Cch social media risk audit control october 29, 2013

951
-1

Published on

Risk Audit & Control in a Social Media World
Hosted by: Accounting Today October 29, 2013

This is a presentation that was broadcast to more than 400 accounting professionals. The recording is available from Accounting Today.

If you would like to help with our survey and share your views go to: https://www.surveymonkey.com/s/FQWN5Z3

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
951
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cch social media risk audit control october 29, 2013

  1. 1. 10/30/2013 Welcome to Today’s Web Seminar! October 29, 2013 2:00 PM ET Sponsored by: Hosted by: Moderator: Dan Hood Editor-in-Chief of Accounting Today Dan Hood has been with the publication for over a decade, previously serving as managing editor. He has also served as a business editor for the New York Daily News Express, and as a production editor for The Wall Street Journal Europe. 1
  2. 2. 10/30/2013 Introductions: Jim Kaplan, CIA and CFE, AuditNet® Internet for auditors pioneer who has been using social media to network with other professionals and build the oldest Internet community for professional auditors. http://www.auditnet.org/ Turning Information into Action Risk Audit and Control in a Social Media World SourceMedia, Inc. is pleased to be able to offer CPE for this web session. It is imperative that you adhere to the following instructions to obtain CPE credit: 1. To receive credit, you must be in attendance for a minimum of 50 minutes. AccountingToday is not responsible for late arrivals or connections issues. 2. There will be required polling questions asked periodically throughout the session, all of which you must answer. Please remember to click “Submit” after choosing your answer. 3. If you have completed the above, please allow up to five business days from date of today’s session, to receive an email from sourcemedia@webinarcerts.com. This email will contain instructions on how you can download and print your CPE Certificate. Please note CPE Certificates will ONLY be sent to those attendees who stayed for at least 50 minutes and answered all required polling questions. Please email any certificate questions to sourcemedia@webinarcerts.com. SourceMedia Inc. is registered with the National Association of State Boards of Accountancy (NA SBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be addressed to the National Registry of CPE Sponsors, 150 Fourth Avenue North, Nashville, TN, 37219-2417 or by visiting the web site: www.nasba.org. 2
  3. 3. 10/30/2013 Risk Audit & Control in a Social Media World Hosted by: Accounting Today October 29, 2013 Agenda  Social/professional networking  Risks associated with social media for networking  Auditor’s role in the social media life cycle.  Best practices for using social media.  Leveraging social media for professional networking and benefits  If we build it …  Closing and questions Risk Audit and Control in a Social Media World Risk Audit and Control in a Social Media World Risk Audit and Control in a Social Media World 3
  4. 4. 10/30/2013 Social Networking Defined What is a social network?  An online community of people with a common interest who use a Web site or other technologies to communicate with each other and share information, resources, etc.: a business-oriented social network.  Important clarification – business oriented rather than personal  Need to understand the primary orientation of the Network to focus on professional relationships Network Orientation Business Use Business High Mixed Medium Mixed Limited Mixed Medium Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Social Media Defined What is Social Media?  Web- and mobile-based technologies used to disseminate information and solicit feedback on a real-time basis which are used to turn communication into interactive dialogue among organizations, communities, and individuals  A group of Internet-based applications that build on the ideological and technological information of Web 2.0… allows for the creation and exchange of user-generated content  Social media expedites conversation in contrast to traditional media, which delivers content but doesn't allow readers/viewers/listeners to participate in the creation or development of the content.  Example of social media include internet forums, weblogs, social blogs, microblogging, wikis, social networks, podcasts Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 4
  5. 5. 10/30/2013 Professional Networking in the Digital Age  Online networking sites have become increasingly popular. These resources allow participants to quickly and easily expand their circle of contacts, share information and keep abreast of industry trends.  Executives involved in hiring decisions also are finding these online communities to be a valuable tool. According to a survey by Accountemps®, nearly two-thirds (62 percent) of executives interviewed said professional networking sites, such as LinkedIn, will prove useful in the search for job candidates in the next few years. And one in three (35 percent) cited social networking sites such as Facebook as a recruiting resource they plan to tap. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Why is it so popular?  Community - allows people to join together based on common interests and values.  Transparent – when used properly it can project authenticity  Engaging – communication channel opening dialogues with many individuals  Borderless – the world is flattening and we are no longer restricted to connecting with only those who are close  Creative – fosters innovation and expression The Pew Research Center found that’s the “major reason” given by six of every 10 users of Facebook, Twitter or LinkedIn. And half of the people surveyed said the ability to reconnect with old friends played a “significant role” in using social networking. Risk Audit and Control in a Social Media World Risk Audit and Control in a Social Media World 5
  6. 6. 10/30/2013 Polling Question #1 Social Media Options  LinkedIn  Facebook  Twitter  YouTube  Blogs  Discussion Forums  According to survey by CEO.com - Social media will become one of the two most important forms of engagement with employees and customers, second only to face to face interactions. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 6
  7. 7. 10/30/2013 Social Media Risks The Biggest Social Media Risk: Not Paying Attention to Social Media according to major corporate executives March 20, 2012 Social Media and Cloud Computing Top Internal Auditors' Technology Hot List, According to New Protiviti Research Social media and cloud computing are top concerns – Internal audit executives and professionals recognize they must have superior knowledge and understanding of these areas and their inherent risks, and how their organizations are leveraging as well as controlling them, in order to perform their jobs at a high level and add value to the organizations they serve. - Protiviti 2012 Internal Audit Capabilities and Needs Survey Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Social Media Risks As the use of social media continues to grow, so too does the risk of fraud involving social media. - Social Media and its associated risk – Grant Thornton and FERF Prioritized concerns from a survey conducted by Grant Thornton and FERF 1. Disclosure of proprietary information 2. Negative comments about the company 3. Exposure of personally identifiable information 4. Fraud 5. Out of date information Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 7
  8. 8. 10/30/2013 Social Media Risks and Controls Risks • Employees or non-employees creating a social media page representing your company without management/IT consent or approval • Trade secrets or other business secrets being inadvertently or even deliberately shared • Dissatisfied customers or disgruntled employees voicing their opinions freely • Viruses, spyware and network vulnerabilities occurring due to the interactivity and open nature of social media architecture Controls • The extent to which social media will be officially sanctioned by the organization • Who is allowed to use the social media sites • How users gain approval to use the social media sites • Standards/policy of social media use inside and outside of the workplace • Brand monitoring and legal involvement • How to report false pages Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Internal Audit’s Role Social media is now embedded in our personal and business culture and auditors need to know the what the risks and controls are, how to audit this new communication tool and also how to adapt it for use within the audit environment. Jim Kaplan, AuditNet®  Internal audit’s role in social media may include the following: • Understand how social media is being used within the organization • Review social media policies • Understand the potential risks of social media • Conduct a social media risk assessment • Ensure that controls are in place to address social media risks  Review and monitor compliance with implemented processes  Assess implemented controls •  Records retention issue Internal audit should NOT be developing business processes that mitigate risk • Why? Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 8
  9. 9. 10/30/2013 Polling Question #2 Social Media Audit Objectives and Scope  Objective—The objective of the social media audit/assurance review is to provide management with an independent assessment relating to the effectiveness of controls over the enterprise’s social media policies and processes.  Scope—The review will focus on governance, policies, procedures, training and awareness functions related to social media. Specifically, it will address: • People—training and awareness • Processes •  Strategy and governance—policies and frameworks • Technology The selection of the social media projects and initiatives will be based on the risks introduced to the enterprise by these systems. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 9
  10. 10. 10/30/2013 Social Media Audit Program Sample Steps • Social Media Audit Program — Should be a comprehensively written program to detect, implement, and monitor compliance with the laws and regulations that impact the various components of social media. It should provide written procedures to ensure compliance. • Identification of inappropriateness with social media channels and non-compliance with the Social Media Policy — The company should clearly identify what is acceptable and what is not acceptable, based on a risk assessment and the outlined rules and specifications of the Social Media Audit Program. • Prior examination/audit findings — If weaknesses were previously cited in the company’s social media examination or audit that may impact the company’s social media program, has management taken appropriate steps to institute corrective actions? • Training program(s) — Training should be tailored to address all employees. Incident response — A formal review should be made of all alleged and/or actual incidents and how the company handled the incident. • Internal audit and annual reports — Management should regularly report on its responsiveness to cited weaknesses in the social media program. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Social Media Best Practices 1. Designate a social media champion in your department or firm to monitor and leverage networking capabilities 2. Integrate social media into audit projects and planning. 3. Respond within minutes or hours (not days) to any comments on social media about customer service. You need to track your firm or organization to do this 4. Tell a continual story through social media – there should be a trend and voice to your efforts. 5. Measure and Analyze everything. If you can’t measure it you can’t manage it. 6. Stay educated and connected to social media – the wave is here and you don’t want to get left behind when it hits your organization. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 10
  11. 11. 10/30/2013 Professionals and Social Networking 10 Reasons for auditors to use social networking tools 1. Network with other auditors for advice on issues 2. Get answers to audit technology questions and issues 3. Benchmark best practices 4. Share (reports, programs, issues) 5. Share methodologies 6. Foster one to one and one to many communications/discussions1 7. Research audit and technology issues using advanced search skills1 8. Establish a dialogue with your professional network1 9. Establish knowledge feeds1 10. Gain knowledge for risk, control and audit of social media Auditors need to be plugged into social networks to stay current with professional issues and the latest tools and technologies! Jim Kaplan 1 core competency for digital literacy Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World The Best Social Media Apps for Auditors  The most powerful and comprehensive Audit Tool for Google Apps - Scan, control and secure all Sites, Docs, Groups, Calendars and Users giving you more security over the data that you own. If you have not installed this tool - you don't know what you're missing.  This easy to use report program can scan all sites, documents, email groups and calendars at your domain and show you exactly who has access to your information. For domain admins it is an essential Audit tool allowing you to show management and auditors exactly who has access to what. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 11
  12. 12. 10/30/2013 Guidance and Publications Risk Audit and Control in a Social Media World Risk Audit and Control in a Social Media World Adding Value for Audit So how can auditors use social networking to add value to the audit function? 1. Networking with other auditors for advice on issues 2. Getting answers to technology questions 3. Fostering communication through discussions and 4. Benchmarking 5. Sharing (reports, programs, issues) 6. Sharing methodologies 7. Receiving knowledge feeds on training, conferences and other CPE opportunities Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 12
  13. 13. 10/30/2013 Leveraging Social Media for Audit Connect Share Build Network The Missing Link is You Contribute Explore Educate Research Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Polling Question #3 13
  14. 14. 10/30/2013 Stay Connected Auditing is an information-intensive, complex profession. Many issues require auditors to keep up to date on rules and regulations, and auditing procedures can be difficult to master. Joining a social network facilitates your ability to stay on top of news and trends, to ask questions and receive answers and to share knowledge with peers. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Share Knowledge Many specializations of auditing require very high levels of knowledge. Joining a network allows you to find other specialists in your field who can help you learn more. Or if you are an expert at what you do, joining a network gives you a platform to become more recognized for your own expertise. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 14
  15. 15. 10/30/2013 Solve Problems Tracking down the answer to an auditing question can take hours or even days using standard methods of online and offline research. Joining a network hooks you up to a wide range of colleagues, one of whom is likely to have the answer you need or who can lead you to the right person (within a few degrees of separation), saving you time and money. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Facilitate Networking Finding the time to do traditional networking (meetings, lunches, phone calls) can be difficult and requires everyone to be available at the same time. In contrast, your online social network can be accessed at any time. Matching schedules becomes moot, as connecting with people and getting information can be done asynchronously. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 15
  16. 16. 10/30/2013 Leverage the Internet Companies and individuals in today’s world increasingly seek out leads, customers, referrals and partners on a national and even global basis. Business ventures can be conducted “virtually” through online connections. Joining a social network opens the doors to this new global world, offering opportunities to find new business, new partners, or to collaborate with others on projects. Risk Audit and Control in a Social Media World Build Relationships The old methods of persuasion marketing and hard-sell advertising are shifting. People today prefer to build relationships with the companies they do business with. Joining a social network gives you the capability to form relationships with potential clients and colleagues. Many large accounting and auditing firms already recognize this and are establishing a presence on social networks where they offer free workshops and answer questions to demonstrate their expertise and build trust. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 16
  17. 17. 10/30/2013 Synergy and Value Social networking is already the accepted form of connecting with others for the ‘Millennial’ generation of young auditors entering the workforce. As social networks become increasingly used by them, the stakes will rise for those who continue to be reluctant to join. In other words, if you do not have a presence on a social network, you will simply lose ground to those who do. Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World What is Your Response to Social Networking? Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 17
  18. 18. 10/30/2013 AuditNet® and Social Networking – or if we build it…  AuditNet® has engaged in social networking for almost 20 years.  Founded on the principle of establishing an online communication sharing network for auditors  Started sharing audit programs in 1995 and now have more than 2,000 audit program templates  Created a LinkedIn group that has over 7,500 members http://www.auditnet.org/PAIN.htm  Created a network of more than 125k professional auditors from 221 countries on 5 continents.  Web site average for 6 months since redesign – 131,000 visits with more than 1 million page views.  Use LinkedIn and Twitter for surveys on audit use of technology and best practices  Video based training and Training without Travel™ Webinars for ACL, IDEA, Excel for Auditors, Internal Audit Skills and Detecting and Preventing Fraud using Data Analytics Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World Q&A Session: Questions Risk Audit and Control in Social Media World Risk Audit and Control in aaSocial Media World 18
  19. 19. 10/30/2013 For more information … http://www.auditnet.org CCH Accounting Research Manager & Audit Resources http://www.cchgroup.com/arm Risk Audit and Control in a Social Media World Real-World Strategies for Effective Document Management 38 19
  20. 20. 10/30/2013 SourceMedia, Inc. is pleased to be able to offer CPE for this web session. It is imperative that you adhere to the following instructions to obtain CPE credit: 1. To receive credit, you must be in attendance for a minimum of 50 minutes. AccountingToday is not responsible for late arrivals or connections issues. 2. There will be required polling questions asked periodically throughout the session, all of which you must answer. Please remember to click “Submit” after choosing your answer. 3. If you have completed the above, please allow up to five business days from date of today’s session, to receive an email from sourcemedia@webinarcerts.com. This email will contain instructions on how you can download and print your CPE Certificate. Please note CPE Certificates will ONLY be sent to those attendees who stayed for at least 50 minutes and answered all required polling questions. Please email any certificate questions to sourcemedia@webinarcerts.com. SourceMedia Inc. is registered with the National Association of State Boards of Accountancy (NA SBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be addressed to the National Registry of CPE Sponsors, 150 Fourth Avenue North, Nashville, TN, 37219-2417 or by visiting the web site: www.nasba.org. 20

×