Data Loss Prevention

As a member of several corporate boards, Dr. Aggarwal is well aware of the responsibilities of being a board of directors member. One of the primary responsibilities, according to Tom Horton (“Directors & Boards” author), is to secure the future of the organization. According to Mr. Horton, the very survival of the organization depends on the ability of the board and management not only to cope with future events but to anticipate the impact those events will have on both the company and the industry as a whole.”
According to Dr. Aggarwal, it is incumbent on directors to demand information and insight that will help them secure the future of the organization—which could be everything from the seemingly most innocuous moves by a competitor to the most threatening moves by a foreign nation potentate.
Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) are a couple topics about which the directors should demand information and insight. When is the last time these two topics were discussed during your board meeting? You could have discussed the succession plan of a CEO as part of business continuity. But with BCP and DRP, we are implying the readiness of your organization in event of a natural or man-made disasters.
In this webinar, Dr. Aggarwal will provide a series of ten questions which every board member must consider, and every internal auditor must be prepared to answer.

Most of you are probably excited about the new release of Apple’s operating system, iOS7. This operating system not only has enhanced user features but has several cool security features. Jeff Ingalsbe will present the key security enhancements in iOS7 and identify those features which every auditor must know and understand.

Jeff Ingalsbe is an Assistant Professor, Department Chair, and Director of University of Detroit Mercy’s “Center for Cyber Security and Intelligence Studies.” Mr. Ingalsbe runs a state-of-the-art cyber security laboratory where students gain real world competencies through exploration of cyber security problems. Until recently, Mr. Ingalsbe managed the Information Technology Security Consulting Group at Ford Motor Company. He was involved in information security solutions for the enterprise, consumerization exploration, threat modeling efforts, and strategic security research. His BSEE and MSCIS degrees are from Michigan Technological University and the University of Detroit Mercy, respectively. He is currently working on a PhD Information Systems Engineering at the University of Michigan Dearborn.

This webinar will cover the details of assessing and managing risks of changing currencies.
Some of the major topics covered in this webinar will include:
•Why Exchange Rates Change?
•Changing Exchange Rates, Trade, and Investment
•Corporate Impact of Exchanges Rate Changes
•Determining Transactions, Translation, and Economic Exposures
•Financial Hedging of Net Exchange Rate Risks
•Operational Hedging of Net Exchange Rate Risks
•Audit Considerations in Exchange Rate Risk Management

Mapping process flows is critical to understanding, documenting, and improving your processes. Learn how to develop world-class business process maps that highlight automation, best practices, manual steps, task assignment, activities of internal partners and external vendors, and more while ensuring accurate documentation and key participant input. This session will demystify the complexity around process mapping and provide hands on tools and tips that you can begin using immediately.

Leveraging Analytics in IA – Critical Success Factors and Integration Key Drivers
This webinar will assist participants in developing a roadmap to accelerate the integration of analytics within the internal audit function. During this webinar participants will learn how characteristics of their organization's strategic vision, business environment and technology impact the use of analytics. By understanding these characteristics, or critical success factors, internal audit can determine the type of analytic they should use to support various audits.
During this webinar we will also discuss the types of audit evidence supported by different forms of analytics, and what internal audit should do to accelerate the integration of analytics into the audit when they work in an analytic "friendly" organization. We will also discuss techniques internal audit can use to help organizations develop good analytic practices and become analytic “friendly.”

The dynamic nature of accounting standards, filing rules and financial market regulations demands that you stay one step ahead of the changes. This presentation will provide an overview of accounting and compliance requirements with a focus on two elements of a myriad of critical items to consider in your financial reporting and internal audits for 2013 – the JOBS Act and Conflict Minerals.
•JOBS Act: Establishes SEC requirements for emerging growth companies that makes it easier to raise capital and provides an IPO ‘on-ramp’ to phase in certain requirements.
•Conflict Minerals Rule: Mandated by the Dodd-Frank Act with direct impact to half of all public companies including technology, automotive, and industrial products industries.
Learn how these and other changes may impact your audit scope and work plans and why you must partner with your accounting organization to stay one step ahead.

According to some of the industry experts, the security and management of smart devices like iPads, iPhones and Android phones are quickly becoming the weakest link in most organizations. The internal auditors would like to audit the management and security of these devices and are looking for a structured audit approach.

The third webinar ion the series will focus on protecting the data which has been classified. This webinar will discuss the examples of how a DLP solution can assist in protecting and monitoring the classified data.

The second webinar in the series will focus on operationalizing the data classification program by rolling out the program to the different business units. This webinar will take an example of a software and show how the documents and folders can be classified (labeled).

The first webinar in the series will discuss the ingredients to define a data classification policy and expand operational procedures to assist data owners in classifying the data. This classification is the first step in identifying the “crown jewels” for an organization. Some of the topics covered by the webinar will include:

- Data Classification Policy and examples

- Process of classifying data (and examples on how to classify data)

- Process of labeling classified data (Example of SharePoint for Microsoft classified documents)

- Discussion of role of a data owner

Spreadsheets are used extensively throughout an organization to collect, analyze, and report on data used for financial reporting, financial planning & analysis, operations, and performance metrics. This webinar will help internal auditors at all levels, as well as spreadsheet owners within the business units, understand the scope of risks to consider. We will discuss how to work within your organization to ensure that practices are in place to:

-Identify the spreadsheets at greatest risk of error
-Identify the most likely candidates for fraud
-Mitigate the risks, and
-Implement a policy that can contribute to the development of more efficient and user-friendly spreadsheets.

In 2010, the AICPA issued SSAE No. 16, Reporting on Controls at a Service Organization, which replaced SAS 70. Most organizations outsource certain tasks and functions to at least one service organization. Therefore, many risks of the service organization become risks of the user entity. SSAE 16 reports are intended to provide an objective evaluation of the effectiveness of controls at the service organization. Join us to discuss:
* Why the change to SSAE16
* Similarities & Differences between SAS70 & SSAE16
* Impacts of the change to Internal Audit Organizations
* Common pitfalls / value adds / best practices
* Broad Standards (SSAE 16, SOC, AT101) and how they relate