatory compliance for financial institutions. Currently an executive director at UBS, she has performed risk assessments, risk and control testing, issue validations, and continuous monitoring; mapped to regulatory expectations; escalated findings to senior management; and produced value-added reporting for key stakeholder decision-making. Shah earned IIA–Chicago’s William C. Anderson Member of the Year Award in 2017 for outstanding volunteer contribution to the chapter and dedication to the internal audit profession. She serves on the IIA–Chicago Board of Governors and is chair of the Next Gen Advisory Group.

​​2:50– 3:20 p.m. ​Networking Break with Refreshments in Exhibit Hall

Moderator:
Paul Sobel, CIA, QIAL, CRMA
Vice President and Chief Risk Officer, Georgia-Pacific LLC
Chairman, COSO
USA

Panelists:
Satya S. Tripathi
UN Assistant Secretary-General and Head of New York Office

UN Environment
USA

Tessy de Nassau (former Princess Tessy of Luxembourg)
UNAIDS Global Advocate and Social Entrepreneur
LUXEMBOURG

Richard G. Sexton, FCA
Board Member
International Integrated Reporting Council
UK

Far from being competing or mutually exclusive, the objectives of organizational success and social responsibility are not only fully complementary, but fundamentally interdependent. Successful organizations in the long term have sustainability as a central principle of their governance. Understanding of, and active concern for, the interplay between the organization and society, the environment, and the economy is key to serving stakeholder needs and interests into the future.

In this session, participants will:

  • Increase their knowledge and understanding of the connection between organizational success and social, economic, environmental, and political responsibility.
  • Explore how organizations can adopt strategies for incorporating such issues as part of their values.
  • Consider the role that internal audit must play to enable organizations to develop such a mindset.
Paul Sobel Paul Sobel was appointed COSO chairman in February 2018. He is leading the board in developing guidance and thought leadership on enterprise risk management, internal control, fraud, and governance. Sobel retired from Georgia-Pacific in 2020 after serving as vice president/chief risk officer and vice president/chief audit executive (CAE). He was previously the CAE for three public companies: Mirant Corporation; Aquila, Inc.; and Harcourt General’s publishing operations. Sobel has served in various leadership roles with The IIA, including Chairman of the Board; in 2017, he received the Bradford Cadmus Memorial Award for distinguished service to the profession and was inducted into the American Hall of Distinguished Audit Practitioners. He has authored or co-authored four books and been named to Treasury & Risk Magazine’s list of 100 Most Influential People in Finance. He currently sits on the Consultancy Advisory Group for IFAC’s International Auditing and Assurance Standards Board and International Ethics Standards Board for Accountants. In the past, Sobel served on the COSO ERM Advisory Council for the update to the COSO ERM framework and the Standing Advisory Group of the PCAOB.
Satya S. Tripathi Satya S. Tripathi is the UN Assistant Secretary-General and Secretary of the UN Environment Management Group. A development economist and lawyer with nearly four decades of varied experience, he has served with the UN since 1998 in key positions in Europe, Asia, and Africa in the areas of climate change, human rights, democratic governance, and legal affairs. Among his most notable engagements, Tripathi was UN Recovery Coordinator, a role in which he facilitated international cooperation and funding of more than US$7 billion for post-tsunami recovery efforts in Indonesia; and Executive Head of UNORCID, a UN System Office focused on conservation of forests and biodiversity.
Tessy de NassauTessy Antony De Nassau, Dr.h.c., is a social entrepreneur, businesswoman, philanthropist, UNAIDS ambassador, public speaker, activist, and mother. Tessy is the founder of the global consultancy ‘Finding Butterflies Consultancy Ltd,’ and the co-founder of Professors Without Borders. Tessy works with numerous governments and institutions as well as business owners around the world on their impact strategy and implementation. Moreover, Tessy is an ambassador for UNAIDS (Global Advocate for Young Women and Adolescent Girls) and is the patron to UNA-UK. In the past, she spent five years in the Luxembourg military, during which she was deployed in Kosovo as a peacekeeper and only woman of her draft. She received numerous awards and recognitions globally such as the “Leader of the Year 2019” in Luxembourg.

Richard Sexton Richard G. Sexton joined the board of the International Integrated Reporting Council after having represented PricewaterhouseCoopers globally on the Council for many years. He was actively engaged in the development and approval of the Integrated Reporting Framework. Sexton served in numerous senior business leadership and client roles in the UK and for the PwC network, including vice chairman of global assurance. As a member of the PwC UK executive board, he led the assurance practice and established PwC’s trust agenda as their first “Reputation and Policy Leader.” As a senior client partner, he led audits of many of PwC’s largest clients as well as numerous transaction, listing, and other projects worldwide.













5:30 – 8:00 p​.m. Havana Nights Party
Wednesday, 4 November 2020
​8:00 a.m. – 10:3​0 p.m. ​Registration and Customer Relations
​​8:00 – 8:30 a.m. ​Continental Breakfast and Networking with Exhibitors in Exhibit Hall

Jason Silva

Jason Silva
Emmy-Nominated TV Personality, Speaker, and Futurist
USA

Technology is upending the world. Acceleration is the new normal... disruption has gone mainstream.  There is a sense of vertigo and disorientation. Jobs may become obsolete. Artificial intelligence is superseding human capacities. Biology is becoming a programmable medium. Anxiety is running high.  Mental health is in turmoil. These are Mind blowing transformations — and humans don’t like change.  How to respond?  How do we leverage these exponentially emerging technologies to impact the world in a positive way? Furthermore — what is the mindset, the CREATIVITY, the consciousness required to thrive in the 21st century? Positive psychologists tell us “the cave we fear holds the treasure we seek”. It turns out, moving past our comfort zones is cognitively beneficial.  Blowing our minds boosts cognitive flexibility. We become more resilient. More creative. More adaptable. Join Jason Silva on a mind blowing journey into the future of technology, of imagination, of humanity.

Jason Silva is the Emmy nominated and world renowned host of NatGeo’s Brain Games, seen in 171 countries. He is a known futurist, filmmaker, thought-leader and sought-after international keynote speaker.

His ‘Shots of Awe’ videos have received over 500 million views across all social media platforms. 

Jason has given talks for Microsoft, Intel, Accenture, Cisco, Oracle, Adobe, Electronic Arts, Cannes Lions, Tribeca Film Festival, National Geographic, Discovery, 20th Century Fox, Cosmopolitan, PHD Worldwide, Google, TED Global, The Economist, PepsiCo, and more. 

“A Timothy Leary of the Viral Video Age” was how The Atlantic described Silva, “part Timothy Leary, part Ray Kurzweil, and part Neo from ‘The Matrix.’

​10:00 – 10:3​0 a.m.
Networking Break​​

Kindra Hall

Kindra Hall
President
Steller Collective
USA

Companies believe a substantial portion of their revenue is under threat as a result of the shift from a transactional economy to a connected one. Businesses, brands, sales forces, marketing teams, and leaders at all levels are desperately trying to capture attention and resonate with consumers who expect more. Is there a secret weapon? A silver bullet to humanize and connect? Yes. The answer is strategic storytelling.

In this session, participants will:

  • Understand the psychology behind strategic storytelling and how to take full advantage of it.
  • Gain clarity on what a story actually is, the many opportunities for telling stories for results, and how to access the unlimited supply of stories within each brand and/or individual.
  • Discover the biggest storytelling mistake and how to avoid it.
  • Break down the 3 Step Storytelling Process and study the anatomy of a fail-proof story for maximum impact.

Kindra Hall is president and chief storytelling officer at Steller Collective. She has been trusted by global brands across all industries, including Facebook, Hilton Hotels, Tyson Foods, Target, Berkshire Hathaway, and Harvard Medical School, to deliver presentations and trainings that inspire teams and individuals to better communicate the value of their company, their products, and their individuality through strategic storytelling. A former director of marketing and VP of sales, Hall is a National Champion storyteller and a master at teaching others the methods and science of storytelling. Her work can be seen at Inc.com, Entrepreneur.com, and as a contributing editor for SUCCESS Magazine. Harper Leadership released her book in the fall of 2019.

Schedule Changes​

At times, it may be necessary to cancel, reschedule, or substitute an event, conference session, speaker, conference, and/or topic after registration has been confirmed. The IIA will provide advance notification of any changes once notice has been received.