January 2005

Thursday, January 13, 2005 CityPlace Conference Center Joint Meeting with the North Texas Chapter of ISACA

Meeting 12:00pm - 1:20pm
Registration begins at 11:30pm

White collar cybercrime is quickly becoming a worldwide phenomenon, with thousands of corporations affected by malicious attacks. These attacks can range from denial-of-service and direct network assaults, to strikes against internal vulnerabilities with small office/home office installations and rogue wireless access points, servers or workstations.

White collar cybercrime also includes the largely publicized methodologies employed by Russian crime rings that threaten cyber attacks if extortion demands aren’t met. One Russian outfit brought down several high-profile online UK gaming sites, including www.sportingoptions.com. By creating and blasting a variety of viruses and worms, they threatened to essentially shut down the sites if their payment demands weren’t met.

The influx of white collar cybercrime has prompted the need for precautionary measures that protect organizations against internal and external IT assets. During this session with Mark Loveless, participants will hear about the key tactics used by white collar cybercriminals, including how to develop and maintain comprehensive security policies to strengthen the overall security of IT infrastructures.

As a senior security analyst with BindView Corporation, Mark Loveless, AKA "Simple Nomad", works on the company’s highly regarded RAZOR Research Team. He is also the founder of the Nomad Mobile Research Centre (NMRC), an international group of hackers that explore technologies.

Loveless has spent years developing and testing security strengths for a broad range of computer systems. He has authored numerous papers, tools and articles, all dealing with the security -- and insecurity -- of computer security. Loveless is a frequently sought lecturer at security conferences and industry events around the globe. He has been quoted in print, online and television media outlets regarding computer security and privacy.

Pre-Meeting 10:30am - 11:30am

Internal Audit and
Business Continuity Planning

Dan Bailey, MBCP
Protiviti

This session explains how an Internal Audit program adds value to an organization's business continuity planning process. It also outlines information that is available to the internal auditor as well as proven approaches to conducting a business continuity audit.

Dan Bailey is a Senior Manager in the Dallas office. He worked for First American Corporation prior to joining Protiviti in November 2003, where he was responsible for the Enterprise Business Continuity Program. He's worked in a variety of industries; Insurance, Financial Services (banking and real estate), Technology Services, and Data Management. He has been actively involved in the Information Technology field since 1984 and has been specifically focused in the business continuity field since 1991. Dan received his Certified Business Continuity Professional (CBCP) and Master Business Continuity Professional (MBCP) certifications from DRI International in 1999 and 2002 respectively. He also serves as a Commissioner on DRI International's Certification Commission.

Dan's focus at Protiviti is primarily in the Technology Risk, but more specifically in the Business Continuity practice. He has managed and executed engagements for Alliance Data Systems, BEI Technologies, Carreker Corporation, CRIIMI MAE, Fremont Investment & Loan, Intuit, RHI International, and Weider Nutrition.

Special Pre-Meeting 9:30am - 11:30am

Special Pre-Meeting: Join a Focus Group on XBRL

Glen Gray, PhD, CPA, (an IIA Researcher and professor in the Accounting and Information Systems at California State University) will be attending our January meeting and would like to arrange a focus group (about 12 members) discussion to explore reactions and concerns of internal auditors to XBRL. XBRL is an emerging standard for tagging financial information for electronic transmission, manipulation and storage. See recent article on the subject at: http://www.theiia.org/itaudit/index.cfm?fuseaction=forum&fid=5551.

The focus group will NOT go deeply into XBRL technology. The discussions would be divided into two parts. The first part would focus on how auditors currently manipulate (extract, consolidate, transmit, etc.) data and what are the issues/problems/concerns with these current activities. The second part will then focus on the participant’s reactions and thoughts regarding XBRL’s expected uses and benefits related to data manipulation and the issues/problems/concerns that surfaced in the first part of the focus group.

Glen is not looking for XBRL experts. He is more interested in peoples’ reactions to what proponents of XBRL believe are the main benefits of XBRL. He would like a mix of people for the focus group – both from the level of technology experience and the overall number of years of experience.

The focus group is scheduled for two hours (9:30 – 11:30) prior to our January 13 luncheon meeting at CityPlace. Each participant will receive two hours of CPE. Contact Dave Hallo at David.Hallo@kaneb.com if you are interested in participating. If you have already contacted Dave to join the focus group, you do not need to contact him again.

This meeting is being held at CityPlace Conference Center, 2711 North Haskell Street, Dallas, Texas 75204

The DART light rail station at CityPlace serves both the RED and BLUE lines. Check for schedules, routes and fare information at  http://www.dart.org/default.asp

Preferred Method:

The best method to place and confirm your reservation is via the web site at http://www.dallasiia.org/Reserve.htm.

Secondary Method:

An optional method is to use the telephone, fax, or e-mail. However, a $2 phone/fax/e-mail fee will be assessed to each reservation.

Reservations must be received by noon on Friday, January 7, 2005 or a $5 late fee will be charged.

We reserve the right to bill for "no-shows."

We Now Accept Credit Cards - Online Only

The IIA Dallas Chapter, in conjunction with PayPal, will now accept payment online for the monthly luncheons. There is no change in the cost to you for the lunch. We accept VISA, MasterCard, Discover, American Express, or eCheck. Note that some corporate-issued cards are not accepted by PayPal. This service is only available online at the time the reservation is made. This can be used to pay for individual or group reservations. Follow the instructions on our website. If you properly cancel a reservation before the meeting, the Chapter will either return the funds to you or reserve you for the next meeting. Any questions, contact Melinda Lokey at 214-473-3823 or melinda.lokey@triadhospitals.com.

After you place your reservation online, you will see the link to pay via PayPal if desired.

Chapter News

CIA Exam Review Course

The Certified Internal Auditor exam is scheduled for May 18 -19, 2005. The Dallas Chapter will once again sponsor an interactive CIA review course to help prepare candidates. This four day course will be taught by Dr. Glenn Sumners, Director of the Center for Internal Auditing at LSU. Comprehensive printed study materials will be provided for the course. Register On-line for this review course at http://dallasiia.org/CIAReview_S05.htm#a01.

The course will be taught February 4 through February 7, 2005 (Friday - Monday), 8:00 AM to 5:00 PM each day, according to the following schedule:

(Please note if you are a CBA, CGAP, CCSA, CISA, CMA, CPA, CTA, CUCE, CRCM or CTCP you are eligible to receive professional recognition credit for Part IV of the CIA Exam.)

Eight hours of continuing professional education (CPE) will be given for each full day session. The course will be taught at the UTD School of Management (SOM) Room 1.502. A map with directions to UTD can be found at:

http://www.utdallas.edu/campusmap.html

Cost for the course is $125 for each part if you are a Dallas IIA Chapter member, $150 for each part for non-members and members of other chapters. A reduced rate is being offered to students in the Dallas Chapter. Please contact David Gibbs at davidgibbs5@comcast.net for more information on the student rates.

Note: You may pay on-line with a credit card for this course. You will be given that opportunity when your online reservation is confirmed.

If you choose not to pay on-line with a credit card, the registration fee must be received by Toni Messer at the address below in order to reserve your place at the course. Checks should be made payable to the Dallas IIA:

Toni Messer
UTD Office of Internal Audits
P.O. Box 830688 AD 32
Richardson, TX 75083-0688

For additional information about the review course, contact Toni Messer at 972-883-2693 or tmesser@utdallas.edu.

If you are interested in overnight accommodations, there are several hotels near UTD (these are listed for information only; the Chapter has made no arrangements with these hotels):

http://www.richardsontexas.org/Accomodations_All.htm

Welcome our Newest Members & Congratulate our Most Seasoned Ones

Report Your Speaking and Writing

It's time again for the survey to determine which IIA Dallas Chapter members have submitted articles or spoken in December, or earlier if not reported. Each speaking engagement on internal auditing that a Dallas Chapter member completes will earn the Chapter 1 credit per CPD hour. Each full article, Roundtable article, Fraud Finding, etc. submitted that meets basic editorial guidelines will earn 5 credits. For each full article published 20 credits are earned. Each internal audit related article published in any other trade or professional journal that is authored by a chapter member is 5 credits.

To report your writing and speaking go to http://dallasiia.org/Speaking.htm and complete the provided form by January 15, 2005. Contact Magdalena Kovats (214-777-0581 or magdalena.kovats@resources-us.com) if you have any questions.

Career Opportunities

Are you currently in the job market either voluntarily or involuntarily? Let the Employment Committee help you. Send us your resume and we will include you in our resume database. We receive calls from recruiters and hiring managers for open positions and will forward your resume if there is a match. We get calls for staff to director levels, IT to finance, local to out of town. All inquiries will be handled confidentially. If you have any questions, give us a call or e-mail us. We look forward to helping you.

Fred Herman, Employment Committee Chairman, 972-801-1208, fsjnherman@aol.com.

Internal Audit, Audit Consultant

Internal Auditors serve the organization as internal consultants trained in identifying risk, evaluating risk management, adding value, facilitating change, and solving unstructured business problems. Dell uses the internal audit department as a training ground (2-4 years) and as a stepping stone to other opportunities within the company. Internal audit is an excellent opportunity to gain an overview of the organization's operations. Assignments are largely complex in nature and require strong individual contribution, teamwork, and effective communication/interaction with a variety of Dell business leaders and teams. Independent judgment and initiative are required to identify risks, evaluate issues, and develop workable solutions in line with Dell business objectives and leading industry practices. Some of the key duties include:

• Assist in planning and project definition
• Identify IT controls needed
• Develop and complete appropriate test procedures of the area under review
• Recommend system improvements to increase efficiency and effectiveness
• Report out audit findings for management and obtain management action plans (MAP's) for all found control weaknesses
• Track ongoing progress against MAP's and ensure successful completion
• Thorough ability to identify business processes

A successful candidate must demonstrate strong communication skills, business acumen, drive for results, and organizational agility. In addition, the individual must have strong research and analysis skills.

Prefer Bachelor's degree in IT, Accounting, or Finance, with 3-6 yrs experience or equivalent training/experience. Prefer diverse experience drawn from Dell, Industry, and/or Consulting. Professional certification (CISA, CMA, CIA, PMP) preferred.

Please contact:

Shannon Wolfe
Corporate Services Finance
Talent Acquisition
One Dell Way
Round Rock, TX 78682
(512) 728-4429
Shannon_wolfe@dell.com

Are you an Auditor tired of traveling all the time?

Kelly Financial Resources is currently searching for a Senior Internal Auditor for a terrific position in Downtown Dallas with No Travel!!!!

The ideal candidate must have the following to be considered:

• CIA or CPA Certificate
• Bachelors in Accounting or Finance
• At least 4 years internal audit experience

Preferred qualifications include:

• Healthcare Experience
• Supervisory Experience
• Big 4 Accounting Experience

Responsibilities include:

• Serving as a Project Leader in planning, organizing, and directing work to ensure the timely completion of assigned projects.
• Identifying potential risk exposure and evaluate the effectiveness of organizational policies and procedures and internal controls designed to meet strategic business objectives.

The position pays $60,000 to $70,000 per year with great benefits!

To be considered please apply on line at www.kellyfinance.com or email

your resume to jeff.corritori@kellyservices.com.

Kelly Financial Resources (KFR) specializes in the placement of financial professionals in the fields of Accounting and Finance.

We are a specialized business unit of Kelly Services, Inc., a US-based Fortune 500 company and global staffing industry leader. KFR relies on a vast network of offices located in the major business centers of the world to deliver our services internationally. Visit us at http://www.kellyfinance.com.

Internal Auditor III

GENERAL SUMMARY:
Provides intermediate auditing skills in the conduct of audits of the various functions and activities of DART. The DART Internal Audit Department is COSO based and utilizes a matrix approach to analyze business objectives, risks to the objectives, and controls to mitigate the risks. The matrix is developed utilizing interviews supported by walk-throughs and subsequent testing. The audits are selected by an annual risk assessment done by department personnel. The auditors also engage in proactive participation in system and process projects as control consultants.

REPORTING RELATIONSHIP: Reports to Director, Internal Audit, Albert J. Bazis.

ESSENTIAL DUTIES AND JOB FUNCTIONS:

1. Conducts or works on assigned audits of various DART departments or external contractors.
2. Provides guidance to assigned Auditor II’s on moderate-risk audits or may work under the direction of an Auditor IV on more complex audits.
3. Evaluates the adequacy and effectiveness of internal controls surrounding the activities under audit and determining compliance with all applicable DART policies and procedures.
4. Executes audits in a professional and timely manner in accordance with appropriate professional auditing standards and prescribed Internal Audit departmental policies.
5. Prepares and reviews working papers of a quality acceptable to audit department management and the standards of the Institute of Internal Auditors (IIA). The working papers will be used as a basis for supporting work performed, conclusions drawn, as well as findings and recommendations included in the audit report.
6. May write audit program; develop findings with adequate evidence; makes recommendations for improvements and writes moderately complex reports
7. Conducts or assists in investigation of alleged theft, misuse of funds or other defalcations as well as to establish how it occurred, the extent of loss and means of prevention.
8. Performs other duties as assigned.

MINIMUM KNOWLEDGE, SKILLS, AND ABILITIES:

1. Bachelor's degree in Accounting, Business Administration, or related area.
2. Three (3) to Five (5) years of professional level experience in an internal audit, public accounting, or related environment to include (2) two years of auditing experience. Working knowledge of internal control concepts and technical proficiency in auditing skills.
3. Effective oral and written and communications skills. Able to write memos, letters, reports, and e-mails, that are accurate, well organized grammatically correct, and in appropriate format.
4. High level of analytical and creative skills to find solutions to complex professional, technical, and administrative problems.
5. Substantial interpersonal skills to effectively communicate with sensitivity to all levels of supervisory and non-supervisory employees, executive staff, Board Members, governmental entities, a culturally diverse community, consultants and others both inside and outside of DART.
6. Ability to demonstrate a fiduciary obligation to division, department, and DART in handling materials and information of a confidential nature.
7. Personal computer (PC); software applications to include word processing, spreadsheet, database, etc.
8. Valid Texas driver's license as required by law and not have any delinquent traffic citations, no Driving While Intoxicated (DWI) conviction within the last sixty (60) consecutive months, not more than one (1) DWI conviction on driving record, and not more than three (3) convictions of moving violations within the last thirty-six (36) consecutive months in order to operate DART vehicles.

An equivalent combination of related education and experience may be substituted for the above stated minimums excluding High School Diploma, GED, Licenses, or Certifications.

WORKING CONDITIONS: Works in an environment where there is minimum exposure to dust, noise, or temperature. May be moderately exposed to unpleasant working conditions to dust, noise, temperature, weather, petroleum products, and chemicals while visiting DART's operating facilities, assuming incumbent is observing all policies and procedures, safety precautions and regulations, and using all protective clothing and devices provided.

The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. The statements are not intended to be an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.

Salary Minimum: $46,082

No travel required.

For employment consideration, please fax resume to (214) 749- 3636.