Controls that are designed to mitigate the risk of fraud are not perfect. Enterprise software such as Oracle and SAP may have built-in controls, but they are limited in scope to the data and processes that the software "touches". The most successful fraudsters know how to exploit interfaces between different processes and systems. Furthermore, the typical fraud case persists for 14 months prior to detection*.
Deploying data analytics for continuous testing can overcome many of the limitations of traditional fraud detection. Timely and appropriate detection will help organizations mitigate the impact of frauds. Robust fraud detection systems will also act as powerful deterrents.
*ACFE Report to the Nations: 2020 Global Study on Occupational Fraud and Abuse
Learning Objectives
In this session we will raise awareness of the various types of frauds and how they can be detected using automated data analysis techniques.
From time-to-time internal auditors are faced with situations which call for them to make an ethical decision. In addition, they may, in the middle of auditing, come across circumstances which themselves appear to be violations of a corporate
code-of-conduct.
Several laws now specifically state that internal auditors, in terms of the act, will be bound by the IIA Code of Ethics.
This webinar explores the IIA Code of Ethics as it applies to everyday situations the auditor may encounter.
The module is designed to provide the participants with an in-depth knowledge of:
Ethics theory
The IIA Code of Ethics
Applicable areas within Internal Audit
Reporting of material facts
Corporate Codes of Conduct
Auditing Corporate Ethics
Internal Audit's Role in Ethics, Governance, & CultureJim Kaplan CIA CFE
The internal auditor has a unique and challenging role when it comes to improving the governance processes of their organization. Exercising objective judgment and maintaining professional integrity are essential roles of the internal auditor; however these roles may become undermined when strong political or cultural pressures are at play. This webinar will help internal auditors prepare for and successfully navigate through these pressures should they be encountered.
Learning Objectives:
• Understand how the IIA Code of Ethics applies to Internal Auditors
• Apply “IIA Standard 2110 – Governance” as a key resource
• Assess ethics in light of internal audit independence
• Gain insight to how organizational culture affects ethical behavior
• Evaluate independence and objectivity using a framework
Who will benefit:
Corporate Directors
Corporate Officers
Fraud & Forensic professionals
Audit professionals
Risk professionals
Compliance professionals
Legal professionals
Ethics professionals
Governance professionals
Finance and Accounting Professionals
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers risk analysis for auditors
What's the Difference between GRC and Combined Assurance?Jim Kaplan CIA CFE
With more organizations exploring the concept of Combined Assurance, there have been many questions about how this relates to GRC. In this presentation, we will explore both concepts and discuss the differences between Combined Assurance and GRC so that you can consider and explore options that are most suited to the needs of your audit department and your organization as a whole.
Learning Objectives:
Understand the concepts behind Combined Assurance and GRC
Discuss pros and cons for both Combined Assurance and GRC
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 9
• Why and how to conduct a data mapping exercise.
• The rights of data subjects.
• Giving and withdrawing consent.
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 10
• Handling data subject access requests (DSARs).
• The roles of controllers and processors, and the relationships between them.
• Transferring personal data outside the EU and the mechanisms for compliance.
• How to become GDPR compliant using a compliance gap assessment
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Jim Kaplan CIA CFE
Join this webinar for an introduction to the Touchstone Research for Internal Audit, an unprecedented, global research of internal audit, from Wolters Kluwer TeamMate. This session will review study approach and scope, key initial findings, a look at benchmarking, and a preview of future insights. Find out what nearly 1,000 internal audit and controls professionals have to say across about the current and future state of internal audit.
Learning Objectives:
Learn the objective of the Touchstone Research for Internal Audit
Understand how the Touchstone Maturity Model can benefit Internal Audit teams
Learn why the Touchstone Research Benchmarks for Internal Audit can be a planning tool
From time-to-time internal auditors are faced with situations which call for them to make an ethical decision. In addition, they may, in the middle of auditing, come across circumstances which themselves appear to be violations of a corporate
code-of-conduct.
Several laws now specifically state that internal auditors, in terms of the act, will be bound by the IIA Code of Ethics.
This webinar explores the IIA Code of Ethics as it applies to everyday situations the auditor may encounter.
The module is designed to provide the participants with an in-depth knowledge of:
Ethics theory
The IIA Code of Ethics
Applicable areas within Internal Audit
Reporting of material facts
Corporate Codes of Conduct
Auditing Corporate Ethics
Internal Audit's Role in Ethics, Governance, & CultureJim Kaplan CIA CFE
The internal auditor has a unique and challenging role when it comes to improving the governance processes of their organization. Exercising objective judgment and maintaining professional integrity are essential roles of the internal auditor; however these roles may become undermined when strong political or cultural pressures are at play. This webinar will help internal auditors prepare for and successfully navigate through these pressures should they be encountered.
Learning Objectives:
• Understand how the IIA Code of Ethics applies to Internal Auditors
• Apply “IIA Standard 2110 – Governance” as a key resource
• Assess ethics in light of internal audit independence
• Gain insight to how organizational culture affects ethical behavior
• Evaluate independence and objectivity using a framework
Who will benefit:
Corporate Directors
Corporate Officers
Fraud & Forensic professionals
Audit professionals
Risk professionals
Compliance professionals
Legal professionals
Ethics professionals
Governance professionals
Finance and Accounting Professionals
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers risk analysis for auditors
What's the Difference between GRC and Combined Assurance?Jim Kaplan CIA CFE
With more organizations exploring the concept of Combined Assurance, there have been many questions about how this relates to GRC. In this presentation, we will explore both concepts and discuss the differences between Combined Assurance and GRC so that you can consider and explore options that are most suited to the needs of your audit department and your organization as a whole.
Learning Objectives:
Understand the concepts behind Combined Assurance and GRC
Discuss pros and cons for both Combined Assurance and GRC
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 9
• Why and how to conduct a data mapping exercise.
• The rights of data subjects.
• Giving and withdrawing consent.
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 10
• Handling data subject access requests (DSARs).
• The roles of controllers and processors, and the relationships between them.
• Transferring personal data outside the EU and the mechanisms for compliance.
• How to become GDPR compliant using a compliance gap assessment
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Jim Kaplan CIA CFE
Join this webinar for an introduction to the Touchstone Research for Internal Audit, an unprecedented, global research of internal audit, from Wolters Kluwer TeamMate. This session will review study approach and scope, key initial findings, a look at benchmarking, and a preview of future insights. Find out what nearly 1,000 internal audit and controls professionals have to say across about the current and future state of internal audit.
Learning Objectives:
Learn the objective of the Touchstone Research for Internal Audit
Understand how the Touchstone Maturity Model can benefit Internal Audit teams
Learn why the Touchstone Research Benchmarks for Internal Audit can be a planning tool
Internal audit is a profession that struggles against the stereotypes of our past. When we explore our current processes and methodologies, one area that needs attention is executing the audit plan. If our focus is setting a plan in motion and tracking to completion each year, then we are not able to react to changes in our organizations. Financial services organizations face additional challenges in trying to balance emerging risks with the requirements of the regulatory authorities. By embracing the concept of agile auditing, we will be able to adjust more quickly and act as a more relevant partner to our organizations.
Learning Objectives
• Understand the concept of agile auditing
• Identify areas for applying agile techniques
• Discuss a strategy for successfully implementing agile audit
The fieldwork phase is the heart of the audit process. Everything auditors do in the planning phase drives them to do the right things in fieldwork. Everything auditors do in the reporting phase relates to what was found in fieldwork. Everything auditors do in the follow-up phase relates to the issues identified in fieldwork. This webinar will focus on the testing for control effectiveness. This includes capturing the best audit evidence and documenting quality work in the workpapers. This helps ensure that any competent third party person can re-perform the work and come to the same conclusion.
This webinar is for auditors who want to understand the key elements of the fieldwork phase of the audit process.
The learning objectives include the following:
- Learn about internal control terminology
- Learn about testing techniques and workpaper quality
- Learn about audit evidence
- Learn about workpaper documentation guidelines
Learn about Issues & Recommendations (I&Rs)
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers auditing contingency planning
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 7
• Lessons to be learned from common data security failures.
• The six data protection principles – how to apply them and demonstrate compliance.
While the majority of executives and internal audit leaders agree that data analytics is important, according to the 2016 IIA CBOK study, only 40% of respondents are using technology in audit methodology. Why the disconnect?
In this webinar, we will identify some of the common challenges associated with starting and continuing to use data analytics in your audit process. Easy-to-implement methods that help expand the use of data analytics and improve your audit coverage will also be presented.
Learning objectives
• Discuss ways to increase and expand the use of data analytics, including business and technology applications
• Identify the skills needed for successful use of data analytics
• Provide guidance on obtaining internal management support
• Offer tips on how to measure staff utilization and the effectiveness of analytics during audits
For information on our Webinars visit AuditNet.org (www.auditnet.org)
Webinar Series Overview: In today’s world, fraud investigations have become an everyday part of corporate life and the auditor must gain expertise in this area.
The 8 part series will cover the tasks of the fraud auditor, Forensic techniques and tools and the abilities required of the fraud auditor, the type and nature of common frauds, investigating fraud, computer fraud and control, white collar crime, the auditor in court.
This session Forensic and Investigative Audit Reporting
• Types of reporting
• Management
• Board/Audit committee
• Disciplinary action
• Litigation support
• Criminal process
• Follow up and remedial action
Selecting the right Computer Assisted Audit Tool may appear to be a huge undertaking; however, following a systematic approach eases the burden. The right approach minimizes the risk of selecting a product that might not fit into your organization, which could impair your function as it sits underutilized or on the shelf. While point and click visual style tools are settling into the market, many auditors rely on the legacy step-by-step software tools such as ACL, IDEA, Excel and “add-on” tools.
Many chief auditors pursue opportunities to increase the frequency and intensity of interactions with management and realize nothing gets attention faster than finding previously undetected anomalies in company data. Finding the right issues quickly and timely improves the value of audit and can assist audit in winning more work.
Attending this webinar you will learn:
· Identify analysis and financial constraints
· Scoping and defining audit strategic objectives
· Reviewing selection field based on Technical needs
· Building a short/long term on-boarding roadmap
· Realize the lost opportunity of not including all auditors (no auditor left behind)
World class auditors know one of the best ways to fight the fraud risk is to be sure outsource agreements include a Right to Audit clause. Auditors feel good and sleep tight when their client tells them “of course we included the one we use all of the time”. The real test is when glitches and anomalies appear and management asks auditing to do a quick visit with the third party organization.
The discussion will offer insights into:
· Best practices audit clause language
· Compliance, operational and/or financial audit
· Plan in advance or surprise visit
· Books and records
· Location of audit
· Who can or should conduct the audit
· Impact of absence of a Service Level Agreement (SLA)
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 14 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
How to get auditors performing basic analytics using excel Jim Kaplan CIA CFE
It has been said that the definition of crazy is doing the same thing over and over again and expecting a different result. If your audit analytics program is still not meeting your expectations, you are going to have to do something different to change that outcome. The biggest hurdle organizations need to overcome is getting auditors to think differently about what analytics is. Excel might not be the ultimate analytics tool for your organization but attend this webinar to see how you can use it as a catalyst for change throughout the audit team.
Learning Objectives
Learn non-technical skills auditors need to perform audit analytics
Learn commonly used Excel functions that can be applied to audit analytics
Learn how to get auditors started down a path of thinking about analytics vs automatically pulling samples
Visualizing data has become one of the hottest trends in analytics not only because it works to more quickly identifying anomalies but in also explaining the results to management. In this case study focused webinar, you’ll learn how to translate unwieldy files of financial data into a single compact scattergraph, pie chart, or overlay—and then “sample with pictures” by picking out the key items that merit sampling and follow-up.
Specific learning objectives include:
o Understand graph types and their different analytical strengths from an audit perspective
o Learn best practices in dahsboarding results through a review of a variety of example dashboard templates
o Be able to score records based on various audit reports to improve your effectiveness and reduce false positives in your samples
o See how to quickly turn a visualization exercise into a sampling approach by sampling multiple categories to identify highest-risk items.
o Use auto-formatting and dynamic data-grabbing tools so new data can create new graphs each audit period, at the touch of a button
o Integrate statistics into your visualizations to extract the most exceptional sample units
Re-imagining the art and science of auditing and fraud detection is coming to the forefront of risk management functions. What was seen as a “nice to have” a few years ago has become a “must have” as digital transformation and data surrounds all aspects of the organization.
Specific learning objectives include:
o See how analytics can maximize the annual audit plan and better ensure focus is placed on top organizational risks.
o Establish a framework to using analytics and automation across the entire audit lifecycle.
o Use the general ledger and revenue audit areas as a case study to provide a digital road map for analytics for detecting fraud (and errors) within the organization.
Webinar Series Overview: In today’s world, fraud investigations have become an everyday part of corporate life and the auditor must gain expertise in this area.
The 8 part series will cover the tasks of the fraud auditor, Forensic techniques and tools and the abilities required of the fraud auditor, the type and nature of common frauds, investigating fraud, computer fraud and control, white collar crime, the auditor in court.
This session Data Analytics
• Probability theory in Data Analysis
• Types of Evidence
• Population Analysis
• Correlations and Regressions
• Fraud Detection using Data Analysis
• Data analysis and Continuous Monitoring
• Continuous Auditing
• Financial Analysis
Identifying and assessing risk is the basis for most of the work done in internal audit, but it is getting harder to keep up with the most relevant risks. New risks are introduced faster than we can react, and both the emerging and established risks are always changing. Often the most complicated risk to understand and evaluate is reputational risk, and one of the most volatile aspects of reputational risk comes from social media.
In this session we will discuss the different types of social media and how each poses unique opportunities and often unforeseen threats. We will specifically focus on how social media can impact reputation risk and what you can do as an Internal Audit department to ensure this risk is being addressed and properly mitigated.
As stated in the Institute of Internal Auditors IPPF, “The internal audit activity must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk (2120.A2)”.
How is your auditing function meeting this professional expectation? The time to test fraud controls is before you have a fraud. Testing fraud controls is more commonly referred to as an “anti-fraud” assessment and is typically conducted by auditors as a consulting service. How long has it been since a comprehensive review was conducted at your organization? Once completed, as the company changes over time, sections of the first review should be updated.
This webinar will cover:
· How strong are your controls?
· Are you looking for fraud or is fraud looking for you?
· The time to detect directly impacts the chances of recovery
· Shell Vendors uncovered made the headlines in 2016
· Looking for signs of complacency in the workplace
· A robust organizational COSO based framework that organizes your work from cradle to grave
· Working paper and check list recommendations
· Actual audit report sample (with author identification removed)
IT Fraud Series: IT Fraud and Countermeasures - July 20, 2017
Description
Webinar Series Overview: In today’s world, fraud investigations have become an everyday part of corporate life and the auditor must gain expertise in this area.
The 8 part series will cover the tasks of the fraud auditor, Forensic techniques and tools and the abilities required of the fraud auditor, the type and nature of common frauds, investigating fraud, computer fraud and control, white collar crime, the auditor in court.
This session IT Fraud and Countermeasures
• Investigating by computer
• Document collection and analysis
• Interviewing skills
• Documenting evidence
• Testifying as a witness
Learning about outliers and how to detect them in transactions of all types.
Learning Objectives: This webinar will explain the significance of outliers when testing transactions, whether they are vendor invoices, GL postings, or travel & entertainment expenses. Examples using Arbutus Analyzer will demonstrate the best analytics for identifying outliers.
How to build a data analytics strategy in a digital worldJim Kaplan CIA CFE
TSB is a digital-first bank that is undergoing a massive transformation to cloud-based banking. Senior Audit Manager, Ian Kirton, drove the design and development of an audit function capable of adapting while the organization undergoes this change.
This presentation will take you through TSB Bank’s journey from first establishing the audit function through to developing a data analytics strategy as the organization gets ready to move to a new, state-of-the-art online banking platform.
Key learning objectives:
• How to develop an audit function for a cloud-based bank
• Creating a data analytics strategy to support the cloud-based enterprise
• Observing practical examples of how data analytics can be applied to get better audit results
• Learning Ian’s approach to analytics in a digital environment, and how it has made TSB Bank one of the Top 10 Best Big Companies
Auditors regularly invited into the Technology Committee meetings have an envious seat. They can listen to what is wrong with the current processes and see first-hand how the organization plans to change for improvement. While audit usually does not have a vote, they can vie for a role on any project committees organizing. Management in turn has certain expectations of audit’s participation.
Acting in a more pro-active manner, auditors can easily sell recommendations before the go-live date.
You will learn at this webinar:
· Defining audit’s role regarding reporting and timing
· Learn the stepping stones for enhancing integrated skill sets (map)
· A framework that be used on just about any process improvement, not just application changes
· How not to avoid crossing the line between audit consulting and managing the project
· Successful participation can help audit win more work
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers IT Fraud and Countermeasures
How analytics should be used in controls testing instead of samplingJim Kaplan CIA CFE
Sampling has existed as a standard for controls testing since controls testing began. We’ve developed algorithms to tell us how many samples we should pull and how many errors we can have and still pass the control. We’ve even developed algorithms to tell us how many more samples we can test if the control didn’t pass the first time.
If your goal is simply to do the minimum to pass a SOX audit, then these behaviors should probably continue. If your goals also include really improving the operations of the organization to make it stronger then a more holistic approach is needed, such as analysis on 100% of the population, rather than a small sample.
Most controls analytics do not require a degree in data science, but they do require the controls team begin changing its behaviors. Join us to understand what it takes to begin this change, it’s not as challenging as you might think.
Learning Objectives
Understanding the advantages of analytics vs sampling
How to Identify controls where analytics can be applied
Real life examples of controls and their associated analytics
How to effect a change
How analytics should be used in controls testing instead of sampling Jim Kaplan CIA CFE
Sampling has existed as a standard for controls testing since controls testing began. We’ve developed algorithms to tell us how many samples we should pull and how many errors we can have and still pass the control. We’ve even developed algorithms to tell us how many more samples we can test if the control didn’t pass the first time.
If your goal is simply to do the minimum to pass a SOX audit, then these behaviors should probably continue. If your goals also include really improving the operations of the organization to make it stronger then a more holistic approach is needed, such as analysis on 100% of the population, rather than a small sample.
Most controls analytics do not require a degree in data science, but they do require the controls team begin changing its behaviors. Join us to understand what it takes to begin this change, it’s not as challenging as you might think.
Learning Objectives
Understanding the advantages of analytics vs sampling
How to Identify controls where analytics can be applied
Real life examples of controls and their associated analytics
How to effect a change
Internal audit is a profession that struggles against the stereotypes of our past. When we explore our current processes and methodologies, one area that needs attention is executing the audit plan. If our focus is setting a plan in motion and tracking to completion each year, then we are not able to react to changes in our organizations. Financial services organizations face additional challenges in trying to balance emerging risks with the requirements of the regulatory authorities. By embracing the concept of agile auditing, we will be able to adjust more quickly and act as a more relevant partner to our organizations.
Learning Objectives
• Understand the concept of agile auditing
• Identify areas for applying agile techniques
• Discuss a strategy for successfully implementing agile audit
The fieldwork phase is the heart of the audit process. Everything auditors do in the planning phase drives them to do the right things in fieldwork. Everything auditors do in the reporting phase relates to what was found in fieldwork. Everything auditors do in the follow-up phase relates to the issues identified in fieldwork. This webinar will focus on the testing for control effectiveness. This includes capturing the best audit evidence and documenting quality work in the workpapers. This helps ensure that any competent third party person can re-perform the work and come to the same conclusion.
This webinar is for auditors who want to understand the key elements of the fieldwork phase of the audit process.
The learning objectives include the following:
- Learn about internal control terminology
- Learn about testing techniques and workpaper quality
- Learn about audit evidence
- Learn about workpaper documentation guidelines
Learn about Issues & Recommendations (I&Rs)
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers auditing contingency planning
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 7
• Lessons to be learned from common data security failures.
• The six data protection principles – how to apply them and demonstrate compliance.
While the majority of executives and internal audit leaders agree that data analytics is important, according to the 2016 IIA CBOK study, only 40% of respondents are using technology in audit methodology. Why the disconnect?
In this webinar, we will identify some of the common challenges associated with starting and continuing to use data analytics in your audit process. Easy-to-implement methods that help expand the use of data analytics and improve your audit coverage will also be presented.
Learning objectives
• Discuss ways to increase and expand the use of data analytics, including business and technology applications
• Identify the skills needed for successful use of data analytics
• Provide guidance on obtaining internal management support
• Offer tips on how to measure staff utilization and the effectiveness of analytics during audits
For information on our Webinars visit AuditNet.org (www.auditnet.org)
Webinar Series Overview: In today’s world, fraud investigations have become an everyday part of corporate life and the auditor must gain expertise in this area.
The 8 part series will cover the tasks of the fraud auditor, Forensic techniques and tools and the abilities required of the fraud auditor, the type and nature of common frauds, investigating fraud, computer fraud and control, white collar crime, the auditor in court.
This session Forensic and Investigative Audit Reporting
• Types of reporting
• Management
• Board/Audit committee
• Disciplinary action
• Litigation support
• Criminal process
• Follow up and remedial action
Selecting the right Computer Assisted Audit Tool may appear to be a huge undertaking; however, following a systematic approach eases the burden. The right approach minimizes the risk of selecting a product that might not fit into your organization, which could impair your function as it sits underutilized or on the shelf. While point and click visual style tools are settling into the market, many auditors rely on the legacy step-by-step software tools such as ACL, IDEA, Excel and “add-on” tools.
Many chief auditors pursue opportunities to increase the frequency and intensity of interactions with management and realize nothing gets attention faster than finding previously undetected anomalies in company data. Finding the right issues quickly and timely improves the value of audit and can assist audit in winning more work.
Attending this webinar you will learn:
· Identify analysis and financial constraints
· Scoping and defining audit strategic objectives
· Reviewing selection field based on Technical needs
· Building a short/long term on-boarding roadmap
· Realize the lost opportunity of not including all auditors (no auditor left behind)
World class auditors know one of the best ways to fight the fraud risk is to be sure outsource agreements include a Right to Audit clause. Auditors feel good and sleep tight when their client tells them “of course we included the one we use all of the time”. The real test is when glitches and anomalies appear and management asks auditing to do a quick visit with the third party organization.
The discussion will offer insights into:
· Best practices audit clause language
· Compliance, operational and/or financial audit
· Plan in advance or surprise visit
· Books and records
· Location of audit
· Who can or should conduct the audit
· Impact of absence of a Service Level Agreement (SLA)
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 14 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
How to get auditors performing basic analytics using excel Jim Kaplan CIA CFE
It has been said that the definition of crazy is doing the same thing over and over again and expecting a different result. If your audit analytics program is still not meeting your expectations, you are going to have to do something different to change that outcome. The biggest hurdle organizations need to overcome is getting auditors to think differently about what analytics is. Excel might not be the ultimate analytics tool for your organization but attend this webinar to see how you can use it as a catalyst for change throughout the audit team.
Learning Objectives
Learn non-technical skills auditors need to perform audit analytics
Learn commonly used Excel functions that can be applied to audit analytics
Learn how to get auditors started down a path of thinking about analytics vs automatically pulling samples
Visualizing data has become one of the hottest trends in analytics not only because it works to more quickly identifying anomalies but in also explaining the results to management. In this case study focused webinar, you’ll learn how to translate unwieldy files of financial data into a single compact scattergraph, pie chart, or overlay—and then “sample with pictures” by picking out the key items that merit sampling and follow-up.
Specific learning objectives include:
o Understand graph types and their different analytical strengths from an audit perspective
o Learn best practices in dahsboarding results through a review of a variety of example dashboard templates
o Be able to score records based on various audit reports to improve your effectiveness and reduce false positives in your samples
o See how to quickly turn a visualization exercise into a sampling approach by sampling multiple categories to identify highest-risk items.
o Use auto-formatting and dynamic data-grabbing tools so new data can create new graphs each audit period, at the touch of a button
o Integrate statistics into your visualizations to extract the most exceptional sample units
Re-imagining the art and science of auditing and fraud detection is coming to the forefront of risk management functions. What was seen as a “nice to have” a few years ago has become a “must have” as digital transformation and data surrounds all aspects of the organization.
Specific learning objectives include:
o See how analytics can maximize the annual audit plan and better ensure focus is placed on top organizational risks.
o Establish a framework to using analytics and automation across the entire audit lifecycle.
o Use the general ledger and revenue audit areas as a case study to provide a digital road map for analytics for detecting fraud (and errors) within the organization.
Webinar Series Overview: In today’s world, fraud investigations have become an everyday part of corporate life and the auditor must gain expertise in this area.
The 8 part series will cover the tasks of the fraud auditor, Forensic techniques and tools and the abilities required of the fraud auditor, the type and nature of common frauds, investigating fraud, computer fraud and control, white collar crime, the auditor in court.
This session Data Analytics
• Probability theory in Data Analysis
• Types of Evidence
• Population Analysis
• Correlations and Regressions
• Fraud Detection using Data Analysis
• Data analysis and Continuous Monitoring
• Continuous Auditing
• Financial Analysis
Identifying and assessing risk is the basis for most of the work done in internal audit, but it is getting harder to keep up with the most relevant risks. New risks are introduced faster than we can react, and both the emerging and established risks are always changing. Often the most complicated risk to understand and evaluate is reputational risk, and one of the most volatile aspects of reputational risk comes from social media.
In this session we will discuss the different types of social media and how each poses unique opportunities and often unforeseen threats. We will specifically focus on how social media can impact reputation risk and what you can do as an Internal Audit department to ensure this risk is being addressed and properly mitigated.
As stated in the Institute of Internal Auditors IPPF, “The internal audit activity must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk (2120.A2)”.
How is your auditing function meeting this professional expectation? The time to test fraud controls is before you have a fraud. Testing fraud controls is more commonly referred to as an “anti-fraud” assessment and is typically conducted by auditors as a consulting service. How long has it been since a comprehensive review was conducted at your organization? Once completed, as the company changes over time, sections of the first review should be updated.
This webinar will cover:
· How strong are your controls?
· Are you looking for fraud or is fraud looking for you?
· The time to detect directly impacts the chances of recovery
· Shell Vendors uncovered made the headlines in 2016
· Looking for signs of complacency in the workplace
· A robust organizational COSO based framework that organizes your work from cradle to grave
· Working paper and check list recommendations
· Actual audit report sample (with author identification removed)
IT Fraud Series: IT Fraud and Countermeasures - July 20, 2017
Description
Webinar Series Overview: In today’s world, fraud investigations have become an everyday part of corporate life and the auditor must gain expertise in this area.
The 8 part series will cover the tasks of the fraud auditor, Forensic techniques and tools and the abilities required of the fraud auditor, the type and nature of common frauds, investigating fraud, computer fraud and control, white collar crime, the auditor in court.
This session IT Fraud and Countermeasures
• Investigating by computer
• Document collection and analysis
• Interviewing skills
• Documenting evidence
• Testifying as a witness
Learning about outliers and how to detect them in transactions of all types.
Learning Objectives: This webinar will explain the significance of outliers when testing transactions, whether they are vendor invoices, GL postings, or travel & entertainment expenses. Examples using Arbutus Analyzer will demonstrate the best analytics for identifying outliers.
How to build a data analytics strategy in a digital worldJim Kaplan CIA CFE
TSB is a digital-first bank that is undergoing a massive transformation to cloud-based banking. Senior Audit Manager, Ian Kirton, drove the design and development of an audit function capable of adapting while the organization undergoes this change.
This presentation will take you through TSB Bank’s journey from first establishing the audit function through to developing a data analytics strategy as the organization gets ready to move to a new, state-of-the-art online banking platform.
Key learning objectives:
• How to develop an audit function for a cloud-based bank
• Creating a data analytics strategy to support the cloud-based enterprise
• Observing practical examples of how data analytics can be applied to get better audit results
• Learning Ian’s approach to analytics in a digital environment, and how it has made TSB Bank one of the Top 10 Best Big Companies
Auditors regularly invited into the Technology Committee meetings have an envious seat. They can listen to what is wrong with the current processes and see first-hand how the organization plans to change for improvement. While audit usually does not have a vote, they can vie for a role on any project committees organizing. Management in turn has certain expectations of audit’s participation.
Acting in a more pro-active manner, auditors can easily sell recommendations before the go-live date.
You will learn at this webinar:
· Defining audit’s role regarding reporting and timing
· Learn the stepping stones for enhancing integrated skill sets (map)
· A framework that be used on just about any process improvement, not just application changes
· How not to avoid crossing the line between audit consulting and managing the project
· Successful participation can help audit win more work
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers IT Fraud and Countermeasures
How analytics should be used in controls testing instead of samplingJim Kaplan CIA CFE
Sampling has existed as a standard for controls testing since controls testing began. We’ve developed algorithms to tell us how many samples we should pull and how many errors we can have and still pass the control. We’ve even developed algorithms to tell us how many more samples we can test if the control didn’t pass the first time.
If your goal is simply to do the minimum to pass a SOX audit, then these behaviors should probably continue. If your goals also include really improving the operations of the organization to make it stronger then a more holistic approach is needed, such as analysis on 100% of the population, rather than a small sample.
Most controls analytics do not require a degree in data science, but they do require the controls team begin changing its behaviors. Join us to understand what it takes to begin this change, it’s not as challenging as you might think.
Learning Objectives
Understanding the advantages of analytics vs sampling
How to Identify controls where analytics can be applied
Real life examples of controls and their associated analytics
How to effect a change
How analytics should be used in controls testing instead of sampling Jim Kaplan CIA CFE
Sampling has existed as a standard for controls testing since controls testing began. We’ve developed algorithms to tell us how many samples we should pull and how many errors we can have and still pass the control. We’ve even developed algorithms to tell us how many more samples we can test if the control didn’t pass the first time.
If your goal is simply to do the minimum to pass a SOX audit, then these behaviors should probably continue. If your goals also include really improving the operations of the organization to make it stronger then a more holistic approach is needed, such as analysis on 100% of the population, rather than a small sample.
Most controls analytics do not require a degree in data science, but they do require the controls team begin changing its behaviors. Join us to understand what it takes to begin this change, it’s not as challenging as you might think.
Learning Objectives
Understanding the advantages of analytics vs sampling
How to Identify controls where analytics can be applied
Real life examples of controls and their associated analytics
How to effect a change
A Retrospective in Analytic Auditing and What’s Ahead
Description
The speaker will outline salient best practices in establishing an analytic program based on lessons learned looking back on the past two and a half decades. Specific learning objectives include:
o Review key dates in the last two decade’s timing that led to the advancement of audit data analytic programs.
o Highlight lessons learned over the years through case study examples.
o Outline the effective culture around the analytics program to serve as its foundation.
o Learn to apply analytics across the entire lifecycle from risk assessment, to planning, fieldwork, and reporting.
o Present analytic best practices being deployed by top performing organizations.
The Future of Auditing and Fraud Detection – Re-imagining the art and science of auditing and fraud detection is coming to the forefront of risk management functions. What was seen as a “nice to have” a few years ago has become a “must have” as digital transformation and data surrounds all aspects of the organization.
Specific learning objectives include:
o See how analytics can maximize the annual audit plan and better ensure focus is placed on top organizational risks.
o Establish a framework to using analytics and automation across the entire audit lifecycle.
o Use the general ledger as a case study to provide a digital road map for analytics for detecting fraud (and errors) within the organization.
o Define the top company areas for data integration from structured, unstructured and external data sources.
o Highlight culturally what audit and fraud detection functions must do to embrace continuous embedded analytic reviews.
Today's fast-paced and evolving business environment requires internal audit to consider its capabilities and needs to ensure appropriate strategic planning. How can CAEs develop strategic plans that result in their stakeholders viewing the audit function as “highly effective”?
Our research has found an approach that builds on three dimensions of effectiveness that must be addressed to be highly effective:
• Meeting stakeholder expectations
• Operating core processes
• Conforming to internal audit standards and applicable regulatory requirements
Learning Objectives
In this session, participants will:
• Discuss the need for and importance of strategic planning within the internal audit function
• Explore the 3 dimensions that contribute to a highly effective internal audit function
• Populate a framework to understand how processes and expectations are aligned and where changes need to occur
• Develop an initial strategic vision based on an understanding of stakeholder expectations
Structuring your organization for success with data analytics Jim Kaplan CIA CFE
Webinar Description: In my years leading data analytics projects and teams, I have come across several different structures for the integration of DA. Some were at large multinational corporations and others were at small- and medium-sized organizations, including government bodies. Today, we'll look at four different models for the management of data analytics in Internal Audit departments. The key characteristics of each model will be described, as well as the strengths and weaknesses.
Participant Outcomes: By the end of this session, participants will be able to identify the model which best fits their organization.
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks
The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
Session 1 of 10
This Webinar focuses on Cyber Defense
• Threats/Threat actors/Common Cyber Attack methods
• Attacks and vulnerabilities exposed
• Layered protection measures against Cyber threats
• Firewalls and levels of protection they provide
• Traffic profiling and monitoring for inbound and outbound traffic
• Intrusion Detection
• Incidences of Compromises
• Penetration testing regimes and vulnerability testing
• NIST Vulnerability Checklist
• The Security Content Automation Protocol (SCAP)
How ERM and audit work together, a combined assurance approach Jim Kaplan CIA CFE
Internal audit is a profession that provides assurance that objectives are being met for the organizations that it serves. However, it is not the only assurance provider and often organizations are fatigued by different departments requesting the same information and reporting the same results. Enterprise Risk Management is an assurance provider that Internal Audit can leverage off of to reduce audit fatigue and increases the chances that an organization's objectives will be met.
Learning Objectives
Understand the roles of Enterprise Risk Management & Internal Audit
Understand the concept of Combined Assurance
Understand a strategy of reliance
As many audit departments are moving toward agile auditing, they struggle finding an effective technique for planning that goes beyond the traditional risk assessment. We recommend using exploratory data analytics to focus the agile plan and address those risks with the greatest exposure.
After this session, participants will be able to:
- Use data analytics for exploratory testing to validate a draft plan that incorporates emerging risks
- Dispel the Top 5 Analytics Myths
- Develop an agile risk based plan that aligns with senior management objectives
- Deliver a continuous monitoring plan with tools to your control owners
While the use of Data Analytics produces excellent results, they’re commonly applied in a tactical way for specific functional areas within an organization. This tactical approach often falls short of realizing the full potential of Data Analytics. Going beyond initial results, a more systematic approach to Data Analytics can help drive organizational learning (human and machine) from the various remediation processes.
In this Webinar, we’ll discuss 3 areas of Analytics Automation: (1) Producing the findings, (2) Managing the findings, and (3) Learning from the findings.
Key takeaways:
· The value of Analytics Automation
· Understanding the various technologies (i.e. RPA, AI, etc.)
· Practical ideas for deploying and managing Analytics Automation
· Using a more structured approach to remediation exceptions
· Benefits of Root Cause Analysis
· Using Analytics Automation to get a broader, more complete view of your organization over time
Internal auditors regularly access organization information for audit purposes. Many organizations now maintain computerized data warehouses containing useful management and financial information. Audit professionals therefore need to understand both the concepts of data warehousing as well as data mining techniques.
Data warehousing is a process for assembling and managing data from various sources for the purpose of gaining a single, detailed view of part or all of a business.
Data mining is the use of automated tools to explore and analyze large amounts of data stored in those data warehouses.
Print reports represent a valuable source of unstructured data which can be useful for internal auditors. Using print reports for data mining will be the main area covered in this Webinar.
Objectives
1. Identify the difference between data analysis and data mining Understand the importance between structured and unstructured data
2. Learn tips and best practices for data mining print reports
3. Understand how excel and IDEA handle importing different PDF formats
4. How to use templates to make future imports a one button task
Many auditors often forget the fundamentals of internal auditing. This webinar will focus on areas of internal auditing that every auditor should know. This includes understanding Audit’s role in the organization, IIA standards, internal control, and the key components of the audit process.
This webinar is for auditors who want to understand the key components of the audit process including characteristics of successful auditors.
The learning objectives include the following:
Learn about the IIA Professional Practices Framework
Learn about the framework of internal control as defined by the Committee of Sponsoring Organizations (COSO)
Learn about the basic elements of the audit process
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 4
• How to perform a data protection impact assessment (DPIA)
• The role of the data protection officer (DPO)
• Transferring personal data outside the EU
General Data Protection Regulation for Auditors 5 of 10Jim Kaplan CIA CFE
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 5
• Certification against GDPR
• The powers of supervisory authorities
• Lead supervisory authorities
• The role of the European Data Protection Board (EDPB)
We currently have 5 distinct generations in the workplace, including in internal audit and compliance departments. A recent Deloitte survey predicts that Millennials will make up 75% of the global workforce in the next few years, which includes our audit staff. From a management perspective, we need to blend the realities of the work we do with the challenges of working in a multigenerational staff.
This presentation will highlight the challenges faced by audit management when incorporating multiple generations into a department, and focus on approaches we can take to ensure each group has a successful integration into our multigenerational team.
• Establish a baseline understanding of differing generational skills
• Identify the skill gaps and training needs for generational inclusion
• List changes that may be necessary within our departments.
When is a Duplicate not a Duplicate? Detecting Errors and FraudJim Kaplan CIA CFE
Webinar Overview - A look at duplicates testing and the inherent value of fuzzy data matching.
Identifying fuzzy duplicates has never been easier. Arbutus Analyzer’s versatile functionality enables even new users to detect possible duplicate payments, vendors sharing similar addresses among themselves or with your organization’s employees, and counter parties who may be on government watch lists. Our webinar includes nine different scenarios with detailed descriptions of the tests and their results.
You'll learn about:
• Identifying possible risks
• How to deploy Analyzer commands and functions
Key Presenter:
Michael Kano, ACDA, Data Analytics Consultant, Arbutus Analytics
The use of robotic process automation (RPA is the rave but where can you best apply resources to maximize this powerful audit assistance. Specific learning objectives include:
o Identify the top opportunities for robotic process automation in audit processes.
o See where you can become a “citizen programmer”, building the bots alongside your business processes.
o Walk through case studies of applied audit-focused RPA
o Consider the limitations and benefits of RPA into a total cost of ownership exercise.
How to use ai apps to unleash the power of your audit program Jim Kaplan CIA CFE
Artificial Intelligence (AI) is found in just about every industry today, and accounting and auditing are no exception. Auditors that aren’t already exploring the vast potential of AI-powered applications in their audit program will soon find these tools are the industry standard and will be left in the dust if they don’t adapt and adopt.
To learn how to easily use AI apps in audit today, join us as we welcome Deniz Appelbaum, Assistant Professor at Montclair State University, for this exclusive presentation. With deep experience in audit analytics, Big Data, blockchain, audit automation, and fraud detection, Appelbaum brings considerable practical experience with audit technology to the audit profession.
In this presentation, she will help guests:
● Gain a basic introductory understanding of AI in audit.
● Understand how AP applications can be used in the context of auditing.
● Learn how to use AI apps in an audit for specific, achievable, measurable results.
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 3
• Data protection by design
• Securing personal data
• Reporting data breaches
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 8
• The security of personal data.
• An organizational risk management framework.
• Legal requirements for a DPIA.
• How to conduct a DPIA with a DPIA tool.
Similar to Enhanced fraud detection with data analytics (20)
A recent survey report, Fraud in the Wake of COVID-19: Benchmark Report, prepared by the ACFE, explains that recent events have opened the door to increased pressure, reasonings and opportunities that can lead to occupational fraud. Across all classes of fraud schemes 68% of survey respondents reported increases in fraudulent activity as of May 2020 and 93%o reported they expect an increase in fraud over the next 12 months.
To guide auditors in running detective controls, join Mark Nigrini, West Virginia University Professor and author, and Jeffrey Sorensen, Industry Strategist, for an exclusive review of the fingerprints of fraud numbers. This two-person team will review seven categories of fraud numbers and will demonstrate how to identify these types of numbers using audit software.
In this informative and engaging presentation, attendees will:
● Learn the seven categories of fraud numbers
● Understand which categories are linked to specific types of schemes
● Optimize the steps needed to run the tests
● Interpret the results to identify audit targets
● Apply a second layer of steps to reduce the number of false positives
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 6
• The role of the data protection officer (DPO).
• What constitutes personal data.
• Accountability, the privacy compliance framework and a personal information management system (PIMS).
From time-to-time internal auditors are faced with situations which call for them to make an ethical decision. In addition, they may, in the middle of auditing, come across circumstances which themselves appear to be violations of a corporate
code-of-conduct.
Several laws now specifically state that internal auditors, in terms of the act, will be bound by the IIA Code of Ethics.
This webinar explores the IIA Code of Ethics as it applies to everyday situations the auditor may encounter.
The module is designed to provide the participants with an in-depth knowledge of:
Ethics theory
The IIA Code of Ethics
Applicable areas within Internal Audit
Reporting of material facts
Corporate Codes of Conduct
Auditing Corporate Ethics
Webinar contents will include:
Classes of Ethics
The role of business
Employee ethics
Honesty, Objectivity and diligence
Conflicts of Interest
Reporting of Material Facts
Corporate Codes of Conduct
Corporate Social Responsibility
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
From time-to-time internal auditors are faced with situations which call for them to make an ethical decision. In addition, they may, in the middle of auditing, come across circumstances which themselves appear to be violations of a corporate
code-of-conduct.
Several laws now specifically state that internal auditors, in terms of the act, will be bound by the IIA Code of Ethics.
This webinar explores the IIA Code of Ethics as it applies to everyday situations the auditor may encounter.
The module is designed to provide the participants with an in-depth knowledge of:
Ethics theory
The IIA Code of Ethics
Applicable areas within Internal Audit
Reporting of material facts
Corporate Codes of Conduct
Auditing Corporate Ethics
Webinar contents will include:
Classes of Ethics
The role of business
Employee ethics
Honesty, Objectivity and diligence
Conflicts of Interest
Reporting of Material Facts
Corporate Codes of Conduct
Corporate Social Responsibility
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 2 of 10
• Special categories of personal data
• The rights of data subjects, including data access requests
• Controllers and processors
Implementing and Auditing General Data Protection Regulation Jim Kaplan CIA CFE
Implementing and Auditing GDPR Series (1 of 10)
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 1 of 10
• Bands of penalties and range of awards for breaches
• Lawfulness of processing and consent
• The six data protection principles
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
Use Cases : Duplicate Testing & Segregation of Duties
Learning Objectives / Key Takeaways:
Learn how ATCO evolved its Internal Audit practice through embedding Data Analytics within our Audit Shop.
Identify how data-driven auditing can save time and increase audit assurance, coverage and quality.
See specific examples of how Analyzer was used to detect duplicate payments and assess Segregation of Duties.
Understand the benefits of creating procedures/scripts, to automate testing.
Show drafts
volume_up
Empowering the Data Analytics Ecosystem: A Laser Focus on Value
The data analytics ecosystem thrives when every component functions at its peak, unlocking the true potential of data. Here's a laser focus on key areas for an empowered ecosystem:
1. Democratize Access, Not Data:
Granular Access Controls: Provide users with self-service tools tailored to their specific needs, preventing data overload and misuse.
Data Catalogs: Implement robust data catalogs for easy discovery and understanding of available data sources.
2. Foster Collaboration with Clear Roles:
Data Mesh Architecture: Break down data silos by creating a distributed data ownership model with clear ownership and responsibilities.
Collaborative Workspaces: Utilize interactive platforms where data scientists, analysts, and domain experts can work seamlessly together.
3. Leverage Advanced Analytics Strategically:
AI-powered Automation: Automate repetitive tasks like data cleaning and feature engineering, freeing up data talent for higher-level analysis.
Right-Tool Selection: Strategically choose the most effective advanced analytics techniques (e.g., AI, ML) based on specific business problems.
4. Prioritize Data Quality with Automation:
Automated Data Validation: Implement automated data quality checks to identify and rectify errors at the source, minimizing downstream issues.
Data Lineage Tracking: Track the flow of data throughout the ecosystem, ensuring transparency and facilitating root cause analysis for errors.
5. Cultivate a Data-Driven Mindset:
Metrics-Driven Performance Management: Align KPIs and performance metrics with data-driven insights to ensure actionable decision making.
Data Storytelling Workshops: Equip stakeholders with the skills to translate complex data findings into compelling narratives that drive action.
Benefits of a Precise Ecosystem:
Sharpened Focus: Precise access and clear roles ensure everyone works with the most relevant data, maximizing efficiency.
Actionable Insights: Strategic analytics and automated quality checks lead to more reliable and actionable data insights.
Continuous Improvement: Data-driven performance management fosters a culture of learning and continuous improvement.
Sustainable Growth: Empowered by data, organizations can make informed decisions to drive sustainable growth and innovation.
By focusing on these precise actions, organizations can create an empowered data analytics ecosystem that delivers real value by driving data-driven decisions and maximizing the return on their data investment.
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...John Andrews
SlideShare Description for "Chatty Kathy - UNC Bootcamp Final Project Presentation"
Title: Chatty Kathy: Enhancing Physical Activity Among Older Adults
Description:
Discover how Chatty Kathy, an innovative project developed at the UNC Bootcamp, aims to tackle the challenge of low physical activity among older adults. Our AI-driven solution uses peer interaction to boost and sustain exercise levels, significantly improving health outcomes. This presentation covers our problem statement, the rationale behind Chatty Kathy, synthetic data and persona creation, model performance metrics, a visual demonstration of the project, and potential future developments. Join us for an insightful Q&A session to explore the potential of this groundbreaking project.
Project Team: Jay Requarth, Jana Avery, John Andrews, Dr. Dick Davis II, Nee Buntoum, Nam Yeongjin & Mat Nicholas