Leveraging Technology Using Keyword Analytics in Fraud and Compliance MonitoringJim Kaplan CIA CFE
Keyword analytics is the process of using data analytics to find keywords in both structured and unstructured data for detecting fraud and compliance review anomalies. It can be used by auditors, accountants and lawyers. This presentation from the 2015 TeamMate User Conference presented the results of the AuditNet Keyword Survey with tools and a comprehensive list of more than 4,000 keywords, social media terms, terrorist keywords and more.
This document discusses how technology continues to revolutionize auditing. It provides a historical timeline of the internet and how auditors have adopted technology. Early adopters innovated with new methods using computers as auditing tools while laggards were more cautious. The impact of technologies like mobile computing, cloud services, and social media are described. The document outlines categories of audit software and tools that can support the audit process. It discusses trends in technology and their impact on auditing, including the need for auditors to have new technical skills. Overall it argues that technology will significantly affect auditing roles and practices in the future.
Using Key Word Analysis of an Organization’s Big Data for Error and Fraud Detection Webinar Introduction Slides for the December 3, 2014 event including the link to register
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers audit use of CAATs
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This webinar covered Fundamentals of IT Audit
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers IT Fraud and Countermeasures
The document discusses the impact of technology on standards and the ability to detect, prevent, and investigate fraud. It notes that technology has significantly changed the landscape for auditors and fraud examiners by providing more data sources to analyze and new tools to use. However, many auditors have been slow to adopt new technologies and analytics. The document outlines how standards, regulations, skills, and tools have evolved over time and are continuing to change in order to keep up with technological advances.
Leveraging Technology Using Keyword Analytics in Fraud and Compliance MonitoringJim Kaplan CIA CFE
Keyword analytics is the process of using data analytics to find keywords in both structured and unstructured data for detecting fraud and compliance review anomalies. It can be used by auditors, accountants and lawyers. This presentation from the 2015 TeamMate User Conference presented the results of the AuditNet Keyword Survey with tools and a comprehensive list of more than 4,000 keywords, social media terms, terrorist keywords and more.
This document discusses how technology continues to revolutionize auditing. It provides a historical timeline of the internet and how auditors have adopted technology. Early adopters innovated with new methods using computers as auditing tools while laggards were more cautious. The impact of technologies like mobile computing, cloud services, and social media are described. The document outlines categories of audit software and tools that can support the audit process. It discusses trends in technology and their impact on auditing, including the need for auditors to have new technical skills. Overall it argues that technology will significantly affect auditing roles and practices in the future.
Using Key Word Analysis of an Organization’s Big Data for Error and Fraud Detection Webinar Introduction Slides for the December 3, 2014 event including the link to register
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers audit use of CAATs
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This webinar covered Fundamentals of IT Audit
The IT Auditing Series is a series of 10 2-hour webinars.
The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.
The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors.
This session covers IT Fraud and Countermeasures
The document discusses the impact of technology on standards and the ability to detect, prevent, and investigate fraud. It notes that technology has significantly changed the landscape for auditors and fraud examiners by providing more data sources to analyze and new tools to use. However, many auditors have been slow to adopt new technologies and analytics. The document outlines how standards, regulations, skills, and tools have evolved over time and are continuing to change in order to keep up with technological advances.
Social media strategies for real business benefiteSocialMedia
Colm Hannon of eSocialMedia discusses strategies for using social media to drive business benefits. He outlines a five part process for SMEs: 1) plan objectives and targets, 2) set up necessary infrastructure, 3) listen to conversations, 4) target discussions with relevant content, and 5) engage through blogs, videos and conversations. Hannon notes that done well, social media can lead to more meetings and business by keeping companies front of mind with current and prospective clients.
Auditors regularly invited into the Technology Committee meetings have an envious seat. They can listen to what is wrong with the current processes and see first-hand how the organization plans to change for improvement. While audit usually does not have a vote, they can vie for a role on any project committees organizing. Management in turn has certain expectations of audit’s participation.
Acting in a more pro-active manner, auditors can easily sell recommendations before the go-live date.
You will learn at this webinar:
· Defining audit’s role regarding reporting and timing
· Learn the stepping stones for enhancing integrated skill sets (map)
· A framework that be used on just about any process improvement, not just application changes
· How not to avoid crossing the line between audit consulting and managing the project
· Successful participation can help audit win more work
Social Media for Internal Company Communications by @JoeySheppEarthsite
Social Media isn’t just for marketing; it’s for sharing, collaborating, and networking. In this presentation you will learn how Social Media is being applied in the workplace. Get up to date with the latest social media trends and best practices. See case studies of how corporate programs are leveraging social media for employee engagement, work team collaboration, and remote training. You’ll walk away with concrete implementation steps and best-of-class software recommendations. Presentation by JoeyShepp.com, New Media Maven and CEO of Earthsite.net
LinkedIn: Entrepreneurs' 21st Century Business AcceleratorCSRA, Inc.
The document discusses how LinkedIn can be used as a 21st century business accelerator by allowing entrepreneurs to rapidly scale their businesses through building trusted online relationships. It highlights how LinkedIn reduces transaction costs by making a user's network more actionable and accessible regardless of geography. The document also provides an overview of key LinkedIn processes like writing profiles, adding connections, searching, and forwarding introductions.
This document provides guidance on using LinkedIn for professional networking. It discusses optimizing a LinkedIn profile through completing sections, writing an executive summary, listing groups and associations, considering keywords, making connections, joining discussion groups, requesting recommendations, and adjusting privacy settings. It also offers best practices for participation including engaging regularly without direct selling, modestly sharing accomplishments, networking, and adding interests. The overall message is that LinkedIn allows networking and relationship building online through profile optimization and ongoing engagement.
LinkedIn: what's new in Recruiter? Le ultime novità di LinkedIn RecruiterLinkedIn Italia
Presentazione delle ultime novità su LinkedIn Recruiter. Include il nuovo profilo, i nuovi progetti, la nuova interfaccia di ricerca e le nuove regole di InMail.
You're on LinkedIn so now what? This presentation provides insight into how your business can benefit from utilizing LinkedIn is ways that you might not of realized were even possible. Learn to leverage LinkedIn's robust business features to leverage the true power of LinkedIn for your business.
How to Disrupt Digital Product Cultures by LearnVest VP of ProductProduct School
A big part of product management success is bringing various cultures together from people, process, and innovation. Vivek Bedi from LearnVest hosted the product and technology digital teams from Northwestern Mutual and LearnVest as they discussed over the past two years how they have brought two cultures together to come up with a bold, brave, yet balanced "third" culture.
The new culture is one of taking risks, being ok with failing, and focused on innovation while keeping focus on being at the center of clients' financial lives.
Eoin Kennedy led a LinkedIn training workshop that covered: introducing participants and providing an overview of LinkedIn's key statistics and features; reviewing the anatomy of a LinkedIn profile and how to build an effective profile; exploring how to use connections, jobs, interests, and business services on LinkedIn; and conducting exercises for participants to apply what they learned by updating their profiles.
This document outlines a LinkedIn training on growing a business using LinkedIn. The training covers developing a LinkedIn strategy, optimizing profiles, building credibility through recommendations, growing networks, lead generation strategies, and a daily LinkedIn approach. Attendees are provided tips on writing summaries, getting recommendations, joining groups, connecting with leads, and measuring success. The goal is to help businesses leverage LinkedIn to find new opportunities and customers.
Web 2.0 in the Service of the Investor RelationsMagic Solutions
Petko Karamotchev's presentation during the Conference New Technologies for Successful Investor Relations, held in Sofia, Bulgaria on 15 October 2009. The presentation discussed Web 2.0 and what it offers for the investment relations society in Bulgaria. Examples were given for Office 2.0 applications like Zoho, Xero, and Google Wave.
Selecting the right Computer Assisted Audit Tool may appear to be a huge undertaking; however, following a systematic approach eases the burden. The right approach minimizes the risk of selecting a product that might not fit into your organization, which could impair your function as it sits underutilized or on the shelf. While point and click visual style tools are settling into the market, many auditors rely on the legacy step-by-step software tools such as ACL, IDEA, Excel and “add-on” tools.
Many chief auditors pursue opportunities to increase the frequency and intensity of interactions with management and realize nothing gets attention faster than finding previously undetected anomalies in company data. Finding the right issues quickly and timely improves the value of audit and can assist audit in winning more work.
Attending this webinar you will learn:
· Identify analysis and financial constraints
· Scoping and defining audit strategic objectives
· Reviewing selection field based on Technical needs
· Building a short/long term on-boarding roadmap
· Realize the lost opportunity of not including all auditors (no auditor left behind)
This document provides an overview of developing a digital communications plan. It outlines key elements to include such as identifying your brand, defining goals and parameters, developing infrastructure like a website and blog, connecting with others on social networks, listening to conversations, engaging with your audience, publishing content, and evaluating your efforts. Social media continues to grow in popularity with nearly a quarter of online time spent on networks and blogs. Integrating social media can boost brand awareness, search engine optimization, collaboration, and relationships.
The document is an internship report submitted by Nikam Shreyas Hemraj to SKNCOE/IT after completing an internship with TwoWaits Technologies Pvt. Ltd. It provides details of the internship including objectives, activities performed, and outcomes. The internship focused on web development and involved learning HTML, CSS, Bootstrap, making a website, solving DSA problems on LeetCode, and taking a test on Relevel. The objectives were completed through notes making, website development, hosting on GitHub, practicing DSA, and appearing for an examination. Valuable methodologies around time management and improving DSA skills were learned.
The document discusses the Cisco Data Center and Cloud Community (DCCC), which aims to provide timely support and insights for data center professionals. The DCCC will support current and prospective customers, data center experts, and experienced users who can help answer questions. It will act as a portal to Cisco resources and allow engagement between users. The goals are to demonstrate Cisco's commitment to customers, provide a place for knowledge sharing, and become a timesaving tool for technical information. The document outlines metrics and timelines to refine the site based on user feedback and drive continued growth over the next fiscal year.
Benefits of Being a PMI Member May 2023.pptxFerasAlKhatib3
Being a PMI member provides several benefits for project managers including building connections through local chapters, gaining access to foundational project management standards and guides, and developing expertise to advance their career. Specific membership benefits include discounts on certifications and courses, free digital resources like the PMBOK Guide, online project management tools and templates, and opportunities to attend PMI events and webinars. Members also benefit from PMI's strong brand reputation and can help shape the profession.
Social Media Boot Camp Series Module 3 Blogging, Video and LinkedIn Shane Gibson
The document summarizes Module 3 of a social media boot camp series on blogging, video, and LinkedIn. It covers how to build an effective blog, topics to blog about, launching a blog, using video, search engine optimization, and building a readership. It also discusses using LinkedIn to build a professional profile, make connections, and set up a business page.
Internal Audit's Role in Ethics, Governance, & CultureJim Kaplan CIA CFE
The internal auditor has a unique and challenging role when it comes to improving the governance processes of their organization. Exercising objective judgment and maintaining professional integrity are essential roles of the internal auditor; however these roles may become undermined when strong political or cultural pressures are at play. This webinar will help internal auditors prepare for and successfully navigate through these pressures should they be encountered.
Learning Objectives:
• Understand how the IIA Code of Ethics applies to Internal Auditors
• Apply “IIA Standard 2110 – Governance” as a key resource
• Assess ethics in light of internal audit independence
• Gain insight to how organizational culture affects ethical behavior
• Evaluate independence and objectivity using a framework
Who will benefit:
Corporate Directors
Corporate Officers
Fraud & Forensic professionals
Audit professionals
Risk professionals
Compliance professionals
Legal professionals
Ethics professionals
Governance professionals
Finance and Accounting Professionals
The document provides an overview of a course on social media strategy and management. It outlines the course objectives which include developing a social media strategy aligned with business goals, implementing initiatives to achieve objectives, and measuring social media performance and impact. It details learning outcomes, teaching methods such as lectures and group work, assignments, schedules, and addresses questions from participants.
Controls that are designed to mitigate the risk of fraud are not perfect. Enterprise software such as Oracle and SAP may have built-in controls, but they are limited in scope to the data and processes that the software "touches". The most successful fraudsters know how to exploit interfaces between different processes and systems. Furthermore, the typical fraud case persists for 14 months prior to detection*.
Deploying data analytics for continuous testing can overcome many of the limitations of traditional fraud detection. Timely and appropriate detection will help organizations mitigate the impact of frauds. Robust fraud detection systems will also act as powerful deterrents.
*ACFE Report to the Nations: 2020 Global Study on Occupational Fraud and Abuse
Learning Objectives
In this session we will raise awareness of the various types of frauds and how they can be detected using automated data analysis techniques.
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 10
• Handling data subject access requests (DSARs).
• The roles of controllers and processors, and the relationships between them.
• Transferring personal data outside the EU and the mechanisms for compliance.
• How to become GDPR compliant using a compliance gap assessment
More Related Content
Similar to Auditor’s Guide to Using Social Networking for Adding Value to Your Audit Function
Social media strategies for real business benefiteSocialMedia
Colm Hannon of eSocialMedia discusses strategies for using social media to drive business benefits. He outlines a five part process for SMEs: 1) plan objectives and targets, 2) set up necessary infrastructure, 3) listen to conversations, 4) target discussions with relevant content, and 5) engage through blogs, videos and conversations. Hannon notes that done well, social media can lead to more meetings and business by keeping companies front of mind with current and prospective clients.
Auditors regularly invited into the Technology Committee meetings have an envious seat. They can listen to what is wrong with the current processes and see first-hand how the organization plans to change for improvement. While audit usually does not have a vote, they can vie for a role on any project committees organizing. Management in turn has certain expectations of audit’s participation.
Acting in a more pro-active manner, auditors can easily sell recommendations before the go-live date.
You will learn at this webinar:
· Defining audit’s role regarding reporting and timing
· Learn the stepping stones for enhancing integrated skill sets (map)
· A framework that be used on just about any process improvement, not just application changes
· How not to avoid crossing the line between audit consulting and managing the project
· Successful participation can help audit win more work
Social Media for Internal Company Communications by @JoeySheppEarthsite
Social Media isn’t just for marketing; it’s for sharing, collaborating, and networking. In this presentation you will learn how Social Media is being applied in the workplace. Get up to date with the latest social media trends and best practices. See case studies of how corporate programs are leveraging social media for employee engagement, work team collaboration, and remote training. You’ll walk away with concrete implementation steps and best-of-class software recommendations. Presentation by JoeyShepp.com, New Media Maven and CEO of Earthsite.net
LinkedIn: Entrepreneurs' 21st Century Business AcceleratorCSRA, Inc.
The document discusses how LinkedIn can be used as a 21st century business accelerator by allowing entrepreneurs to rapidly scale their businesses through building trusted online relationships. It highlights how LinkedIn reduces transaction costs by making a user's network more actionable and accessible regardless of geography. The document also provides an overview of key LinkedIn processes like writing profiles, adding connections, searching, and forwarding introductions.
This document provides guidance on using LinkedIn for professional networking. It discusses optimizing a LinkedIn profile through completing sections, writing an executive summary, listing groups and associations, considering keywords, making connections, joining discussion groups, requesting recommendations, and adjusting privacy settings. It also offers best practices for participation including engaging regularly without direct selling, modestly sharing accomplishments, networking, and adding interests. The overall message is that LinkedIn allows networking and relationship building online through profile optimization and ongoing engagement.
LinkedIn: what's new in Recruiter? Le ultime novità di LinkedIn RecruiterLinkedIn Italia
Presentazione delle ultime novità su LinkedIn Recruiter. Include il nuovo profilo, i nuovi progetti, la nuova interfaccia di ricerca e le nuove regole di InMail.
You're on LinkedIn so now what? This presentation provides insight into how your business can benefit from utilizing LinkedIn is ways that you might not of realized were even possible. Learn to leverage LinkedIn's robust business features to leverage the true power of LinkedIn for your business.
How to Disrupt Digital Product Cultures by LearnVest VP of ProductProduct School
A big part of product management success is bringing various cultures together from people, process, and innovation. Vivek Bedi from LearnVest hosted the product and technology digital teams from Northwestern Mutual and LearnVest as they discussed over the past two years how they have brought two cultures together to come up with a bold, brave, yet balanced "third" culture.
The new culture is one of taking risks, being ok with failing, and focused on innovation while keeping focus on being at the center of clients' financial lives.
Eoin Kennedy led a LinkedIn training workshop that covered: introducing participants and providing an overview of LinkedIn's key statistics and features; reviewing the anatomy of a LinkedIn profile and how to build an effective profile; exploring how to use connections, jobs, interests, and business services on LinkedIn; and conducting exercises for participants to apply what they learned by updating their profiles.
This document outlines a LinkedIn training on growing a business using LinkedIn. The training covers developing a LinkedIn strategy, optimizing profiles, building credibility through recommendations, growing networks, lead generation strategies, and a daily LinkedIn approach. Attendees are provided tips on writing summaries, getting recommendations, joining groups, connecting with leads, and measuring success. The goal is to help businesses leverage LinkedIn to find new opportunities and customers.
Web 2.0 in the Service of the Investor RelationsMagic Solutions
Petko Karamotchev's presentation during the Conference New Technologies for Successful Investor Relations, held in Sofia, Bulgaria on 15 October 2009. The presentation discussed Web 2.0 and what it offers for the investment relations society in Bulgaria. Examples were given for Office 2.0 applications like Zoho, Xero, and Google Wave.
Selecting the right Computer Assisted Audit Tool may appear to be a huge undertaking; however, following a systematic approach eases the burden. The right approach minimizes the risk of selecting a product that might not fit into your organization, which could impair your function as it sits underutilized or on the shelf. While point and click visual style tools are settling into the market, many auditors rely on the legacy step-by-step software tools such as ACL, IDEA, Excel and “add-on” tools.
Many chief auditors pursue opportunities to increase the frequency and intensity of interactions with management and realize nothing gets attention faster than finding previously undetected anomalies in company data. Finding the right issues quickly and timely improves the value of audit and can assist audit in winning more work.
Attending this webinar you will learn:
· Identify analysis and financial constraints
· Scoping and defining audit strategic objectives
· Reviewing selection field based on Technical needs
· Building a short/long term on-boarding roadmap
· Realize the lost opportunity of not including all auditors (no auditor left behind)
This document provides an overview of developing a digital communications plan. It outlines key elements to include such as identifying your brand, defining goals and parameters, developing infrastructure like a website and blog, connecting with others on social networks, listening to conversations, engaging with your audience, publishing content, and evaluating your efforts. Social media continues to grow in popularity with nearly a quarter of online time spent on networks and blogs. Integrating social media can boost brand awareness, search engine optimization, collaboration, and relationships.
The document is an internship report submitted by Nikam Shreyas Hemraj to SKNCOE/IT after completing an internship with TwoWaits Technologies Pvt. Ltd. It provides details of the internship including objectives, activities performed, and outcomes. The internship focused on web development and involved learning HTML, CSS, Bootstrap, making a website, solving DSA problems on LeetCode, and taking a test on Relevel. The objectives were completed through notes making, website development, hosting on GitHub, practicing DSA, and appearing for an examination. Valuable methodologies around time management and improving DSA skills were learned.
The document discusses the Cisco Data Center and Cloud Community (DCCC), which aims to provide timely support and insights for data center professionals. The DCCC will support current and prospective customers, data center experts, and experienced users who can help answer questions. It will act as a portal to Cisco resources and allow engagement between users. The goals are to demonstrate Cisco's commitment to customers, provide a place for knowledge sharing, and become a timesaving tool for technical information. The document outlines metrics and timelines to refine the site based on user feedback and drive continued growth over the next fiscal year.
Benefits of Being a PMI Member May 2023.pptxFerasAlKhatib3
Being a PMI member provides several benefits for project managers including building connections through local chapters, gaining access to foundational project management standards and guides, and developing expertise to advance their career. Specific membership benefits include discounts on certifications and courses, free digital resources like the PMBOK Guide, online project management tools and templates, and opportunities to attend PMI events and webinars. Members also benefit from PMI's strong brand reputation and can help shape the profession.
Social Media Boot Camp Series Module 3 Blogging, Video and LinkedIn Shane Gibson
The document summarizes Module 3 of a social media boot camp series on blogging, video, and LinkedIn. It covers how to build an effective blog, topics to blog about, launching a blog, using video, search engine optimization, and building a readership. It also discusses using LinkedIn to build a professional profile, make connections, and set up a business page.
Internal Audit's Role in Ethics, Governance, & CultureJim Kaplan CIA CFE
The internal auditor has a unique and challenging role when it comes to improving the governance processes of their organization. Exercising objective judgment and maintaining professional integrity are essential roles of the internal auditor; however these roles may become undermined when strong political or cultural pressures are at play. This webinar will help internal auditors prepare for and successfully navigate through these pressures should they be encountered.
Learning Objectives:
• Understand how the IIA Code of Ethics applies to Internal Auditors
• Apply “IIA Standard 2110 – Governance” as a key resource
• Assess ethics in light of internal audit independence
• Gain insight to how organizational culture affects ethical behavior
• Evaluate independence and objectivity using a framework
Who will benefit:
Corporate Directors
Corporate Officers
Fraud & Forensic professionals
Audit professionals
Risk professionals
Compliance professionals
Legal professionals
Ethics professionals
Governance professionals
Finance and Accounting Professionals
The document provides an overview of a course on social media strategy and management. It outlines the course objectives which include developing a social media strategy aligned with business goals, implementing initiatives to achieve objectives, and measuring social media performance and impact. It details learning outcomes, teaching methods such as lectures and group work, assignments, schedules, and addresses questions from participants.
Similar to Auditor’s Guide to Using Social Networking for Adding Value to Your Audit Function (20)
Controls that are designed to mitigate the risk of fraud are not perfect. Enterprise software such as Oracle and SAP may have built-in controls, but they are limited in scope to the data and processes that the software "touches". The most successful fraudsters know how to exploit interfaces between different processes and systems. Furthermore, the typical fraud case persists for 14 months prior to detection*.
Deploying data analytics for continuous testing can overcome many of the limitations of traditional fraud detection. Timely and appropriate detection will help organizations mitigate the impact of frauds. Robust fraud detection systems will also act as powerful deterrents.
*ACFE Report to the Nations: 2020 Global Study on Occupational Fraud and Abuse
Learning Objectives
In this session we will raise awareness of the various types of frauds and how they can be detected using automated data analysis techniques.
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 10
• Handling data subject access requests (DSARs).
• The roles of controllers and processors, and the relationships between them.
• Transferring personal data outside the EU and the mechanisms for compliance.
• How to become GDPR compliant using a compliance gap assessment
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Jim Kaplan CIA CFE
Join this webinar for an introduction to the Touchstone Research for Internal Audit, an unprecedented, global research of internal audit, from Wolters Kluwer TeamMate. This session will review study approach and scope, key initial findings, a look at benchmarking, and a preview of future insights. Find out what nearly 1,000 internal audit and controls professionals have to say across about the current and future state of internal audit.
Learning Objectives:
Learn the objective of the Touchstone Research for Internal Audit
Understand how the Touchstone Maturity Model can benefit Internal Audit teams
Learn why the Touchstone Research Benchmarks for Internal Audit can be a planning tool
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 9
• Why and how to conduct a data mapping exercise.
• The rights of data subjects.
• Giving and withdrawing consent.
A recent survey report, Fraud in the Wake of COVID-19: Benchmark Report, prepared by the ACFE, explains that recent events have opened the door to increased pressure, reasonings and opportunities that can lead to occupational fraud. Across all classes of fraud schemes 68% of survey respondents reported increases in fraudulent activity as of May 2020 and 93%o reported they expect an increase in fraud over the next 12 months.
To guide auditors in running detective controls, join Mark Nigrini, West Virginia University Professor and author, and Jeffrey Sorensen, Industry Strategist, for an exclusive review of the fingerprints of fraud numbers. This two-person team will review seven categories of fraud numbers and will demonstrate how to identify these types of numbers using audit software.
In this informative and engaging presentation, attendees will:
● Learn the seven categories of fraud numbers
● Understand which categories are linked to specific types of schemes
● Optimize the steps needed to run the tests
● Interpret the results to identify audit targets
● Apply a second layer of steps to reduce the number of false positives
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 8
• The security of personal data.
• An organizational risk management framework.
• Legal requirements for a DPIA.
• How to conduct a DPIA with a DPIA tool.
How to get auditors performing basic analytics using excel Jim Kaplan CIA CFE
It has been said that the definition of crazy is doing the same thing over and over again and expecting a different result. If your audit analytics program is still not meeting your expectations, you are going to have to do something different to change that outcome. The biggest hurdle organizations need to overcome is getting auditors to think differently about what analytics is. Excel might not be the ultimate analytics tool for your organization but attend this webinar to see how you can use it as a catalyst for change throughout the audit team.
Learning Objectives
Learn non-technical skills auditors need to perform audit analytics
Learn commonly used Excel functions that can be applied to audit analytics
Learn how to get auditors started down a path of thinking about analytics vs automatically pulling samples
Learning about outliers and how to detect them in transactions of all types.
Learning Objectives: This webinar will explain the significance of outliers when testing transactions, whether they are vendor invoices, GL postings, or travel & entertainment expenses. Examples using Arbutus Analyzer will demonstrate the best analytics for identifying outliers.
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 14 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
This document provides an agenda and overview of a webinar on lessons learned from the General Data Protection Regulation (GDPR) and applying the GDPR's data protection principles. The webinar agenda includes discussing common data security failures, managing personal data breaches, and the seven data protection principles. It also provides background on the webinar presenter and introduces the company hosting the webinar, AuditNet.
When is a Duplicate not a Duplicate? Detecting Errors and FraudJim Kaplan CIA CFE
Webinar Overview - A look at duplicates testing and the inherent value of fuzzy data matching.
Identifying fuzzy duplicates has never been easier. Arbutus Analyzer’s versatile functionality enables even new users to detect possible duplicate payments, vendors sharing similar addresses among themselves or with your organization’s employees, and counter parties who may be on government watch lists. Our webinar includes nine different scenarios with detailed descriptions of the tests and their results.
You'll learn about:
• Identifying possible risks
• How to deploy Analyzer commands and functions
Key Presenter:
Michael Kano, ACDA, Data Analytics Consultant, Arbutus Analytics
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 6
• The role of the data protection officer (DPO).
• What constitutes personal data.
• Accountability, the privacy compliance framework and a personal information management system (PIMS).
This document summarizes a webinar about using exploratory data analytics to focus an agile audit plan on emerging risks. It discusses dispelling common myths about data analytics and using an example of analyzing employee data to identify potential issues with gender and race pay disparities. The webinar promotes using analytics to enable control owners to conduct ongoing monitoring and shifting the audit's focus to confirming controls are appropriately designed and issues are addressed.
General Data Protection Regulation for Auditors 5 of 10Jim Kaplan CIA CFE
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 5
• Certification against GDPR
• The powers of supervisory authorities
• Lead supervisory authorities
• The role of the European Data Protection Board (EDPB)
From time-to-time internal auditors are faced with situations which call for them to make an ethical decision. In addition, they may, in the middle of auditing, come across circumstances which themselves appear to be violations of a corporate
code-of-conduct.
Several laws now specifically state that internal auditors, in terms of the act, will be bound by the IIA Code of Ethics.
This webinar explores the IIA Code of Ethics as it applies to everyday situations the auditor may encounter.
The module is designed to provide the participants with an in-depth knowledge of:
Ethics theory
The IIA Code of Ethics
Applicable areas within Internal Audit
Reporting of material facts
Corporate Codes of Conduct
Auditing Corporate Ethics
Webinar contents will include:
Classes of Ethics
The role of business
Employee ethics
Honesty, Objectivity and diligence
Conflicts of Interest
Reporting of Material Facts
Corporate Codes of Conduct
Corporate Social Responsibility
How analytics should be used in controls testing instead of sampling Jim Kaplan CIA CFE
Sampling has existed as a standard for controls testing since controls testing began. We’ve developed algorithms to tell us how many samples we should pull and how many errors we can have and still pass the control. We’ve even developed algorithms to tell us how many more samples we can test if the control didn’t pass the first time.
If your goal is simply to do the minimum to pass a SOX audit, then these behaviors should probably continue. If your goals also include really improving the operations of the organization to make it stronger then a more holistic approach is needed, such as analysis on 100% of the population, rather than a small sample.
Most controls analytics do not require a degree in data science, but they do require the controls team begin changing its behaviors. Join us to understand what it takes to begin this change, it’s not as challenging as you might think.
Learning Objectives
Understanding the advantages of analytics vs sampling
How to Identify controls where analytics can be applied
Real life examples of controls and their associated analytics
How to effect a change
How analytics should be used in controls testing instead of samplingJim Kaplan CIA CFE
Sampling has existed as a standard for controls testing since controls testing began. We’ve developed algorithms to tell us how many samples we should pull and how many errors we can have and still pass the control. We’ve even developed algorithms to tell us how many more samples we can test if the control didn’t pass the first time.
If your goal is simply to do the minimum to pass a SOX audit, then these behaviors should probably continue. If your goals also include really improving the operations of the organization to make it stronger then a more holistic approach is needed, such as analysis on 100% of the population, rather than a small sample.
Most controls analytics do not require a degree in data science, but they do require the controls team begin changing its behaviors. Join us to understand what it takes to begin this change, it’s not as challenging as you might think.
Learning Objectives
Understanding the advantages of analytics vs sampling
How to Identify controls where analytics can be applied
Real life examples of controls and their associated analytics
How to effect a change
This document provides an overview of data protection impact assessments (DPIAs) and the role of the data protection officer (DPO) under the General Data Protection Regulation (GDPR). It discusses when DPIAs are required, the DPIA process, how to identify and assess risks, select controls, and ensure continuous monitoring. It also outlines the DPO requirements, including the need for independence and expertise. The DPO is responsible for enabling compliance and fostering a data protection culture.
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 3
• Data protection by design
• Securing personal data
• Reporting data breaches
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfflufftailshop
When it comes to unit testing in the .NET ecosystem, developers have a wide range of options available. Among the most popular choices are NUnit, XUnit, and MSTest. These unit testing frameworks provide essential tools and features to help ensure the quality and reliability of code. However, understanding the differences between these frameworks is crucial for selecting the most suitable one for your projects.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
2. About Jim Kaplan, CIA, CFE
2
• President and Founder of
AuditNet®, the global resource
for auditors
Auditor, Author, Web Site
Guru, Internet for Auditors
Pioneer
Recipient of the IIA’s 2007
Bradford Cadmus Memorial
Award.
3. Agenda
• Professional networking ‐ it’s not all digital!
• Social media and social networking
• Responses to social networking
• Social Networking and Professionals
• Best Practices
• Social Media Risks
• Internal Audit’s Role
• Adding Value for Audit
4. Principles of Professional Networking
1. Make networking a part of your written strategic plan
2. Work an event, not just a room
3. Make a professional first impression
4. Create a 10‐15 second verbal business card filled with
benefits networking with you
5. Adapt your verbal business card to a short e‐mail
signature to continue to establish your brand
6. Start conversations with open‐ended questions
7. Master the art of small talk about your industry and
timely topics
8. 10 Minute Work a Room Rule
9. Follow up
10. Give more than you get
7. Social Media Defined
What is Social Media?
• Web‐ and mobile‐based technologies used to disseminate information and solicit
feedback on a real‐time basis which are used to turn communication into
interactive dialogue among organizations, communities, and individuals
• A group of Internet‐based applications that build on the ideological and
technological information of Web 2.0… allows for the creation and exchange of
user‐generated content
• Social media expedites conversation in contrast to traditional media, which
delivers content but doesn't allow readers/viewers/listeners to participate in the
creation or development of the content.
• Example of social media include internet forums, weblogs, social blogs,
microblogging, wikis, social networks, podcasts
9. Why is it so popular?
• Community ‐ allows people to join together based on common interests and
values.
• Transparent – when used properly it can project authenticity
• Engaging – communication channel opening dialogues with many individuals
• Borderless – the world is flattening and we are no longer restricted to connecting
with only those who are close
• Creative – fosters innovation and expression
The Pew Research Center found that’s the “major reason” given by six of every 10 users
of Facebook, Twitter or LinkedIn. And half of the people surveyed said the ability to
reconnect with old friends played a “significant role” in using social networking.
10. Professionals and Social Networking
• 10 Reasons for auditors to use social networking tools
1. Network with other auditors for advice on issues
2. Get answers to audit technology questions and issues
3. Benchmark best practices
4. Share (reports, programs, issues)
5. Share methodologies
6. Foster one to one and one to many communications/discussions1
7. Research audit and technology issues using advanced search skills1
8. Establish a dialogue with your professional network1
9. Establish knowledge feeds1
10. Gain knowledge for risk, control and audit of social media
Auditors need to be plugged into social networks to stay current with professional
issues and the latest tools and technologies!
Jim Kaplan
1 core competency for digital literacy
12. Social Media Options
• LinkedIn
• Facebook
• Twitter
• YouTube
• Blogs
• Discussion Forums
• According to survey by CEO.com ‐ Social media will become one of the two most
important forms of engagement with employees and customers, second only to
face to face interactions.
18. Social Media Risks and Controls
• Risks
– Employees or non‐employees creating a social media page representing your company
without management/IT consent or approval
– Trade secrets or other business secrets being inadvertently or even deliberately shared
– Dissatisfied customers or disgruntled employees voicing their opinions freely
– Viruses, spyware and network vulnerabilities occurring due to the interactivity and open
nature of social media architecture
• Controls
– The extent to which social media will be officially sanctioned by the organization
– Who is allowed to use the social media sites
– How users gain approval to use the social media sites
– Standards/policy of social media use inside and outside of the workplace
– Brand monitoring and legal involvement
– How to report false pages
19. Internal Audit’s Role
• Understand how social media is being used within the organization
• Review social media policies
• Conduct a social media risk assessment
• Ensure that controls are in place to address social media risks
• Records retention issue
• Audit Reports
– Social Media Review by Multnomah County August 2011
– GAO SOCIAL MEDIA ‐ Federal Agencies Need Policies and Procedures for Managing and
Protecting Information They Access and Disseminate
http://www.gao.gov/new.items/d11605.pdf
Social media is now embedded in our personal and business culture and auditors need to
know the what the risks and controls are, how to audit this new communication tool and
also how to adapt it for use within the audit environment.
Jim Kaplan, AuditNet®