| Monday 03/30/2020 | |||
 7:00 am - 8:00 am | Registration - Continental Breakfast, Exhibitors & Networking | ||
| 8:00 am - 8:15 am | Presidents Welcome & 60th Anniversary Celebration | ||
| 8:15 am - 9:30 am | Keynote - Body Talk: Nonverbal Communication and its Role in Becoming an Effective Internal Auditor Speaker: Jan Hargrave, Body Language Expert, Jan Hargrave & Associates It’s a scientific fact that a person’s body gestures give away his true intentions. Actually, over ninety percent of all face-to-face communication is nonverbal; thus, the silent messages of the body often reveal more than the spoken word in conveying true feelings and attitudes. Jan Hargrave, behavioral authority on nonverbal communication, and author of Let Me See Your Body Talk, Freeway of Love, Judge the Jury, Strictly Business Body Language, and Poker Face, helps internal auditors to improve their communication skills through learning how to: effectively make a positive first impression, persuasively communicate ideas in a professional manner, capably detect “micro-expressions” of deception, and other elements critical for internal audit success. CPE: 1.5 hours Field of Study: Communication Knowledge Level: Basic Prerequisites: None | ||
| 9:30 am - 9:40 am | Transition Break, Exhibitors & Networking | ||
| 9:40 am - 10:30 am | Cyber(in)security Speaker: Mike Del Giudice, Principal, Crowe LLP The cybersecurity threats organizations are facing today are increasingly more complex than past threats. Given the complex technology landscape, many organizations struggle to effectively manage technology risks with the limited cybersecurity skillsets and resources available to them. The mindset around cybersecurity at organizations has shifted from “if” a cyber event will occur to “when” it will happen, and organizations are struggling to effectively prepare a response for when that incident occurs. The goal of this session is to discuss current cybersecurity risks and threats organizations are facing and how an effective cyber resilience program can help manage these risks. We will discuss the key components of a cyber resilience program including preventative, detective, response, and recover controls. We will also discuss pragmatic strategies used by organizations to improve their cybersecurity posture. During this session, the speaker will:
CPE: 1 hour Field of Study: Auditing Knowledge Level: Basic Prerequisites: None | ||
| 10:30 am - 10:40 am | Transition Break, Exhibitors & Networking | ||
| 10:40 am - 11:30 am | The Audit Security Assessment Speaker: Nathan Anderson CRISC, CISA, Senior Director, Internal Audit, McDonald's Corporation Cyber security is and will remain a key focus for our boards and audit committees. The traditional skillset for IT Audit limits our ability to assess and provide assurance over cyber security risks. Turning to third parties can help, but the demand for cyber security assurance is great, and the coverage that third parties can provide is limited based on traditional budgets. To address the gap between our skillset and the demand for cyber security assessments, McDonald's has partnered with a third party to develop a “penetration testing light” assessment that IT Audit can deliver. This increases the engagement of our team, as internal audit is growing its skills and assessing the most relevant risks for the organization. This also enables internal audit to leverage our third-party partners more strategically, providing them with assessments that are more challenging and targeted. During this session, we will take you through our journey, covering the following topics:
After completing this session, participants should be able to:
CPE: 1 hour Field of Study: Auditing Knowledge Level: Basic Prerequisites: None | ||
| 11:30 am - 12:45 pm | Lunch | ||
| 12:45 pm - 2:00 pm | Keynote - The Power and Value of Artificial Intelligence Speaker: Tanmay Bakshi, Artificial Intelligence Engineer Artificial intelligence or “AI” is often referred to though the capabilities of AI are generally not well understood as well as the value that may be obtained. There isn’t yet even a single set of AI terminology that can be agreed upon to use. Tanmay will answer the questions of what AI is, what it's capable of, what it’s not capable of, and how might AI be used by internal auditors in their professional and personal lives. During the presentation, Tanmay will display transforming examples of this power. CPE: 1.5 hour Field of Study: Information Technology Knowledge Level: Basic Prerequisites: None | ||
| 2:00 pm - 2:10 pm | Transition Break, Exhibitors & Networking | ||
| 2:10 pm - 3:00 pm | My Favorite Hacking Exploits and What Can Be Done to Prevent Them Speaker: Kenneth Zoline, Senior Manager, Baker Tilly Virchow Krause LLP History teaches us that seemingly impregnable security measures can be breached by clever attackers. The same holds true for cybersecurity. A clever cybercriminal or nation-state can often side-step an organization's regulatory IT security controls (e.g., GLBA, HIPAA, PCI, SOX) and implemented "defense-in-depth" security products in order to "capture the flag". Part 1 of the presentation will present several hacking exploits that are often used during a penetration test or cyber-attack simulation to accomplish the following: (1) Take control of a computer; (2) Use it to locate valuable information; and (3) Exfiltrate the targeted information. Recommendations for detecting and preventing the demonstrated exploits will be offered.Part 2 of the presentation will more broadly explore how to deny an attacker the opportunity to successfully complete an exploit. With this knowledge, organizations can begin plugging their security holes that determined cyber attackers strive to discover. The learning objectives for this session are:
CPE: 1 hour Field of Study: Auditing Knowledge Level: Basic Prerequisites: None | ||
| 3:00 pm - 3:30 pm | Transition & Refreshment Break, Exhibitors & Networking | ||
| 3:30 pm - 4:20 pm | Cybercrime - A Conversation with the Department of Justice Melody Wells, Assistant United States Attorney, Department of Justice During this session, participants will learn what the DOJ does to protect us from cybercriminals. Participants will have the opportunity to as questions and guide the conversation. CPE: 1 hour Field of Study: Auditing Knowledge Level: Basic Prerequisites: None | ||
| 4:20 pm - 4:30 pm | Transition Break, Exhibitors & Networking | ||
| 4:30 pm - 5:20 pm | Keynote - Storytelling With Data: Bringing Data to Life through Pictures and Stories Speaker: Cole Nussbaumer Knaflic, CEO, Storytelling with Data Stories resonate and stick with your audience in ways that data alone does not. Why wouldn’t you leverage the power of story when communicating with data? Join this engaging session, during which Cole Nussbaumer Knaflic demonstrates the untapped potential of combining the magic of story with best practices in data visualization for communicating effectively with data. You'll leave the session inspired to bring your data to life and make it a pivotal point in an overarching story that motivates your audience! CPE: 1 hour Field of Study: Auditing Knowledge Level: Basic Prerequisites: None | ||
| 5:20 pm - 6:30 pm | Reception: Drinks, Entertainment, and Giveaway Raffle | ||
![[CANCELLED] 60th IIA Chicago Annual Seminar](/file_uploads/28e61e89a1bebd3344b5f73983dcf0cf_09275-CHAP-Chicago-Side-CLEAR.png)
