STEPHEN HEAD - Experis Finance: Director of IT Risk Advisory Services
Managing cyber risk in today’s digital environment is extremely challenging, whether your organization is public, private or governmental. In response to the growing frequency and severity of cyber-attacks, many organizations have decided it’s time to focus more of their efforts on cyber risk, starting with a cyber risk assessment. This approach to proactively dealing with the risk of cyber-attacks increases the organization’s awareness of the potential impacts and costs, and enables them to take actions that reduce the overall risk to the organization, minimize the impact of cyber-attacks, and more predictably ensure the continuity of essential services.
This webinar will provide participants with a high-level overview of assessing cyber risk and explore the following:
•Threats and root causes of breaches
•The changing regulatory landscape
•Security frameworks and tools
•Practical ways to assess your risk and organizational exposure
•Key elements of a successful cyber risk management program
Sajay Rai, CPA, CISSP, CISMRecorded: Oct 18 201861 mins
Technology is omnipresent. Technology is helping businesses work faster, smarter and become more innovative. But the same technology is introducing more security risks. Organizations are deploying security technologies to mitigate the security risks and implement continuous monitoring of these risks. Audit departments within organizations are planning to conduct more technology audits than ever before. They are looking to automate their audits. They are looking for newer, smarter audit tools. But before we go any further to identify any new tools, let’s look at the same continuous monitoring tools already deployed within the organizations, which could help the auditors as well.
The session will discuss the following areas:
•Security Information Event Management
•Identity and Access Management
•Mobile Device Management
Scott Stringer and Amy Slevinski – Baker TillyRecorded: Apr 18 201860 mins
The Foreign Corrupt Practices Act (FCPA) was enacted in 1977 making it illegal to make payments to foreign government officials for the purpose of obtaining or keeping business. The anti-bribery provisions of the FCPA require maintenance of accurate books and records as well as an adequate system of internal controls. Please join this webinar to gain an overview of the FCPA, discuss recent enforcement trends throughout the years, and understand how the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) considers a company’s existing compliance program when assessing penalties. The webinar will cover common methodologies and frameworks for identifying possible gaps in existing compliance programs, common pitfalls and considerations when assessing and remediating anti-bribery and anti-corruption compliance gaps, highlighting areas where internal audit practitioners can contribute to a company's anti-corruption monitoring efforts.
Business transformation in the 21 st century has organizations extending their value chain into
customer decision making, as they design and deliver “digital services” using advanced
information technology. Such transformations need organizations to run at a faster speed to
explore new value creating opportunities and still keep running their daily operations at regular
speed. So, organizations may need two different organizational structures and governance models
to manage both faster and regular speeds to isolate risks, including strategic (e.g. brand reputation),
compliance (e.g. data security and integrity), operational and technical risks that surface when
working with many unproven technologies, external partners, and evolving customer expectations.
This presentation will look at strategies to address these risks.
Dr. Raj Aggarwal, CFA, Ancora TrustRecorded: Feb 21 201855 mins
Dr. Raj Aggarwal is back to address an important topic on the alignment of internal audit and the board. As a board member, Dr. Aggarwal gets to see both sides, internal audit interaction with the board, and the board expectations of the internal audit function.
Dr. Aggarwal will expand on the recent article of Board Matters in IIA’s Internal Auditor magazine and share his experiences related to the exchanges of the board and the internal audit.
This webinar is designed not only for the CAEs but all members of the internal audit function and the Board of Directors for both private and public companies.
12.00 Noon (eastern) to 1.00 pm (eastern)
One CPE Credit
Presenter: Taras Shalay
In this webinar, Taras will introduce the different coverages available under the cyber insurance and de-mystify the various coverages and terms. In addition, Taras will discuss how the cyber insurance can play a key role in managing the overall cyber risk within an organization.
By the end of this webinar, participants should be able to:
• Explain the various terms associated with cyber insurance
• Understand whether a given policy addresses their cyber risks
• Examine their own cyber risk policy
Bio: Taras Shalay
With 10 years of underwriting and brokerage experience in Professional Liability, Executive Lines and Cyber Liability, Taras has a unique specialization in the insurance industry.
Taras’ extensive Cyber Liability experience allows him to easily explain the complexities of a Cyber Liability policy, as well as the various different coverage’s available to his clients that may or may not fit their insurance needs. Taras’ main focus is to identify the key exposures for his clients and provide the best available solutions in this quick changing market environment.
Taras also has a decade of experience with Directors’ & Officers Liability, Employment Practices Liability, Fiduciary Liability, Crime, and Errors and Omissions.
Taras Shalay is a 2006 graduate of Western Michigan University with a Master’s degree in Economics, where he was also awarded with graduate student of the year in his department.
In this webinar, former Disney loss prevention and investigations leader Don Levonius shares what he learned about using internal controls to prevent fraud, mitigate risk, and protect the magic at the happiest place on earth. Disney, an extremely complex control environment, not only uses internal controls to achieve impressive operational and financial results, “The Mouse” also uses controls to protect intangible assets, promote ethical behavior, ensure business continuity, and mitigate the impact of tragedies.
By the end of this webinar, participants should be able to:
•Discuss how one of the most trusted brands in the world manages reputation risk
•Describe why monitoring an ineffective control is like weighing yourself on a broken scale
•Examine the relationship between unethical employee behavior and the failure of weak controls
•Explain what business continuity looks like when catastrophic risk becomes reality
The views expressed in this webinar are the recollections and opinions of the presenter and are offered in accordance with fair use doctrine. His stories are compiled from “common knowledge” and published media reports, which may or may not be factually accurate. They are presented as hypothetical situations and are included for illustrative teaching purposes only. The presenter is not responsible for errors or omissions. This webinar is not sanctioned, authorized, or endorsed by the Walt Disney Company or its affiliates.
Jeff Sisolak, CISM, CISARecorded: Oct 19 201759 mins
The use of Information Technology in business has become so ubiquitous that just about every audit has an IT component. Operational and business process auditors must embrace technological advances rather than resist them in order to perform audits in an effective and efficient manner. This webinar will provide all auditors with a foundational understanding of application controls and data reliability.
Bill Hickman and Peter L. MansmannRecorded: Sep 20 201761 mins
When we first had Pete and Bill present on the topic of Forensics, we had feedback from our members that we should bring them back and focus on specific modern technologies. Well, we heard and brought them back. Bill and Pete are going to provide an overview of some of the latest and up and coming technologies being employed by investigators. This seminar will cover topics including: cell phone data recovery and analysis, social media geo-fencing, and artificial intelligence engines that analyze non-structured data (photos, video, etc...). We will also discuss how data locations are shifting towards cloud based applications and how investigators are finding and making use of this information.
Enforcement of the EU General Data Protection Regulation (GDPR) will begin on May 25, 2018. It effects and applies to all companies processing and holding the personal data of individuals residing in the European Union, regardless of the company’s location. The law was passed in 2016 and we are presently in a “transition period” which, by some accounts, has been ignored or unrecognized by many organizations. If your organization handles personal data for residents of the EU now is the time to prepare.
During this webinar you will learn about the regulation’s requirements and penalties. Further, the information offered will help you update or create appropriate audit/risk assessments to determine your organization’s readiness.
Jay R. Taylor, CEO and President of EagleNext Advisors LLCRecorded: Apr 25 201761 mins
One of the most critical and complex issues companies face today is providing the right leadership and level of attention to growing risks related to cyber security. While Internal Audit plays a critical role in this area, challenges in planning, execution and communication can detract from providing what the board needs. In this webinar Taylor will take you into the board room to better understand the critical role played on both sides – the Board committees such as Audit and Risk, and Internal Audit. You will walk away with new insights to help your team be more successful.