Download Printable ProgramConference-at-a-G​lance​​​​​​​​​



The IIA’s 2020 International Conference program will feature outstanding speakers whose shared goal is to deliver a world-class event reflective of The IIA's high standards of excellence.

Educational Streams



In Conversation With

Soundbite Sessions

Global Insights, Cybersecurity, Privacy, and Technology

L.E.A.D (Lead, Explore, and Disrupt)

Continental breakfast, lunch, and breaks are included.

The educators’ symposium is designed to fulfill three distinct objectives:

  • Establish a forum for researchers to present end-stage or completed research and share aspects of classroom and practitioner applicability.
  • Provide educators with new and innovative techniques for teaching internal auditing.
  • Create an opportunity for researchers to present research concepts and proposals and receive feedback to refine the scope further to enhance value for practical application.

Research covered during the symposium may address the following topic areas: audit committee relations, blockchain, integrated audit, internal audit’s role in risk management, internal audit effectiveness, or others.

For more program details please visit the  Larry Sawyer Educators Symposium Program Page.

Seth Mattison
Workforce Trends Expert
Co-founder and Chief Officer Movement
Luminate Labs
USA

The workforce is moving inexorably toward greater diversity. There’s a good chance you’re working alongside three and possibly even four generations of talent. This dynamic can create crippling challenges or game-changing advantages for teams that learn to recognize, understand, value, and ultimately tap the strategic perspective that lies within every generation. Seth Mattison will explore today’s biggest workforce trends and the histories, personalities, strengths, and challenges of each unique generational group.

In this session, participants will:

  • Understand how fresh eyes and seasoned wisdom will be a fierce force in the new world of work, and how Gen-Power will help you harness it.
  • Hear about counterintuitive perspectives on today’s unique generations.
  • Gain deep insights into behaviors and trends impacting engagement.
  • Learn strategies for influencing and persuading across generations.
  • Discover communication tactics positioned to resonate with every generation.

Seth Mattison is an internationally renowned expert and author on workforce trends, generational dynamics, and business strategy. As co-founder and chief movement officer of Luminate Labs, he advises many of the world’s leading brands and organizations on key shifts happening around talent management, change and innovation, leadership, and the future of work. His ideas have been featured in such publications as The Wall Street Journal, Forbes, The Huffington Post, and The Globe and Mail, and he was named among the Editors’ Picks for Speakers to Watch in 2017. For the past decade, Mattison has shared his insights with thousands of business leaders around the world and has received accolades from many of the world’s best brands, including MasterCard, Johnson & Johnson, Microsoft, Kraft Foods, AT&T, PepsiCo, GE Energy, Cisco, State Farm, Merrill Lynch, Dow, and Disney.

NASBA CPE Credit 1.2
NASBA Learning Field: Personnel/Human Resources

Michael-Anthony Peet
Vice President, Head of Audit Global & Analytics

ABB
USA  

Steve Biskie
Director, Risk Advisory Services
RSM
USA

The topic of automation, and RPA specifically, has been taking the business world by storm. What might not be initially obvious is how automation and analytics often go hand-in-hand, particularly in the context of an audit. Sometimes a “bot” might pull and organize data that can then be assessed via data analytics, whereas other times an analytic might identify the “suspect” that the bot then needs to gather different information around.

In this session, participants will:

  • Understand how RPA technologies differ from other technologies that offer automation capabilities.
  • See multiple use-cases of the ideal hand-off between data analytics and RPA.
  • Review common pitfalls and how to avoid or mitigate them.
  • Perform a hands-on live “opportunity scan” to see how to visualize and report on automation priorities.

Michael-Anthony Peet's Bio Being Finalized

Steve Biskie has been working in audit, compliance, and IT risk management for over 23 years. His IT experience includes public accounting, private industry, and specialized risk management consulting firms. Considered an international expert in SAP audit and risk management issues, Biskie has published numerous audit-related topics for SAP Professional Journal and written articles for SAP GRC Expert. He authored Surviving an SAP Audit and was an expert reviewer for Security, Audit, and Control Features: SAP ERP (Third and Fourth Editions). He is a thought leader in audit analytics and continuous monitoring, and is a four-time IIA All Star speaker.

Steve Morang, CIA, CRMA, CFE, CCEP
Senior Manager, Fraud and Forensics
Frank, Rimerman + Co. LLP
USA

Sanya Morang
Adjunct Professor
Golden Gate University
USA

How do people get seduced into fraud? How do fraudsters use seduction to deceive people? Seduction is an indirect form of power; when it is raised to the level of an art, it has toppled governments, won elections, and enslaved great minds. Understanding how fraudsters use seduction in everyday settings will unlock the mysteries behind their ability to circumvent even the strongest internal control systems.

In this session, participants will:

  • Discover the power behind the seduction of fraud and how to use this knowledge to bridge the gap between fraud prevention, ethics, and human nature.
  • Describe the attributes of the “Seduction of Fraud Diamond” and how they help to analyze fraud schemes.
  • Develop an understanding of the personality similarities between historical seducers and modern-day fraudsters.

Steve Morang is a global leader in fraud prevention, detection, investigation, ethics, and compliance. He speaks frequently at local, regional, national, and international conferences, and recently co-developed a new series of sessions titled “The Seduction of Fraud.” Over the past 20 years, Morang has developed multiple methodologies to help organizations stay ahead of the latest trends in fraud. He has been featured in publications such as Forbes, American Banker, and Fraud Magazine. Additionally, Morang authors Fraud Magazine’s Big Frauds column and is an adjunct professor of fraud and ethics at Golden Gate University.

Sanya Morang is an expert on human nature and behavior and co-founder of the Seduction of Fraud. She is an adjunct professor at Golden Gate University, as well as vice president of research and development for the San Francisco chapter of the ACFE. Morang has prior experience in the fashion, cosmetics, and airline industries.

Carolyn Axisa
Senior Manager, Risk and Financial Advisory
Deloitte & Touche LLP
USA

Jessica Tankersley
Business Chemistry Operations Lead
Deloitte & Touche LLP
USA

Business Chemistry is a highly interactive learning session that reveals your own distinct patterns of work behavior and provides strategies to more purposefully and effectively engage others. A refreshing departure from “business as usual,” Business Chemistry helps enhance team collaboration by effectively navigating differences to harness the strength of diversity.

In this session, participants will:

  • Discuss their own and others’ workplace preferences and potential pitfalls.
  • Review what to look for to develop “hunches” about others through observations.
  • Adapt their style to engage more effectively with individuals and within teams.

Carolyn Axisa’s Bio Being Finalized

Jessica Tankersley is an employee experience consultant and leads global operations for Business Chemistry® at Deloitte. The Business Chemistry model reveals distinct patterns of work behavior and its impact on business relationships. Using the model and focusing on the ideal that ‘work shouldn’t be so hard,’ Tankersley helps teams explore how mixed perspectives influence their work together. She also teaches others how to use the model to enable the rapid growth and popularity of Business Chemistry.

Steve Morang, CIA, CRMA, CFE, CCEP
Senior Manager, Fraud and Forensics
Frank, Rimerman + Co. LLP
USA

Sanya Morang
Adjunct Professor
Golden Gate University
USA

How do people get seduced into fraud? How do fraudsters use seduction to deceive people? Seduction is an indirect form of power; when it is raised to the level of an art, it has toppled governments, won elections, and enslaved great minds. Understanding how fraudsters use seduction in everyday settings will unlock the mysteries behind their ability to circumvent even the strongest internal control systems.

In this session, participants will:

  • Discover the power behind the seduction of fraud and how to use this knowledge to bridge the gap between fraud prevention, ethics, and human nature.
  • Describe the attributes of the “Seduction of Fraud Diamond” and how they help to analyze fraud schemes.
  • Develop an understanding of the personality similarities between historical seducers and modern-day fraudsters.

Steve Morang is a global leader in fraud prevention, detection, investigation, ethics, and compliance. He speaks frequently at local, regional, national, and international conferences, and recently co-developed a new series of sessions titled “The Seduction of Fraud.” Over the past 20 years, Morang has developed multiple methodologies to help organizations stay ahead of the latest trends in fraud. He has been featured in publications such as Forbes, American Banker, and Fraud Magazine. Additionally, Morang authors Fraud Magazine’s Big Frauds column and is an adjunct professor of fraud and ethics at Golden Gate University.

Sanya Morang is an expert on human nature and behavior and co-founder of the Seduction of Fraud. She is an adjunct professor at Golden Gate University, as well as vice president of research and development for the San Francisco chapter of the ACFE. Morang has prior experience in the fashion, cosmetics, and airline industries.

Daniel Lebel, CPA, CMA, CIA, CCSA, CFSA, CGAP, CRMA
Chief Audit Executive
University of Quebec in Montreal and President, CIA International Inc.
USA

Part 1 will be held during the pre-conference sessions on Sunday, July 19th, 2020.  Attendees should plan to attend both CIA pre-conference class sessions on Sunday.  

This Part 1 CIA exam prep course is designed to give candidates a high-level introduction and overview of the topics covered on the Part 1 CIA exam.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the Version 6 IIA CIA Learning System Part 1 self-study printed book, online software access for 12 months, and a Student Slide Activity book.  Attendees will also receive 4.2 CPEs, qualify for a free CIA application fee waiver and receive a free online software access upgrade for the new Version 7 IIA CIA Learning System Part 1 (upon release).  A fee of USD $450 will be required to attend this course in addition to the regular conference registration fee.  A limited number of on-site registrations will be accepted, so please pre-register for this course.  Course topics will include:

  • Foundations of Internal Auditing
  • Independence and Objectivity
  • Proficiency and Due Professional Care
  • Quality Assurance and Improvement Program
  • Governance, Risk Management, and Control
  • Fraud Risks

Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.  The free upgrade to Version 7 online software (available upon release) will be valid for the remainder of your Version 6 online access period.  

Daniel Lebel has more than 20 years of experience in internal audit and risk management, with expertise in several areas such as manufacturing, transportation, banking, and pharmaceutical. In addition to his work as CAE at the University of Quebec, Lebel has been involved as a lecturer, teacher, coach, and mentor, and as a CIA instructor in America, Asia, the Middle East, and Africa.

Sriram Padmanabhan, QIAL, CA, CISA
Chief Auditor, Technology
Citi
USA

Shellie Rayford, CISA, CAMS
Citi Internal Audit, Managing Director – Chief Auditor
Global Consumer Banking
USA

Jade Ruiz
Director, Internal Audit Innovation
Citi
USA


Join us for a unique opportunity to discuss diversity and inclusion (D&I) in the workplace. During the session, speakers will touch on the benefits of increased D&I on individuals and the organization, and will offer concrete and actionable solutions to create and sustain a diverse and inclusive culture.

In this session, participants will:

  • Uncover the benefits of a more diverse and inclusive work environment.
  • Discuss how Citi and Citi’s internal audit team are fostering D&I.
  • Explore ideas and methods on how to increase D&I at any organization or team.

Sriram Padmanabhan sets overall strategic direction for Citi’s technology audit function and is responsible for audits of Citi’s data quality program. Padmanabhan, a member of Citigroup’s internal audit executive management team, leads a team of approximately 200+ audit professionals based across 26 locations. Previously, he was regional head of audit for Middle East and Africa at Standard Chartered Bank (SCB). In addition to internal audit, Padmanabhan had leadership roles in various businesses and functions such as consumer banking, operations and technology, finance, compliance, and risk, and he worked in many countries; he was also chair of the audit committee for an SCB subsidiary.

Shellie Rayford has 23+ years of internal and external audit experience in the financial services industry. As a managing director and chief auditor providing audit coverage for Citi’s Global Consumer Banking business, she leads a team responsible for validating all internal audit and regulatory issues impacting the U.S. segment of GCB, as well as coordinating all GCB-related regulatory examinations. Rayford currently serves as senior sponsor for both the Internal Audit (IA) Analyst & Intern Program and the IA Diversity & Inclusion Council. She is also the business sponsor for the Dallas Black Heritage Network. Rayford previously worked with PricewaterhouseCoopers across financial services, telecommunications, and retail industries.

Jade Ruiz has 14+ years of experience applying data analytics solutions to the banking industry. As a director of internal audit innovation at Citi, she’s responsible for developing data analytics and automation solutions that support all product and function teams in IA. She also serves as recruiting lead for the IA Diversity & Inclusion Council, facilitator for stakeholder engagement training, and facilitator and content creator for the IA Innovation Academy. Previously, as a senior manager in Deloitte & Touche’s advisory analytics practice, Ruiz specialized in data analysis methodologies, profiling/validation procedures, and process optimization/automation. She started her career as an award-winning engineer for the U.S. Department of Defense Special Ops department in training and simulation.

NASBA CPE Credit 1.2
NASBA Learning Field: Personnel/Human Resources

Moderator:
Scott Norton, CPA
Senior Vice President, and Head of Internal Audit
Bayview Asset Management
USA

Scott Norton joined Bayview Asset Management in 2018 as senior vice president and head of internal audit. He was previously the chief auditor for BankUnited Inc., a publicly traded bank holding company with more than $30 billion in assets. Norton began his career as an external auditor for PricewaterhouseCoopers and later held executive positions in the consulting divisions of both Grant Thornton and Protiviti. He serves on the board of The IIA’s Miami chapter.


A. Storytelling via Digitized Audit Reports

Larry C. Herzog Butler, CIA, CRMA, CPA, CGMA, CRISC
Senior Director, Internal Audit
Delivery Hero SE
GERMANY

Some audit reports are prepared in Word. Some in PowerPoint. How engaging are these reports to executive management and the audit committee? This session explores how a small internal audit function’s use of storytelling to digitalize its reports resulted in greater engagement and collaboration.

In this session, participants will:

  • Distinguish between the various internal audit reporting needs of stakeholders.
  • Understand the power of storytelling through audit engagement and audit committee reports.
  • Learn how to begin to develop dashboards that engage stakeholders.
  • Develop ideas for audit reporting via digital formats.

Larry C. Herzog Butler is senior director of internal audit for Delivery Hero SE, a company that in 2017 completed one of Europe’s most successful IPOs. Formerly with Deloitte & Touche, he has 20+ years of experience providing audit, compliance, business process improvement, enterprise risk management, and advisory services. His background encompasses planning and executing internal audits and Sarbanes-Oxley engagements, reporting to audit committees, managing key stakeholder relationships, training audit staff, and strengthening internal controls over financial reporting. Butler has volunteered extensively with The IIA, including formerly serving as president of IIA–Los Angeles and currently sitting on the chapter’s Board of Governors.


B. Trail Blazers Use Technology to Their Advantage

Colleen Knuff
Senior Director, Product Management
Wolters Kluwer - TeamMate
CANADA

Standard practice — wait until fieldwork is done, then write the report. What if you could continuously report your findings to management, collaborate on their responses, track how your communications change over time, and publish at the end of fieldwork? Agility in reporting requires rethinking how we communicate what we know and when. It also requires us to leave our biases at the door.

In this session, participants will:

  • Learn why continuous delivery of findings and collaboration on responses creates speed to delivery.
  • Discover why giving stakeholders direct access to findings promotes an “anytime, anywhere” approach to communication and collaboration.
  • Understand how real-time reporting can only be achieved if we stay away from secondary tools.
  • Identify the benefits of natural language processing (NLP) assistance, especially sentiment analysis, when editing audit reports to ensure our message matches our data.

Colleen Knuff has served as a product manager for TeamMate software for almost 20 years. Her focus is to ensure the needs of assurance professionals are met while delivering value based on professional standard requirements, changes to technology, and internal auditor feedback globally. She leads a global product management team focused on innovative solutions to real market problems, with heavy emphasis on voice of customer, contextual design, and user observation. Previously, as internal audit senior manager with PricewaterhouseCoopers, Knuff worked on a wide variety of internal audit projects, including strategic business processes, operational audits, IT audits, outsource vendor audits, and business operations, across multiple clients.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing 

Moderator:
Gregory T. Grocholski, CIA
Vice President, Chief Audit Executive
Saudi Basic Industries Corporation (SABIC)
SAUDI ARABIA

Greg Grocholski is responsible for leading and managing the internal audit department on a global level, to ensure the implementation of internal audit best practices worldwide, as well as to coach the company’s internal audit employees to maximize their contributions to achieving the company’s objectives. Grocholski is internationally respected in the audit field and is affiliated to ISACA, for which he has served in various leadership roles. Prior to SABIC, Grocholski attained an impressive track record in the global chemicals industry with more than 30 years of service at The Dow Chemical Company. He achieved numerous promotions in the audit and finance functions, most recently holding the posts of CAE and global director of business finance.

Presenter:
Naohiro Mouri
Executive Vice President and Chief Auditor
AIG
USA

This session will offer a discussion on how the internal audit group at AIG is changing auditor mindset and audit methodology, as well as using robotic process automation (RPA) and data analytics (DA) to achieve greater audit coverage with fewer resources.

In this session, participants will:

  • Hear how AIG’s internal audit group is changing auditor mindset and audit methodology.
  • Learn how AIG uses RPA and DA to increase coverage and efficiency.

Naohiro Mouri is the immediate past chairman of The IIA’s global board. His 27 years of internal audit experience includes both audit execution and management at AIG, MetLife, JP Morgan, Shinsei Bank, Morgan Stanley, Deutsche Bank, and BNP. He began his career at Arthur Andersen. Mouri has spoken at local, regional, and international IIA conferences and taught internal audit courses at Meiji University, Senshu University, and Yokohama National University. He co-authored a book about internal audit in banking that was published in Japanese and Chinese.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing

Brian Christensen, CPA
Executive Vice President,
Global Internal Audit
Protiviti
USA

Digital activities and tools such as advanced analytics, automated processes, process mining insights, AI, and machine learning enable internal auditors to translate an increasingly overwhelming amount of data into meaningful, impactful analysis. Coupled with divergent and critical thinking, these capabilities have the potential to steepen the value-delivery curve significantly for auditors. This presentation will offer key observations and recommendations on how internal audit can deliver more value in the digital age.

In this session, participants will:

  • Outline the digital tools internal audit needs to address business priorities and deliver meaningful results through the audit plan.
  • Discuss how a next-generation internal audit strategy can align with the company’s risk profile and stakeholder expectations.
  • Describe how CAEs can deploy data and technology-enabled processes and capabilities that facilitate delivery of cost-effective, value-added assurance.

Brian Christensen is a founding managing director at Protiviti and currently serves as global leader of the firm’s internal audit and financial advisory practice. He is also president of the Internal Audit Foundation. Christensen was recognized by Consulting Magazine as one of the Top 25 Consultants in 2017 in the leadership category and by the National Association of Corporate Directors (NACD) in the 2019 NACD 100 as one of the top contributors on corporate governance. He was previously a partner with Arthur Andersen.

NASBA CPE Credit 1.2
NASBA Learning Field: Information Technology

Moderator:
Blanca Aurora Malagon, CIA, CGAP, CPA, CFE, CFF, CHRC, CCEP
Associate Vice President, and Chief Audit and Compliance Officer
University of Miami
USA

Blanca Aurora Malagon provides leadership, direction, and oversight of the internal audit and compliance functions as associate vice president and chief audit and compliance officer for the University of Miami. She teaches an internal auditing course as part of the university’s Master of Accounting program and is a member of the Iron Arrow Honor Society. Before her 34-year career at the university, Malagon worked in public accounting, primarily on financial audits of municipalities and governmental entities. She serves as vice president of academic relations for The IIA’s Miami chapter and is a member of the chapter’s Board of Governors.


A. Strategies for Engaging Your Team in Change

Rachel Tressy
Senior Vice President and Chief Auditor
Voya Financial
USA

Our profession is in a time of unprecedented change. The change needs to come from within, with full engagement from your whole team (no matter what size). This session will discuss ways to move your team forward together through these important times.

In this session, participants will:

  • Review some of the changes we are all facing in the internal audit profession.
  • Discuss strategies for involving their team in the changes.
  • Share successes and failures in recent change management experiences.

Rachel Tressy is senior vice president, and chief audit executive at Voya Financial, responsible for providing internal audits and advisory services for evaluation of the company’s internal control environment. She previously spent 15 years at Cigna in both audit and business roles. Tressy has sought to build relationships with business partners and partners throughout her career to demonstrate the value that strong partnerships bring to companies. She started her career at Ernst & Young in audit and advisory services. She is also active on a nonprofit board of trustees.


B. How to Put the Success in Succession Planning

Sue Ulrey, CIA, QIAL, CRMA, CRISC, CFE, FCA
National Practice Leader
MMY
USA

Talented people will eventually move on — either by choice or by circumstance — and they must be replaced. Studies and surveys have shown that most companies do not have robust succession plans. Managing the succession of talent is critical to achieving your organizational goals.

In this session, participants will:

  • Understand the value of succession planning for skill development and talent retention.
  • Discover strategies to attract and retain top talent.
  • Recognize the top 10 most common competency gaps.
  • Learn how to develop a successful succession plan.
  • Plan their own leadership development solutions.

Sue Ulrey is an internal audit executive with 25+ years of practitioner and consulting experience in banking, insurance, and healthcare. Innovative and solutions-focused, she drives organizational improvement through audit and data analytics, while promoting strong ethics and governance. Ulrey excels in structuring and strengthening operational and financial processes and controls to maximize long-term performance, growth, and profitability. Leveraging her expertise in project management, strategic planning, best practice evaluation, internal audit QAR, contract/regulatory compliance, vendor oversight/compliance, and finance, risk, internal audit, and governance reviews. Ulrey has managed 100+ large-scale IT and data analytics projects and conducted 100+ contract compliance reviews in the last 10 years.

​11:00 - 11:20 a.m. EST
​Innovation Session - Presented by CaseWare/IDEA
​11:00 – 11:30 a.m. EST
Networking Break in the Virtual Exhibit Hall
11:30 a.m. – 12:45 p.m.​​​​​ EST
​Concurrent Session Tracks

Moderator:
Claire Chong
Industry Specialist
CaseWare IDEA
CANADA

Claire Chong brings more than 15 years of experience in internal audit, finance, and assurance and advisory services to her role as industry strategist. Serving as an industry subject matter expert, she helps drive the development and delivery of value-added analytics solutions. Prior to joining CaseWare IDEA, Claire held audit management positions in public, private, and government enterprises in a variety of industries, including gaming and lottery, exhibitions and events, consumer packaged goods, commercial real estate, and professional services.

Presenter:
Lenny Block, CIA, CPA
Vice President, Internal Audit
Nasdaq
USA

Sometimes people seek therapy to help overcome a barrier preventing them from achieving a goal. A similar approach can be applied to learning how to succeed with data analytics. This presentation’s interview format allows for sharing of expertise in incorporating analytics into the audit process. Use cases will illustrate how to overcome barriers, encourage team adoption, and gather data. Guidance will be prescribed to analytics challenges that attendees care to share.

In this session, participants will:

  • Learn how to apply an “ask the doctor”’ approach to obtain precise prescriptions (recommended solutions) to help overcome data analytics challenges (or fears).
  • Identify the data available to them and learn how to get it.
  • Grow analytics expertise organically within their audit teams.
  • Expand their focus beyond numerical data.

Lenny Block is vice president of internal audit at Nasdaq. He brings a background of more than 35 years in internal audit, business process reengineering, database design, and project management. Block has extensive practical experience in managing all phases of an internal audit, ensuring regulatory compliance and financial reporting integrity, and improving operational effectiveness for Nasdaq-owned entities worldwide. He also leads internal audit‘s data analytics program and donates his expertise on foreign corrupt practices compliance to the corporate ethics team. Block also teaches auditing as a member of Southern New Hampshire University’s adjunct faculty. He previously worked in the nonprofit, mortgage-backed securities, and telecommunications industries.

NASBA CPE Credit 1.5
NASBA Learning Field: Auditing

Moderator:
Patricia Miller, Owner
PKMiller Risk Consulting
USA

Patty Miller is the owner of PKMiller Risk Consulting, LLC and has significant management and consulting experience. In her 14 years with Deloitte, she served as the lead risk services partner on significant technology and consumer clients. Her many IIA volunteer roles have included Chairman from 2008–09, executive committee member, and Chair of the Standards Board. She is a frequent speaker and trainer, and has led and co-authored research projects for The IIA. Miller is the recipient of the William G. Bishop III Lifetime Achievement, Victor Z. Brink, and American Hall of Distinguished Audit Practitioners Awards.


A. Using Ethical Dilemmas to Deliver Value to Your Stakeholders

Joy Gray
Internal Auditing Education Partnership (IAEP) Coordinator, Lecturer
Bentley University
USA

Session Description Being Finalized

Joy Gray lectures in the department of accountancy and serves as IAEP coordinator at Bentley University. Her teaching experience includes courses in internal auditing, IT audit, financial auditing, forensic accounting, and introductory financial/managerial accounting. She is also active in research on topics related to IT audit and data analytics. Gray previously served in both supervisory and staff positions at OSRAM Sylvania, Lockheed Martin, and General Electric. Her responsibilities included establishing a new internal audit department, serving as project leader for SAP-related audit activities, and conducting both domestic and international internal audits. She also worked as a contract Sarbanes-Oxley consultant through Robert Half.

B. Examining the Myths of Business Ethics: Do Internal Auditors Fall Prey to Them As Well?

Matej Drascek, CIA, CRMA
Chief Internal Auditor and
Chief Audit Executive
LON Bank
SLOVENIA

Ethics represents a cornerstone of internal auditing, not only as a profession but also as providing assurance of an organization’s ethical practices. With recent corporate scandals and low public trust in corporations, internal auditors should take a step back and look at tacit truths/ common myths about business ethics and whether they are indeed helping organizations to become more ethical. This presentation will draw on different research, with emphasis in behavior ethics.

In this session, participants will:

  • Distinguish between actual truths and myths about business ethics, including the code of conduct supporting ethical behavior; the compliance program helping the organization become more ethical; whistleblowing tools reducing the risks of unethical behavior, etc.
  • Explore tools for enabling better auditing these myths and mitigating related risks.
  • Discuss ideas to help their organization become more ethical.

Matej Drašček is chief audit executive for a regional retail bank in Slovenia. In addition to having served as a teaching assistant and guest lecturer for several universities and faculties, he has published numerous professional and scientific international articles on internal audit, human resources, business ethics, and strategic management. Drašček has spoken at domestic and international conferences, presenting new tools and insights in internal audit, strategic management, and ethics. He won The IIA’s William S. Smith Award for highest score in the CIA exam.


C. Fraud and Ethics: Do Generational Differences Matter?

Ann M. Butera, CRP
President
The Whole Person Project
USA

“Work hard and you will be rewarded.” “Respect those with authority.” As the new breed of employee joins our teams, these business values are changing fast. Raised in a disposable, technologically advanced, quantitative age, these employees have different expectations and perspectives. This interactive session will explore how generational differences affect ethical decision-making, as well as techniques you can use immediately when identifying potential fraud risk and evaluating ethical situations.

In this session, participants will:

  • Understand the behavioral characteristics of three different generations in the workplace.
  • Describe the impact of generational differences on fraud risk assessment.
  • Explain the effect of generational differences on ethical decision making.

Ann M. Butera is president of The Whole Person Project, Inc., and an organizational development consulting firm that enables auditors to improve their organizations’ risk management practices. Known for providing practical advice with a sense of humor, she develops behavior-changing training programs for first and second line of defense and internal audit departments. Butera is a former audit committee member for a financial services firm. She frequently speaks at IIA conferences and chapter meetings, writes for Protiviti’s KnowledgeLeader column, and leads webinars. She also authored the book, “Mastering the Five Tiers of Audit Competency: The Essence of Effective Auditing.”

NASBA CPE Credit 1.5
NASBA Learning Field: Behavioral Ethics

Mike Jacka, CIA
Chief Creative Pilot
FPACTS
USA

Organizations everywhere recognize social media as a significant opportunity, but also a significant risk. They are still often caught unaware by the emerging issues that are part of this new technology. This session, by discussing the basics of social media, the emerging risks, and approaches to mitigation of these risks, will provide internal auditors the information they need to help their organizations navigate this constantly evolving area.

In this session, participants will:

  • Identify the aspects of good social media strategies, governance and oversight, and policies.
  • Describe the risks to which companies are exposed with social media.
  • Use the information presented to establish an audit of their companies’ social media activities.

Mike Jacka is chief creative pilot for FPACTS, a group dedicated to advancing internal audit skills. During a 30+-year internal audit career, he has been responsible for developing fraud investigation procedures for a 100-person audit shop, overseeing Farmers’ western regional auditing operations, and designing auditor training programs for a global organization of 200+ staff members. Jacka is a top-rated presenter, award-winning columnist, and contributor to Internal Auditor magazine, as well as co-author of two books published through the Internal Audit Foundation (Auditing Social Media: A Governance and Risk Guide, and Message, Brand, and Dollars – Auditing Marketing Operations, both in their second editions).

NASBA CPE Credit 1.5
NASBA Learning Field: Information Technology

J. Craig Carter
Director
Gradient
USA

Greg Jordan
Chief Audit Executive
Nationwide Insurance
USA

Data quality, integrity, analysis, and modeling are fundamental to building competitive advantage. Organizations increasingly rely on data-backed decision-making to redefine their processes and business models. Internal audit must do the same to improve value, innovation, and focus on risks that matter. Machine learning enables dynamic refinement of internal audit’s focus, role, and positioning, elevating the function’s value and relevance while engaging new stakeholders.

In this session, participants will:

  • Understand how internal audit can leverage machine learning to reevaluate the audit universe, stratify audit coverage, identify and assess emerging risk on a continuous basis, and automate audit procedures.
  • Learn where to start, including obtaining and validating data, identifying machine learning use cases, developing predictive models and advanced analytics, interpreting results, and enhancing reporting, continuous monitoring, and continuous auditing.
  • Gain insights into expected results, discover what skill sets are required and where internal audit can find them, and evaluate the role of machine learning in the high-performing internal audit function of tomorrow.

Craig Carter has 20 years of experience in the high-tech industry as a chief audit executive, as well as 17 years as a Big Four partner, serving most recently as KPMG’s global leader of internal audit innovation. He is a founding director of Gradient Transformative Solutions, a data science firm specializing in machine learning solutions to business problems. Carter currently serves as a partner in Internal Audit Executive Services (IAES), assisting CAEs, CFOs, and audit committees in optimizing risk coverage and enhancing the effectiveness of their internal audit functions. He also presents frequently at national and regional IIA conferences.

Greg Jordan has held several business and finance leadership roles at Nationwide. As SVP and CAE, he oversees Nationwide’s office of internal audit, including reviewing and communicating the results of internal audit work and serving as a business partner and strategic advisor on various business cabinets. Jordan was previously VP and CFO for exclusive channel western operations and VP of product management for Nationwide Financial’s fixed and offshore annuities. Earlier, he was VP of strategic planning, VP of operations, and controller at Midland Life Insurance Company/Swiss Re, and a senior manager in EY’s insurance and financial services practice group. Jordan is a member of The IIA’s International Exam Development Committee.

NASBA CPE Credit 1.5
NASBA Learning Field: Specialized Knowledge 

Moderator:
Scott Norton, CPA
Senior Vice President, and Head of Internal Audit
Bayview Asset Management
USA

Scott Norton joined Bayview Asset Management in 2018 as senior vice president and head of internal audit. He was previously the chief auditor for BankUnited Inc., a publicly traded bank holding company with more than $30 billion in assets. Norton began his career as an external auditor for PricewaterhouseCoopers and later held executive positions in the consulting divisions of both Grant Thornton and Protiviti. He serves on the board of The IIA’s Miami chapter.


A. The Value Audit Engagement Report: Is It a Matter of Culture?

Verra Marmalidou
Director, Internal Audit
National Bank of Greece
GREECE

The audit engagement report reflects internal audit’s work and opinion. But do auditors really know how their message is received by key recipients and if the objectives have been accomplished? Why is the report so important? What makes it relevant? Is culture related to the report? How should the report be structured? Are key report elements based on IIA Standards? How can we use tools to conclude the report objectively?

In this session, participants will:

  • Distinguish between relevant and irrelevant audit reports, a long report and a short one, and a modern report and an outdated one.
  • Learn how technology can help produce a relevant audit report.
  • Describe audit findings, perform root cause analysis, and follow a principles-based framework for expressing the audit opinion using a tool.
  • Develop ideas for reporting on the risk and control culture.

Verra Marmalidou is chairman of IIA–Greece and a board member of the ECIIA. She works at National Bank of Greece Group as internal audit director. Marmalidou has been involved in the implementation of audit tools and modern audit techniques as well as internal quality assessments. She was project manager for implementation of the COSO Internal Control framework and GRC platform used by the bank’s three lines of defense.


B. Storytelling via Digitized Audit Reports

Larry C. Herzog Butler, CIA, CRMA, CPA, CGMA, CRISC
Senior Director, Internal Audit
Delivery Hero SE
GERMANY

Some audit reports are prepared in Word. Some in PowerPoint. How engaging are these reports to executive management and the audit committee? This session explores how a small internal audit function’s use of storytelling to digitalize its reports resulted in greater engagement and collaboration.

In this session, participants will:

  • Distinguish between the various internal audit reporting needs of stakeholders.
  • Understand the power of storytelling through audit engagement and audit committee reports.
  • Learn how to begin to develop dashboards that engage stakeholders.
  • Develop ideas for audit reporting via digital formats.

Larry C. Herzog Butler is senior director of internal audit for Delivery Hero SE, a company that in 2017 completed one of Europe’s most successful IPOs. Formerly with Deloitte & Touche, he has 20+ years of experience providing audit, compliance, business process improvement, enterprise risk management, and advisory services. His background encompasses planning and executing internal audits and Sarbanes-Oxley engagements, reporting to audit committees, managing key stakeholder relationships, training audit staff, and strengthening internal controls over financial reporting. Butler has volunteered extensively with The IIA, including formerly serving as president of IIA–Los Angeles and currently sitting on the chapter’s Board of Governors.


C. Trail Blazers Use Technology to Their Advantage

Colleen Knuff
Senior Director, Product Management
Wolters Kluwer - TeamMate
CANADA

Standard practice — wait until fieldwork is done, then write the report. What if you could continuously report your findings to management, collaborate on their responses, track how your communications change over time, and publish at the end of fieldwork? Agility in reporting requires rethinking how we communicate what we know and when. It also requires us to leave our biases at the door.

In this session, participants will:

  • Learn why continuous delivery of findings and collaboration on responses creates speed to delivery.
  • Discover why giving stakeholders direct access to findings promotes an "anytime, anywhere" approach to communication and collaboration.
  • Understand how real-time reporting can only be achieved if we stay away from secondary tools.
  • Identify the benefits of natural language processing (NLP) assistance, especially sentiment analysis, when editing audit reports to ensure our message matches our data.

Colleen Knuff has served as a product manager for TeamMate software for almost 20 years. Her focus is to ensure the needs of assurance professionals are met while delivering value based on professional standard requirements, changes to technology, and internal auditor feedback globally. She leads a global product management team focused on innovative solutions to real market problems, with heavy emphasis on voice of customer, contextual design, and user observation. Previously, as internal audit senior manager with PricewaterhouseCoopers, Knuff worked on a wide variety of internal audit projects, including strategic business processes, operational audits, IT audits, outsource vendor audits, and business operations, across multiple clients.

Moderator:
Larry Harrington
Retired Chief Audit Executive
Raytheon
USA

Panelists:
Valentina Kostenyuk
Senior Lead Internal Auditor
Avangrid Renewables
USA

Jingwen (Grace) Wu
Risk & Governance Compliance Officer
Silicon Valley Bank
USA

Puja Shah, CIA, CCSA, CFSA, CRMA
Executive Director
UBS
USA

In support of The IIA’s diversity goals, this panel of three female professionals — facilitated by former Chairman of the Board Larry Harrington — will discuss how to generate influence, manage across generational gaps, and promote diversity to propel the next generation of internal auditors. The panelists come from different cultures and levels of experience, but possess a shared background in internal audit and a passion for the profession.

In this session, participants will:

  • Learn how to manage by influence and cross-directionally (managing up/down, peer, etc.).
  • Hear tips for overcoming generational gaps to develop, motivate, and manage emerging leaders and millennials.
  • Discover how to promote diversity in their team and work with gender/culture/age bias.
Larry Harrington was chief audit executive at Raytheon Company from 2004 until his retirement in 2018. Previously, he was CAE at several Fortune 250 companies and served as a vice president within finance, human resources, and operations. Harrington has volunteered with The IIA for 30+ years, serving as president of the Greater Boston chapter, co-chair of the International Conference in Boston, and chairman of both the North American and Global boards. He was named to the American Hall of Distinguished Internal Audit Practitioners and received the Victor Z. Brink Award for Distinguished Service. Harrington has spoken on internal auditing, leadership, career development, and diversity and inclusion in 30+ countries.

Valentina Kostenyuk is a lead/senior auditor at Avangrid Renewables. Her nine years in internal audit have focused on operational auditing and SOX compliance across all segments of the energy industry. Passionate about the profession, Kostenyuk was featured in Internal Auditor magazine’s “2015 Emerging Leaders.” She served as president of IIA–Portland and is currently the district representative for the West District chapters. As chair of the North America Emerging Leaders Task Force, she is spearheading the development of a national mentorship program for young professionals in The IIA. Kostenyuk has been a speaker/facilitator at numerous IIA events.

Jingwen (Grace) Wu has nearly seven years of internal audit and compliance experience. She is a compliance manager in the corporate compliance and risk and governance group at Silicon Valley Bank. She was previously a senior auditor at eBay and an advisory consultant at Deloitte & Touche LLP, serving financial services, energy, and high-tech clients. Passionate about volunteering, Wu has served as chair of The IIA’s Emerging Leaders Task Force, currently serves as president-elect of IIA–San Jose, and was recently elected to The IIA’s NA Advocacy Committee. She speaks frequently at company and industry events.

Puja Shah has 10+ years of internal audit experience, emphasizing financial, operational, and risk audits and regulatory compliance for financial institutions. Currently an executive director at UBS, she has performed risk assessments, risk and control testing, issue validations, and continuous monitoring; mapped to regulatory expectations; escalated findings to senior management; and produced value-added reporting for key stakeholder decision-making. Shah earned IIA–Chicago’s William C. Anderson Member of the Year Award in 2017 for outstanding volunteer contribution to the chapter and dedication to the internal audit profession. She serves on the IIA–Chicago Board of Governors and is chair of the Next Gen Advisory Group.

​​
​12:45 - 1:05 p.m. EST
​Innovation Session - Presented by AuditBoard
​12:45 – 1:30 p.m. EST
Lunch break and Networking in the Virtual Exhibit Hall
1:30 – 2:30​ p.m. EST
Concurrent Session Tracks

Moderator:
Carrie Summerlin, CCSA
Vice President, Internal Audit Foundation
The Institute of Internal Auditors
USA

Carrie Summerlin is vice president of the Internal Audit Foundation, the research and grant-making arm of The Institute of Internal Auditors, which serves more than 200,000 members globally. She provides oversight for the Foundation's focus areas, including research and content development, academic grant programs, fundraising, strategic relationship management, and retail operations. During her 17-year tenure with The IIA, Summerlin has led various departments, including conferences, membership and chapter relations, and marketing. Before her appointment to the Foundation, she served as the managing director of conference and event operations.

Presenter:
Lisa Hirtzinger, CIA, QIAL, CCSA, CRMA
Senior Vice President, Training & Development
The Institute of Internal Auditors
USA

The need for new or sharpened skills is a constant throughout any career, not a compartment that can be closed. Reskilling and upskilling will be an ever-present part of professional development, whether your internal audit skill level is awareness, applied knowledge, or expert. The IIA’s Internal Audit Competency Framework© provides a clear and concise professional development plan for internal auditors at every level of their career. The comprehensive and concurrent strategy defines and delivers the knowledge and skills necessary to navigate a successful career in internal auditing focused on best practices and practical applications.

In this session, participants will:

  • Explore why and how a competency framework is critical to support both a profession and professionals
  • Discover the ways to leverage the newly updated and released IIA Competency Framework ™
  • Learn how to chart your own course and leverage the framework for your personalized path

Lisa Hirtzinger is The IIA’s senior vice president of training and development, focused on developing relevant curriculum and conferences delivered via multiple learning modalities, including in-person, online, facilitator-led, and self-directed,  to meet practitioners’ professional development needs. In her 13-year IIA tenure, Hirtzinger has held multiple roles, ensuring high-quality, relevant content is available to support, enable, and assess practitioners worldwide. In her previous role as vice president of professional knowledge and assessment, she was responsible for standards, guidance, and quality services. She also served in director roles in training curriculum, professional guidance, and exam development. Prior to The IIA, Hirtzinger worked in the audit profession at Ernst & Young, LLP and Wells Fargo.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing

Moderator: 
Jude Viator, CIA, CISA, CRISC 
Consulting Associate Director 
P&N 
USA 

Jude Viator is an internal and IT audit practitioner with more than 12 years of experience providing outsourced and co-sourced controls and risks services for private, public, and government organizations, with a concentration on financial institutions. His responsibilities have included designing, preparing, executing, and reporting on controls testing. In addition, Viator regularly meets with company management, senior leadership/ownership, and oversight functions, including committees and regulators, to discuss risks and internal audit strategies.

A. Strategies for Engaging Your Team in Change

Rachel Tressy
Senior Vice President and Chief Auditor
Voya Financial
USA

Our profession is in a time of unprecedented change. The change needs to come from within, with full engagement from your whole team (no matter what size). This session will discuss ways to move your team forward together through these important times.

In this session, participants will:

  • Review some of the changes we are all facing in the internal audit profession.
  • Discuss strategies for involving their team in the changes.
  • Share successes and failures in recent change management experiences.

Rachel Tressy is senior vice president, and chief audit executive at Voya Financial, responsible for providing internal audits and advisory services for evaluation of the company’s internal control environment. She previously spent 15 years at Cigna in both audit and business roles. Tressy has sought to build relationships with business partners and partners throughout her career to demonstrate the value that strong partnerships bring to companies. She started her career at Ernst & Young in audit and advisory services. She is also active on a nonprofit board of trustees.>


B. How to Put the Success in Succession Planning

Sue Ulrey, CIA, QIAL, CRMA, CRISC, CFE, FCA
National Practice Leader
MMY
USA

Talented people will eventually move on — either by choice or by circumstance — and they must be replaced. Studies and surveys have shown that most companies do not have robust succession plans. Managing the succession of talent is critical to achieving your organizational goals.

In this session, participants will:

  • Understand the value of succession planning for skill development and talent retention.
  • Discover strategies to attract and retain top talent.
  • Recognize the top 10 most common competency gaps.
  • Learn how to develop a successful succession plan.
  • Plan their own leadership development solutions.

Sue Ulrey is an internal audit executive with 25+ years of practitioner and consulting experience in banking, insurance, and healthcare. Innovative and solutions-focused, she drives organizational improvement through audit and data analytics, while promoting strong ethics and governance. Ulrey excels in structuring and strengthening operational and financial processes and controls to maximize long-term performance, growth, and profitability. Leveraging her expertise in project management, strategic planning, best practice evaluation, internal audit QAR, contract/regulatory compliance, vendor oversight/compliance, and finance, risk, internal audit, and governance reviews. Ulrey has managed 100+ large-scale IT and data analytics projects and conducted 100+ contract compliance reviews in the last 10 years.

NASBA CPE Credit 1.2
NASBA Learning Field: Personal Development

Peter Hughes
Assistant Auditor-Controller
County of Los Angeles, Department of Auditor-Controller
USA

Robert Campbell, CIA, CRMA, CFE
Chief, Office of County Investigations
County of Los Angeles, Department of Auditor-Controller
USA

All auditors know that their internet is subject to hacking, but few know exactly how easy it is for hackers to penetrate the most common vulnerabilities of any network, or how easy and effective the ‘counter-defense’ or ‘antidote’ is to implement. Recent breeches will be examined and a hack attack will be simulated, providing hands-on exposure to the most common hacker schemes in real-time.

In this session, participants will:

  • Learn how to identify the three most common vulnerabilities of the typical network.
  • Understand a proven approach for countering the hacker schemes most frequently used to penetrate networks.
  • Get tips for customizing, promoting, and implementing a proven training program that includes ongoing compliance testing conducted via simulated and controlled hacks.

Dr. Peter Hughes, Assistant Auditor-Controller/CAE for Los Angeles County, oversees 150 auditors. Peter was the controller at Caltech, assistant controller at CBS, and director of internal audit at Orange County, Caltech, NASA’s Jet Propulsion Lab, and the Oregon University System. His transformation of Orange County’s audit committee and internal audit activities into world-class leaders played a key role in its unprecedented recovery (OC is now triple A rated) from the largest municipal bankruptcy in the country’s history. He serves on IIA’s Public Sector Audit Committee and was the 2010 AICPA’s CPA of the Year.

Robert Campbell is chief of the Office of County Investigations for Los Angeles County (LAC). He leads a staff of 30 law enforcement professionals in administering the countywide fraud hotline and conducting criminal and administrative investigations of waste, fraud, and abuse. Campbell also has extensive experience in information security and privacy matters and formerly directed LAC’s HIPAA compliance program. He is the past president of The IIA’s Beach Cities Chapter in Los Angeles, California, and a frequent speaker at IIA conferences.

NASBA CPE Credit 1.2
NASBA Learning Field: Information Technology

Burke Willis
Specialist Leader
Deloitte & Touche LLP
USA

Deanna Caruso
Audit Manager
General Motors
USA

Ali Rana
Audit Tools Manager
General Motors
USA

Colin Loomis, CISA, CISSP
Senior Manager
Deloitte & Touche
USA

In an interactive session using role play, attendees will see what it feels like to work in an internal audit function trying to learn and implement agile principles and methods. The session will begin with a brief overview of Agile and one organization’s journey adopting it, then move quickly on to three scenarios based on actual challenges encountered. Each scenario will conclude with a debrief and Q&A.

In this session, participants will:

  • Learn about common challenges faced by an internal audit function implementing Agile.
  • Develop their own views about how to tackle these challenges.
  • Share their opinions via real-time polling and see and evaluate results from the group.
  • Learn how the co-presenters’ organizations solved these challenges.

Burke Willis is a specialist leader for Deloitte Risk & Financial Advisory. With strong coaching, facilitation, and leadership skills, and 25+ years of experience helping organizations analyze and improve performance, he transforms traditional internal audit groups into well-functioning agile teams. An extensive background working on and leading IT-enabled business transformation projects as both an external consultant and internal technology manager at Fortune 500 companies has enabled Burke to anticipate needs and steer organizations through their transformation journeys to achieve higher-quality, more risk-focused, and more efficient audits, as well as increased satisfaction and perception of value from both business stakeholders and audit staff.

Deanna Caruso has more than 17 years of experience in external audit, corporate accounting, operational finance, and internal audit. She is currently an audit manager in the corporate functions, financial audit, and anti-fraud service line of the internal audit group at General Motors (GM). She is responsible for overseeing the execution of internal audits, consultative reviews, and special projects. Prior to her work at GM, Caruso spent more than seven years at Deloitte in audit and enterprise risk services as an external auditor focused on both manufacturing and automotive retail clients.

Ali Rana focuses on improving how data, technology, and GRC tools support the audit function as a manager in General Motors’ audit services group. He has 15+ years of internal and external audit experience, evaluating risks and controls associated with critical business processes and IT systems. Having held people-leader roles and interacted with audit/compliance functions in Fortune 500 companies, Rana has a unique perspective on audit transformation and adopting practices to position internal audit as a value-added partner. Most recently, he has been involved in several optimization projects within the audit groups at United Airlines and General Motors, with a focus on adopting agile practices.

Colin Loomis is a senior manager within risk and financial advisory at Deloitte with more than nine years of internal audit experience. His focus is on leading audits over areas such as cyber, SOX, and SAP. Additionally, he has supported teams on digital finance transformation with RPA implementations. Throughout his career, Loomis has served numerous Fortune Global 500 companies in the automotive, manufacturing, and technology industries. He also completed a two-year secondment with Deloitte Belgium.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing

Moderator:
Steve Roth, CIA, CPA
Vice President, Internal Audit, and ERM
Norwegian Cruise Line
USA

Steve Roth has 27+ years of internal and external auditing experience. During his tenure with Prestige Cruise/Norwegian Cruise Line, he has held the roles of vice president, senior director, and key ethics contact, overseeing development of the internal audit function, SOX compliance program, and ERM efforts. Previously, as creator of Audit Assessment Group, Roth conducted 25+ assessments of internal audit activities nationwide and led internal audit functions on an interim basis. Prior, as internal audit manager at Royal Caribbean Cruises, he helped establish a nationally recognized audit department. Roth began his career at Deloitte & Touche as a senior financial auditor. He currently serves on the board of IIA–Miami and as an adjunct professor at Florida International University.


A. Root Cause Analysis for Internal Audit: A Key Tool for Delivery of Insight

James C. Paterson, CIA
Director, Author
Rick & Assurance Insights Ltd.
UK

Being able to deliver insight and foresight is now a requirement for internal audit. A key tool for delivering insight is to use effective root cause analysis, and most auditors will be confident they are able to do this. This session will include a few pointers to determine whether you are on the right track. 

In this session, participants will:

  • Know the difference between immediate, contributing, and root causes.
  • Discover both the power of the 5 whys technique and its fundamental shortcomings; understand that 5 whys and 2 legs should always be the minimum analysis.
  • Gain insights into the fishbone technique and the main categories of root cause.
  • Identify “just culture” and be able to explain why “people,” “tone at the top,” and “culture” are not proper root causes.
  • Understand why effective root cause analysis should be done during an assignment (and not left until the end) and why it may speed up assignment delivery.

James C. Paterson established a consulting business in 2010 to provide training, development, and coaching in several key areas, including risk assurance mapping, lean/agile auditing, auditing culture, root cause analysis for internal audit, and influencing and political savvy for internal audit. He has conducted open courses with 12 IIA Institutes across Europe, including Belgium, Estonia, Finland, Latvia, Netherlands, Norway, Spain, Switzerland, Sweden, and the UK. Previously, at AstraZeneca Plc, Paterson advanced to CAE after holding various corporate and commercial finance roles, including head of group financial reporting and head of global leadership development programs. He authored Lean Auditing and has presented at ECIIA and GAM.


B. Critical Thinking for Auditors: An Illusion or Illumination?

Ureka Rangasamy, CIA, CISA
Senior Manager, Auditing
Eskom Holdings
SOUTH AFRICA

Not only are we faced with increasing complexity/change, but the pace of change and the interconnectedness of our world has increased. Auditors are told to develop deep insight, think critically, and become trusted advisors to add value. Is this vision for auditors an illusion, or are there tools and techniques that can help auditors develop their critical and systemic thinking skills?

In this session, participants will:

  • Explain the urgency for change in traditional auditing methods.
  • Describe concepts such as critical thinking and systemic thinking.
  • Learn how to apply select systemic thinking principles/models to see the big picture, improve root cause analysis, and develop recommendations.
  • Brainstorm ideas for reporting issues from a systemic thinking perspective.

Ureka Rangasamy is a dynamic professional who is passionate about her profession and is constantly striving for continuous improvement. She has extensive experience in auditing and IT. She currently engages with board and executive management relating to internal auditing and board oversight. She achieved the Executive Manager of the Year award for her division. Rangasamy has presented on enhancing the strategic value of auditing and how the traditional auditing practice of presenting management with recommendations to deal with problems simplistically and mechanistically is no longer adequate. She also emphasizes how auditors can leverage systems thinking and a holistic approach to increase their value add.

Sriram Padmanabhan, QIAL, CA, CISA
Chief Auditor, Technology
Citi
USA

Heather Haboush
Chief Auditor
and Chief Operating Officer
Citigroup
USA

Join us for a unique opportunity to discuss diversity and inclusion (D&I) in the workplace. During the session, speakers will touch on the benefits of increased D&I on individuals and the organization, and will offer concrete and actionable solutions to create and sustain a diverse and inclusive culture.

In this session, participants will:

  • Uncover the benefits of a more diverse and inclusive work environment.
  • Discuss how Citi and Citi’s internal audit team are fostering D&I.
  • Explore ideas and methods on how to increase D&I at any organization or team.

Sriram Padmanabhan sets overall strategic direction for Citi’s technology audit function and is responsible for audits of Citi’s data quality program. Padmanabhan, a member of Citigroup’s internal audit executive management team, leads a team of approximately 200+ audit professionals based across 26 locations. Previously, he was regional head of audit for Middle East and Africa at Standard Chartered Bank (SCB). In addition to internal audit, Padmanabhan had leadership roles in various businesses and functions such as consumer banking, operations and technology, finance, compliance, and risk, and he worked in many countries; he was also chair of the audit committee for an SCB subsidiary.

Heather Haboush brings 25+ years of financial services industry experience to her role as head of strategy for internal audit at Citigroup. She is responsible for developing and executing internal audit’s multi-year strategy, including regulatory engagement and emerging risks. Haboush previously drove process improvements and efficient deployment of internal audit resources as COO for internal audit. Prior, as finance lead for Citi’s global functions, including finance, risk, legal, HR, compliance, and internal audit, she spearheaded numerous global projects that increased efficiency and supported finance transformation initiatives. Haboush also served as head of planning, responsible for Citi’s multi-year strategic plan. Her background includes investment banking and strategic planning for an internet startup.

​​
​2:30 - 2:50 p.m. EST
​Innovation Session - Presented by Protiviti
2:30 – 3:00 p.m. EST
Networking Break in the Virtual Exhibit Hall
3:00 – 4:00 p.m. EST
Concurrent Session Tracks​​

Dan HeathDan Heath
Co-author of Four New York Times Bestselling Books
USA

Why do some big changes happen easily while many small changes prove impossible? Because our mind is divided into two different systems — an analytical mind and an emotional mind — that are often in conflict, particularly in situations of change. Building on this research, and based on the New York Times bestseller, Switch, Dan Heath reveals a simple, three-part framework that will help you change things in tough times.

In this session, participants will:

  • Learn where to start and what to do when they face resistance in facilitating change, whether simple or complex, in their families, businesses, and communities.
  • Learn valuable tips targeted to any change leader who is struggling to make progress.
  • Gain specific tools — and inspiration — needed to make change happen.

Dan Heath is a senior fellow at Duke University’s Center for the Advancement of Social Entrepreneurship (CASE), which supports entrepreneurs who fight for social good. He is the founder of Thinkwell, an innovative education company, and co-author of four New York Times bestsellers: Made to Stick, Switch, Decisive, and The Power of Moments. A former case writer for Harvard Business School, Heath was named in 2013 to the Thinkers 50, a ranking of the world’s 50 most influential management thinkers, and also to Fast Company magazine’s list of the Most Creative People in Business. He has delivered keynotes or workshops for countless executive teams across 26 countries on six continents.

NASBA CPE Credit 1.5
NASBA Learning Field: Personal Development

Sudhakar Sathiyamurthy, CRISC, CISA, CGEIT, CIPP/US, ITIL Expert
Managing Director, Cyber
Grant Thornton LLP
USA

Sonia Siddiqui
Lead, Privacy
Coinbase
USA

The convergence of rapidly emerging technologies, heightened standards/expectations, jurisdictions with complex/conflicting obligations, workforce optimization, and demand for cost reductions are redefining the international cyber compliance landscape, a trend which is expected to intensify in magnitude in the future. A pointed approach to compliance is reactionary, often failing to scale to international standards for cyber compliance. Compliance modernization helps navigate risks/opportunities and manage international cyber compliance standards effectively.

In this session, participants will:

  • Examine compliance modernization from governance, process, and technology standpoints.
  • Identify factors that define cyber compliance modernization and the operating model for driving efficiencies.
  • Explore practical considerations and real-life case studies for transforming cyber compliance operations through robotic process automation (RPA).
  • Build a business case and blueprint for employing automation in the cyber compliance framework to drive value.

Sudhakar Sathiyamurthy is an experienced leader with wide-ranging global experience in helping organizations and risk leaders plan and execute on their digital and cyber risk goals and strategies. His leadership in risk advisory spans more than 14 years. Sathiyamurthy has a track record of excellence in building new market offerings on cyber risk strategy and transformation, privacy and data protection, and risk tech strategy and automation; serving clients with nimble and practical cybersecurity solutions; and growing business through standing-up new service capabilities and scaling-up existing capabilities.

Sonia Siddiqui is responsible for evaluating global privacy regulations and establishing compliant privacy standards and procedures as a global data privacy lead at Coinbase. She works with product teams to enhance privacy controls and define privacy requirements, taking into account risk appetite, exposure, and business objectives. Previously, Siddiqui supported the creation of Grant Thornton’s privacy and data protection practice. She advised technology, retail, and telecommunications clients on privacy laws and regulations and the implications for their business operations, and also supported clients in developing tailored privacy solutions. Siddiqui’s background has included developing and overseeing the enhancement of CCPA and GDPR privacy programs and initiatives for large multinational organizations, as well as evaluating incident response plans/strategies.

NASBA CPE Credit 1.2
NASBA Learning Field: Information Technology

Moderator:
Brian Tremblay, CIA, CISA
Director, Internal Audit
Acacia Communications, Inc.
USA

Brian Tremblay leads the compliance practice at Onapsis, helping customers understand and navigate the increasing overlap of compliance, cybersecurity, and business continuity related to IT general controls and regulatory/compliance matters such as SOX and GDPR. Previously, as CAE for Acacia Communications, he founded and led the internal audit function, helped prepare the organization to go public (including implementing SOX), and facilitated ERM implementation. Previously, as director of internal audit at Iron Mountain, Tremblay oversaw all audits and projects within North America as well as liaised with global quality managers. Prior, he built out an internal audit department and executed a SOX implementation at Houghton Mifflin Harcourt, and worked at Raytheon and Deloitte.


A. State of Blockchain and Digital Assets: 2020

Salvatore Ternullo, CISA
Director, Advisory, U.S. Cryptoasset Services Co-leader
KPMG US
USA


In this session, participants will:

  • Understand the state of blockchain technology adoption across industry sectors
  • Discuss and analyze key trends that will continue to drive adoption across institutions and retail participants
  • Discuss the increasing spectrum of digital assets and use cases/ adoption across the spectrum

Sal Ternullo is a director in KPMG’s Advisory practice and a co-leader of the Cryptoasset Services team. He is responsible for driving crypto strategy, innovation efforts, and market delivery, primarily for financial institutions and crypto native companies. He also leads strategy, development, and go-to-market for KPMG’s climate accounting infrastructure (CAI) solution, which enables greenhouse gas emissions management and enhanced climate risk modeling. Ternullo has deep FinTech experience working in highly regulated and secure environments to help clients drive scalable, trusted adoption of emerging technologies, including cloud, robotic process automation (RPA), crypto/blockchain, and machine learning/artificial intelligence (AI). He is a frequent speaker and a leader in the crypto and blockchain community.


B. Technology Risks of Blockchain

Jeannette Russell-Shepherd, CIA, CPA, CISA, CISSP
Manager
Friedman LLP
USA

Everyone has heard the word blockchain, but what are the technology risks that auditors should consider when assessing this technology? I will discuss key technology risks to consider when assessing, reviewing, or auditing a blockchain solution, including security, availability, confidentiality, privacy, and processing integrity. Discussion will cover specific use cases, difficulties enterprise and startup companies have encountered while implementing these solutions, and how auditors can advise their clients.

In this session, participants will:

  • Understand standard use cases of blockchain solutions.
  • Determine key considerations for assessing blockchain solutions.
  • Learn how to identify and describe risks when using blockchain, especially data risks.

Jeannette Russell-Shepherd is a manager within Friedman LLP’s governance, risk, and compliance services practice. She has served clients in a range of industries, with a focus on financial services, technology, and digital currency companies. She partners with CyZen, Friedman’s cybersecurity consultants, and the digital currency practice on auditing and advising companies invested in and/or supporting digital currencies and blockchain technology. Russell-Shepherd is experienced in performing IT audits and reviews, conducting SOC 1 and SOC 2 readiness assessments and reporting for service organizations, and providing IT governance risk and compliance services. She previously worked at PwC within risk assurance and on their blockchain validation solution.

NASBA CPE Credit 1.2
NASBA Learning Field: Specialized Knowledge

Neil Frazer
Vice President, Internal Audit
Knoll, Inc.
USA

Mike Varney, CIA, CPA
Partner
Crowe LLP
USA

Crowe, in partnership with a client, will present on how to begin the process of implementing a data analytics program within your internal audit department. We will attempt to cut through the hype by utilizing a real-world case study outlining tactical steps for beginning to utilize data analytics to support internal audit activities.

In this session, participants will:

  • Identify usable data within their organization to begin a program.
  • Define a structured approach to starting a program.
  • Determine measureable results/outcomes to define the program’s success.

Neil Frazer is an internal audit executive with 20+ years of experience in internal audit, risk management, and accounting with multinational public and private companies as well as a public accounting firm. He has an extensive background in the manufacturing and logistics industry sectors and has established and transformed audit departments in Europe and the U.S. during his career. Recently, Frazer has focused his transformation efforts on embedding data analytics and robotic process automation into both audit and business control processes to increase the effectiveness of business controls and the coverage of audit activities in an economical manner.

Mike Varney has 20+ years of experience in internal audit, risk management, accounting, and financial reporting management with Fortune 1000 global and domestic companies as well as accounting firms. Recently, he has focused on helping clients institute data analytics programs or assess their existing programs. Varney has also participated on a team that defined Crowe’s approach to implementing and developing audit activities utilizing data analytics. His background has encompassed establishing internal audit functions, designing and executing annual audit plans, and leading business process development, including vendor management review procedures, supply chain review, data privacy, and data analytics programs. Varney serves The IIA on both local and North America committees.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing  

Moderator:
Nancy Haig, CIA, CCSA, CFSA, CRMA, CFE, CBA, CRISC, CCEP
Global Director, Internal Audit and Compliance
Alvarez & Marsal
USA

Nancy Haig is an award-winning author and speaker, and is currently the head of internal audit and compliance for a global consulting firm. Her expertise includes leading risk-based internal audit and compliance teams in the financial services, health care, pharmaceutical, and professional services industries. An advocate of the internal audit profession, Haig not only mentors those interested in pursuing a career in internal auditing, but also serves as a volunteer leader for The IIA as a director on both the Global and North American boards.


Karen Brady, CIA, CRMA
Corporate Vice President and Chief Compliance Officer
Baptist Health South Florida
USA

Benito Ybarra, CIA, CISA, CFE, CCEP
Chief Audit and Compliance Officer
Texas Department of Transportation
USA

A panel of three CAEs (two who are current BOD members) will discuss their roles as head of both the compliance and internal audit function, including how their careers evolved, the skills they needed, and the challenges they faced.

In this session, participants will:

  • Learn the differences between the CAE and CCO (chief compliance officer) roles.
  • Consider the challenges to be overcome in leading both functions.
  • Decide whether or not this would be a desirable career path, based on the skills needed for both positions.

Karen Brady has been with Baptist Health for more than 20 years, and has implemented a robust, world-class, and award winning compliance and internal audit program. Under her leadership, Baptist Health has been recognized by the Ethisphere Institute as one on the World’s Most Ethical Companies for the past six years. Brady began her career with Ernst & Young, serving in various executive positions within the hospitality industry, including controller and CAE. She has served as a volunteer leader of The IIA as a member of both the North American and Global Boards.  Brady is past president of the Florida Health Care Compliance Association and serves as the chair of the Finance Committee on the Board of Riverside House, a charitable organization.

Benito Ybarra serves as Chief Audit and Compliance Officer at the Texas Dept. of Transportation (TxDOT). Ybarra oversees TxDOT's Internal Audit and Compliance divisions. These functions are aimed at improving organization practices, risk management, accountability and governance through value-driven audits, reviews, investigations and advisory services engagements.

Prior to joining TxDOT in September 2011, Ybarra worked at Dell Inc. and Texas Guaranteed Student Loan Corporation. He has earned designations as a Certified Internal Auditor, Certified Information Systems Auditor, Certified Fraud Examiner and Certified Compliance and Ethics Professional, as a result of his more than 20 years of audit and investigations experience.

In addition to sitting on the Institute of Internal Auditors' (IIA) Global Board of Directors, Ybarra is the senior vice chairman of the IIA's North American Board.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing

Moderator:
Patricia Miller, Owner
PKMiller Risk Consulting
USA

Patty Miller is the owner of PKMiller Risk Consulting, LLC and has significant management and consulting experience. In her 14 years with Deloitte, she served as the lead risk services partner on significant technology and consumer clients. Her many IIA volunteer roles have included Chairman from 2008–09, executive committee member, and Chair of the Standards Board. She is a frequent speaker and trainer, and has led and co-authored research projects for The IIA. Miller is the recipient of the William G. Bishop III Lifetime Achievement, Victor Z. Brink, and American Hall of Distinguished Audit Practitioners Awards.


A. Using Ethical Dilemmas to Deliver Value to Your Stakeholders

Joy Gray
Internal Auditing Education Partnership (IAEP) Coordinator, Lecturer
Bentley University
USA

In this interactive, case-based session, participants will examine difficulties associated with applying ethical principles in common business situations, and examine strategies for communicating their personal ethical (moral) values in a constructive, persuasive manner. Using live polling technology, we will present several scenarios where personal ethics play a role, examine various responses, and discuss how to react and persuade others who may have different ethical values.

In this session, participants will:

  • Analyze several business situations to identify their ethical beliefs related to each situation.
  • Evaluate the context of these business situations.
  • Construct a list of potential objections to their desired ethical response.
  • Prepare a strategy for responding to these potential objections.

Joy Gray lectures in the department of accountancy and serves as IAEP coordinator at Bentley University. Her teaching experience includes courses in internal auditing, IT audit, financial auditing, forensic accounting, and introductory financial/managerial accounting. She is also active in research on topics related to IT audit and data analytics. Gray previously served in both supervisory and staff positions at OSRAM Sylvania, Lockheed Martin, and General Electric. Her responsibilities included establishing a new internal audit department, serving as project leader for SAP-related audit activities, and conducting both domestic and international internal audits. She also worked as a contract Sarbanes-Oxley consultant through Robert Half.


B. Examining the Myths of Business Ethics: Do Internal Auditors Fall Prey to Them As Well?

Matej Drascek, CIA, CRMA
Chief Internal Auditor and
Chief Audit Executive
LON Bank
SLOVENIA

Ethics represents a cornerstone of internal auditing, not only as a profession but also as providing assurance of an organization’s ethical practices. With recent corporate scandals and low public trust in corporations, internal auditors should take a step back and look at tacit truths/ common myths about business ethics and whether they are indeed helping organizations to become more ethical. This presentation will draw on different research, with emphasis in behavior ethics.

In this session, participants will:

  • Distinguish between actual truths and myths about business ethics, including the code of conduct supporting ethical behavior; the compliance program helping the organization become more ethical; whistleblowing tools reducing the risks of unethical behavior, etc.
  • Explore tools for enabling better auditing these myths and mitigating related risks.
  • Discuss ideas to help their organization become more ethical.

Matej Drašček is chief audit executive for a regional retail bank in Slovenia. In addition to having served as a teaching assistant and guest lecturer for several universities and faculties, he has published numerous professional and scientific international articles on internal audit, human resources, business ethics, and strategic management. Drašček has spoken at domestic and international conferences, presenting new tools and insights in internal audit, strategic management, and ethics. He won The IIA’s William S. Smith Award for highest score in the CIA exam.


C. Fraud and Ethics: Do Generational Differences Matter?

Ann M. Butera, CRP
President
The Whole Person Project
USA

"Work hard and you will be rewarded." "Respect those with authority." As the new breed of employee joins our teams, these business values are changing fast. Raised in a disposable, technologically advanced, quantitative age, these employees have different expectations and perspectives. This interactive session will explore how generational differences affect ethical decision-making, as well as techniques you can use immediately when identifying potential fraud risk and evaluating ethical situations.

In this session, participants will:

  • Understand the behavioral characteristics of three different generations in the workplace.
  • Describe the impact of generational differences on fraud risk assessment.
  • Explain the effect of generational differences on ethical decision making.

Ann M. Butera is president of The Whole Person Project, Inc., and an organizational development consulting firm that enables auditors to improve their organizations’ risk management practices. Known for providing practical advice with a sense of humor, she develops behavior-changing training programs for first and second line of defense and internal audit departments. Butera is a former audit committee member for a financial services firm. She frequently speaks at IIA conferences and chapter meetings, writes for Protiviti’s KnowledgeLeader column, and leads webinars. She also authored the book, “Mastering the Five Tiers of Audit Competency: The Essence of Effective Auditing.”

Els Heesakkers, CPA, CA
Senior Auditor
CZ
NETHERLANDS

Maureen Vermeij-de Vries, CPA
Chief Audit Executive
CZ
NETHERLANDS

This session will inspire CAEs and managers with new insights to substantively enhance the practice of the internal auditing profession, challenge colleagues around the world to continue furthering their professionalization, and share good practices. Attendees will learn how the Internal Audit Ambition Model (IA AM) supports the formulation of a road map to achieve stated ambitions. The model provides visual guidance for conducting regular self-assessments, facilitating communication with stakeholders, and benchmarking with peers.

In this session, participants will:

  • Formulate and express their internal audit function’s ambitions on challenging themes and topics.
  • Assess the current state of their internal audit function and verify its compliance with the IPPF.
  • Reinvent dialogue between the CAE and stakeholders to promote the independence and performance of the internal audit function, as well as reinforce its desired ambition level and relevance.
  • Measure and debate with peers, use the IA AM as a benchmark tool, and give insight into the state of internal audit.

Els Heesakkers is senior auditor of professional practices for CZ’s internal audit department. With 18 years of experience in internal audit, she is greatly interested in improving the function’s quality and added value and in increasing broader recognition of the profession. She is a member and the secretary of the Internal Audit Ambition Model (IA AM) taskforce and a member of the Benchmarking Committee of IIA–Netherlands. She presents the IA AM in IIA introductory training for CAEs new to their role, and also as a lecturer for Tilburg University’s Post Master Accountancy (PMA) internal audit program. As IA AM founder, she has introduced the model at several conferences.

Maureen Vermeij-de Vries is chief audit executive at CZ, the #3 health insurance company of the Netherlands. She entered the internal audit profession 14 years ago following nine years as an external accountant at PricewaterhouseCoopers. She is chair of the Taskforce IA AM and president of the membership group of Internal and Government Auditors of the Royal Netherlands Institute of Chartered Accountants. As a member of the board of Post Master Accountancy at Tilburg University, Vermeij-de Vries coordinates requirements for the accountant practice program and monitors quality; this role gave her the opportunity to develop an internal audit program that is included in the chartered accountant exam.

Jorge Antonio Amaya Rosado, CPA, CMA, CISA
Compañero
Auditar
ECUADOR

Transforming Internal Audit to Create Real Value (SAP Control Environment)

Jorge Antonio Amaya Rosado, CPA, CMA, CISA
Partner
AuditCaat
ECUADOR

Esta presentación lo invitará a reflexionar sobre dónde puede estar más atento para aprovechar las excepciones en la forma en que los controles SAP funcionan a nivel de objeto de la manera más diligente posible, a pesar de que dicho trabajo no es responsabilidad de la auditoría interna.

En esta sesión, los participantes:

  • Comprenderán en qué parte del proceso de auditoría el monitoreo continuo puede ayudarlos a crear valor para la organización.
  • Lograran una comprensión básica de cómo funciona el entorno de control de SAP.
  • Determinaran dónde deben poner sus mejores esfuerzos para obtener resultados que generen valor.

Jorge Amaya es socio de AuditCaat, un proveedor de soluciones de valor agregado para mejorar la seguridad de los procesos comerciales e incorporar tecnología en las funciones de gestión de riesgos y auditoría. Contador público de profesión, sus más de 15 años de experiencia incluyen Gerente de Auditoría para PwC y líder de auditoría interna / control interno y consultor contable para Expalsa. Amaya se destaca en la identificación de áreas de mayor exposición al riesgo y en garantizar que estos riesgos no se materialicen. Participa en numerosos foros y promueve valores éticos y técnicos relacionados con la profesión de auditoría interna.

Vicki McIntyre, CIA, CPA, CFSA, CRMA, CGAP
President

FirstPlus Resolutions, Inc.
USA

Part 2 will be held at the same time as other concurrent sessions on Monday, July 20th, 2020.  Attendees should plan to attend all CIA concurrent class sessions on Monday.

This Part 2 CIA exam prep course is designed to give candidates a high-level introduction and overview of the topics covered on the Part 2 CIA exam.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the Version 6 IIA CIA Learning System Part 2 self-study printed book, online software access for 12 months, and a Student Slide Activity book.  Attendees will also receive 4.7 CPEs, qualify for a free CIA application fee waiver and receive a free online software access upgrade for the new Version 7 IIA CIA Learning System Part 2 (upon release).  A fee of USD $450 will be required to attend this course in addition to the regular conference registration fee.  A limited number of on-site registrations will be accepted, so please pre-register for this course.  Course topics will include:

  • Managing the Internal Audit Activity
  • Planning the Engagement
  • Performing the Engagement
  • Communicating Engagement Results and Monitoring Progress

Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.  The free upgrade to Version 7 online software (available upon release) will be valid for the remainder of your Version 6 online access period.

Vicki McIntyre has helped CIA candidates successfully pass their exams for more than twelve years, having taught The IIA's CIA Learning System extensively. McIntyre is a globally recognized educator and trainer who has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a Vice President of both finance and risk management.  She also performs quality assessments and independent validations of internal audit activities.  McIntyre is a passionate advocate for the internal audit profession, has been an IIA volunteer leader for more than 25 years and is currently a member of the IIA's North American Board of Directors.

Vicki McIntyre, CIA, CPA, CFSA, CRMA, CGAP
President
FirstPlus Resolutions, Inc.
USA

Learning Level: Intermediate
NASBA Learning Field: Auditing

Part 2 will be held during all concurrent sessions on Monday, July 8, 2019.  Attendees should plan to attend all concurrent CIA sessions on Monday.

This Part 2 CIA course is designed to give candidates a high level introduction and overview of the topics covered on the new 2019 Part 2 CIA exam syllabus.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the new Version 6.0 IIA CIA Learning System Part 2 self-study printed book, online software access for 12 months and a Student Slide Activity Book.  Attendees will also receive 4.8 CPEs and qualify for a free CIA application fee waiver. An additional fee of USD $450 will be required to attend this course.  A limited number of on-site registrations will be accepted, so please pre-register for this course. 

Course topics will include:

  • Managing the Internal Audit Activity
  • Planning the Engagement
  • Performing the Engagement
  • Communicating Engagement Results and Monitoring Progress

Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.

Vicki McIntyre has helped CIA candidates successfully pass their exams for more than twelve years, having taught The IIA's CIA Learning System extensively. McIntyre is a globally recognized educator and trainer who has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a Vice President of both finance and risk management.  She also performs quality assessments and independent validations of internal audit activities.

Panelists:

Jenitha John, CIA, QIAL
2020-21 Chairman of the IIA's Global Board
Chief Executive Officer
The Independent Regulatory Board for Auditors (IRBA)
SOUTH AFRICA

J. Michael Joyce Jr., CIA, CRMA
2019-20 Chairman of the IIA's Global Board
Vice President, Chief Auditor & Compliance Officer
Blue Cross Blue Shield Association (BCBSA)
USA

This special bonus session will allow attendees an opportunity to have their internal audit questions addressed by our IIA global leaders.

Jenitha John Jenitha John is 2020-21 Chair of the Institute of Internal Auditors (IIA) Global Board of Directors. In this role, John serves as an officer of the Global Board, is chairman of the Supervisory Committee, and presides over the Global Assembly. John is Chief Executive Officer at the Independent Regulatory Board for Auditors (IRBA). She has more than 26 years of experience in internal auditing, including as a Chief Audit Executive.
Mike Joyce J. Michael “Mike” Joyce Jr. was 2019-20 Chairman of the Institute of Internal Auditors (IIA) Global Board of Directors. In this role, Joyce served as an officer of the Global Board, Chairman of the Supervisory Committee, and presided over the Global Assembly. Joyce is the Vice President, Chief Auditor & Compliance Officer for Blue Cross Blue Shield Association (BCBSA), a national federation of 36 independent, community-based and locally operated Blue Cross Blue Shield companies. The Blue System is the nation’s largest health insurer, covering more than 107 million members.


Moderator:

Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA
President and Chief Executive Officer
The Institute of Internal Auditors Inc.
USA

Richard Chambers Richard F. Chambers is president and CEO of The Institute of Internal Auditors (IIA). Chambers has more than four decades of internal audit and association management experience, mostly in leadership positions. Since becoming president and CEO in 2009, Chambers has led The IIA to achieve record membership and has presided over the launch of a number of valuable initiatives, including the Audit Executive Center; Pulse of Internal Audit; Audit Channel; Internal Auditor Online; the Certification in Risk Management Assurance (CRMA); the Qualification in Internal Audit Leadership (QIAL); the American Center for Government Auditing; the 2015 Common Body of Knowledge study and reports; the Financial Services Audit Center; and the Environmental, Health & Safety Audit Center.


​​​
​4:00 - 4:20 p.m. EST
​Innovation Session - Presented by Onapsis
​4:00 – 4:30 p.m. EST
Networking Break in the Virtual Exhibit Hall

Brian Foster

Moderator:
Brian Foster
Chairman
IIA Global Professional Development Committee
USA

Brian Foster started his career with Deloitte, serving technology, retail, manufacturing, food and consumer products, and healthcare clients. Next, he was a controller and corporate accounting manager at a leading entertainment and educational software company. Foster was then with Microsoft for 20+ years in a variety of roles, including internal audit team leader and controller for several business units. He recently joined ServiceNow as head of internal audit. Foster has been serving IIA Global since 2009 on the Professional Issues Committee, the Professional Certifications Board, the IT Guidance Committee, and the Global Professional Development Committee, which he currently chairs.


Kevin Mitnick

Kevin Mitnick
World's Most Famous Hacker, Global Bestselling Author, and Chief Executive Officer
Mitnick Security Consulting
USA

In this engaging and demonstration-rich experience, Kevin Mitnick illustrates how a hacker’s thought process works and how they ply their tradecraft. You just might realize that you have — like almost everyone else on the planet —a misplaced reliance on security technology, which has now become ineffective against a motivated hacker using a technique called “social engineering.”

In this session, participants will:

  • Learn how they can be influenced into unknowingly helping hackers break into their organization’s computers. 
  • Discover how easily they can become unsuspecting victims who can be manipulated into handing over the keys the kingdom, if they haven’t done so already.

Kevin Mitnick is the world’s most famous former hacker and a global bestselling author whose books are available in over 50 countries and 20 languages. Once one of the FBI’s Most Wanted for hacking into 40+ major corporations just for the challenge and not for monetary gain, he is now a trusted security consultant to businesses and governments worldwide. Also, as chief hacking officer of KnowBe4, he helps produce security awareness training to counteract social engineering and improve security effectiveness. He has been a commentator, security analyst, or interview subject for almost every major news outlet around the globe. Mitnick’s presentations, akin to technology magic shows, include the latest hacking techniques along with expert commentary on issues related to information security and awareness.

NASBA CPE Credit 1.5
NASBA Learning Field: Information Technology

​8:15 - 8:30 a.m. EST
​Opening Announcements
​​​
​9:45 – 10:15 a.m. EST
Networking Break​​​​ in the Virtual Exhibit Hall
​10:15 – 11:15 a.m. EST
Concurrent Session Tracks​​​​​​​

Stacey Schabel, CIA, CPA, Series 6
Vice President, Internal Audit
Jackson National Life
USA

Sarah Saunders
Assistant Vice President, Internal Audit
Jackson National Life
USA

Engaging real-time, rather than looking backward, helps audit teams better protect their organizations from materializing risks and allows them to provide boards, audit committees, and other stakeholders with insight and value when it’s needed, and before problems arise. This presentation will showcase practical tools and assurance approaches used to deliver real-time insight over strategic changes, business as usual activities, and key organizational projects.

In this session, participants will:

  • Become familiar with the types of assurance stakeholders value most.
  • Explore how to assess and develop audit team skills and resources necessary to support conducting real-time assurance.
  • Learn how to implement and amend audit methodology and reporting capabilities in support of real-time assurance.
  • Discover tips and techniques for communicating methodology changes and value to management, audit committees, and other key stakeholders.

Stacey Schabel leads an internal audit team in examining and evaluating the key processes and controls supporting the North American operations of Prudential plc, including Jackson, its subsidiaries, and affiliates. She assists in protecting the organization’s assets, reputation, and sustainability by assessing and reporting on the overall effectiveness of risk management, control, and governance processes. Schabel serves on The IIA’s Global Financial Services Guidance Committee, chairs the IIA–Lansing Chief Audit Executive Engagement Committee, and presents regularly at industry conferences. She was recognized by the MICPA and AICPA as a ‘2019 Woman to Watch,’ by Digital Insurance as a ‘2018 Women in Insurance Leadership,’ and by Crain’s Detroit Business as a ‘2018 Notable Woman in Finance.’

Sarah Saunders is an assistant vice president of internal audit at Jackson, focusing on finance, financial risk, and asset management. She has 15+ years of internal audit experience within financial services and consulting. Saunders is a district advisor and member of the North American chapter relations committee for The IIA.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing

Moderator:
Carrie Ramirez, CIA
Senior Manager, GWS Program Support and Alignment
GM
USA

Carrie Ramirez leads global workplace safety, program support, and alignment for General Motors. Her team is responsible for aligning second line of defense activities for workplace safety programs globally; the team also helps connect and coordinate with similar programs covering environmental compliance, medical services, and security. Ramirez serves on the Advisory Board of The IIA’s Environmental, Health and Safety Audit Center.

A. Sustainability and ESG Reporting Update

Bob Hirth
Board Member, and Co-vice Chair
Sustainability Accounting Standards Board
USA

Are you up-to-date with the latest in sustainability and environmental, social, and governance (ESG) reporting, as well as internal audit’s role? This presentation will provide examples of ESG risk/materiality assessment, objective assurance, and third-party assurance from leading organizations worldwide. It will cover the latest concepts and techniques in sustainability and ESG reporting used by these organizations, along with effective ESG board oversight and reporting techniques.

In this session, participants will:

  • Learn why the board must focus on and be involved in ESG and sustainability.
  • Understand how internal audit’s involvement in ESG reporting can add value.
  • Hear about third-party assurance concepts and see the latest examples of this assurance reporting to the public.
  • Gain insights into effectively applying COSO’s recent ERM/ESG guidance.

Bob Hirth was appointed to the nine-member standard setting board of the SASB upon its formation in 2017. He currently heads SASB’s Technology and Communications sector committee and is a member of the Services, Healthcare, and Extractive and Minerals processing sector committees. SASB disclosure and reporting standards are considered a suitable framework in several jurisdictions and have been developed for 79 industries.

Serving as COSO Chair from June 2013 to February 2018, Hirth’s activities included leading COSO’s project on revising its Enterprise Risk Management Framework (which was released in September 2017), issuing COSO’s Guide on Fraud Risk Management, and actively promoting COSO’s 2013 Internal Control Integrated Framework around the world and through the media. He has worked on assignments and made presentations in over 20 countries, serving more than 50 organizations and working closely with board members, C-level executives, university professors, finance and accounting personnel, and public accounting firm partners and employees. He was a leader in forming Protiviti and led its global internal audit practice during the firm’s first ten years of development.

In 2013, Hirth was inducted into The IIA’s American Hall of Distinguished Audit Practitioners. In 2014 and 2015, he served as Chairman of the IIA’s IPPF re-look task force and has been a Trustee of the IIA Research Foundation. He served two terms on the Standing Advisory Group (SAG) of the Public Company Accounting Oversight Board (PCAOB). He graduated from Southern Methodist University in Dallas, Texas, with a concentration in accounting.


B. Future-proofing the Internal Auditor’s Role: The Rise of ESG Risks and Opportunities

Rodney Irwin
Managing Director
World Business Council for Sustainable Development (WBCSD)
SWITZERLAND

More than 180 CEOs have committed to lead their companies for the benefit of all stakeholders — customers, employees, suppliers, communities, shareholders. In the past two years, billions of dollars have been lost due to environmental, social, and governance (ESG)-related risks, including adverse weather, supply chain disruption, product recalls, insurance claims, and ethical violations. How can internal audit help support and future-proof business against this shifting agenda?

In this session, participants will:

  • Understand the importance of ESG-related risks and opportunities.
  • Consider the role that internal audit can play in managing and controlling ESG issues.

Discuss challenges facing the profession today, along with tools and guidance available to overcome these challenges.

Dr. Rodney Irwin is WBCSD’s managing director of redefining value and education and a member of the senior management team. He leads projects in enterprise risk management, assurance, materiality, and integrated and mandatory reporting, along with projects designed to advance the measurement and valuation of ESG impacts and dependencies on business. Irwin is the link between WBCSD members and standard/regulation setters. Additionally, he is the course director for WBCSD’s leadership program and manages the relationship with WBCSD’s education partners. Irwin also teaches at Leuphana University, Lancaster University Management School, and Yale School of Management. He sits on the IIRC, the Climate Disclosure Standards Board, and the sustainability council of several global businesses.

NASBA CPE Credit 1.2
NASBA Learning Field: Economics

Adlith Mondejar, CISA 
Risk Advisory Manager
Focal Point Data Risk
USA

Alexander Tabares, CISSP, CISM, G-CIH
Director, Threat Intelligence
Carnival Cruise Lines
USA

Donel Martinez, CISA
Risk Advisory Director 
Focal Point Data Risk
USA

Although network security has been around since the 90s and information security budgets have increased, malicious individuals continue exploiting vulnerabilities. In a data breach, can your company answer these questions? 1) Who stole the data? 2) What data was stolen? 3) When was it stolen? 4) How much of it was stolen? Your company may not have true visibility of its data lifecycle, preventing it from containing or assessing impact.

In this session, participants will:

  • Learn why traditional security (i.e., perimeter, endpoint, and application controls) is not sufficient in the current environment.
  • Distinguish between various types of failures in what had been regarded as effective control environment standards and best practices via real-life examples of now-infamous data breaches.
  • Describe options available to solidify the control environment around data security through access control, privileged access management solutions, and database activity monitoring.
  • List “minimum standard of care” based on recent court cases and regulatory settlements.

Adlith Mondejar never saw herself as an internal auditor prior to joining Focal Point almost five years ago. Today, she combines her natural aptitudes and learned skills to be a “creative” auditor who finds strategic ways to identify and manage risk across various areas of an organization. Never short of ideas, she is against the “let’s do it like last year” mentality and finds ways to improve everything she touches.

Alexander Tabares is a security and regulatory compliance professional with a wide range of security operations experience. Currently the director of threat intelligence for global information security and compliance (GISCS), Tabares has worked through all the different levels of security at Carnival Corporation, sharpening his skills with every new position. His knowledge encompasses SOX and PCI-DSS regulatory mandates, security operations, security management, vulnerability management, design-implementation, identity and access management, web application security, incident response, security monitoring and project management. He also has expertise in developing and maintaining relationships across different organizational verticals.

Donel Martinez is focused on helping IT teams overcome their struggles with compliance requirements. With his solid understanding of the challenges and rationale behind cybersecurity, data privacy, and regulatory efforts, he seeks to bridge the gap between the expectation of how to implement controls and the reality of what IT is able to execute. His mission is to help companies adjust to the constant “new normal” in compliance that is dictated by increasing regulation, digitalization, and never-ending technological advances.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing

Els Heesakkers, CPA, CA
Senior Auditor
CZ
NETHERLANDS

Maureen Vermeij-de Vries, CPA
Chief Audit Executive
CZ
NETHERLANDS

This session will inspire CAEs and managers with new insights to substantively enhance the practice of the internal auditing profession, challenge colleagues around the world to continue furthering their professionalization, and share good practices. Attendees will learn how the Internal Audit Ambition Model (IA AM) supports the formulation of a road map to achieve stated ambitions. The model provides visual guidance for conducting regular self-assessments, facilitating communication with stakeholders, and benchmarking with peers.

In this session, participants will:

  • Formulate and express their internal audit function’s ambitions on challenging themes and topics.
  • Assess the current state of their internal audit function and verify its compliance with the IPPF.
  • Reinvent dialogue between the CAE and stakeholders to promote the independence and performance of the internal audit function, as well as reinforce its desired ambition level and relevance.
  • Measure and debate with peers, use the IA AM as a benchmark tool, and give insight into the state of internal audit.

Els Heesakkers is senior auditor of professional practices for CZ’s internal audit department. With 18 years of experience in internal audit, she is greatly interested in improving the function’s quality and added value and in increasing broader recognition of the profession. She is a member and the secretary of the Internal Audit Ambition Model (IA AM) taskforce and a member of the Benchmarking Committee of IIA–Netherlands. She presents the IA AM in IIA introductory training for CAEs new to their role, and also as a lecturer for Tilburg University’s Post Master Accountancy (PMA) internal audit program. As IA AM founder, she has introduced the model at several conferences.

Maureen Vermeij-de Vries is chief audit executive at CZ, the #3 health insurance company of the Netherlands. She entered the internal audit profession 14 years ago following nine years as an external accountant at PricewaterhouseCoopers. She is chair of the Taskforce IA AM and president of the membership group of Internal and Government Auditors of the Royal Netherlands Institute of Chartered Accountants. As a member of the board of Post Master Accountancy at Tilburg University, Vermeij-de Vries coordinates requirements for the accountant practice program and monitors quality; this role gave her the opportunity to develop an internal audit program that is included in the chartered accountant exam.

NASBA CPE Credit 1.2
NASBA Learning Field: Auditing

Moderator:
Brian Tremblay, CIA, CISA
Former Director of Audit, Acacia Communications, Inc.
USA

Brian Tremblay leads the compliance practice at Onapsis, helping customers understand and navigate the increasing overlap of compliance, cybersecurity, and business continuity related to IT general controls and regulatory/compliance matters such as SOX and GDPR. Previously, as CAE for Acacia Communications, he founded and led the internal audit function, helped prepare the organization to go public (including implementing SOX), and facilitated ERM implementation. Previously, as director of internal audit at Iron Mountain, Tremblay oversaw all audits and projects within North America as well as liaised with global quality managers. Prior, he built out an internal audit department and executed a SOX implementation at Houghton Mifflin Harcourt, and worked at Raytheon and Deloitte.


A. Blockchain Organizations and Impact to Internal Audit

Jared Shaw, CFA
Head of Internal Audit
Gemini
USA

Musheer Alambath
Senior Manager
EY
USA

Within the blockchain ecosystem, there exist many types of organizations that interact with the blockchain, which could be categorized within three major groups: (1) public and private blockchain providers; (2) cryptocurrency exchanges and wallet providers; and (3) blockchain technology adopters. This session aims to provide an overview of risk drivers within these different blockchain organizations and their impact to internal audit.

In this session, participants will:

  • Identify key differences and similarities of the three types of blockchain organizations.
  • Describe the specific risks of each of the blockchain organizations.
  • Hear tips for managing internal audit challenges in these organizations.
  • Develop ideas for a proactive approach to resolving challenges and being well-prepared.

JaredShaw is the head of internal audit at Gemini, a licensed digital asset exchange and custodian serving both individuals and institutions. His proven track record of success has spanned wide range of positions within the U.S. military, financial services, and consulting. A common thread throughout these experiences is his focus on leadership, cross-functional service delivery, and operational efficiency. Shaw has been building and leading teams for the past 20 years, since starting training as an Air Force officer. He has published thought leadership and presented on topics covering blockchain and cryptocurrency risks and the role of internal audit in a blockchain environment.

Musheer Alambath is researching the impact of blockchain on financial services and banking as a Stanford Sloan Fellow. He has presented at TEDx conferences on ideas connected to his research topic. Alambath has 12+ years of industry/consulting experience and has worked on internal audit projects on four continents. He is currently a senior manager within EY’s risk advisory services practice. Previously, he led internal audit teams across multiple geographies as a vice president at a large global bank. Alambath served on the board of The IIA’s Examination Committee. He is passionate about empowering people through education to positively impact the lives of disenfranchised people worldwide.


B. Technology Risks of Blockchain

Jeannette Russell-Shepherd, CIA, CPA, CISA, CISSP
Manager
Friedman LLP
USA

Everyone has heard the word blockchain, but what are the technology risks that auditors should consider when assessing this technology? I will discuss key technology risks to consider when assessing, reviewing, or auditing a blockchain solution, including security, availability, confidentiality, privacy, and processing integrity. Discussion will cover specific use cases, difficulties enterprise and startup companies have encountered while implementing these solutions, and how auditors can advise their clients.

In this session, participants will:

  • Understand standard use cases of blockchain solutions.
  • Determine key considerations for assessing blockchain solutions.
  • Learn how to identify and describe risks when using blockchain, especially data risks.

Jeannette Russell-Shepherd is a manager within Friedman LLP’s governance, risk, and compliance services practice. She has served clients in a range of industries, with a focus on financial services, technology, and digital currency companies. She partners with CyZen, Friedman’s cybersecurity consultants, and the digital currency practice on auditing and advising companies invested in and/or supporting digital currencies and blockchain technology. Russell-Shepherd is experienced in performing IT audits and reviews, conducting SOC 1 and SOC 2 readiness assessments and reporting for service organizations, and providing IT governance risk and compliance services. She previously worked at PwC within risk assurance and on their blockchain validation solution.

​​​​​
​11:15 - 11:35 a.m. EST
​Innovation Session – Presented by Deloitte
​11:15 – 11:45 a.m. EST
Networking Break in the Virtual Exhibit Hall 
11:45 a.m.​ – 1:00 p.m. EST
Concurrent Session Tracks

Tim Berichon, CISA, CGMA
Director, CAE Services
The Institute of Internal Auditors
USA

Harold Silverman, CIA, CRMA, QIAL
Managing Director, Chief Audit Executive Services
The Institute of Internal Auditors
USA

Join The IIA’s Harold Silverman and Tim Berichon in this interactive session on remote auditing — desperate times call for desperate measures. The conversation about new audit approaches, use of technology, and remote auditing techniques has gone on for several years. The emergence of COVID-19 and its related worldwide travel restrictions, combined with the existing need to conduct regulatory-, legal-, or immediate need-driven audits, are accelerating internal audit efforts to find alternatives to the traditional face-to-face audit that can be implemented now.

In this session, participants will:

  • Understand the current pulse of remote auditing.
  • Discuss remote auditing considerations during phases of the audit process.
  • Learn best practices from case studies.
  • Contemplate and discuss how to leverage advantages and overcome challenges.

Tim Berichon is a finance leader and speaker whose diverse, in-depth experience in financial, operational, and compliance activities has spanned multiple divisions, processes, technologies, and international geographies. Adept at improving processes, controls, employee engagement, and customer service, he possesses a 30-year background in finance and operational management and leadership that includes internal audit, operational finance, public accounting, and strategic alliances. Berichon has provided internal audit leadership for multibillion-dollar global public companies, and operational finance leadership in both small and larger business units, including a $250m complex, international assignment.

Harold Silverman previously was vice president of internal audit at The Wendy’s Company.  Prior to Wendy’s, he was the vice president of internal audit at Houghton Mifflin Harcourt Publishing Co. Before that, he served as senior manager of internal audit at Raytheon Co. Prior to Raytheon, Silverman was an internal audit manager at PricewaterhouseCoopers, and he gained external audit experience at Arthur Andersen.

NASBA CPE Credit 1.5
NASBA Learning Field: Auditing 

Moderator:
Rob Valdez, CPA, CISA, CISM
Director, Cybersecurity Automation
Kaufman Rossin
USA

Roberto Valdez specializes in providing cybersecurity and automation services that help financial services, healthcare, and technology businesses mitigate risk, protect information, achieve strategic objectives, defend against cyber threats such as phishing and ransomware, and increase efficiency and quality through process engineering and robotic process automation (RPA). His engagements balance business needs with the requirements of compliance frameworks such as SOC 1, 2, 3; HIPAA; SOX; FINRA; and FFIEC. In addition, Valdez oversees Kaufman Rossin’s PhishNet security education training and awareness program. He has been featured in numerous publications and is also an adjunct professor for Florida Atlantic University.


A. Implementing a Robotic Process Automation Audit Program
Daniel Pokidaylo, CIA, CISA
Head of Information Technology, and Analytics Audit
The Clearing House
USA

Everyone has heard of robotic process automation, or RPA, but how do we, as auditors, begin to implement an RPA program? What skillsets and tools do we need to begin, and how do we get management on board with our vision?

In this session, participants will:

  • See how an RPA program can be implemented, from planning through completion.
  • View real examples of what an RPA project/audit looks like.
  • Understand the skillsets that are required to begin developing an RPA program.
  • Develop ideas for RPA scripts that can be run at their enterprise.

Daniel Pokidaylo is the head of information technology audit at The Clearing House (TCH), a systemically important financial market utility (SIFMU) and the only private sector ACH and wire operator in the U.S., clearing and settling nearly $2 trillion in U.S. dollar payments daily. During his time at TCH, Pokidaylo has implemented a new cloud-based GRC platform to automate audit workflows, regulatory reporting, and MIS reporting for executive management. Additionally, he leads the robotic process automation team in working closely with TCH operations and technology partners to connect to key financial and operational applications to perform continuous controls testing and business monitoring.


B. Use of RPA and Process Mining in Auditing
Justin Pawlowski, CIA, CCSA, CRMA, CMA
Head of Internal Audit
ALSO Holding AG
GERMANY

Marc Eulerich, CIA
Professor, Internal Auditing
University of Duisburg-Essen
GERMANY

Robotic process automation and process mining show potential for enabling internal audit functions to increase their efficiency and effectiveness. Recent research from 2019 and early 2020, including new audit bots for automating and enhancing the audit function, will be demonstrated, and benefits will be quantified and qualified. In addition, cornerstones on how to advance from buzzwords to helpful tools will be shared.

In this session, participants will:

  • Explore the application of robotic process automation and process mining to internal auditing.
  • Learn about successful use cases in automation and enhancement of audit procedures, as well as failed/poor use cases in internal auditing.
  • Discover how to avoid common pitfalls and how to exploit value potential.
  • Leverage current research to streamline their own internal audit function.

Justin Pawlowski is head of internal audit at ALSO Holding AG, a listed distribution and logistics company for IT, consumer electronics, and telecommunications (ICT) based in Emmen, Switzerland, with annual revenues of more than 10bn USD across Europe. Before joining ALSO, the Frankfurt-based graduate of the Berlin School of Economics & Law and Goethe Business School worked as senior manager for governance and assurance services at KPMG in Germany and for IBM Germany in Berlin with assignments in Spain and the USA. His focus lies on applying modern technology in internal auditing, including data analytics, process mining, and RPA. Pawlowski is challenging manual proceedings from the past to come up with new ideas and ways of auditing, and he shared insights around using process mining in internal auditing at The IIA International Conference 2017 in Sydney, Australia. He is a member of the German chapter of The IIA (DIIR) and currently serves on The IIA IT Guidance Committee. In 2015, he was recognized as an Emerging Leader by Internal Auditor magazine.

Dr. Marc Eulerich has been a professor of internal auditing at the University of Duisburg-Essen since 2011. The professorship is sponsored by the German Institute of Internal Auditors, with an explicit focus on internal auditing research and teaching. Dr. Eulerich is program coordinator for the Internal Auditing Education Partnership (IAEP) program and chair of the scientific committee for IIA–Germany. He has published numerous scientific and practitioner articles and books about internal auditing, corporate governance, and strategy. His research is published in Accounting Horizons, Journal of Information Systems, Accounting History Review, Managerial Auditing Journal, International Journal of Auditing, and numerous other journals.  


C. Audit the Future: Using Robotics and Data Automation to Predictively Manage Future Risks
Sergiu Cernautan, CPA, CISA
Senior Director, Product Strategy
Galvanize
CANADA

Is your entire audit plan focused on what happened in the past? This session will review real case studies of how audit teams are using data automation techniques to predictively assess risk then getting ahead to control and manage future risks. Learn the immediately actionable methodologies these organizations have put in place so that internal audit is directly supporting the CEO in navigating the future risk landscape.

In this session, participants will:

  • Explore the principles of risk prediction and how to systematically assess future risk levels.
  • Discover skills, models, and technologies that will enable an auditor to quantify and communicate risk predictions.
  • Evaluate example risk prediction dashboards and reports to consider what might resonate with their organization's management and board.
  • Self-assess their current capabilities and articulate the gap to develop an impactful risk prediction program.

Sergiu Cernautan is senior director of product strategy at Galvanize, responsible for product strategy, the strategic partnership program, and market influencer relationship management for the company’s industry-leading software products. He has 20+ years of external audit, internal audit, and risk and regulatory compliance consulting experience. After working at Deloitte and KPMG for more than 14 years, Cernautan co-founded Straight Talk Consulting Ltd., a firm providing GRC consulting services. His background covers financial, operational, and systems auditing. He specializes in the areas of internal controls over financial reporting, regulatory compliance, business process control reviews, general computer controls, litigation claims support, and data analytics.

NASBA CPE Credit 1.5
NASBA Learning Field: Specialized Knowledge

Nathan Anderson, CISA, CRISC, CDPSE
Global Technology & Digital Audit Senior Director
McDonald’s Corporation
USA

Lucas Morris, CISSP
Senior Manager, Data Privacy
Crowe LLP 
USA

Titus Weijma, CISSP, CISA CDPSE
Global Technology & Digital Audit Manager
McDonald’s Corporation
USA

Testing cybersecurity controls has long been the domain of penetration testers, who IT audit teams would hire. However, the tools for testing cybersecurity controls are more accessible than ever, and the time has come for IT audit to cross the chasm and begin testing the effectiveness of these technical controls. This session will cover basic tools and techniques for testing cybersecurity controls that your IT audit team can adopt.

In this session participants will:

  • Understand leadership’s cybersecurity questions and audit’s potential for answering them.
  • Gain insight into the skillset, mindset, approach, and specific tools required to test cybersecurity controls.
  • Explore methods that will help your team become an effective, independent cybersecurity testing function.

Nathan Anderson has 20 years of technology risk, software consulting, and IT audit experience. As technology and digital audit team leader for McDonald’s, he oversees a global team performing audits over privacy, cloud security, fraud data analytics, cybersecurity, data quality and integrity, and third-party governance. The team is working to enable technical testing of cybersecurity controls and increase the use of data analytics to identify fraud and inappropriate spend within back-office financial processes. Anderson also manages the IT aspect of Sarbanes-Oxley compliance across six countries. His primary area of focus is cybersecurity and privacy. Prior to McDonald’s, he led the IT audit function at Sears Holdings.

Lucas Morris is a senior manager and leader within the cybersecurity and digital risk practices at Crowe. He has over 12 years of information security experience. Morris focuses on helping clients develop more secure environments through penetration testing, implementing data privacy protections, and supporting executive management as a virtual information security officer. In his free time, he develops new tools and methodology, and also leads and supports collegiate security competitions.

Titus Weijma is a manager in McDonald’s global IT audit team, which performs audits over cybersecurity, privacy, cloud security, data quality and integrity, compliance, and third-party governance. His primary area of focus is cybersecurity and privacy. Weijma joined the global internal audit function within McDonald’s in 2015 and has since led numerous technical and security audits, the IT testing of Sarbanes-Oxley compliance, and the privacy compliance program. In addition, he builds and maintains cybersecurity computer platforms from which cross-country penetration assessments are executed, and he actively seeks methods to automate test steps.

NASBA CPE Credit 1.5
NASBA Learning Field: Information Technology

Tracie Marquardt, CPA
Audit Communication Specialist
Quality Assurance Communication
Canada

Today’s “new normal” is not something we ever could have imagined 10 months ago. The reality is, we spend most of every day communicating via technology now instead of in person. This *could* prevent us from building trustful business relationships, taking effective action in response to the crisis, and achieving valued-added audit results. But it doesn’t have to be this way. What can you do to ensure your success? What are your contemporaries doing that might work for you, too?

In this session, participants will:

  • Explore proven communication strategies, techniques, and insights as they settle into the disruption and new routine of leading and communicating in 2020.
  • Assess their readiness for successful communication.
  • Reinvent ways to build and nurture relationships.
  • Discover new communication strategies to influence for success.

Tracie Marquardt is Europe’s leading audit communication specialist, empowering international internal audit executives and their teams to become more effective in their global communication. As consultant, coach, and trainer, she partners with client audit teams so they can build stronger, more trustful relationships and deliver value-added audit results with the right information at the right time. Marquardt is passionate about inspiring audit leaders to be more, do more, and create more in their work and in their lives through the art and science of positive communication. She is a proud past president and active member of Toastmasters International.

NASBA CPE Credit 1.5
NASBA Learning Field: Auditing

Moderator:
Sarah Antonelli
Manager, Internal Audit
Jackson Health System
USA

Sarah Antonelli’s Bio Being Finalized


A. Assessing and Measuring Corporate Culture

Linh S. Truong, CIA, CPA, CISA
Speaker and Trainer
GoldSRD
USA

Danny M. Goldberg, CIA, CCSA, CRMA, CPA, CISA, CRISC, CGEIT, CGMA
President
GoldSRD
USA

In the words of Peter Drucker, “Culture eats strategy for breakfast.” The role that a company’s culture plays in its success or failure has become increasingly clear over the past 20 years and can be seen in headlines from Enron to Wells Fargo. Auditors should be able to assess the moral compass of an organization’s culture.

In this session participants will:

  • Receive a roadmap for assessing and ranking their company’s culture.
  • Understand the key areas that drive corporate culture and how to assess those areas.
  • Identify the red flags of an unhealthy culture, which could be indicators of unethical behavior.
  • Learn a method for measuring and rating the health of a company’s corporate culture.

Linh Truong is currently an executive advisor and professional speaker, focusing on such topics as governance, corporate culture, auditing best practices, and implementing Agile auditing. In her more than 25 years of audit experience, Truong served as chief audit executive for Orthofix Medical, Kosmos Energy, and Alon USA, building each company’s respective audit function from ground zero. She also worked at large international companies, including Xerox, Credit Suisse Group, and KPMG. Truong has spearheaded both ERM initiatives and fraud risk assessments at multiple companies.

Danny M. Goldberg has 21+ years of professional experience, including five years leading/building internal audit functions. He is co-author of People-Centric© Skills: Communication and Interpersonal Skills for Internal Auditors, which is offered through the IIA and ISACA bookstores and has sold more than 4,000 copies. Goldberg is also accredited as the professional commentator of the Bureau of National Affairs - Internal Audit: Fundamental Principles and Best Practices. He has been recognized as a top speaker at numerous IIA and ISACA events. In addition, he is an active IIA board and committee member at both the local and national levels.


B. How to Audit Culture and (Ethical) Behavior With Relevance and Due Professional Care

Peter Hartog, Manager, Professional Practices
IIA Netherlands
NETHERLANDS

Culture and behavior are extremely important to accomplish the goals of any organization. Culture is seen as an essential part of governance. But how do you audit this? How do you ensure you can objectively measure and assess behavior and culture? “It's there, but you can't grasp it.” You can, however, audit it! This session provides various techniques for objectively measuring behavior, depending on stakeholder demands.

In this session, participants will:

  • Distinguish between different relevant audit objectives, scopes, and questions when auditing culture and behavior.
  • Learn new methodologies and techniques for auditing culture and (ethical) behavior.
  • Understand relevant predefined models from social sciences to measure culture and behavior.
  • Apply techniques to gain insight into the underlying drivers of behavior, like group dynamics and mindsets.

Peter Hartog joined IIA–Netherlands in 2018 as manager of professional practices. He is presently engaged in developing and sharing knowledge on a wide range of topics related to the internal auditing profession. Hartog previously worked for 25 years as a consultant on internal auditing and management control, mainly at KPMG and ACS. He is an experienced lecturer with a demonstrated history in the higher education industry, including the Erasmus School of Accounting & Assurance. His background includes serving as an audit executive responsible for IT and operational audits and as a second line manager responsible for compliance and for risk management.


C. Great Expectations: Auditing Culture in a Changing World

Nicola Rimmer-Hollyman
Head of Internal Audit
AMP Australia
AUSTRALIA

Greg Rimmer-Hollyman, CIA, QIAL,
CCSA, CFSA, CGAP, CRMA
Chief Audit Executive
National Disability Insurance Agency
AUSTRALIA

Corporate culture is seen as critical to the success of organizations, and ‘bad’ culture has been blamed for many corporate failures. In a rapidly changing and digital world, being able to assess culture is critical. But how can internal auditors audit culture? This session provides a practical case study of how culture audits were implemented in two different financial services and public sector organizations.

In this session, participants will:

  • Identify the drivers of culture within an organization.
  • Understand different techniques and methods for auditing culture.
  • Be able to design a program of work based on the experiences of two internal audit teams in two different sectors who implemented audits of culture.

Nicola Rimmer-Hollyman has 20+ years of experience in internal audit, contributing to thought leadership and improving internal audit practice. She applies her deep understanding of risk and governance to inspire and influence teams and stakeholders to do things differently to protect and sustain the organization. Rimmer-Hollyman passionately believes that being a good internal auditor and risk specialist requires maintaining a deep understanding of the organization’s strategy, culture, and operating environment; bringing a pragmatic and commercial approach to solutions without jargon; providing challenge; and delivering difficult messages.

Greg Rimmer-Hollyman has 20+ years of experience in developing, implementing, transforming, and leading internal audit functions for large organizations in various industries in both the public and private sector in Australia and South Africa. He is currently chief internal auditor for the National Disability Insurance Agency as well as an independent audit committee member. He is a national board member and professional fellow (PFIIA) of IIA–Australia and has held numerous leadership positions within The IIA, including Chairman of IIA Global’s Institute Relations Committee, Chairman of the Global Public Sector Committee, and President of IIA–South Africa. Rimmer-Hollyman has written various articles and presented at conferences on five continents.

Michael Smith
Partner
KPMG LLP
USA

Rebecca Lennard, CPA
Vice President, Audit
G6 Hospitality LLC (Motel 6)
USA

In 2018, Motel 6 had a traditional audit function, wherein field auditors traveled to hundreds of locations annually to perform manual, paper-based audits. With the program not meeting executive expectations, the company radically altered its approaches to collaborating with the business, gathering data from operations, and continuously auditing key risks. With no changes to the budget, Motel 6 became a leading-edge small audit department.

In this session, participants will:

  • Discuss ideas for how small internal audit departments can transform their audit approach.
  • Recognize opportunities in their own departments to achieve better assurance outcomes through the use of technology.
  • Relate collaboration and stakeholder management experiences from other auditors to their own efforts to improve ways of working.

Michael Smith has worked extensively with internal audit and SOX departments challenged to do more with less. He sees data and automation as natural ways for these teams to improve assurance and create value. His passion for using emerging technologies to drive real business results led him to become KPMG’s leader for Reimagining Internal Audit. Smith’s innovative work to help auditors through every phase of data-driven transformation, from initial visioning to steady-state operations, has resulted in time savings, improved assurance, and increased insights. As a frequent presenter and author on intelligent automation and analytics, he believes every internal audit department, regardless of size, can develop strong analytics programs that improve audit results.

Rebecca Lennard is the vice president of tax for G6 Hospitality and leads the tax and internal audit departments within finance for the Motel 6 and Studio 6 brands. She joined the company in 1996 and held several leadership positions within tax before expanding into internal audit in 2012. Lennard is responsible for corporate and partnership tax matters as well as the implementation of a key risk, data analytic-driven internal audit process.

​​​​​
​1:00 - 1:20 p.m. EST
​Innovation Session - Presented by Wolters Kluwer
1:00 – 1:45 p.m. EST
Lunch break and Networking in the Virtual Exhibit Hall
​​1:45 – 3:00​ p.m. EST
​Concurrent Session Tracks

Jason Silva

Jason Silva
Emmy-Nominated TV Personality, Speaker, and Futurist
USA

Technology is upending the world. Acceleration is the new normal... disruption has gone mainstream.  There is a sense of vertigo and disorientation. Jobs may become obsolete. Artificial intelligence is superseding human capacities. Biology is becoming a programmable medium. Anxiety is running high.  Mental health is in turmoil. These are Mind blowing transformations — and humans don’t like change.  How to respond?  How do we leverage these exponentially emerging technologies to impact the world in a positive way? Furthermore — what is the mindset, the CREATIVITY, the consciousness required to thrive in the 21st century? Positive psychologists tell us “the cave we fear holds the treasure we seek”. It turns out, moving past our comfort zones is cognitively beneficial.  Blowing our minds boosts cognitive flexibility. We become more resilient. More creative. More adaptable. Join Jason Silva on a mind blowing journey into the future of technology, of imagination, of humanity.

Jason Silva is the Emmy nominated and world renowned host of NatGeo’s Brain Games, seen in 171 countries. He is a known futurist, filmmaker, thought-leader and sought-after international keynote speaker.

His ‘Shots of Awe’ videos have received over 500 million views across all social media platforms. 

Jason has given talks for Microsoft, Intel, Accenture, Cisco, Oracle, Adobe, Electronic Arts, Cannes Lions, Tribeca Film Festival, National Geographic, Discovery, 20th Century Fox, Cosmopolitan, PHD Worldwide, Google, TED Global, The Economist, PepsiCo, and more. 

“A Timothy Leary of the Viral Video Age” was how The Atlantic described Silva, “part Timothy Leary, part Ray Kurzweil, and part Neo from ‘The Matrix.’

NASBA CPE Credit 1.5
NASBA Learning Field: Information Technology 

Moderator:
William Michalisin
Executive Vice President and Chief Operating Officer
The Institute of Internal Auditors
USA

William Michalisin is the Executive Vice President & Chief Operating Officer for The Institute of Internal Auditors (IIA), the global professional association and standard-setting body for internal auditors. The IIA serves more than 200,000 members in over 200 countries and territories and acts as the internal audit profession’s recognized advocate, educator, and provider of standards, guidance, and certifications globally.

In his current role, Michalisin leads operations and core services offered to IIA members globally, including, Membership, Certifications, Training & Conferences, Standards & Guidance and Professional Knowledge, Advocacy & Government Relations, Chapter and Institute Relations, Partnerships, Sales and Business Development. 

Prior to joining The IIA, Michalisin was Industry Marketing Leader for Consumer & Industrial Products at Deloitte, which included responsibilities for cross-functional delivery within aerospace and defense, automotive, consumer products, process and industrial products, retail and distribution, and travel, hospitality, and leisure sectors.  Earlier in his career, Michalisin was a consultant delivering business process strategy, risk management and fraud/forensic investigation services at both Deloitte Consulting and Accenture, to clients in multiple industry sectors.

Michalisin graduated magna cum laude from Columbia University with a master’s in Strategic Communications and has a bachelor’s degree in International Relations and Economics from Bucknell University.  He also has his CIA designation and is a member of the Institute of Internal Auditors.

Presenter:
Mike Fucilli, CIA, QIAL, CGAP, CRMA, CFE
Former Auditor General, Metropolitan Transportation Authority
Staff Instructor, St. John’s University
USA

While CEOs appreciate internal auditors’ strong business skills, they are also placing great emphasis on “soft skills” such as seeing the big picture. We will discuss how to bring out these traits and demonstrate your leadership skills through coachability (the ability to accept and implement feedback); emotional intelligence (the ability to understand and manage your own emotions); motivation (sufficient drive to achieve your full potential); and temperament (attitude and personality).

In this session, participants will:

  • Explore how to become more extroverted while remaining true to themselves.
  • Gain insights for shifting from auditor to trusted advisor.
  • Discover how to gain a “seat at the table.”

Mike Fucilli has about 35 years of internal auditing experience in the private and public sector. He has since retired as Auditor General at Metropolitan Transportation Authority, where he managed a staff of 85 professionals for a public sector organization with revenues in excess of $15 billion. Fucilli has served on The IIA’s North American and Global Boards and is a frequent speaker and presenter for The IIA.

NASBA CPE Credit 1.5
NASBA Learning Field: Personal Development

Moderator:
Sarah Antonelli
Manager, Internal Audit
Jackson Health System
USA

Sarah Antonelli is a member of the Mednax internal audit team. She has more than 15 years of auditing experience, including public accounting, consulting, and the private sector. Antonelli currently serves as Secretary for The IIA’s Miami Chapter.

A. Assessing and Measuring Corporate Culture
Linh S. Truong, CIA, CPA, CISA
Speaker and Trainer
GoldSRD
USA

In the words of Peter Drucker, “Culture eats strategy for breakfast.” The role that a company’s culture plays in its success or failure has become increasingly clear over the past 20 years and can be seen in headlines from Enron to Wells Fargo. Auditors should be able to assess the moral compass of an organization’s culture.

In this session participants will:

  • Receive a roadmap for assessing and ranking their company’s culture.
  • Understand the key areas that drive corporate culture and how to assess those areas.
  • Identify the red flags of an unhealthy culture, which could be indicators of unethical behavior.
  • Learn a method for measuring and rating the health of a company’s corporate culture.

Linh Truong is currently an executive advisor and professional speaker, focusing on such topics as governance, corporate culture, auditing best practices, and implementing agile auditing. In her more than 25 years of audit experience, Truong served as chief audit executive for Orthofix Medical, Kosmos Energy, and Alon USA, building each company’s respective audit function from ground zero. She also worked at large international companies, including Xerox, Credit Suisse Group, and KPMG. Truong has spearheaded both ERM initiatives and fraud risk assessments at multiple companies.


B. How to Audit Culture and (Ethical) Behavior With Relevance and Due Professional Care
Peter Hartog, Manager, Professional Practices
IIA Netherlands
NETHERLANDS

Culture and behavior are extremely important to accomplish the goals of any organization. Culture is seen as an essential part of governance. But how do you audit this? How do you ensure you can objectively measure and assess behavior and culture? “It's there, but you can't grasp it.” You can, however, audit it! This session provides various techniques for objectively measuring behavior, depending on stakeholder demands.

In this session, participants will:

  • Distinguish between different relevant audit objectives, scopes, and questions when auditing culture and behavior.
  • Learn new methodologies and techniques for auditing culture and (ethical) behavior.
  • Understand relevant predefined models from social sciences to measure culture and behavior.
  • Apply techniques to gain insight into the underlying drivers of behavior, like group dynamics and mindsets.

Peter Hartog joined IIA–Netherlands in 2018 as manager of professional practices. He is presently engaged in developing and sharing knowledge on a wide range of topics related to the internal auditing profession. Hartog previously worked for 25 years as a consultant on internal auditing and management control, mainly at KPMG and ACS. He is an experienced lecturer with a demonstrated history in the higher education industry, including the Erasmus School of Accounting & Assurance. His background includes serving as an audit executive responsible for IT and operational audits and as a second line manager responsible for compliance and for risk management.

NASBA CPE Credit 1.5
NASBA Learning Field: Behavioral Ethics

Stephen Head, CISSP, CISA, CDPSE
Regional Practice Director, Risk & Compliance
Jefferson Wells
USA

Michael Manzi, C|CISO, CISSP, MCSE, MCT
Chief Information Security Officer
Movement Mortgage
USA

Auditing the many cyber defense technologies currently being deployed to defend organizations against cyber-attack is extremely challenging. In response to the growing frequency and severity of cyber-attacks, organizations are implementing a new generation of security tools that did not exist a few years ago. This presentation will examine new and emerging tools for defending against cyber-attacks, how they work, who the leading players are, and how these technologies can be audited.

In this session, participants will:

  • Gain insights into the new generation of cyber defense tools, how they work, and how they are changing the security landscape within the organization.
  • Learn key success factors for deploying these tools, which, if ignored, may lead to openings that can be exploited by attackers.
  • Receive practical tips for auditing these new tools based on actual cases in which these technologies were audited.

Stephen Head is regional practice director of risk and compliance at Jefferson Wells. He has broad-based experience in cyber risk, regulatory compliance, IT governance, and aligning controls with multiple standards and frameworks. Formerly the information security practice leader for a multinational financial services company, Head has taught advanced cybersecurity courses at both the graduate and undergraduate level. He is the author of the two internationally recognized books: Internal Auditing Manual and Practical IT Auditing. He served as international chair of the ISACA Standards Board, on the AICPA National Accreditation Commission, and on the AICPA Information Technology Executive Committee.

Michael Manzi serves as a principal consultant for Infosys Limited and as CISO for Movement Mortgage. He has 20+ years of IT and security experience in the research, manufacturing, healthcare, and financial services markets, with the last seven years engaged as an executive developing enterprise security programs that leverage HITECH, HIPAA, FFIEC, NIST, and NYDFS frameworks. Manzi is an InfraGard member and serves on several advisory boards for the promotion of cybersecurity and a next-generation technology startup.

NASBA CPE Credit 1.5
NASBA Learning Field: Information Technology

Moderator:
Larry Harrington
Retired Chief Audit Executive
Raytheon
USA

Larry Harrington was chief audit executive at Raytheon Company from 2004 until his retirement in 2018. Previously, he was CAE at several Fortune 250 companies and served as a vice president within finance, human resources, and operations. Harrington has volunteered with The IIA for 30+ years, serving as president of the Greater Boston chapter, co-chair of the International Conference in Boston, and chairman of both the North American and Global boards. He was named to the American Hall of Distinguished Internal Audit Practitioners and received the Victor Z. Brink Award for Distinguished Service. Harrington has spoken on internal auditing, leadership, career development, and diversity and inclusion in 30+ countries.


Panelists:
Valentina Kostenyuk
Senior Lead Internal Auditor
Avangrid Renewables
USA

Puja Shah, CIA, CCSA, CFSA, CRMA
Executive DirectorUBS
USA

Jingwen (Grace) Wu, CIA
Compliance Manager
Silicon Valley Bank
USA

In support of The IIA’s diversity goals, this panel of three female professionals — facilitated by former Chairman of the Board Larry Harrington — will discuss how to generate influence, manage across generational gaps, and promote diversity to propel the next generation of internal auditors. The panelists come from different cultures and levels of experience, but possess a shared background in internal audit and a passion for the profession.

In this session, participants will:

  • Learn how to manage by influence and cross-directionally (managing up/down, peer, etc.).
  • Hear tips for overcoming generational gaps to develop, motivate, and manage emerging leaders and millennials.
  • Discover how to promote diversity in their team and work with gender/culture/age bias.

Valentina Kostenyuk is based in Ireland as a senior risk and controls analyst at Intel Corporation. She previously worked in internal audit for nine years at two publicly traded companies, focusing on operational auditing and SOX compliance across all energy industry segments, including wind, hydro, gas, and coal. Passionate about the profession, Kostenyuk was featured in Internal Auditor magazine’s “2015 Emerging Leaders.” She has served as President of The IIA–Portland Chapter, is presently the District Representative for eight West District chapters, and is Chair of the North America Emerging Leaders Task Force, for which she spearheaded development of a national mentorship program for young professionals in The IIA.

Puja Shah has 10+ years of internal audit experience, emphasizing financial, operational, and risk audits and regulatory compliance for financial institutions. Currently an executive director at UBS, she has performed risk assessments, risk and control testing, issue validations, and continuous monitoring; mapped to regulatory expectations; escalated findings to senior management; and produced value-added reporting for key stakeholder decision-making. Shah earned IIA–Chicago’s William C. Anderson Member of the Year Award in 2017 for outstanding volunteer contribution to the chapter and dedication to the internal audit profession. She serves on the IIA–Chicago Board of Governors and is chair of the Next Gen Advisory Group.

Grace Wu is a Compliance Manager at Silicon Valley Bank (SVB) with their Corporate Compliance and Risk & Governance Group. Prior to joining SVB, Grace was a senior auditor with eBay’s Internal Audit function and advisory consultant at Deloitte & Touche LLP (New York and San Jose Offices, Internal Audit Transformation and Financial & Operational Risk Transformation market offerings) serving clients across various sectors, including financial services, energy and high tech. Grace is a proud CIA and loves her job as a compliance professional because she can leverage her core IA skills. Grace is also passionate about volunteering with the IIA and has served as the Chair of the IIA Emerging Leaders Task Force and currently serves as President-Elect of the IIA San Jose chapter. She was also recently elected to the IIA NA Advocacy Committee. Grace obtained an MBA from Louisiana State University (LSU) and the LSU Center for Internal Auditing (LSUCIA, an IIA IAEP program) in 2013.

NASBA CPE Credit 1.5
NASBA Learning Field: Personal Development

Moderator:
Rob Valdez, CPA, CISA, CISM
Director, Cybersecurity Automation
Kaufman Rossin
USA

Roberto Valdez specializes in providing cybersecurity and automation services that help financial services, healthcare, and technology businesses mitigate risk, protect information, achieve strategic objectives, defend against cyber threats such as phishing and ransomware, and increase efficiency and quality through process engineering and robotic process automation (RPA). His engagements balance business needs with the requirements of compliance frameworks such as SOC 1, 2, 3; HIPAA; SOX; FINRA; and FFIEC. In addition, Valdez oversees Kaufman Rossin’s PhishNet security education training and awareness program. He has been featured in numerous publications and is also an adjunct professor for Florida Atlantic University.


A. Implementing a Robotic Process Automation Audit Program

Daniel Pokidaylo, CIA, CISA
Head of IT Audit
The Clearing House
USA

Everyone has heard of robotic process automation, or RPA, but how do we, as auditors, begin to implement an RPA program? What skillsets and tools do we need to begin, and how do we get management on board with our vision?

In this session, participants will:

  • See how an RPA program can be implemented, from planning through completion.
  • View real examples of what an RPA project/audit looks like.
  • Understand the skillsets that are required to begin developing an RPA program.
  • Develop ideas for RPA scripts that can be run at their enterprise.

DanielPokidaylo is the head of information technology audit at The Clearing House (TCH), a systemically important financial market utility (SIFMU) and the only private sector ACH and wire operator in the U.S., clearing and settling nearly $2 trillion in U.S. dollar payments daily. During his time at TCH, Pokidaylo has implemented a new cloud-based GRC platform to automate audit workflows, regulatory reporting, and MIS reporting for executive management. Additionally, he leads the robotic process automation team in working closely with TCH operations and technology partners to connect to key financial and operational applications to perform continuous controls testing and business monitoring.


B. Use of RPA and Process Mining in Auditing

Justin Pawlowski, CIA, CCSA, CRMA, CMA
Head of Internal Audit
ALSO Holding AG
GERMANY

Marc Eulerich, CIA
Professor, Internal Auditing
University of Duisburg-Essen
GERMANY

Robotic process automation and process mining show potential for enabling internal audit functions to increase their efficiency and effectiveness. Recent research from 2019 and early 2020, including new audit bots for automating and enhancing the audit function, will be demonstrated, and benefits will be quantified and qualified. In addition, cornerstones on how to advance from buzzwords to helpful tools will be shared.

In this session, participants will:

  • Explore the application of robotic process automation and process mining to internal auditing.
  • Learn about successful use cases in automation and enhancement of audit procedures, as well as failed/poor use cases in internal auditing.
  • Discover how to avoid common pitfalls and how to exploit value potential.
  • Leverage current research to streamline their own internal audit function.

Justin Pawlowski is head of internal audit at ALSO Holding AG, a listed distribution and logistics company for IT, consumer electronics, and telecommunications (ICT) based in Emmen, Switzerland, with annual revenues of more than 10bn USD across Europe. Before joining ALSO, the Frankfurt-based graduate of the Berlin School of Economics & Law and Goethe Business School worked as senior manager for governance and assurance services at KPMG in Germany and for IBM Germany in Berlin with assignments in Spain and the USA. His focus lies on applying modern technology in internal auditing, including data analytics, process mining, and RPA. Pawlowski is challenging manual proceedings from the past to come up with new ideas and ways of auditing, and he shared insights around using process mining in internal auditing at The IIA International Conference 2017 in Sydney, Australia. He is a member of the German chapter of The IIA (DIIR) and currently serves on The IIA IT Guidance Committee. In 2015, he was recognized as an Emerging Leader by Internal Auditor magazine.

Dr. Marc Eulerich has been a professor of internal auditing at the University of Duisburg-Essen since 2011. The professorship is sponsored by the German Institute of Internal Auditors, with an explicit focus on internal auditing research and teaching. Dr. Eulerich is program coordinator for the Internal Auditing Education Partnership (IAEP) program and chair of the scientific committee for IIA–Germany. He has published numerous scientific and practitioner articles and books about internal auditing, corporate governance, and strategy. His research is published in Accounting Horizons, Journal of Information Systems, Accounting History Review, Managerial Auditing Journal, International Journal of Auditing, and numerous other journals.


C. Audit the Future: Using Robotics and Data Automation to Predictively Manage Future Risks

Sergiu Cernautan, CPA, CISA
Senior Director, Product Strategy
Galvanize
CANADA

Is your entire audit plan focused on what happened in the past? This session will review real case studies of how audit teams are using data automation techniques to predictively assess risk then getting ahead to control and manage future risks. Learn the immediately actionable methodologies these organizations have put in place so that internal audit is directly supporting the CEO in navigating the future risk landscape.

In this session, participants will:

  • Explore the principles of risk prediction and how to systematically assess future risk levels.
  • Discover skills, models, and technologies that will enable an auditor to quantify and communicate risk predictions.
  • Evaluate example risk prediction dashboards and reports to consider what might resonate with their organization's management and board.
  • Self-assess their current capabilities and articulate the gap to develop an impactful risk prediction program.

Sergiu Cernautan is senior director of product strategy at Galvanize, responsible for product strategy, the strategic partnership program, and market influencer relationship management for the company’s industry-leading software products. He has 20+ years of external audit, internal audit, and risk and regulatory compliance consulting experience. After working at Deloitte and KPMG for more than 14 years, Cernautan co-founded Straight Talk Consulting Ltd., a firm providing GRC consulting services. His background covers financial, operational, and systems auditing. He specializes in the areas of internal controls over financial reporting, regulatory compliance, business process control reviews, general computer controls, litigation claims support, and data analytics.

​​3:00 – 3:30 p.m. EST
​Networking Break in the Virtual Exhibit Hall

Kindra Hall

Kindra Hall
President
Steller Collective
USA

Companies believe a substantial portion of their revenue is under threat as a result of the shift from a transactional economy to a connected one. Businesses, brands, sales forces, marketing teams, and leaders at all levels are desperately trying to capture attention and resonate with consumers who expect more. Is there a secret weapon? A silver bullet to humanize and connect? Yes. The answer is strategic storytelling.

In this session, participants will:

  • Understand the psychology behind strategic storytelling and how to take full advantage of it.
  • Gain clarity on what a story actually is, the many opportunities for telling stories for results, and how to access the unlimited supply of stories within each brand and/or individual.
  • Discover the biggest storytelling mistake and how to avoid it.
  • Break down the 3 Step Storytelling Process and study the anatomy of a fail-proof story for maximum impact.

Kindra Hall is president and chief storytelling officer at Steller Collective. She has been trusted by global brands across all industries, including Facebook, Hilton Hotels, Tyson Foods, Target, Berkshire Hathaway, and Harvard Medical School, to deliver presentations and trainings that inspire teams and individuals to better communicate the value of their company, their products, and their individuality through strategic storytelling. A former director of marketing and VP of sales, Hall is a National Champion storyteller and a master at teaching others the methods and science of storytelling. Her work can be seen at Inc.com, Entrepreneur.com, and as a contributing editor for SUCCESS Magazine. Harper Leadership released her book in the fall of 2019.

NASBA CPE Credit 1.5
NASBA Learning Field: Personal Development

Schedule Changes​

At times, it may be necessary to cancel, reschedule, or substitute an event, conference session, speaker, conference, and/or topic after registration has been confirmed. The IIA will provide advance notification of any changes once notice has been received.


 Content Editor ‭[76]‬

Ernesto Martinez
Vice Presidente Ejecutivo
Santander Group
España

Auditing Strategic Risk

Ernesto Martinez
Executive Vice President
Santander Group
SPAIN

El tiempo dedicado a una auditoría no siempre está alineado con la relevancia asignada a ciertos riesgos. Los compromisos relacionados con los requisitos reglamentarios o las auditorías más tradicionales desvían nuestra atención de asuntos críticos para la organización. Los planes de auditoría deben estar totalmente alineados con las estrategias y el apetito de riesgo estratégico de la organización. ¿Qué elementos podrían considerar los auditores internos para auditar el universo de riesgos, e integrar su análisis en la evaluación del riesgo de auditoría?

En esta sesión, los participantes:

  • Aprenderán cómo se debe incluir el riesgo estratégico en el plan de auditoría.
  • Descubrirán cómo integrar el riesgo estratégico en la evaluación del riesgo de auditoría.
  • Comprenderán cómo auditar el riesgo estratégico.

Ernesto Martínez comenzó su carrera como auditor externo y consultor en Arthur Andersen. Luego se unió al Grupo Santander como Analista de Riesgos y Vicepresidente de Control Financiero para el banco de inversión de Santander antes de pasar a la auditoría interna, donde ha sido Vicepresidente Senior del grupo de diferentes riesgos y negocios, así como CAE para Banesto, la filial bancaria española del Grupo. Actualmente, como Vicepresidente Ejecutivo del Grupo de Auditoría Interna de Santander, Martínez dirige aproximadamente 180 auditores internos, incluidos los Caes de varias filiales bancarias. Es presidente de IIA – España, miembro de la Junta Global de IIA y miembro de dos comités de ECIIA. Habla con frecuencia sobre temas relacionados con la auditoría.

 Content Editor ‭[77]‬

Moderator
Gregory T. Grocholski, CIA
Vice President, Chief Audit Executive
Saudi Basic Industries Corporation (SABIC)
SAUDI ARABIA

Presenter:
Naohiro Mouri
Executive Vice President and Chief Auditor
AIG
USA

This session will offer a discussion on how the internal audit group at AIG is changing auditor mindset and audit methodology, as well as using robotic process automation (RPA) and data analytics (DA) to achieve greater audit coverage with fewer resources.

In this session, participants will:

  • Hear how AIG’s internal audit group is changing auditor mindset and audit methodology.
  • Learn how AIG uses RPA and DA to increase coverage and efficiency.

Greg Grocholski is responsible for leading and managing the internal audit department on a global level, to ensure the implementation of internal audit best practices worldwide, as well as to coach the company’s internal audit employees to maximize their contributions to achieving the company’s objectives. Grocholski is internationally respected in the audit field and is affiliated to ISACA, for which he has served in various leadership roles. Prior to SABIC, Grocholski attained an impressive track record in the global chemicals industry with more than 30 years of service at The Dow Chemical Company. He achieved numerous promotions in the audit and finance functions, most recently holding the posts of CAE and global director of business finance.

Naohiro Mouri is the immediate past chairman of The IIA’s global board. His 27 years of internal audit experience includes both audit execution and management at AIG, MetLife, JP Morgan, Shinsei Bank, Morgan Stanley, Deutsche Bank, and BNP. He began his career at Arthur Andersen. Mouri has spoken at local, regional, and international IIA conferences and taught internal audit courses at Meiji University, Senshu University, and Yokohama National University. He co-authored a book about internal audit in banking that was published in Japanese and Chinese.

 Content Editor ‭[78]‬

Vicki McIntyre, CIA, CPA, CFSA, CRMA, CGAP
President

FirstPlus Resolutions, Inc.
USA

Part 2 will be held at the same time as other concurrent sessions on Monday, July 20th, 2020.  Attendees should plan to attend all CIA concurrent class sessions on Monday.

This Part 2 CIA exam prep course is designed to give candidates a high-level introduction and overview of the topics covered on the Part 2 CIA exam.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the Version 6 IIA CIA Learning System Part 2 self-study printed book, online software access for 12 months, and a Student Slide Activity book.  Attendees will also receive 4.7 CPEs, qualify for a free CIA application fee waiver and receive a free online software access upgrade for the new Version 7 IIA CIA Learning System Part 2 (upon release).  A fee of USD $450 will be required to attend this course in addition to the regular conference registration fee.  A limited number of on-site registrations will be accepted, so please pre-register for this course.  Course topics will include:

  • Managing the Internal Audit Activity
  • Planning the Engagement
  • Performing the Engagement
  • Communicating Engagement Results and Monitoring Progress

Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.  The free upgrade to Version 7 online software (available upon release) will be valid for the remainder of your Version 6 online access period.

Vicki McIntyre has helped CIA candidates successfully pass their exams for more than twelve years, having taught The IIA's CIA Learning System extensively. McIntyre is a globally recognized educator and trainer who has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a Vice President of both finance and risk management.  She also performs quality assessments and independent validations of internal audit activities.  McIntyre is a passionate advocate for the internal audit profession, has been an IIA volunteer leader for more than 25 years and is currently a member of the IIA's North American Board of Directors.

 Content Editor ‭[79]‬

Vicki McIntyre, CIA, CPA, CFSA, CRMA, CGAP
President
FirstPlus Resolutions, Inc.
USA

Learning Level: Intermediate
NASBA Learning Field: Auditing

Part 2 will be held during all concurrent sessions on Monday, July 8, 2019.  Attendees should plan to attend all concurrent CIA sessions on Monday.

This Part 2 CIA course is designed to give candidates a high level introduction and overview of the topics covered on the new 2019 Part 2 CIA exam syllabus.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the new Version 6.0 IIA CIA Learning System Part 2 self-study printed book, online software access for 12 months and a Student Slide Activity Book.  Attendees will also receive 4.8 CPEs and qualify for a free CIA application fee waiver. An additional fee of USD $450 will be required to attend this course.  A limited number of on-site registrations will be accepted, so please pre-register for this course.
Course topics will include:

  • Managing the Internal Audit Activity
  • Planning the Engagement
  • Performing the Engagement
  • Communicating Engagement Results and Monitoring Progress

 Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.

Vicki McIntyre has helped CIA candidates successfully pass their exams for more than twelve years, having taught The IIA's CIA Learning System extensively. McIntyre is a globally recognized educator and trainer who has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a Vice President of both finance and risk management.  She also performs quality assessments and independent validations of internal audit activities.

 Content Editor ‭[80]‬

8:15 – 8:30 a.m. EST
Opening Remarks

 Content Editor ‭[81]‬

Mónica Ramírez Chimal
Socia
Asserto RSC
MÉXICO

Beyond an Episode of CSI: Fraud Threat

Mónica Ramírez Chimal
Partner
Asserto RSC
MEXICO

La realidad mundial muestra que, independientemente del tamaño y tipo de empresa, los casos de fraude continúan prevaleciendo. Las razones son muchas y variadas; sin embargo, tienen un común denominador: debilidad en los controles. No hay empresa alguna que sea inmune al fraude, y su impacto puede ser devastador. El área de auditoría interna es clave para prevenir el fraude, pero primero, los auditores internos deben estar capacitados. ¿Tú empresa tiene los controles correctos?

En esta sesión, los participantes:

  • Definirán y podrán explicar qué es el fraude para poder aplicar ese conocimiento.
  • Analizarán casos internacionales de la vida real: utilizando pistas y evidencia.
  • Reconocerán las señales de alerta y el perfil del defraudador.
  • Revisarán e identificarán los controles claves, efectivos y prácticos, para incluirse en el programa de auditoría y poder minimizar el riesgo de fraude.

Mónica Ramírez Chimal es una capacitadora internacional bilingüe (español-inglés) y oradora, que ha presentado diversos temas como:  anti-lavado de dinero, prevención del fraude, riesgos y auditoría interna. En México, Estados Unidos, República Dominicana, Dubái, Brasil, Argentina, Uruguay y Panamá ante audiencias de más de 10 a 350 personas. Sólo para un cliente, ha impartido más de 100 talleres en anti-lavado de dinero. Mónica es autora de tres libros y ha publicado varios artículos para revistas internacionales. Actualmente es socia de Asserto RSC, así como miembro del Consejo del Comité Editorial de la revista de la Sociedad de Ética y Cumplimiento Corporativo (SCCE) y panelista para el GLC Europe Blog.

 Content Editor ‭[82]‬

Vicki McIntyre, CIA, CPA, CFSA, CRMA, CGAP
President

FirstPlus Resolutions, Inc.
USA

Part 2 will be held at the same time as other concurrent sessions on Monday, July 20th, 2020.  Attendees should plan to attend all CIA concurrent class sessions on Monday.

This Part 2 CIA exam prep course is designed to give candidates a high-level introduction and overview of the topics covered on the Part 2 CIA exam.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the Version 6 IIA CIA Learning System Part 2 self-study printed book, online software access for 12 months, and a Student Slide Activity book.  Attendees will also receive 4.7 CPEs, qualify for a free CIA application fee waiver and receive a free online software access upgrade for the new Version 7 IIA CIA Learning System Part 2 (upon release).  A fee of USD $450 will be required to attend this course in addition to the regular conference registration fee.  A limited number of on-site registrations will be accepted, so please pre-register for this course.  Course topics will include:

  • Managing the Internal Audit Activity
  • Planning the Engagement
  • Performing the Engagement
  • Communicating Engagement Results and Monitoring Progress

Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.  The free upgrade to Version 7 online software (available upon release) will be valid for the remainder of your Version 6 online access period.  

Vicki McIntyre has helped CIA candidates successfully pass their exams for more than twelve years, having taught The IIA's CIA Learning System extensively. McIntyre is a globally recognized educator and trainer who has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a Vice President of both finance and risk management.  She also performs quality assessments and independent validations of internal audit activities.  McIntyre is a passionate advocate for the internal audit profession, has been an IIA volunteer leader for more than 25 years and is currently a member of the IIA's North American Board of Directors.

 Content Editor ‭[83]‬

Vicki McIntyre, CIA, CPA, CFSA, CRMA, CGAP
President
FirstPlus Resolutions, Inc.
USA

Learning Level: Intermediate
NASBA Learning Field: Auditing

Part 2 will be held during all concurrent sessions on Monday, July 8, 2019.  Attendees should plan to attend all concurrent CIA sessions on Monday.

This Part 2 CIA course is designed to give candidates a high level introduction and overview of the topics covered on the new 2019 Part 2 CIA exam syllabus.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the new Version 6.0 IIA CIA Learning System Part 2 self-study printed book, online software access for 12 months and a Student Slide Activity Book.  Attendees will also receive 4.8 CPEs and qualify for a free CIA application fee waiver. An additional fee of USD $450 will be required to attend this course.  A limited number of on-site registrations will be accepted, so please pre-register for this course. 

Course topics will include:

  • Managing the Internal Audit Activity
  • Planning the Engagement
  • Performing the Engagement
  • Communicating Engagement Results and Monitoring Progress

 Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.

Vicki McIntyre has helped CIA candidates successfully pass their exams for more than twelve years, having taught The IIA's CIA Learning System extensively. McIntyre is a globally recognized educator and trainer who has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a Vice President of both finance and risk management.  She also performs quality assessments and independent validations of internal audit activities. 

Diego Calderón, CIA, CFE
Director Senior de Auditoría y Gestión de Riesgos
Flexionar
MÉXICO

Case-based Learning: Agile Auditing: A Journey

Diego Calderon, CIA, CFE 
Senior Director, Audit and Risk Management 
Flex
MEXICO

Auditoria ágil, RPA, análisis de datos, big data: estas son algunas de las palabras de moda en el vocabulario de un auditor. Si bien el crecimiento y las nuevas direcciones son imprescindibles para el auditor de hoy, lo básico no puede ser sacrificado. Demasiados auditores no comprenden las diferencias entre una evaluación de riesgos y una evaluación de control. Esta presentación utiliza ejemplos prácticos y comentarios para demostrar qué es un riesgo y qué es una falla de control.

En esta sesión, los participantes:

  • Comprenderán cómo identificar un riesgo, y también cómo distinguir entre un riesgo y la falta de control.
  • Definirán el riesgo inherente versus el riesgo residual.
  • Revisaran las 5 C’s de la auditoría interna y cómo se relacionan con la identificación de riesgos.
  • Aprenderán una metodología para profundizar y llegar a identificar el riesgo real.

Diego Calderón es un Ejecutivo de Auditoría Interna con más de 20 años de experiencia en liderazgo y cumplimiento de auditorías en entornos globales y multiculturales. Ha proporcionado garantías y asesoramiento sobre informes contables y financieros, controles internos, gestión de riesgos en toda la empresa y operaciones dentro de las corporaciones Big Four y Fortune 500. Calderón tiene experiencia en fabricación, junto con una amplia exposición internacional en diferentes geografías e industrias, trabajando con diversos equipos globales. Su experiencia abarca la transformación de la auditoría, la mejora continua y la implementación de las mejores prácticas de auditoría centradas en la eficiencia, el análisis de datos, el aseguramiento integrado y la gestión de riesgos empresariales.

Vicki McIntyre, CIA, CPA, CFSA, CRMA, CGAP
President

FirstPlus Resolutions, Inc.
USA

Part 2 will be held at the same time as other concurrent sessions on Monday, July 20th, 2020.  Attendees should plan to attend all CIA concurrent class sessions on Monday.

This Part 2 CIA exam prep course is designed to give candidates a high-level introduction and overview of the topics covered on the Part 2 CIA exam.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the Version 6 IIA CIA Learning System Part 2 self-study printed book, online software access for 12 months, and a Student Slide Activity book.  Attendees will also receive 4.7 CPEs, qualify for a free CIA application fee waiver and receive a free online software access upgrade for the new Version 7 IIA CIA Learning System Part 2 (upon release).  A fee of USD $450 will be required to attend this course in addition to the regular conference registration fee.  A limited number of on-site registrations will be accepted, so please pre-register for this course.  Course topics will include:

  • Managing the Internal Audit Activity
  • Planning the Engagement
  • Performing the Engagement
  • Communicating Engagement Results and Monitoring Progress

Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.  The free upgrade to Version 7 online software (available upon release) will be valid for the remainder of your Version 6 online access period.  

Vicki McIntyre has helped CIA candidates successfully pass their exams for more than twelve years, having taught The IIA's CIA Learning System extensively. McIntyre is a globally recognized educator and trainer who has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a Vice President of both finance and risk management.  She also performs quality assessments and independent validations of internal audit activities.  McIntyre is a passionate advocate for the internal audit profession, has been an IIA volunteer leader for more than 25 years and is currently a member of the IIA's North American Board of Directors.

Vicki McIntyre, CIA, CPA, CFSA, CRMA, CGAP
President
FirstPlus Resolutions, Inc.
USA

Learning Level: Intermediate
NASBA Learning Field: Auditing

Part 2 will be held during all concurrent sessions on Monday, July 8, 2019.  Attendees should plan to attend all concurrent CIA sessions on Monday.

This Part 2 CIA course is designed to give candidates a high level introduction and overview of the topics covered on the new 2019 Part 2 CIA exam syllabus.  The course will reinforce your CIA knowledge, clarify topics, and build exam-day confidence.  Taught by CIA-certified instructors, each attendee will have the opportunity to work through practice exam questions, learn test taking tips, and will receive the new Version 6.0 IIA CIA Learning System Part 2 self-study printed book, online software access for 12 months and a Student Slide Activity Book.  Attendees will also receive 4.8 CPEs and qualify for a free CIA application fee waiver. An additional fee of USD $450 will be required to attend this course.  A limited number of on-site registrations will be accepted, so please pre-register for this course. 

Course topics will include:

  • Managing the Internal Audit Activity
  • Planning the Engagement
  • Performing the Engagement
  • Communicating Engagement Results and Monitoring Progress

Please note:  Additional self-study time outside of the classroom will be necessary to prepare for the exam.

Vicki McIntyre has helped CIA candidates successfully pass their exams for more than twelve years, having taught The IIA's CIA Learning System extensively. McIntyre is a globally recognized educator and trainer who has a combination of internal audit, financial management, public accounting, regulatory supervision, and compliance management experience. With more than 20 years in the financial services industry, McIntyre has been a regulatory bank examiner, and a Vice President of both finance and risk management. She also performs quality assessments and independent validations of internal audit activities.

​9:30 - 9:50 a.m. EST
​Innovation Session – Presented by Workiva
9:30 – 10:00 a.m. EST
Networking Break​ in the Virtual Exhibit Hall
10:00 – 11:00 a.m.​ EST
Concurrent Session Tracks​​​​

Panelists:
Satya S. Tripathi
UN Assistant Secretary-General and Head of New York Office

UN Environment
USA

Tessy de Nassau (former Princess Tessy of Luxembourg)
UNAIDS Global Advocate and Social Entrepreneur
LUXEMBOURG

Richard G. Sexton, FCA
Board Member
International Integrated Reporting Council
UK

Far from being competing or mutually exclusive, the objectives of organizational success and social responsibility are not only fully complementary, but fundamentally interdependent. Successful organizations in the long term have sustainability as a central principle of their governance. Understanding of, and active concern for, the interplay between the organization and society, the environment, and the economy is key to serving stakeholder needs and interests into the future.

In this session, participants will:

  • Increase their knowledge and understanding of the connection between organizational success and social, economic, environmental, and political responsibility.
  • Explore how organizations can adopt strategies for incorporating such issues as part of their values.
  • Consider the role that internal audit must play to enable organizations to develop such a mindset.
Satya S. Tripathi Satya S. Tripathi is the UN Assistant Secretary-General and Secretary of the UN Environment Management Group. A development economist and lawyer with nearly four decades of varied experience, he has served with the UN since 1998 in key positions in Europe, Asia, and Africa in the areas of climate change, human rights, democratic governance, and legal affairs. Among his most notable engagements, Tripathi was UN Recovery Coordinator, a role in which he facilitated international cooperation and funding of more than US$7 billion for post-tsunami recovery efforts in Indonesia; and Executive Head of UNORCID, a UN System Office focused on conservation of forests and biodiversity.
Tessy de NassauTessy Antony De Nassau, Dr.h.c., is a social entrepreneur, businesswoman, philanthropist, UNAIDS ambassador, public speaker, activist, and mother. Tessy is the founder of the global consultancy ‘Finding Butterflies Consultancy Ltd,’ and the co-founder of Professors Without Borders. Tessy works with numerous governments and institutions as well as business owners around the world on their impact strategy and implementation. Moreover, Tessy is an ambassador for UNAIDS (Global Advocate for Young Women and Adolescent Girls) and is the patron to UNA-UK. In the past, she spent five years in the Luxembourg military, during which she was deployed in Kosovo as a peacekeeper and only woman of her draft. She received numerous awards and recognitions globally such as the “Leader of the Year 2019” in Luxembourg.

Richard Sexton Richard G. Sexton joined the board of the International Integrated Reporting Council after having represented PricewaterhouseCoopers globally on the Council for many years. He was actively engaged in the development and approval of the Integrated Reporting Framework. Sexton served in numerous senior business leadership and client roles in the UK and for the PwC network, including vice chairman of global assurance. As a member of the PwC UK executive board, he led the assurance practice and established PwC’s trust agenda as their first “Reputation and Policy Leader.” As a senior client partner, he led audits of many of PwC’s largest clients as well as numerous transaction, listing, and other projects worldwide.
NASBA CPE Credit 1.5
NASBA Learning Field: Information Technology


Moderator:
Paul Sobel, CIA, QIAL, CRMA
Vice President and Chief Risk Officer, Georgia-Pacific LLC
Chairman, COSO
USA

Paul Sobel Paul Sobel was appointed COSO chairman in February 2018. He is leading the board in developing guidance and thought leadership on enterprise risk management, internal control, fraud, and governance. Sobel retired from Georgia-Pacific in 2020 after serving as vice president/chief risk officer and vice president/chief audit executive (CAE). He was previously the CAE for three public companies: Mirant Corporation; Aquila, Inc.; and Harcourt General’s publishing operations. Sobel has served in various leadership roles with The IIA, including Chairman of the Board; in 2017, he received the Bradford Cadmus Memorial Award for distinguished service to the profession and was inducted into the American Hall of Distinguished Audit Practitioners. He has authored or co-authored four books and been named to Treasury & Risk Magazine’s list of 100 Most Influential People in Finance. He currently sits on the Consultancy Advisory Group for IFAC’s International Auditing and Assurance Standards Board and International Ethics Standards Board for Accountants. In the past, Sobel served on the COSO ERM Advisory Council for the update to the COSO ERM framework and the Standing Advisory Group of the PCAOB.
​10:00 – 10:3​0 a.m. EST
Networking Break​​ in the Virtual Exhibit Hall
​10:30 - 10:45 a.m. EST
​Special Recognitions with IIA Global Chairman