Internal Audit: Emerging Trends and Risks for the Future

Size: px
Start display at page:

Download "Internal Audit: Emerging Trends and Risks for the Future"

Transcription

1 Internal Audit: Emerging Trends and Risks for the Future Cyndi Plamondon, CIA, CCSA, CGAP, CFSA, CRMA, CISA Vice President, Global Professional Certifications The Institute of Internal Auditors Global HQ

2 Overview Emerging global internal audit trends Other trends of note The outlook ahead Key risks facing the profession

3 2013 Global Survey Demographics Conducted February th Consecutive year 37% $1B or more 63% Public/private companies 1700 Responses 74% internal audit managers or above 63% CAEs Geographic Distribution 33% North America 29% Europe 17% Latin America 9% Asia Pacific 9% Africa

4 Five Key Trends Emerging in Elevating Our Stature Standing Our Ground Changing Our Game Doing More With More Fine Tuning Our Ethical Compass

5 Elevating Our Stature

6 Internal Audit s Stature Often reflected by: How internal audit is perceived How the function is used To whom the CAE reports Reporting relationships Administrative reporting relationship Functional reporting relationship Has consistently migrated upward over the past decade Source: The IIA Audit Executive Center

7 Internal Audit Administrative Reporting Relationships General Council 3% Chief Compliance Officer 1.5% BOD 8% AC 9% Other 14% CEO 43% CFO 21% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

8 Internal Audit Administrative Reporting Relationships CEO 33% CFO 37% CEO 50% CFO 13% CEO 51% CFO 12% CEO 56% CFO 22% CEO 52% CFO 12% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

9 Internal Audit Functional Reporting Relationships Other 10% CEO 18% Audit Committee 54% Full BOD 12% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

10 Internal Audit Functional Reporting Relationships AC 73% Full BoD 3% CEO 10% AC 37% Full BoD 20% CEO 28% AC 41% Full BoD 21% CEO 28% AC 77% Full BoD 2% CEO 11% AC 62% Full BoD 7% CEO 21% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

11 Internal Audit Contributes Significant Value to the Organization Board members 79% Executive management 44% Less than 50 percent of management believe internal audit performs well/very well at: Promoting quality improvement and innovation Leveraging technology Delivering cost effective services Delivering services with a service oriented team Source: PwC, Reaching for Greater Heights: Are You Prepared for the Journey, 2013 Pricewaterhousecoopers LLP

12 The Top 5 Adjustments Internal Audit Needs to Make Internal Audit s View Our Stakeholders Views 1. Improve risk assessment process 2. Enhance ability to monitor emerging risks 3. Become more relevant to achieving our organization s business objectives 4. Reduce overall IA function costs without compromising risk coverage 5. Identify opportunities for cost savings in our business 1. Improve risk assessment 2. Enhance ability to monitor emerging risks 3. Identify opportunities for cost savings in business 4. Enhance coverage of identified key risks 5. Reduce audit fatigue on business Source: Ernst & Young, Internal Audit Survey: A Survey Conducted by Forbes Insights on Behalf of E&Y, 2013

13 Standing Our Ground

14 Standing Our Ground Our stakeholders look to us for: Objective assurance on risk and controls Insight on business risks Advise and assistance as warranted Stakeholders also look for us to: Demonstrate courage Deliver difficult news when warranted Call it like it is Not change or conceal results under duress Survey indicates we are standing our ground

15 Have Any of the Following Ever Attempted to Unduly Influence an Internal Audit Report? Operating Management 20% CEO 12% CFO 12% Legal or General Counsel 5% Full Board of Directors 4% Audit Committee 4% Chief Risk Officer 4% Chief Compliance Officer 4% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

16 22% of Respondents Believed Internal Audit Would Be More Independent if It Reported to: Report To: Percentage Audit Committee 52% CEO 19% Full Board of Directors 18% CFO 1% Legal or General Counsel 1% Other/Unsure 9% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

17 Changing Our Game

18 Changing Our Game Rebalancing of internal audit plans has been ongoing for several years Driven by: Changing risks and expectations Compliance burdens Risk Management assurance Technology Requisite skills must evolve and broaden to address emerging risks Successful CAEs must have prescience: ability to see around corners

19 Distribution of Typical Internal Audit Coverage in 2013 Fraud 5% Risk Mgt Assurance 7% Strategic/ Business 5% IT 9% Other 11% Compliance 14% Operational 28% Financial 21% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

20 Distribution of Typical Internal Audit Coverage in 2013 OP - 27% FIN 27%* COMP 15% OP - 31% FIN 15% COMP 14% OP - 29% FIN 19% COMP 13% OP - 27% FIN 19% COMP 14% OP - 29% FIN 18% COMP 12% * Inclusive of Sarbanes-Oxley work Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

21 Risks Seen As Increasing The Most in the Last Year Economic uncertainty Regulations and government policies IT security/cyber security Data privacy Government spending and taxation Competition Commercial market shifts Financial markets Source: PwC, Reaching for Greater Heights: Are You Prepared for the Journey, 2013 Pricewaterhousecoopers LLP

22 Perhaps one of the biggest challenges for audit executives is the ongoing quest to rebalance traditional internal audit activities and methods while becoming more strategic in mindset and progressive in work approach. Grant Thornton LLP

23 Requisite Skills For Internal Auditing Continue to Evolve Analytical/critical thinking 72% Communication skills 54% Risk management assurance 44% IT (general) 41% Data mining and analytics 37% Accounting 33% Industry-specific knowledge 32% Business acumen 29% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

24 Internal Audit Areas of Technical Knowledge Needing Improvement Social media applications Recently enacted IIA Standard 1110 interpretation of functional reporting Recently enacted IIA Standards 2010.A2 and 2410.A1 audit opinions and conclusions GTAG 16 Data Analysis Technologies Recently enacted IIA Standard 2450 Cloud Computing Source: Protiviti Audit Capabilities and Needs Survey Report, 2013 Protiviti, Inc

25 The Top 10 Risks for Regulatory changes and heightened regulatory scrutiny 2. Current economic conditions 3. Uncertainty surrounding political leadership worldwide 4. Organic growth through customer acquisition/enhancement 5. Succession challenges and the ability to attract and retain top talent 6. Anticipated volatility in global financial markets and currencies will create challenges 7. Cyber threats 8. Ensuring privacy/identity management and information security/system protection 9. Resistance to change 10.Existing operations may be unable to meet quality, time-to market, cost and innovation expectations Source: Protiviti and North Carolina State University s ERM Initiative, 2013 Protiviti, Inc

26 Doing More With More

27 Positioned for Success Financial crisis impact on internal audit resources was swift and noteworthy Staffing Budgets By 2011 more than 40% of internal audit functions reported reduced staffing After sluggish recovery 2013 is poised to be the strongest year since 2007

28 The Outlook for Global Internal Audit Resources is Strong Budgets: Change from Increase Stable Decrease Overall 33% 55% 12% Staffing: Change from Increase Stable Decrease Overall 22% 69% 9% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

29 The Outlook for Global Internal Audit Budgets by Region +39% - 10% +19% - 14% +48% - 3% +47% - 7% +47% - 10% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

30 The Outlook for Global Internal Audit Staffing by Region +23% - 5% +17% - 10% +24% - 4% +20% - 6% +22% - 6% Source: The Pulse of the Profession: 2013 The IIA Audit Executive Center

31 Fine Tuning Our Ethical Compass

32 Our Self-Perception We see ourselves as the guardians of trust in our organizations: Far more likely to disclose ethical misconduct than to misbehave ethically ourselves!

33 The Reality Ethical Lapses Are Starting to Take a Toll! Internal auditor faces charges in Satyam scandal Central Bureau of Investigation (CBI) laying new charges against 10 defendants regarding fake invoices, inflated revenues, unauthorised loans and attempted cover ups.

34 The Problem is Not Isolated 32% of CAE s acknowledge that they have discovered or witnessed unethical actions within their internal audit functions! Source: Survey of 70 CAE s attending AEC Roundtable March 17, 2013

35 The Media Is Starting to Connect the Dots From Some of the Recent Ethics Lapses Infernal Audit: When Internal Auditors Go Bad How is a company supposed to avoid corrupt payments when the individual tasked with finding out about corrupt payments (the CAE) and reporting them to the Board of Directors is himself complicit in the bribery scheme? Source: Forbes.com, Infernal Audit: When Internal Auditors Go Bad, Howard Sklar, February 24, 2012

36 Ethical Lapses Are Resulting From: Loyalties to other senior executives Desire to protect the organization Protection of career opportunities Conflicts of Interest Lack of courage and integrity Disregard of The IIA Code of Ethics

37 7 Traits of Ethical Internal Audit Leaders Honest Courageous Accountable Empathetic Trustworthy Respected Proactive

38 The Ethics Continuum Beyond Our Traditional Roles?

39 Other 2013 Trends of Note and the Outlook Ahead

40 Other Global Trends Worth Watching in 2013 Internal audit focus by global Financial Services regulators Response to newly adopted IIA Standards Internal audit reporting lines Internal audit qualifications Increased emphasis on emerging technology risks New listing requirements Source: The IIA Audit Executive Center

41 Five Imperatives For the Remainder of the Decade Enhancing and leveraging a continuous focus on risks Providing assurance on risk management effectiveness Enhancing our proficiency with data mining and analytics Securing a seat at the table for operational and strategic discussions Solidifying our expertise to address key risks

42 Five Strategic Risks That Could Derail Our Progress Failure to embrace professional standards The emergence of competitive risk, controls and governance functions that outperform us Failure to align with expectations of key internal audit stakeholders High-profile failures of internal auditor integrity Failure to concentrate on high-risk areas: Where was internal audit?

43 Questions? The Institute of Internal Auditors Cyndi Plamondon, CIA, CGAP, CCSA, CFSA, CRMA, CISA Vice President, Global Professional Certifications 2013 The Institute of Internal Auditors. All Rights Reserved.

44 Thank you for your attention!

A Global Look at IT Audit Best Practices

A Global Look at IT Audit Best Practices A Global Look at IT Audit Best Practices 2015 IT Audit Benchmarking Survey March 2015 Speakers Kevin McCreary is a Senior Manager in Protiviti s IT Risk practice. He has extensive IT audit and regulatory

More information

Drive Your Career Forward IIA Certifications and Qualifications

Drive Your Career Forward IIA Certifications and Qualifications Drive Your Career Forward IIA Certifications and Qualifications Mapping Your Path for Growth Professional development is a journey. Demonstrating your knowledge, acumen, and leadership ability are key

More information

Drive Your Career Forward IIA Certifications and Qualifications

Drive Your Career Forward IIA Certifications and Qualifications CCSA CRMA CFSA CGAP Don t miss out on the CIA Application Fee Waiver in August! More information is available on the back cover. Drive Your Career Forward IIA Certifications and Qualifications Mapping

More information

Evaluating Cybersecurity Coverage A Maturity Model. Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium

Evaluating Cybersecurity Coverage A Maturity Model. Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium Discussion on: Evaluating Cybersecurity Coverage A Maturity Model Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium By: Eric C. Lovell PricewaterhouseCoopers LLP ( PwC ) March 24,

More information

We would like to announce to you a number of upcoming changes to the Certified Internal Auditor Exam:

We would like to announce to you a number of upcoming changes to the Certified Internal Auditor Exam: Dear Institute Leaders, We would like to announce to you a number of upcoming changes to the Certified Internal Auditor Exam: 1. As the result of findings from a Job Analysis Study (JAS) for the Certified

More information

Governance, Risk and Controls (GRC) Internal audit driving quality organisations

Governance, Risk and Controls (GRC) Internal audit driving quality organisations Concurrent Session 1E Governance, Risk and Controls (GRC) Internal audit driving quality organisations Alan N. Siegfried CIA CCSA CFSA CGAP Chief Audit Executive, World Bank-IMF Federal Credit Union GRC

More information

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.

More information

NERC Staff Organization Chart Budget 2019

NERC Staff Organization Chart Budget 2019 NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate

More information

THE POWER OF TECH-SAVVY BOARDS:

THE POWER OF TECH-SAVVY BOARDS: THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES

More information

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data

More information

Risk Advisory Academy Training Brochure

Risk Advisory Academy Training Brochure Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty

More information

NERC Staff Organization Chart Budget 2019

NERC Staff Organization Chart Budget 2019 NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Officer Senior Vice President, General Counsel and Corporate

More information

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient? Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY

More information

NERC Staff Organization Chart Budget 2018

NERC Staff Organization Chart Budget 2018 NERC Staff Organization Chart Budget 2018 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate

More information

IT Audit Process. Prof. Mike Romeu. January 30, IT Audit Process. Prof. Mike Romeu

IT Audit Process. Prof. Mike Romeu. January 30, IT Audit Process. Prof. Mike Romeu January 30, 2017 1 Corporate Structures Shareholders Governance Level: Board of Directors External Director CFO CEO Legal Counsel External Director Responsible for: Evaluate Direct Monitor Internal Directors

More information

SOC for cybersecurity

SOC for cybersecurity April 2018 SOC for cybersecurity a backgrounder Acknowledgments Special thanks to Francette Bueno, Senior Manager, Advisory Services, Ernst & Young LLP and Chris K. Halterman, Executive Director, Advisory

More information

Turning Risk into Advantage

Turning Risk into Advantage Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview

More information

The Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation. ISACA All Rights Reserved.

The Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation. ISACA All Rights Reserved. The Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation Tichaona Zororo CIA, CISA, CISM, CRISC, CRMA, CGEIT, COBIT 5 Certified Assessor B.Sc. Honours Information Systems,

More information

The State of Cybersecurity and Digital Trust 2016

The State of Cybersecurity and Digital Trust 2016 The State of Cybersecurity and Digital Trust 2016 Identifying Cybersecurity Gaps to Rethink State of the Art Executive Summary Executive Summary While the advent of digital technology has fueled new business

More information

Table of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING

Table of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING Table of Contents Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING Chapter 1: Significance of Internal Auditing in Enterprises Today: An Update 3 1.1 Internal Auditing History and Background

More information

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic

More information

OF ACCOUNTANTS IAASB CAG MEETING MARCH 7, 2011

OF ACCOUNTANTS IAASB CAG MEETING MARCH 7, 2011 INTERNATIONAL FEDERATION OF ACCOUNTANTS IAASB CAG MEETING MARCH 7, 2011 HISTORY OF THE IIA 1941 Founded in New York City 1944 First chapter outside the US chartered in Toronto 1948 First chapters outside

More information

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee

More information

2016 Global Council. Celebrating the Past Inspiring the Future. globaliia.org

2016 Global Council. Celebrating the Past Inspiring the Future. globaliia.org 2016 Global Council Celebrating the Past Inspiring the Future 1996-2016 Global Forum - 1996-1998 - 2000-2002 Global Council - Annually since 2004 - Codified in the Bylaws - provide input into the strategic

More information

Learning with the IIA Refreshing the profession: The New Internal Auditor. Jan Olivier 6 February 2019

Learning with the IIA Refreshing the profession: The New Internal Auditor. Jan Olivier 6 February 2019 Learning with the IIA Refreshing the profession: The New Internal Auditor Jan Olivier 6 February 2019 Contents title Qualifications framework CIA syllabus update Learning support Qualifications framework

More information

Global Information Security Survey. A life sciences perspective

Global Information Security Survey. A life sciences perspective Global Information Security Survey A life sciences perspective Introduction Welcome to the life sciences perspective on the results from Creating trust in the digital world: EY s Global Information Security

More information

FramewOrk to DeSign and implement ifc

FramewOrk to DeSign and implement ifc Marketing Partner Hotel Radisson GRT, 15 Leveraging COSO internal COntrOLS FramewOrk to DeSign and implement ifc 8 CPE Hours Networking Opportunities Qualified CIA Faculty about the Seminar The COSO Internal

More information

The Integrated Auditor: Becoming the Go-to Resource Your Company Needs APRIL 24, 2018

The Integrated Auditor: Becoming the Go-to Resource Your Company Needs APRIL 24, 2018 The Integrated Auditor: Becoming the Go-to Resource Your Company Needs APRIL 24, 2018 Jeff Hemphill Partner and Central Region Leader, Risk Advisory Services Brian Kirkpatrick Managing Director, Risk Advisory

More information

OVERVIEW BROCHURE GRC. When you have to be right

OVERVIEW BROCHURE GRC. When you have to be right OVERVIEW BROCHURE GRC When you have to be right WoltersKluwerFS.com In response to today s demanding economic and regulatory climate, many financial services firms are transforming operations to enhance

More information

BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE

BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE 31st Annual SoCal ISSA Security Symposium Wendy T. Wu Vice President Agenda + CISO: Then and Now + Who are the Stakeholders and What Do They Care About?

More information

Hearing Voices: The Cybersecurity Pro s View of the Profession

Hearing Voices: The Cybersecurity Pro s View of the Profession SESSION ID: AST2-W02 Hearing Voices: The Cybersecurity Pro s View of the Profession Jon Oltsik Senior Principal Analyst and ESG Fellow Enterprise Strategy Group @joltsik Candy Alexander, CISSP CISM International

More information

3/13/2015. COSO Revised: Implications for Compliance and Ethics Programs. Session Agenda. The COSO Framework

3/13/2015. COSO Revised: Implications for Compliance and Ethics Programs. Session Agenda. The COSO Framework COSO Revised: Implications for Compliance and Ethics Programs Urton Anderson, CCEP Director of the Von Allmen School of Accountancy and EY Professor The University of Kentucky Session Agenda The COSO Framework

More information

Leading our discussion today

Leading our discussion today Defending the Digital Retailer for NRFTech 2014 July 22, 2014 Leading our discussion today Security Leadership and Points of Contact Security and Infrastructure Services Leadership Kevin Richards NA Security

More information

Integrated Assurance Embracing The Three Lines of Defense

Integrated Assurance Embracing The Three Lines of Defense Integrated Assurance Embracing The Three Lines of Defense Stanley Y. Chang, Ph.D. CPA (Texas), CIA, CMA, CCSA, CGAP, CGFM, CRMA Chief Operating Officer, Marcum, Bernstein & Pinchuk, LLP 1 Stanley Chang,

More information

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES DIGITAL TRANSFORMATION IN FINANCIAL SERVICES Global Priorities, Progress, and Obstacles Insights from business and IT executives at financial services institutions worldwide reveal that while digital transformation

More information

Citation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit Abstract from Nordic ISACA Conference 2014, Oslo, Norway.

Citation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit Abstract from Nordic ISACA Conference 2014, Oslo, Norway. Aalborg Universitet Vision for IT Audit 2020 Berthing, Hans Henrik Aabenhus Publication date: 2014 Document Version Early version, also known as pre-print Link to publication from Aalborg University Citation

More information

Risk Based IT Auditing Master Class. Unlocking your World to a Sea of Opportunities

Risk Based IT Auditing Master Class. Unlocking your World to a Sea of Opportunities Risk Based IT Auditing Master Class Unlocking your World to a Sea of Opportunities The Digital World Information Technology has developed into a nerve center of every organisation. It has become an intrinsic

More information

CENTRAL TAKE THE STAGE REGIONAL CONFERENCE MAY 1 4, 2016 / NASHVILLE, TN

CENTRAL TAKE THE STAGE REGIONAL CONFERENCE MAY 1 4, 2016 / NASHVILLE, TN CENTRAL REGIONAL CONFERENCE MAY 1 4, 2016 / NASHVILLE, TN TAKE THE STAGE Members: Register by Feb. 29 to save US$100. Take the Stage The IIA and IIA Nashville Chapter are excited to host the 2016 Central

More information

THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS

THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS SESSION ID: AST3-R02 THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS Jon Oltsik Senior Principal Analyst Enterprise Strategy Group @joltsik Candy Alexander, CISSP CISM International Board Director ISSA

More information

Security and Privacy Governance Program Guidelines

Security and Privacy Governance Program Guidelines Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by

More information

COBIT 5 With COSO 2013

COBIT 5 With COSO 2013 Integrating COBIT 5 With COSO 2013 Stephen Head Senior Manager, IT Risk Advisory Services 1 Our Time This Evening Importance of Governance COBIT 5 Overview COSO Overview Mapping These Frameworks Stakeholder

More information

Modern Database Architectures Demand Modern Data Security Measures

Modern Database Architectures Demand Modern Data Security Measures Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing

More information

ISACA Cincinnati Chapter March Meeting

ISACA Cincinnati Chapter March Meeting ISACA Cincinnati Chapter March Meeting Recent and Proposed Changes to SOC Reports Impacting Service and User Organizations. March 3, 2015 Presenters: Sayontan Basu-Mallick Lori Johnson Agenda SOCR Overview

More information

NERC Staff Organization Chart Budget 2017

NERC Staff Organization Chart Budget 2017 NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel

More information

Opportunities to Integrate Technology Into the Classroom. Presented by:

Opportunities to Integrate Technology Into the Classroom. Presented by: Opportunities to Integrate Technology Into the Classroom Presented by: Mark Salamasick, CIA, CISA, CRMA, CSP Executive Director of Audit University of Texas System Discussion Topics Internal Audit Textbook

More information

Mid-Market Data Center Purchasing Drivers, Priorities and Barriers

Mid-Market Data Center Purchasing Drivers, Priorities and Barriers Mid-Market Data Center Purchasing Drivers, Priorities and Barriers Featuring Sophia Vargas, Forrester Research Inc. 30 May 2014 Introducing today s presenters: Matt Miszewski Senior Vice President of Sales

More information

Spring Education Conference. Securing the Organization (Ensuring Trustworthy Systems)

Spring Education Conference. Securing the Organization (Ensuring Trustworthy Systems) Spring Education Conference Securing the Organization (Ensuring Trustworthy Systems) Ken Vander Wal, CISA, CPA Past President, ISACA vandeke@gmail.com 1 2012-2013 Board of Directors International President

More information

COURSE BROCHURE. COBIT5 FOUNDATION Training & Certification

COURSE BROCHURE. COBIT5 FOUNDATION Training & Certification COURSE BROCHURE COBIT5 FOUNDATION Training & Certification What is COBIT5? COBIT 5 (Control Objectives for Information and Related Technology) is an international open standard that defines requirements

More information

TOMORROW. TOGETHER Governance, Risk, and Control Conference. August 19-21, Phoenix, Arizona. An IIA & ISACA Collaboration

TOMORROW. TOGETHER Governance, Risk, and Control Conference. August 19-21, Phoenix, Arizona. An IIA & ISACA Collaboration TOMORROW. TOGETHER. 2013 Governance, Risk, and Control Conference An IIA & ISACA Collaboration Join two highly respected associations at one world-class event August 19-21, 2013 Phoenix, Arizona Reserve

More information

Cybersecurity. Securely enabling transformation and change

Cybersecurity. Securely enabling transformation and change Cybersecurity Securely enabling transformation and change Contents... Cybersecurity overview Business drivers Cybersecurity strategy and roadmap Cybersecurity in practice CGI s cybersecurity offering Why

More information

Aon Service Corporation Law Global Privacy Office. Aon Client Data Privacy Summary

Aon Service Corporation Law Global Privacy Office. Aon Client Data Privacy Summary Aon Client Data Privacy Summary Table of Contents Our Commitment to Data Privacy 3 Our Data Privacy Principles 4 Aon Client Data Privacy Summary 2 Our Commitment to Data Privacy Data Privacy Backdrop As

More information

INTERNAL CONTROL, CORPORATE GOVERNANCE AND RISK MANAGEMENT

INTERNAL CONTROL, CORPORATE GOVERNANCE AND RISK MANAGEMENT The seminars included in the present 2018 Тraining and Еvent Catalogue are grouped into following thematic areas: AUDIT FUNDAMENTALS MANAGEMENT OF INTERNAL AUDIT ACTIVITIES INTERNAL CONTROL, CORPORATE

More information

NERC Staff Organization Chart Budget 2017

NERC Staff Organization Chart Budget 2017 NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel

More information

THE BEST & MORE OCT , 2018 / LAS VEGAS, NV / REGISTER AT

THE BEST & MORE OCT , 2018 / LAS VEGAS, NV / REGISTER AT THE BEST & MORE OCT. 22 24, 2018 / LAS VEGAS, NV / REGISTER AT WWW.THEIIA.ORG/ALLSTAR 2018 ALL STAR Conference THE BEST & MORE Oct. 22 24, 2018 / Las Vegas, NV What You Will Gain: Tools for monitoring

More information

Arriving at Internal Audit s Tipping Point Amid Business Transformation

Arriving at Internal Audit s Tipping Point Amid Business Transformation Arriving at Internal Audit s Tipping Point Amid Business Transformation Assessing the Results of the 2016 Internal Audit Capabilities and Needs Survey and a Look at Key Trends over the Past Decade The

More information

ISO 27001:2013 certification

ISO 27001:2013 certification www.pwc.ch/cybersecurity ISO 27001:2013 certification Building confidence in your digital future Our approach to certification PwC offers a four-phase approach to help with your ISO 27001 project, using

More information

Cybersecurity Session IIA Conference 2018

Cybersecurity Session IIA Conference 2018 www.pwc.com/me Cybersecurity Session IIA Conference 2018 Wael Fattouh Partner PwC Cybersecurity and Technology Risk PwC 2 There are only two types of companies: Those that have been hacked, and those that

More information

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services Solution Overview Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services OPTIMIZE YOUR CLOUD SERVICES TO DRIVE BETTER BUSINESS OUTCOMES Reduce Cloud Business Risks and Costs

More information

Emerging Technologies The risks they pose to your organisations

Emerging Technologies The risks they pose to your organisations Emerging Technologies The risks they pose to your organisations 10 June 2016 Digital trends are fundamentally changing the way that customers behave and companies operate Mobile Connecting people and things

More information

Candidate Profile for the Position of Vice President, Education and Certification

Candidate Profile for the Position of Vice President, Education and Certification Candidate Profile for the Position of Vice President, Education and Certification * * * * This profile provides information about the National Automatic Merchandising Association and the position requirements

More information

GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI

GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI CONTENTS Overview Conceptual Definition Implementation of Strategic Risk Governance Success Factors Changing Internal Audit Roles

More information

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on

More information

MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE.

MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE. MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE. TIMO HEIKKINEN, CISA, CGEIT SENIOR AUDIT SPECIALIST, NORDEA HELSINKI, FINLAND ISACA MEMBER SINCE 1999 ABOUT US BE MORE INFORMED, VALUED

More information

How Your Organization Can Drive Success in the Age of Digital Disruption

How Your Organization Can Drive Success in the Age of Digital Disruption How Your Organization Can Drive Success in the Age of Digital Disruption Produced by How Your Organization Can Drive Success in the Age of Digital Disruption Digital success isn t just about technology,

More information

Building YOUR Privacy Program: One Size Does Not Fit All. IBM Security Services

Building YOUR Privacy Program: One Size Does Not Fit All. IBM Security Services Building YOUR Privacy Program: One Size Does Not Fit All Justine Gottshall Partner, InfoLawGroup, LLP Chief Privacy Officer, Signal Jgottshall@infolawgroup.com Adam Nelson Executive Consultant Global Data

More information

CLOUD ORCHESTRATION. A global trend in the context of digital transformation

CLOUD ORCHESTRATION. A global trend in the context of digital transformation CLOUD ORCHESTRATION A global trend in the context of digital transformation In American pop culture an orchestra is described as a creature and the conductor as the dragon tamer. It s an apt analogy for

More information

State of Cloud Survey GERMANY FINDINGS

State of Cloud Survey GERMANY FINDINGS 2011 State of Cloud Survey GERMANY FINDINGS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Cloud security is top goal and top concern.................................. 8 Finding 2: IT staff

More information

WELCOME TO ISACA Claudio CILLI, CISA, CISM, CRISC, CGEIT

WELCOME TO ISACA Claudio CILLI, CISA, CISM, CRISC, CGEIT WELCOME TO ISACA 2015 Claudio CILLI, CISA, CISM, CRISC, CGEIT cilli@di.uniroma1.it http://dsi.uniroma1.it/~cilli WHO IS ISACA? ABOUT ISACA The trusted source of guidance, networking and career development

More information

Present. 5th May - Chennai. Internal. auditing. today: Beginning Auditor Tools and Techniques. 6 CPE hours.

Present. 5th May - Chennai. Internal. auditing. today: Beginning Auditor Tools and Techniques. 6 CPE hours. Present 5th May - Chennai Internal auditing today: Beginning Auditor Tools and Techniques 6 CPE hours www.achromicpoint.com About the Seminar To become a successful auditor, a strong base of knowledge

More information

Business and Digital Transformation s Effects on IT Audit Groups

Business and Digital Transformation s Effects on IT Audit Groups Business and Digital Transformation s Effects on IT Audit Groups A Global Look at IT Audit Best Practices Assessing the International Leaders in an Annual ISACA-Protiviti Survey Executive Summary Digital

More information

Get ahead of cybercrime. EY s 2014 Global Information Security Survey

Get ahead of cybercrime. EY s 2014 Global Information Security Survey Get ahead of cybercrime EY s 2014 Global Information Security Survey Agenda Introduction The cyber threat landscape The journey to cybersecurity maturity Activate Adapt Anticipate Summary Page 2 EY s Global

More information

Jerry Luftman. Executive Director & Distinguished Professor SIM VP Chapter Relations & Academic Affairs, Emeritus

Jerry Luftman. Executive Director & Distinguished Professor SIM VP Chapter Relations & Academic Affairs, Emeritus Jerry Luftman Executive Director & Distinguished Professor SIM VP Chapter Relations & Academic Affairs, Emeritus 8 HEADLINES 1. State of IT is Resilient 2. Cautious Improvements in IT Spending 3. Judicious

More information

CYBER SOLUTIONS & THREAT INTELLIGENCE

CYBER SOLUTIONS & THREAT INTELLIGENCE CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world

More information

Office of the City Auditor 2014 Third Quarter Activity Report November 25, 2014

Office of the City Auditor 2014 Third Quarter Activity Report November 25, 2014 2014 Third Quarter Activity Report November 25, 2014 This page is intentionally blank. 1. Audit Plan Progress Monitoring Bylaw 16097, Audit Committee Bylaw, Section 5 states that the Committee assists

More information

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating

More information

Hitachi Received Notice of Request for Arbitration

Hitachi Received Notice of Request for Arbitration FOR IMMEDIATE RELEASE Hitachi Received Notice of Request for Arbitration Tokyo, August 22, 2017 --- Hitachi, Ltd. (TSE: 6501, Hitachi ) today announced that it has received the notice of the request for

More information

IIA Academy YOUR PARTNER IN PROFESSIONAL DEVELOPMENT

IIA Academy YOUR PARTNER IN PROFESSIONAL DEVELOPMENT www.iia.org.sg IIA Academy YOUR PARTNER IN PROFESSIONAL DEVELOPMENT IIA Academy Professional Development To support you in your career progression as an internal auditor, we have adopted the IIA Global

More information

Memphis Chapter. President s Message. This annual event is designed to provide students with a

Memphis Chapter. President s Message. This annual event is designed to provide students with a Memphis Chapter F E B R U A R Y 2 0 1 5 Remember: Update your IIA profile for the most up-to-date news. RSVP for the Annual Student Day February 24, 2015 This annual event is designed to provide students

More information

IT Audit Process Prof. Liang Yao Week Two IT Audit Function

IT Audit Process Prof. Liang Yao Week Two IT Audit Function Week Two IT Audit Function Why we need IT audit A Case Study What You Can Learn about Risk Management from Societe Generale? https://www.cio.com/article/2436790/security0/what-you-can-learn-about-risk-management-fromsociete-generale.html

More information

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic

More information

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM www.pwc.com Safeguarding company from cyber-crimes and other technology scams ASSOCHAM Rahul Aggarwal - Director The new digital business ecosystem is complex and highly interconnected The new business

More information

INCREASE YOUR CHANCES OF PASSING THE CIA EXAM

INCREASE YOUR CHANCES OF PASSING THE CIA EXAM INCREASE YOUR CHANCES OF PASSING THE CIA EXAM Sherri Lee Manager, Global Certifications, The IIA Daniel Lebel, CPA, CMA, CIA, CCSA, CFSA, CGAP, CRMA Chief Audit Executive, University of Quebec in Montreal

More information

ROI for Your Enterprise Through ISACA A global IS association helping members achieve organisational success.

ROI for Your Enterprise Through ISACA A global IS association helping members achieve organisational success. ROI for Your Enterprise Through ISACA A global IS association helping members achieve organisational success. ROI for Your Enterprise Through ISACA With the growing complexities of global business and

More information

COPYRIGHTED MATERIAL. Index

COPYRIGHTED MATERIAL.   Index Index 2014 revised COSO framework. See COSO internal control framework Association of Certified Fraud Examiners (ACFE), 666 Administrative files workpaper document organization, 402 AICPA fraud standards

More information

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape 1 2012 IBM Corporation IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to:

More information

RISK INTELLIGENCE Assurance and efficiency improvement through a robust Enterprise Risk Management approach

RISK INTELLIGENCE Assurance and efficiency improvement through a robust Enterprise Risk Management approach INTELLIGENCE RISK INTELLIGENCE Assurance and efficiency improvement through a robust Enterprise Risk Management approach Carla De Geyseleer CFO Investor Days 2018, Bordeaux CERTIFICATION ACTIVATION 2 Prioritizing

More information

Protecting your data. EY s approach to data privacy and information security

Protecting your data. EY s approach to data privacy and information security Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share

More information

October 2016 Issue 07/16

October 2016 Issue 07/16 IPPF: NEW IMPLEMENTATION GUIDES - IG 1100, IG 1110, IG 1111, IG 1120 and IG 1130 The IIA has released new Implementation Guides (IG) addressing the following standards: Standard 1100: Independence and

More information

FIRST NATIONS FINANCIAL MANAGEMENT BOARD. FMB Certification: What Auditors Need to Know March 16, 2017

FIRST NATIONS FINANCIAL MANAGEMENT BOARD. FMB Certification: What Auditors Need to Know March 16, 2017 FIRST NATIONS FINANCIAL MANAGEMENT BOARD FMB Certification: What Auditors Need to Know March 16, 2017 Presenter Introductions Scott Munro, CPA, CA, CAFM Director, Standards and Certification Lee Fulla,

More information

STRATEGIC PLAN

STRATEGIC PLAN STRATEGIC PLAN 2013-2018 In an era of growing demand for IT services, it is imperative that strong guiding principles are followed that will allow for the fulfillment of the Division of Information Technology

More information

The Business Value of including Cybersecurity and Vendor Risk in ERM

The Business Value of including Cybersecurity and Vendor Risk in ERM The Business Value of including Cybersecurity and Vendor Risk in ERM Yo Delmar, Vice President, Customer Engagement, MetricStream RMA GCOR XI April 4 5, 2017 Hyatt Regency, Cambridge, MA Tuesday 2:30 pm

More information

NOW IS THE TIME. to secure our future

NOW IS THE TIME. to secure our future NOW IS THE TIME to secure our future A FRAMEWORK FOR UNITING THE CANADIAN ACCOUNTING PROFESSION VISION FOR THE PROFESSION To be the pre-eminent, internationally recognized Canadian accounting designation

More information

Article II - Standards Section V - Continuing Education Requirements

Article II - Standards Section V - Continuing Education Requirements Article II - Standards Section V - Continuing Education Requirements 2.5.1 CONTINUING PROFESSIONAL EDUCATION Internal auditors are responsible for maintaining their knowledge and skills. They should update

More information

Changing the Game: An HPR Approach to Cyber CRM007

Changing the Game: An HPR Approach to Cyber CRM007 Speakers: Changing the Game: An HPR Approach to Cyber CRM007 Michal Gnatek, Senior Vice President, Marsh & McLennan Karen Miller, Sr. Treasury & Risk Manager, FireEye, Inc. Learning Objectives At the end

More information

BASED INTERNAL AUDITING

BASED INTERNAL AUDITING ý Marketing Partner Content Partner BASED INTERNAL AUDITING IIA GL BAL TRAINING MATERIAL Mumbai 21 Dec 2018 8HOURS A bout This Course Course Description The COSO Internal Control Integrated Framework is

More information

The CIA Challenge Exam. August 2018

The CIA Challenge Exam. August 2018 The CIA Challenge Exam August 2018 The IIA is committed to providing a clearly defined, professionally relevant suite of global certifications to support internal auditors as they progress through their

More information

Security Director - VisionFund International

Security Director - VisionFund International Security Director - VisionFund International Location: [Europe & the Middle East] [United Kingdom] Category: Security Job Type: Open-ended, Full-time *Preferred location: United Kingdom/Eastern Time Zone

More information

Uncovering the Risk of SAP Cyber Breaches

Uncovering the Risk of SAP Cyber Breaches Uncovering the Risk of SAP Cyber Breaches Research sponsored by Onapsis Independently Conducted by Ponemon Institute LLC February 2016 1 Part 1. Introduction Uncovering the Risks of SAP Cyber Breaches

More information

CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS

CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS Good IT governance is a key element of a well-performing enterprise. Enterprises need qualified information

More information

NERC Staff Organization Chart

NERC Staff Organization Chart NERC Staff Organization Chart President and CEO Administrative Associate Director to the Office of the CEO Associate Director, Member Relations and MRC Secretary Senior Vice President and Chief Reliability

More information