Skip to Main Content

IIA Chicago 54th Annual Seminar

Agenda


    • Agenda
    • 7:00 AM  -  8:00 AM
      Registration
      8:00 AM  -  9:40 AM
      Keynote Speaker - Lou Dobbs

      In his keynote address, which is being sponsored by McGladrey, Dobbs will share his insight on the economy. He’ll discuss how current political events affect investing and the business environment, and he’ll offer a broad view that covers global and domestic issues. Our members have seen the impact of economic changes on our companies, with more to come.

      Dobbs will blend fascinating anecdotes from his distinguished career in financial journalism with the insight gained from his role as anchor of Lou Dobbs Tonight to provide a look at what’s ahead for the economy – both short and long term.

      Session A - Keynote:
      9:40 AM  -  10:00 AM
      Refreshment Break, Exhibitors & Networking
      10:00 AM  -  10:50 AM
      Session B
      10:50 AM  -  11:05 AM
      Transition Break
      11:05 AM  -  11:55 AM
      Session C
      11:55 AM  -  12:55 PM
      Networking Lunch
      12:55 PM  -  1:45 PM
      IIA Leadership Keynote - Norman Marks

      Norman Marks has been a fixture in the Internal Audit community for more than 20 years. Sought after for his advice and unique perspective, and known for his unique style, Norman is a true visionary of the profession who will deliver an unvarnished outlook on the future of Governance, Risk & Control, as well as the Internal Audit profession.

      The learning objectives for this session are:

      • Building a World Class Internal Audit Function
      • Moving from Auditing to Assurance
      • Auditing at the Speed of Business

      Session D - IIA Keynote:
      1:45 PM  -  2:00 PM
      Transition Break
      2:00 PM  -  2:50 PM
      Session E
      2:50 PM  -  3:05 PM
      Refreshment Break, Exhibitors & Networking
      3:05 PM  -  3:55 PM
      Session F
      3:55 PM  -  4:10 PM
      Refreshment Break, Exhibitors & Networking
      4:10 PM  -  5:00 PM
      Session G
      5:00 PM  -  6:00 PM
      Reception

    • Session B
    • 10:00 AM  -  10:50 AM
      Combine Data Analytics & Forensic Accounting to Identify Fraud, Waste or Abuse in your Supply Chain

      Session Overview

      For many companies, the supply chain represents the single largest source of cash outflows and the largest source of interaction with outside business entities. For some companies, the supply chain harbors a variety of risks that result from exposure to fraud, waste or abuse. Supply Chain Forensics is a concept that leverages data analytics and forensic accounting to help companies:

      • Develop tailored criteria-based processes to help evaluate the relative risk value of your vendor relationships
      • Detect and mitigate potentially costly risks, while also identifying opportunities to boost the organization’s bottom line
      • Identify and eliminate fraud, waste or abuse perpetrated by your employees or your company’s vendors
      • Learn how many leading companies are employing Supply Chain Forensics to mitigate risk and increase shareholder value.

      Session B:
      10:00 AM  -  10:50 AM
      Five Changes to the PCI DSS and How They Impact You

      Session Objectives

      This session will discuss how PCI DSS risk can be assessed in your organization. Attendees will learn about best practices to increase awareness and secure stakeholder “buy in”, how to identify the five major changes to the PCI DSS (3.0), understand how these changes will affect the PCI DSS compliance process and how to prepare for and transition to the updated standard.

      Upon completion, participants should be able to:

      • Identify the major changes to the DSS
      • Define how the changes will affect the PCI DSS compliance process
      • List best practices on how to prepare for and transition to the updated standard

      10:00 AM  -  10:50 AM
      Keeping Cool, Calm, & Collected When the Pressure is On

      Session objectives:

      Imagine what your life would be like if you could deal with all time-pressures and stressful situations in a way that makes you healthier, happier and more effective? Would you be a better parent, boss, worker or friend? The ability to control your time and your reaction to stressful situations is one of the most powerful skills you can ever develop. This program focuses on ways to cope with high pressure situations. You will learn to respond to demands and crisis with less anxiety, and you will learn how to keep from taking your stress out on important people in your life.

      Upon completion, participants should be able to:

      • Use goal setting to develop a sense of control over the events in your life
      • Communicate effectively during high pressure situations
      • Respond to work pressures and crisis with less anxiety
      • Avoid taking your stress out on important people in your life

      Session B:
      10:00 AM  -  10:50 AM
      Aligning ERM and Internal Audit Plan - Panel Discussion with Q&A

      Topics covered in this session include:

      • Learn how to facilitate the development of an integrated Internal Audit plan with ERM focused on enterprise risks and opportunities
      • Understand how to develop a common risk framework that can be leveraged for both ERM and Internal Audit by harmonizing the way risk is identified, assessed, and measured
      • Discuss how companies are engaging the board and senior leaders within the organization to think about enterprise risks and how integration with strategic planning, data analytics and alignment with Internal Audit plan can help change management’s thinking about risk management

      10:00 AM  -  10:50 AM
      Strategic Analysis for Internal Auditors

      Session Objectives

      Understanding strategy is essential to auditors providing value-added insight to management. This session will explore major strategic frameworks from leading practitioners and academics, learn how strategy is formulated and analyzed, identify strategic risks, and discuss techniques for developing strategic thinking skills in audit staff.

      The learning objectives for this session are:

      • Learn strategic analysis techniques to improve the insight provided to management
      • Identify strategic risks to focus audit efforts
      • Develop techniques for improving the strategic thinking skills of audit staff

      Session B:
      10:00 AM  -  10:50 AM
      Building an Effective IT Risk Management and Compliance Program

      Session Objectives

      This presentation will discuss the business drivers for Walgreen's IT risk management compliance programs and the framework used to build an integrated enterprise IT Risk and Compliance program.

      The learning objectives for this session are:

      • Overview of key business drivers impacting the need for more effective IT risk management
      • Overview of the framework used to build an integrated enterprise IT Risk and Compliance program at Walgreen’s


    • Session C
    • 11:05 AM  -  11:55 AM
      Getting to the Root Cause: How to Help Management Build Sustainable Improvement in Business

      Session Overview

      The symptom versus the root cause – as internal auditors, we have heard this concept many times – yet too often, we revert back to old habits. We start to see repeat findings in our audit reports, and we should not be surprised … The reason is simple – we failed to properly identify the root cause of the issue. This session will explore the topic of root cause analysis and will provide practical tips and suggestions to aid you in your effort to focus on the underlying root cause of the issues you are identifying through your audit process.

      Learning objectives:

      • To gain an understanding of how root cause analysis is defined according to internal audit standards.
      • To gain an understanding of the important role that internal auditors must play in analyzing and identifying root cause(s).
      • To gain an understanding of how root cause analysis benefits the organization by building sustainable improvement over time.

      Session C:
      11:05 AM  -  11:55 AM
      Why Good People Do Bad Things: The Psychology of Workplace Deviance

      Session Objectives

      Knowing how employees commit fraud isn't enough. Auditors, investigators, and others responsible for preventing and detecting fraud must recognize why dishonest employees steal from their organizations in the first place. This session focuses on the psychology of workplace deviance to help participants answer the question: why do good people do bad things?

      Topics covered in this session include:

      • Examine the widespread nature of employee theft and fraud
      • Evaluate the complexity of ethical decision-making
      • Differentiate between moral and conditioned honesty
      • Compare contrasting views of behavioral ethics
      • Examine rationalizations commonly indicative of moral disengagement

      Session C:
      11:05 AM  -  11:55 AM
      Time Management

      Session Overview

      This presentation will discuss methodologies for task management and how to leverage Outlook to improve organizational skills.

      Topics covered in this session include:

      • Improving your ability to leverage Outlook for organizing tasks, events and contacts
      • Increase efficiency with common tasks such as note taking and meeting schedules

      Session C:
      11:05 AM  -  11:55 AM
      Minimize Your Corruption Risk Globally

      Topics covered in this session include:

      • Help internal auditors identify what key risks are likely to impact their business
      • Determine what needs to be considered to minimize the overall corruption risk that inherently exists globally

      11:05 AM  -  11:55 AM
      Internal Auditors Professional Liability Issues

      Session Objectives

      Internal auditors who work for industry or who work in public accounting or independent third-party service providers should gain a better understanding of their legal liabilities and trends in litigation against internal auditors and their firms.

      The learning objectives for this session are:

      • To understand the legal liabilities confronting work as an internal auditor
      • To understand the difference in legal regulatory expectations for an “internal” internal auditor versus a third party service provider of IA services.
      • To understand the implication of the IIA standards and IIA certifications on your legal liability as an internal auditor.
      • To review the status of three key cases of interest to internal auditors both inside and outside of companies and within public accounting firms.

      11:05 AM  -  11:55 AM
      Auditing Systems Development & Maintenance Change Management Overview

    • Session E
    • 2:00 PM  -  2:50 PM
      Computer Crime and Forensic Investigations

      Session Overview

      With today’s ever changing IT landscape, nearly every organization will need to prepare for and deal with cybercrime. This session will explore the key principles of conducting a computer forensic investigation, and how to work with outside government agencies to help fight and solve computer crime.

      Session E:
      Speakers:
      2:00 PM  -  2:50 PM
      Are You Prepared for Conflict Minerals?

      Session Objectives

      The new Conflict Minerals regulations impact over 250,000 private and public companies that manufacture or contract to manufacture everything from computers and cell phones to automotive parts, apparel and toothpaste. This session will discuss the latest updates and insights regarding Section 1502 of the Dodd‐Frank Act and how it impacts you, your customers and you suppliers. Be prepared for the first filing deadline approaching on May 31, 2014.

      Upon completion, participants should be able to:

      • Understand the background of the law, its objectives, and upcoming filing requirements
      • Identify key compliance steps, resources, and suggested best practices
      • Prepare for the independent private sector audit

      Session E:
      2:00 PM  -  2:50 PM
      Demonstrating Trust Building Behaviors and Presence to be an Effective Auditor

      Session Overview

      This session focuses on awareness and practice of very specific interpersonal skills through improvisational exercises, and applies those learnings to realistic audit experiences through role play scenarios. Strengthen listening skills and understand how your behavior and your audience’s behaviors are affecting the success of the meeting. Leverage these skills to create pivots in your difficult conversations.

      The learning objectives for this session are:

      • Accelerate the speed of building trust by increasing listening skills to focus conversation and surface underlying issues.
      • Increase your ability to convey confidence under pressure and show peer-like behavior with senior leaders.

      Session E:
      2:00 PM  -  2:50 PM
      Forensic Collection of Social Media, Mobile Devices, Cloud Storage and Web-based Email

      This session will discuss Social Media and issues associated with data collections (including Facebook, LinkedIn and Twitter), as well as collection of data from smart phones, iPads and other mobile devices. We will also discuss cloud storage (Drop Box, Google Docs) and security issues, in addition to Web-based email accounts such as Gmail, Yahoo and Hotmail (more sources of cloud storage).

      Session E:
      2:00 PM  -  2:50 PM
      Understanding COSO 2013 - Key Principles for Auditing Internal Controls

      Session Objectives

      This session will discuss the changes in the new COSO framework, when they become effective for Sarbanes-Oxley reviews of internal controls, and areas that internal auditors should consider when planning and performing reviews of internal controls. It will emphasize the three dimensional nature of the COSO framework, an area often ignored in other descriptions, and its relevance to both internal audit operational and financial internal controls review.

      Upon completion, participants should gain a better understanding of:

      • The COSO 2013 internal controls original framework, its background and importance, its importance for Sarbanes-Oxley internal controls attestations, and the revised 2013 version
      • The COSO 2013 framework with an emphasis on some of significant changes – such as the emphasis on fraud detection and risk management
      • The three dimensional perspective of the COSO 2013 and the importance of its interlocking elements
      • COSO’s 17 Principles – key elements that should be part of many internal audits
      • COSO 2013’s linkage with other standards, such as the IIA’s Professional Standards, COBIT, and others
      • Transition rules for implementing COSO 2013 into enterprise internal control reviews

      Session E:
      2:00 PM  -  2:50 PM
      Auditing Mobile Devices and Security

      Session Objectives

      Smart phones, tablets, and laptops; all of these devices are used by your employees to conduct business with or without your organization’s approval. These devices increase productivity and efficiency with increased mobility and functionality. However, that increases your risks, especially as worldwide laws and regulations regarding the privacy and security of data evolve. How do you balance the needs of your business and workforce with the privacy and security requirements?

      The learning objectives for this session are:

      • Overview of key business drivers
      • How do you balance the needs of your business and workforce with the privacy and security requirements for mobile devices

      Session E:

    • Session F
    • 3:05 PM  -  3:55 PM
      Data Breaches: Moving Forward After the Event

      Session Objectives

      Privacy has become a hot topic for governments around the world and regulators are starting to ask organizations how they are protecting consumer data. In 2013, over 550 companies reported a data breach and many more experienced a data incident. Join us as we discuss how data breaches can impact the organization. We will walk through operational risk management techniques and provide practical solutions that you can take back to your organization.

      Topics covered in this session include:

      • How data breaches impact organizations
      • Practical steps to address a data breach

      Session F:
      3:05 PM  -  3:55 PM
      Healthcare Fraud and the Affordable Care Act

      Session Objectives

      Discover how the disclosure of Personal Healthcare Information affects, you, employees and organizations. Discuss avenues the ethically challenged use Personal Healthcare Information. What can be done to prevent Healthcare Fraud?

      Upon completion, participants should understand:

      • How to protect Personal Healthcare Information
      • How healthcare fraud impacts healthcare plans

      Session F:
      3:05 PM  -  3:55 PM
      The Critical Thinking Process

      Session Objectives

      Attendees will learn what is meant by critical thinking and understand the critical thinking process. They will learn how to apply critical thinking concepts in the critical thinking process. Attendees will obtain an understanding of what is a good critical thinker.

      The learning objectives for this session are:

      • Define critical thinking
      • Understand the elements of critical thinking
      • Apply critical thinking skills
      • Understand what is a good critical thinker

      Session F:
      3:05 PM  -  3:55 PM
      Auditing 3rd Party Vendor Capabilities

      Session Objectives

      This session will help attendees gain an understanding of how Internal Audit can assist your organization in developing a vendor assurance program, participate in the auditing and assessment of vendors, and also audit your organization’s existing vendor management function. Additionally, the session will discuss how the increased adoption of cloud computing and off-shore vendors has introduced new risks to organizations and what your Internal Audit department can do to verify that these risks are appropriately mitigated.

      Topics covered in this session include:

      • Outline procedures to help organizations identify their highest risk vendors
      • Discuss risks introduced through the use of cloud computing vendors
      • Provide an overview of how to audit your organization’s vendor assurance program

      Session F:
      3:05 PM  -  3:55 PM
      Essential Skills for Aspiring Audit Executives

      Session Objectives

      This session will help you learn the difference between more traditional audit skills and those skills that will also be necessary for those aspiring to higher levels in their organization. Learn the CAE skills that are valued by your key stakeholders. Understand the critical importance of judgment and a basic approach to improving your decision making. Understand the importance of developing a mindset around continuous learning. Finally, gain insights into critical factors that you should be considering as your manage your career progression.

      The learning objectives for this session are:

      • Learn the skills that are critical to master today for aspiring audit executives
      • Understand the CAE skills that are most important to your key stakeholders.
      • Gain insights into critical factors in managing your career.

      Session F:
      3:05 PM  -  3:55 PM
      Auditing Transformational IT Projects - An Embedded Approach

      Session Objectives

      In most organizations, change is the rule rather than the exception. In order for the internal audit function to be relevant to its primary stakeholders, an understanding and engagement in the organization’s major transformational IT projects is a must. This presentation tells the story of how the internal audit practice of a leading mid-western utility (NiSource) successfully engaged in the organization’s largest IT project to-date while at the same time, provided intrinsic value to the project and its associated stakeholders.

      The learning objectives for this session are:

      • Overview of key business drivers
      • Internal audit’s role in major transformational IT projects

      Session F:

    • Session G
    • 4:10 PM  -  5:00 PM
      Integrated Data Analytics: Internal Audit as a Risk Controls Factory

      Session Overview

      Through the power of data analytics, Sears Internal Audit has partnered with management to move the risk barometer. Delivering effective analytics requires a very special and unique skill set. And to deliver the highest value, analytics often requires two distinct sets of skills that are not commonly found in a single individual. Referred to as the back-end and front-end analytics roles, Sears Holdings has formed two separate teams that allow more technical (back-end) and business-focused (front-end) analysts to complement each other in delivering analytics. This approach allows Sears to keep analytics focused on identifying high-value uses for analytics, performing highly-technical analytics, and meeting customer needs including through the delivery of key approval and monitoring controls to the organization. This blended approach also enables business-focused auditors and programming-focused analysts to focus on their strengths and remain in their respective comfort zones. In addition to outlining this unique approach, the session covers data analytics basic concepts, application within the context of retail, and lessons learned.

      Topics covered in this session include:

      • Overview of Sears Holdings’ industry and technology environment
      • Overall audit analytics concepts
      • Overview Sears’ front-end / back-end analytics approach
      • Examples of analytics solutions delivered and lessons learned

      Session G:
      4:10 PM  -  5:00 PM
      Regulatory Update for Financial Institutions

      Session Objectives

      Attendees will gain a better understanding of the impact to banks of the CCAR process. The speaker will also discuss the recent Basel III capital rule and its impacts on capital strategy for institutions. Attendees can also expand their knowledge of select areas of the Dodd-Frank Act. There will also be a discussion of the heightened expectations of internal auditors in the banking industry.

      Upon completion, participants should be able to:

      • Gain a better understanding of how the Fed’s comprehensive capital analysis and review (CCAR) process works
      • Discuss the impact of recent regulatory changes on the banking industry
      • Understand the changing expectations for internal auditors in financial institutions

      Session G:
      4:10 PM  -  5:00 PM
      Leading and Engaging Others

      Session Objectives

      This highly interactive session will explore the concept of employee engagement, it’s connection to effective leadership, and how leaders can use simple tools and techniques to boost engagement levels within their teams and organizations. Participants will receive an engagement tool guide and a set of engagement cards.

      • Develop greater appreciation for the role employee engagement plays in effective leadership.
      • Learn and practice simple tools and techniques for increasing employee engagement

      Session G:
      4:10 PM  -  5:00 PM
      Evaluating Your Business Continuity Plan: Beyond Checklists and Walkthroughs

      Topics covered in this session include:

      • Recognize the different components of a comprehensive Business Continuity Planning Program, beyond just the Business Continuity Plan (BCP) itself
      • Understand how to qualitatively assess the effectiveness of a BCP
      • Identify weaknesses requiring remediation

      Session G:
      4:10 PM  -  5:00 PM
      Stakeholder Expectations and Internal Audit - Insights From the Audit Committee and Management

      Session and Learning Objectives:

      The learning objectives for this session are to understand from the view of key stakeholders of internal audit their expectations, experiences, perspectives and recommendations for internal audit.

      This panel will be different. You will hear not from practitioners, but from the ultimate stakeholders of internal audit – the Audit Committee and Management. This esteemed panel of Audit Committee and Management leaders will share their outside – in view of internal audit, including counsel and tips for you on how to be successful in serving your key stakeholders.

      4:10 PM  -  5:00 PM
      IT Risk - A Strategic Business Issue for Senior Management and the Board

      Session Objectives

      This panel will explore a number of today’s top IT risk issues, with a particular focus on how to communicate and discuss these issues with senior management and the board.

      The learning objectives for this session are:

      • Overview of key business drivers
      • Communicating today’s top IT risk issues to senior management and the board

    Top