Join us for the IIA Winnipeg's first annual Emerging Trends in Internal Audit Summit!
AGENDA
8:00am to 9:00am - Cameron Ollenberger & Dhriti Keshwani, MNP - Data Analytics Best Practices
9:00am to 10:00am - Andrew Cook, IIA - Global Internal Audit Standards
10:00am to 12:00pm - Elizabeth McDowell, Audit Forward - Agile Audit
12:00pm to 1:00pm - Lunch
1:00pm to 2:00pm - Maris Sekar, Equite Association - Exploring the Use of Generative AI in Fraud: Challenges in Detection and Prevention
2:00pm to 4:00pm - Joseph Horowitz, Stetson Cybergroup - Cybersecurity 2024 – The Mission is Clear!
SPEAKERS AND TOPICS
Cameron Ollenberger & Dhriti Keshwani, MNP
Today’s Internal Audit functions must continue to develop and mature in their data analytic usage and capabilities, otherwise, they risk becoming irrelevant to their stakeholders. During this presentation, we will explore how to measure your analytic maturity and identify the required mechanisms that should be in place to properly govern data analytic processes within Internal Audit. We will also look at how to utilize analytics through the full audit lifecycle, from the audit universe to engagement completion. Finally, we will review common mistakes that Internal Auditors should avoid, to ensure your analytics are successful.
Cameron is a Partner in Enterprise Risk Services in Calgary, Alberta with over 20 years of Internal Audit, Internal Controls and Regulatory Compliance experience. Cameron has been utilizing data analytics for over 15 years to maximize insights, increase assurance and enhance the efficiency and effectiveness of the engagements he completes. His analytic experience has covered a wide array of business areas including financial operations, asset and work management, project management, supply chain, and IT. Cameron’s Internal Audit engagement experience also includes risk areas that are top of mind for today’s audit boards including business continuity, anti-bribery anti-corruption, as well as sustainability, environmental and social reporting. Prior to Joining MNP Cameron held audit roles with ATCO, TransAlta and the Alberta Gaming and Liquor Commission. Cameron is also the current President of the Institute of Internal Auditors (IIA) Calgary Chapter.
Dhriti Keshwani is an Analyst for MNP’s Enterprise Risk Services’ Internal Audit and Data Analytics group, working out of the Calgary office. She is a recent graduate from the University of Calgary with a Bachelor of Commerce in Business Analytics. As a student, she was a Teaching Assistant for various Business Analytics courses, which included both graduate and undergraduate business courses. Much of Dhriti’s time is focused on auditing infrastructure companies in the Oil and Gas industry. She has acquired knowledge and analytical experience in the areas of Data Governance, Internal Controls, understanding and modeling Segregation of Duties, and audit testing on transactional data. Within the Public sector, she has worked with various market participants across Canada and previous clients include public universities, the Climate Readiness Ministry, and charitable organizations.
Andrew Cook, IIA
The effective date of the new Global Internal Audit Standards is fast approaching and conformance with the new Standards should be top of mind for those internal auditors working toward effectively elevating the quality of their internal audit function. This session will discuss the format, content, and significance of the new Standards focusing on key changes internal auditors should consider during the implementation process.
Andy Cook is the Director of Professional Guidance for Financial Services at The IIA where he assists audit practitioners in understanding effective execution of internal auditing while leveraging The IIA’s International Professional Practices Framework and a worldwide network of subject matter experts.
Andy is a Certified Internal Auditor and received his master’s in business administration from the Weatherhead School of Management at Case Western Reserve University. Over the past 25+ years, Andy held internal audit management positions at National City Corporation, Nationwide Mutual Insurance Company, JP Morgan Chase, and most recently Huntington Bancshares Incorporated.
Elizabeth McDowell, Audit Forward
Learn the basics of agile auditing and transform your audit shop into an agile, trusted, and collaborative group that Audits Smarter, Not Harder!
In this session, participants will learn:
The basics of agile methodology and agile internal audit.
How to prepare agile artifacts and documents, including the planning canvas and audit report.
How to more effectively partner with management and audit clients.
Agile Audit Overview
What is the agile methodology, and how can it relate to internal audit?
Traditional audit versus agile audit.
Common agile audit pitfalls & how to avoid them.
Agile Artifacts & Documents
Create an innovative, collaborative, and efficient audit planning canvas.
Streamline your audit reporting with an audit report overhaul.
Identify "quick win" data analytics that can improve all parts of the audit process.
Improve Client Relationships
Actionable tips to turn clients into raving fans of internal audit!
Create a sustainable, ongoing risk assessment process that includes client input and feedback.
Elizabeth McDowell, CPA, CIA has nearly 20 years of audit experience and is the founder of the Audit Forward, an innovative internal audit consulting and training firm. Elizabeth is passionate about advancing and advocating for the internal audit profession and was recently recognized as one of the 2023 Internal Audit Beacons by Richard Chambers. Elizabeth makes auditing and training fun (no, really!) with the help of her mascot, Audie the Internal Otteror. In addition to training and consulting, Elizabeth is an adjunct Professor of Accounting at Front Range Community College. Elizabeth's most recent industry experience was at Achieve, where she was the Senior Director, Audit Strategy: prior to that, she held internal audit leadership roles at Elevations Credit Union, Fidelity Investments, and Xcel Energy after first starting her career at Ernst & Young.
Maris Sekar, Equite Association
Exploring the Use of Generative AI in Fraud: Challenges in Detection and Prevention
With over a quarter of companies implementing bans on employee use of generative AI, it is crucial to recognize that this strategy alone may not fully mitigate risks. Generative AI is increasingly leveraged to deceive employees into disclosing sensitive information or authorizing fraudulent transactions. This technology can produce compelling yet fraudulent data, such as fake documents and financial statements, that closely mimic legitimate records. As a result, traditional fraud detection methods may struggle to identify such sophisticated fraud. The ability of generative AI to create realistic and deceptive content can expose vulnerabilities in existing fraud detection systems, heightening the risk of data manipulation and compromising the integrity of financial and compliance reporting. To effectively combat these risks, organizations need to develop and implement advanced strategies and controls explicitly tailored to address the unique challenges posed by generative AI.
Maris is a distinguished professional engineer and principal data scientist with a proven track record of leading innovative projects for prominent organizations, including PwC, Shell Canada, TC Energy, and the Equite Association. His deep passion for fraud analytics has earned him several prestigious awards and driven him to contribute significantly to the field through influential articles, published papers, and a groundbreaking book on applying machine learning in auditing and fraud analytics. Maris plays a crucial role in combating insurance fraud on a national scale. His expertise and dedication to advancing fraud detection and prevention make him a leading voice in the industry.
Joseph Horowitz, Stetson Cybergroup
Cybersecurity 2024 – The Mission is Clear!
As we step into this new year, it's evident that the landscape of digital security has evolved significantly, presenting challenges that demand our immediate attention. Prior to the turn of the century, Hollywood began teasing the concept of computer hacking through well-known films like War Games (1983), Hackers (1995), and Independence Day (1996). These movies introduced audiences to the world of hacking, depicting both its positive and negative aspects. Fast forward to the 21st century, and we've seen an explosion of movies and documentaries focused on various forms of computer hacking. Today, with the prevalence of cybersecurity in Hollywood, daily news reports, and fiction, it's rare to find someone who hasn't heard the term -or worse- a person or organization who hasn’t been personally impacted by it.
Initially, hackers were either individuals or small groups targeting specific companies for personal gain. However, as time passed, we've witnessed the emergence of nation-states deploying armies of hackers to steal data, information, and money from a wide range of organizations. According to the Canadian Anti-Fraud Centre, there have been over 150,000 reports of fraud in Canada with over $600 million stolen since January 2021 and in the U.S. the 2023 FBI Internet Crime Report revealed staggering losses of over $12.5 billion. This is concerning, especially given the multitude of Federal and State regulations and frameworks surrounding cybersecurity and data protection.
So, how do we combat these threats and minimize our risks? In this session, we'll delve into Canadian regulations that demand our attention, as well as Cybersecurity frameworks designed to simplify the implementation of necessary controls. We'll shine a light on commonly overlooked areas of risk and explore proactive measures that organizations can take to mitigate the chances of falling victim to a cyberattack.
It’s 2024 where the urgency of cybersecurity is now mission critical. Will you accept this mission?
Joe joined Stetson Cybergroup as the Director of Compliance and Audit in July of 2020. He spent most of his 25+ year career as a collaborative, results driven audit, risk, and compliance business partner who drives organizations to achieve measurable and attainable goals, as well as meeting compliance with most cybersecurity regulations.
Joe has comprehensive experience in all aspects of auditing, specializing in technology and non-technology risks and controls for a wide range of industries. These industries include government, healthcare, technology, cable & communications, consumer electronics, legal, and management consulting.
Joe's certifications include Certified Internal Auditor (CIA), Certification in Risk Management Assurance (CRMA), Certified Information System Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), and Associate Certified Chief Information Security Officer (A-CCISO).
Joe is an active member of Information System and Controls Association (ISACA), International Information System Security Certification Consortium ((ISC)²), Association of Certified Fraud Examiners (ACFE), EC- Council, InfraGard (via FBI), and The Institute of Internal Auditors (IIA) where he is a board member for the Albany, NY chapter. Joe has a B.S. in Business, Management & Finance and A.A.S. in Accounting.