Mid-Atlantic
Region 1 District Conference
October 22-25, 2008
Virginia Beach, VA
SESSIONS AND
SPEAKERS
==========================================================================================================
Dave Hart
As Director of IT Audit Services - Mid-Atlantic Region for NETBankAudit,
David Hart (CISA) manages the IT audit function in the Mid-Atlantic region and
oversees the QA and training functions. Prior to joining NETBankAudit, David
served as a bank examiner and IT technical consultant for the Federal Reserve
for over 15 years. As a Senior Advisory IT Bank Examiner, David participated
and led numerous examinations of community banks, large financial institutions,
regional data centers, and IT service providers. He was also responsible for
staff development, report review, and public policy, speaking on such matters
as "How to Prepare for an IT Exam," "GLBA 501(b) Compliance,"
"Business Continuity," and "IT Audit." As a Senior IT
Technical Consultant, David participated and led several audits of the national
Federal Reserve Information Technology (FRIT) function and U.S. Treasury
systems. He also served as an audit liaison to several System Development Life
Cycle (SDLC) projects within the Federal Reserve System. Mr. Hart is a
distinguished graduate of the Virginia Military Institute. Additionally, he has
attended numerous banking and information technology seminars and schools
including the
The presentation will fully explore the chronology and
impact that a disaster has on an institution, focusing on crisis management and
the role of internal audit during a disaster situation. We will review the impact of the events of
9/11 on The Bank of New York as well as the
What you should expect to take away from the presentation is a better appreciation of what to expect in the event of a disaster, tips on how to respond, and ideas for what role your Audit group should play in the event of a disaster.
Kevin
Piccoli
Session Synopsis
Study after study shows that clients
and employers value communication skills above all others.
The key to effective communication includes:
+ Creating a professional presence that projects quality
+ Proper balance of body language, executive presence and personality
interaction
In addition, the written word is also important. While the
average letter, memo, report, or e-mail has so many grammatical and
content errors that it loses its effectiveness there are simple
shortcut solutions that will improve your written
communication.
This engaging seminar explores all of the qualities that contribute to
a professional presence and an effective written message.
Kathy Crosby
Kathy Crosby is on the adjunct faculty with the Center for Corporate and Executive Education at Virginia Commonwealth University School of Business in Richmond, Virginia.
Kathy has been involved in training and development for a number of years working with individuals and groups in different corporate, government and college environments. Previously, Kathy was on the adjunct faculty with the Management Institute at the University of Richmond. In addition, Kathy worked with the United States Government primarily as a communications consultant for the Central Intelligence Agency in Langley, Virginia.
Kathy holds an M.A. degree
in Communications
Studies from the University of Virginia and a B.S. (cum laude) in
Business Management from Virginia Tech. She is a member of
Phi
Kappa Phi (National Honor Society) and Beta Gamma Sigma (National
Honorary Society for students of business management).
Governance, risk and compliance (GRC)
is a topic
everyone is talking about, but often with different
definitions.
At a high level, GRC isthe convergence of all of the various
initiatives an organization may be facing that deal with these
issues. This session will review different aspects and
definitions of GRC and how it blends with and affects theexecution of
an internal audit department's role.
Jim Larsen
As Director of Operations, Mr. Larsen helps guide direction, set practice standards, and monitor engagement risk for the audit, risk and compliance service line of Resources Global Professionals. In this role, Mr. Larsen has worked extensively with numerous clients in helping them establish processes to comply with the Sarbanes Oxley Act, reengineer audit processes, and implement strategic co-sourcing solutions.
Prior to joining Resources, Mr. Larsen was with Cargill, Inc. for 21 years serving in a variety of management positions in internal audit, accounting, I/T, project management, and human resources. He spent eight years in Cargill’s Worldwide Audit Department, five of those as the Worldwide Audit Manager for Information Technology and Reengineering.
While
he was the Worldwide Audit Manager for
Information Technology and Reengineering, Cargill’s Audit
Department migrated
to a risk driven, integrated audit approach.
The staff transitioned from primarily entry-level people,
to
professionals with an average of 10 years of experience. In 1998,
Cargill’s Internal Audit Department
won CFO Magazine’s Reach Award for Excellence in Internal
Auditing.
Mr. Larsen has extensive experience in business process redesign, multi-process risk assessment, strategic planning, the total quality process, and integrated system controls. While at Cargill, he designed an audit approach integrating the assessment of operating system, application, and manual control processes. He has led numerous seminars and workshops on Sarbanes Oxley, internal controls, corporate governance, and internal auditing.
==========================================================================================================
Fraud Risk Management: The Auditor's Role in Prevention, Detection & Handling
Session Synopsis
When will it stop! The fraud expectations placed on professional auditors seem to grow each year. Many managers expect that every auditor has extensive training and experience in addressing fraud risks and incidents. Yet most auditors will acknowledge that handling misconduct and fraud issues, while interesting, is an area of great uncertainty.
As a result of Sarbanes-Oxley Act and other publicized regulations, the time has never been better to sell organizations and their leaders on "best of the best" fraud risk management ideas. Using real world examples of what has gone wrong and best practices for fighting fraud this session will address:
• The auditor’s role in fraud
risk management
• Best practices for deterrence and prevention
• Conducting a “Comprehensive Fraud Risk
Assessment”
• Think like a thief: developing a fraud risk profile for
audit assignments
• Discovery based audit procedures: using audit testing,
fraud-based inquiries and monitoring to surface fraud
symptoms
• Special challenges from third party relationships
• The auditor’s role in fraud incident response
John Hall
John has 30 years of experience as a consultant, speaker and business owner, an in public accounting, internal auditing and corporate management positions. He is a member of the American Institute of CPAs and the Institute of Internal Auditors. He was chair of the 2003 AICPA National Conference on Fraud.
Through his programs, John helps clients create a comprehensive anti-fraud environment; identify and assess areas of exposure to wrongdoing. misconduct and fraud; strengthen fraud prevention and detection controls; build world-class audit organizations; and enhance personal and professional effectiveness.
==========================================================================================================
Topics covered to include: IT Risks and Business Impact, Computer Technology Overview, IT General & Application Controls Overview and Common IT Deficiencies & How to Avoid Them.
Neal W. Beggan
Mr.
Beggan is an Senior Audit Manager in the Information
Technology Audit Group (ITAG) of Cherry, Bekaert & Holland
(CB&H). With
the professional designation as a Certified Information Systems Auditor
(CISA),
he has over ten years of IT audit, consulting and compliance
experience. He has
performed information technology reviews in the following compliance
areas:
Sarbanes-Oxley 404, FISCAM, OMB A-130 and SAS 70. At CB&H, Mr.
Beggan is
responsible for the planning, staffing, management, and review of
engagement
work in addition to specialized fieldwork performance where greater
expertise
and experience is required.
Prior to joining Cherry, Bekaert & Holland, Mr. Beggan worked at an international accounting and management firm as an IT manager where he was responsible for managing Sarbanes-Oxley 404 assistance projects for accelerated and non-accelerated filers across numerous industries. He provided end-to-end project management for clients to ensure compliance with Sarbanes-Oxley 404 requirements, performed walkthroughs, testing and remediation for IT entity level controls, IT general controls and IT application controls, assisted in the design and implementation of baseline IT processes and controls and streamlined IT control processes, reducing the number of key controls, and improving the efficiency of testing the controls. Environments included in the testing described above were UNIX, Windows 2003, Active Directory, Oracle Financials and Oracle DBMS, SAP, PeopleSoft, SQL Server, as well as numerous commercial off-the-shelf (COTS) and internally developed systems. In addition, he managed co-sourced internal audit projects for profit and non-profit organizations and was responsible for completing assessments to identify key IT and business risks and recommending practical solutions to mitigate those risks; performing operational audits to identify cost savings and revenue opportunities; and, improving existing Internal Audit Methodologies in the areas of Information Technology for large corporations. Mr. Beggan also was responsible for leading corporate-wide training on all IT Audit practice lines and Sarbanes Oxley IT custom developed methodology.
Mr. Beggan obtained a Bachelor of Business Administration in Finance with a concentration in Computer Information Systems (CIS) from James Madison University. He is a Certified Information Systems Auditor (CISA) and an active member of the Information Systems Audit Control Association (ISACA).
==========================================================================================================
This session will include a case study surrounding a complex payroll fraud in which funds were diverted from the IRS and the State to both existing and terminated employees. The case study is a real life example of what can happen when the payroll department is not given the appropriate level of attention that it needs. The presenters will share the steps taken during the investigation, including what pitfalls to avoid, where the control breakdowns were, audit techniques used to identify the fraud, and the continuous monitoring routines can be used by any organization.
Darlene Fitzpatrick
Darlene FitzPatrick, CIA, CFE, CCSA is a Director of Internal Audit for Bon Secours Health System, Inc (BSHSI), a $2.7 billion not for profit Catholic Healthcare System founded by the Sisters of Bon Secours. Bon Secours Health System provides healthcare services to eleven communities in nine states. Darlene has been with Bon Secours for approximately eight years.
Prior to Bon Secours she served
as an internal auditor for the Medical College of Virginia.
She holds a Master of Business
Administration with a concentration in Healthcare Management degree,
and is a
Certified Internal Auditor, a Certified Fraud Examiner, and is
certified in Control
Self Assessment. She also serves as a
volunteer instructor for the Institute of Internal Auditors (IIA), and
is an
active member of the Central Virginia IIA chapter.
Jerry Diley
Jerry
Diley, CISA, CFE is a
Senior IS Audit Manager for Bon Secours Health System, Inc (BSHSI), a
$2.7
billion not for profit Catholic Healthcare System founded by the
Sisters of Bon
Secours. Bon Secours Health System provides healthcare services to
eleven
communities in nine states. Jerry
has
been with Bon Secours for approximately eight years.
Prior to coming to Healthcare, he served as Manager of Internal Audit for a manufacturer of active wear. He has over 20 years in internal audit and fraud investigations. Jerry holds a BS from the University of Akron, and is a Certified Information Systems Auditor and a Certified Fraud Examiner. He has served as past president of a local IIA chapter; served as an advisory board member for a vocational school; and was a former instructor at the University of Akron.
This year, all four parts of the CIA Exam will be covered in the CIA Exam Review. Part 1 will be offered all day Wednesday, October 22; Part 2 all day on Thursday, October 23; Part 3 will be covered on Friday, October 24 and Part 4 is a half-day session on Saturday morning, October 25.
Glenn E. Sumners, DBA, CIA, CPA, CFE
is on the faculty of
Louisiana State University where he teaches internal auditing in the
Center for
Internal Auditing. Prior to receiving his DBA at the University of
Tennessee,
he received a BS and MA from the University of Alabama.
Professor Sumners has over ten years professional
experience in industry,
consulting, and public accounting. This experience includes three years
as the
Controller of ESP.
Professor Sumners has authored two IIA Monographs,
“Developing the
Internal Auditor’s Leadership Skills” and
“Conducting Internal Audit
Interviews.” In addition, he has authored articles in
Managerial Auditing
Journal, Auditing: A Journal of Practice and Theory, Internal Auditing,
Internal Auditor and others. He serves on the Internal Auditor
Editorial
Advisory Board and the editorial team of the International Journal of
Auditing.
He currently serves as an IIA Research Foundation Trustee.
He is the Director of the Louisiana State University
Center for Internal
Auditing. He was named Educator-of-the-Year in 1987 by the IIA and
received the
LCPA Lifetime Achievement in Accounting Education Award in 1999. Twelve
students from the LSUCIA Program have won international awards for the
highest
score on the CIA exam. He received the 2001 CIA Academic Outreach
International
Award.
In the last 15 years, Professor Sumners had made over
850 presentations
to companies, organizations and IIA Chapters. This list includes over
150 CIA
exam reviews in 35 cities and 7 countries. In addition, he provides
quality
assurance and consulting services to internal audit departments and
audit committees.
He is a co-presenter in the IIA/LSUCIA Vision University Program.
HOME | HOTEL | SCHEDULE | SESSIONS & SPEAKERS | REGISTRATION | SPONSORS | VIRGINIA BEACH