​2017 International Conference – ARC Forum

24 July 2017 / ​Intern​ational Conven​​tion Centre​ / Sy​dney, Australia​

The Audit and Risk Committee (ARC) Forum is specially designed for ARC members to address strategic issues that are shaping the operating environment of organisations today and to gain insights to effectively manage the associated risks of business.

​Early Registration (by 2 June)​​ AUD$800​​ includes GST
​Standard Registration (after 2 June) AUD$900​ includes GST

The program will be structured with a mix of high-level keynote sessions (which are part of The IIA’s 2017 International Conference) and closed door breakout sessions for audit committee members to get down to the practicalities of addressing the key issues on the role of ARCs.

To promote discussion and knowledge sharing on practical approaches that internal audit and risk functions and ARC members can employ to effectively manage risk, numbers to the forum will be strictly limited.

*CAEs who have registered for the International Conference are welcome to attend the ARC Forum with their Committee Member at no extra charge. CAEs who are not registrants of the International Conference will be charged applicable registration fees. Please note that CAEs can only attend the ARC Forum in conjunction with their Committee Member.

Key Benefits of Attending

  • ​Be part of a unique opportunity to gather and exchange knowledge with peers. 
  • Hear what’s on the mind of leading company audit committee members as organisations address risk in today’s business landscape.
  • Gain an understanding of expectations of audit committees.
  • Address, discuss, and discover solutions on the day-to-day challenges of the ARC and find out what really makes a good committee.
  • Hear from the front line about the current and future cyber threat that faces all organisations.
  • Grow your professional networks and contacts to support your role as an ARC member.
  • Earn 7.6 CPE credit hours.

Program Overview

​7:00 a.m. – 8:00 a.m.

Registration / Networking Breakfast

​8:00 a.m. – 9:40 a.m.

Keynote Session (as part of International Conference Program)
The Future Is Already Here. So What About Tomorrow?

Chris Riddell
Global Futurist, Digital Evangelist, Media Commentator, Board Director​

​9:40 a.m. – 10:20 a.m. ​Morning Tea
​10:20 a.m. – 11:15 a.m.

​ARC – 1
Responding to Innovation and Disruption:​ Addressing Challenges and Opportunities for Success

Disruption and innovation can be considered a business norm in today’s environment. Even though most organisations have this on their radar, the underlying challenge lies with the organisational capability in effectively managing the associate risk and making the most of opportunities that arise form disruption and innovation. This session will provide insights from the audit committee of an organisation that has embraced innovation and disruptions. 

Key points to be discussed include:​
  • Defining innovation and disruption risk – Can it be seen and does it fit in your risk framework?
  • Is innovation and disruption the new Black Swan or the business norm?
  • Balancing risk and opportunity in a disruptive environment.
  • What are audit committees looking for to give them comfort on making the right decisions to address innovation and disruption?
  • Expectations of the risk and audit functions to identify, rate, measure, and react to potential disruptive forces.
  • Practical steps in addressing innovation and disruption risk and making the most of change.

Speaker Information Being Finalized.

​11:25 a.m. – 12:20 p.m. ARC – 2

Cybersecurity: Why It Is Front of Mind for Boards and Audit Committees

Addressing cybersecurity risk is a key priority for boards and audit committees across the globe due to the nature of the speed and impact of this risk when it strikes an organisation. 

This session will provide insights from Australia’s Special Adviser to the Prime Minister on Cyber Security on how an organisation (or nation) should be preparing and protecting itself from cyber risk. Key points to be discussed include:

  • ​Understanding and defining the critical cybersecurity risks.
  • Where organisations stand in relation to cyber risk readiness.
  • Formulating and defining appropriate responses to cyber risk.
  • Gaining assurance from the audit, risk, and other assurance functions over cybersecurity.
  • Critical areas of focus that should be on the agenda for all board and audit committees.

Alastair MacGibbon, Special Adviser to the Prime Minister on Cyber Security, Department of Prime Minister & Cabinet

Alastair MacGibbon provides national leadership and advocacy on cybersecurity policy and the implementation of the government's cybersecurity strategy, having been appointed to the role in 2016. His role is to ensure effective partnerships between Australian governments, the private sector, nongovernmental organisations, the research community, and international partners. Working closely with the Ambassador for Cyber Issues and the Australian Cyber Security Centre Coordinator, MacGibbon sets clear objectives and priorities to government's operational cybersecurity agencies and oversees their implementation. MacGibbon was Australia's first children's eSafety commissioner, leading online safety education and protection for the country’s children and young people, and managed complaints about offensive or illegal online content. He worked for 15 years as an agent with the Australian Federal Police, including as the founding director of the Australian High Tech Crime Centre. Along with private sector roles such as senior director of trust, safety and customer support at eBay, MacGibbon was a director of the Centre for Internet Safety at the University of Canberra.​

​12: 20 p.m. – 1:50 p.m. Lunch
​1:50 p.m. – 2:45 p.m.

​ARC – 3
Assessing Organisational Culture: The Role of the Board, Audit and Risk Committee, and Internal Audit

Culture ultimately drives all outcomes from an organisation but it continues to be one of the most challenging things to define and measure. This panel discussion will provide food for thought on this most interesting topic as it becomes a key area of focus for regulators (and media) around the world. Critical questions to be addressed in the discussion include: 

  • ​Who determines culture?
  • Who is responsible for culture?
  • What are the key elements of strong organisational culture?
  • What are the board and audit committee looking for in terms of indicators of culture?
  • How can internal audit assist in providing meaningful feedback on culture?
  • War stories – Examples of good and bad culture at work and why these examples arose.

Panel members include:

Brian Long, Independent Non-Executive Director, Brambles Limited, Cantarella Bros Pty Ltd and Commonwealth Bank

Brian Long retired as a partner of EY in 2010, as chairman of both the EY Global Advisory Council and of the Oceania Area Advisory Council (the EY local partner governing body). He had been an audit partner at EY since 1981 and has primarily served audit clients in the firm’s offices including Perth, Toronto, and Hong Kong, and Sydney. Long was the firm’s most senior audit partner taking responsibility for major clients and specialising in major transactions, initial public offerings, and matters related to governance and risk management. He is widely conversant with the requirements of​​ effective audit and risk committees. Following his career with EY, Long served as a director of Commonwealth Bank Of Australia and still serves as chairman of their audit committee and as a member of the risk committee and the board performance and renewal committee. He is a Director of Brambles Limited, and serves as chairman of the audit and risk committee. Long is also a director of Cantarella Bros. Pty Ltd., and as chair of the audit committee and member of the Council of the University of NSW. Previous leadership roles included serving as director of Ten Network Holdings Limited; chairman of the audit committee and a member of the Council of the National Library of Australia; and chairman of United Way Australia.

Naohiro Mouri, Executive Officer, Chief, AIG

Naohiro Mouri oversees more than 50 auditors. Previously he was with MetLife Alico Japan where he served as statutory executive officer, senior vice president, and chief auditor. Naohiro also held chief auditor positions for JP Morgan/Asia Pacific Shinsei Bank, Morgan Stanley Japan, and Deutsche Bank Japan. He started his audit career at Arthur Andersen in the U.S. Mouri has served on the Board of IIA‒Japan and The IIA’s global board in several positions, as well as serving five years as the ACIIA’s first president. Naohiro is a frequent lecturer for universities and trade organisations and co-authored a book on auditing financial institutions.

Carol Holley, Chair of Audit and Risk Management Committees in NSW Government, Department of Finance, Services and Innovation, Property and Housing Group; NSW Parliamentary Services; and Service NSW

Carol Holley has an extensive involvement with corporations, both listed and unlisted, and their audit committees and with audit and risk committees in NSW and in the federal sphere. Currently she is a non-executive director of the Australian Nuclear and Science Organisation. Holley chairs several audit and risk committees of the NSW government, including NSW Department of Parliamentary Services and the Legislature; Service NSW; NSW Department of Finance, Services and Innovation; NSW Property; and the National Health Funding Body. Previously she has served as a non-executive director of Australian Pharmaceutical Industries Ltd, Cochlear Limited, Resource Pacific Holdings Limited, Job Futures Limited, and Defence Housing Australia. These directorships came as an adjunct to partnership in and the building of a successful medium sized accounting practice – Hill Rogers, a position she held for 25 years.

F​acilitator: Gary Anderson CIA CRMA, Managing Director, Asia Pacific, Protiviti​

​2:45 p.m. – 3:25 p.m. Afternoon Tea
​3:25 p.m. – 4:20 p.m. ARC – 4

Setting the Risk Appetite

To be and stay in business, all organisations must take risks to achieve their goals. Organisations are faced with getting the balance right between taking too much risk or not enough risk, both of which can have severe adverse effects. To get this balance right, organisations must have clear, defined risk appetite statements to assist with clarity of decision making.  

Setting and articulating the risk appetite can be challenging and even more so to implement across the organisation. This session will explore the process of setting the risk appetite, focusing on:

  • ​How to engage organisations about the importance of setting risk appetite.
  • How risk appetite statements are formulated (what to do, what not to do).
  • What needs to be quantitative and what is qualitative?
  • How it fits into the organisational framework (e.g. strategy, risk management, delegations, finance, HR, operations).
  • The role of internal audit in monitoring whether the business is operating within risk appetite (and where the level of risk taken is too low).
  • How to balance risk appetite with investment (i.e., is appetite backed up with organisational training, policy, and processes that support people operating within risk appetite?).
  • Setting plans and discussing scenarios to deal with the hopefully hypothetical breach of risk appetite.

Saskia Goedhart, Chief Risk Officer, AMP

Saskia Goedhardt joined AMP as chief risk officer in July 2015 with a 20-year career in senior-level risk and financial management. Prior to relocating to Australia, she was a partner at EY based in Toronto leading the risk management in financial institutions practice in Canada and risk management in insurance practice in the U.S. She has served as chief risk officer for the North America region at Aviva Plc and at Munich Re Life. Whilst at Aviva, she led the region's risk management strategy, including the implementation of Aviva's risk management transformation plan. Prior to Munich Re, she worked for 10 years at ING as head of asset liability management and capital management in the U.S, CRO of the annuity business in the U.S., CFO of the ING Life company in Japan. She has also consulted for PricewaterhouseCoopers and Van Den Boom Groep in corporate financial and risk management.

Mike Wilkins, Independent Director, AMP

Michael Wilkins was appointed to the AMP Limited Board and as a member of its Audit and Risk Committees in September 2016, and became chairman of the Risk Committee in February 2017. He was also appointed to the AMP Life Limited and The National Mutual Life Association of Australasia Limited Boards in October 2016 and as a member of their Audit and Risk Committees in November 2016. Wilkins has more than 30 years’ experience in financial services in Australia and Asia, including life insurance and investment management. He has more than 20 years’ experience as CEO for ASX100 companies. Most recently, Wilkins served as managing director and CEO of Insurance Australia Group Limited (IAG). He is the former managing director and CEO of Promina Group Limited and Tyndall Australia Limited.​

​4:30 p.m. – 5:30 p.m.

Keynote Session (as part of International Conference Program)
Bend It ​Like FIFA!

Jonathan Calvert, Editor, Insight Investigations Team, The Sunday Times & Co-author of The Ugly Game, The Qatari Plot to Buy the World Cup​​