The Dallas Chapter of the Institute of Internal Auditors

February Meeting
Tuesday the 8th
CityPlace Conference Center

Annual Student Day
Joint Meeting with Ft. Worth IIA

Lunch Meeting 12:00pm
Registration begins at 11:30am

Audit Sampling

Don Hanks,
Protiviti

In today’s world of Sarbanes-Oxley, where testing has taken on a whole new importance and test results are closely scrutinized, how do you ensure your testing is accurate and appropriate? The answer: use statistics. Although judgmental testing has long been the friendly method of testing, understanding a few basic concepts can make statistical testing your new best friend and give your testing a solid foundation. Statistics and Audit Testing presents simple methods to help you incorporate statistical testing into your audit or governance program and gives you tips on when to use statistical and your old friend, judgmental testing.

Don Hanks is a Senior Manager with Protiviti Independent Risk Consulting. He has a Bachelor’s of Science from the United States Air Force Academy and a Master’s of Science in Applied Mathematics from Creighton University. He has served in a variety of roles during his career including scientific officer in the U.S. Air Force, an Assistant Professor of Mathematics at the Air Force Academy and the head of Protiviti’s Enterprise Testing group.

Make your Reservation On line!

Pre-Meeting 10:30am

SOX IT – Year Two
Stacey Hamaker, Shamrock Technologies

Rather than a formal presentation, this session is intended to be an interactive discussion among panelists and session attendees on the impacts of SOX on IT and the outlook for SOX-IT Year Two. Led by Stacey Hamaker, Managing Principal of Shamrock Technologies, the session will introduce some of the questions that have been circulating among firms and discussion groups related to SOX-IT such as:

  1. Number of Controls - How many key General Computer Controls (GCC) were identified for your organization?
    • Were there any enterprise controls with a decidedly IT focus, i.e. IS Security, acceptable use, etc.?
    • Is there any effort being devoted to review and either eliminate, consolidate or optimize GCC controls in year two?
  2. Resources - What was the resource mix for GCC in IT and internal audit?
    • Contractors, permanent staff added, etc.
    • How will the staffing mix and levels change for year 2?
    • What were the ballpark costs for 2004 SOX-IT? How will that change for 2005?
  3. Deficiencies - Has anyone experienced deficiencies, significant deficiencies or material weaknesses in GCC?
    • If so, what created the situation?
    • What are the most common material weaknesses?
  4. Approach - Are plans in place to update scope, controls, process, and/or documentation in year two? If so, how?
  5. Executive Involvement - How is the executive team engaged with GCC?
  6. Decentralized Organizations - What are the strategies for handling decentralized business units and how is it working?
  7. Automated SOX Compliance Tools – Have any automated SOX Compliance SW tools been helpful?
    • If so, which tools, what areas and why were they helpful?
  8. Automated Network Security Tools – What automated Network Security tools have been used by the external auditors?
  9. Frameworks - What frameworks are companies utilizing for GCC (COBIT, ITIL, other?)
  10. Cost/Benefits - Is your company tracking cost/benefits for SOX-IT efforts? Any early indicators?
  11. Smaller Organizations - Has anyone begun to address how SOX can be scaled down for the smaller, 2005 filers?
  12. Key GCC Controls – Which specific GCC controls have been an issue? SDLC, Patch Management, Configuration Management, others?

Stacey Hamaker, CISA is a Managing Principal of Shamrock Technologies. She founded the company in 1990 to provide high-level analytical and technical assistance to organizations on a project basis. A thought-leader and published author on Governance topics, Ms. Hamaker has 25 years experience with enterprise-wide technology initiatives at Fortune 500 companies and mid-sized firms as well as the public sector. Most recently she has been heavily involved in Sarbanes-Oxley IT Compliance initiatives.

Ms. Hamaker’s background is in the areas of information strategy, internal controls, systems analysis, accounting systems, requirements definition, project management, and database administration. Stacey is active in the Information Systems Audit and Control Association (ISACA), Institute of Internal Auditors (IIA), and the Greater Dallas Chamber. Several of her articles have been published in the Information Systems Control Journal. Ms. Hamaker’s speaking engagements span local IT organizations as well as national and international venues such as ISACA’s 2001 International IT Governance Forum. She earned her MBA-MIS form the University of Texas at Arlington and her BA-Accounting/Math from Marietta College, Marietta, Ohio.

Make your Reservation On line!

~ Please note we have concurrent Post-Meetings this month ~

Post-Meetings 1:30pm

Cost Segregation Studies
Brook Fowler, UHY

Brook Fowler is a Senior Manager in the Flexible Staffing Department of UHY Mann Frankfort Stein & Lipp Advisors, Inc. (UHY) in Houston. He is a CPA and has worked for 12 years in the tax area for both public accounting firms and industry.

Make your Reservation On line!

Annual IIA Dallas Chapter Student Forum

Panelists include:

  • Al Bazis, Director – Internal Audit, Dallas Area Rapid Transit
  • Carla Cashio, Senior Manager Audit Services, Textron
  • Magdalena Kovats, Regional Director, Resources Connection
  • Debbie McKibben, Advisory Partner, PricewaterhouseCoopers LLC

The forum brings together students from various area universities and a panel of practicing internal auditors to answer questions about the profession. Members may ask questions as well. It is an opportunity to hear how other audit departments are structured, what areas they are auditing, types of audits, how they are addressing current issues in the internal audit profession, and other relevant topics. Panelists are at different experience levels and from a variety of industries to provide a broad perspective.

Make your Reservation On line!

Cityplace Confernce CenterMap to CityPlace Conference Center
CityPlace Conference Center

This meeting is being held at CityPlace Conference Center
2711 North Haskell Street
Dallas, Texas 75204

For problems or comments concerning this information,
please contact the webmaster@dallasiia.org

This page was last updated on Thursday, August 07, 2008 at 06:10 AM PST.

© 2005 Dallas Chapter Institute of Internal Auditors
P. O. Box 261747, Plano, TX 75026-1747


AUDIT LINKS

theiia.org
The Institute of
Internal Auditors


Association of
Government Auditors

Fort Worth Chapter
of the IIA

http://som.utdallas.edu/iaep
UT Dallas
School of Management
Internal Auditing
Education Partnership

UTD Students Chapter

itaudit.org
IT Audit Forum

auditnet.org
Audit Net


Information Systems Audit
and Control Association

North Texas Chapter
of ISACA

cfenet.com
Dallas Chapter
of ACFE

Association of
Certified Fraud
Examiners

aicpa.org
American Institute of
Certified Public Accountants

cpadallas.org
Dallas Chapter
of TSCPA

Texas Society of CPA's

HOME ~ MEETINGS ~ SEMINARS ~ REGISTRATION ~ LEADERSHIP ~ MEMBERS ~ CAREERS ~ SEARCH