The President’s Letter
The holidays are always an exciting and busy time of the
year for all of us personally, which is why we have decided
to not have any IIA events during December. However,
January is right around the corner, and that is a special
month, as it is when we coordinate our meeting with ISACA.
This year, ISACA has developed a strong meeting program on
January 8th, 2009 at the Doubletree Hotel. The lunch
meeting will feature Robert Stroud, Vice President of ISACA
International. He will discuss the world of GRC –
Governance, Risk and Compliance. Robert will be
preceded by Chris Mitchell of Principal Risk Advisory
Services - KBA Group, discussing statistical and
non-statistical based sampling as part of the IIA Core Audit
Skills Track (CAST). The post meeting will feature
Donna Hutcheson, IT Audit Director of Energy Future
Holdings, discussing issues related to outsourcing IT
Services. I suggest you sign up for the January 8th
meeting in 2009, as it will come up quickly after the new
Also, I would like to remind you of some special events
coming up in 2009. On February 5th, we will be having
our 60th Anniversary as a chapter, as well as Student Day.
This event will include presentations from Patty Miller,
Chairman of the IIA International Board, as well as Dallas
Mayor Tom Leppert. This will be followed by a social
function featuring fun, food and the world famous band Soul
to Soul Review starring past Dallas IIA President David
Price. Also, on March 27th, UTD will be hosting their
annual Fraud Conference. The summit will feature
several great speakers, including Jim Radley, President of
ACFE International. It will focus on current fraud
cases related to the current financial crisis.
From the Dallas Chapter Officers and Board of Governors,
we wish each of our members a fantastic holiday season, and
encourage everyone to join us in 2009 for some exciting
2008-2009 President - Dallas Chapter IIA
Next Meeting - Thursday, January 8, 2009
Doubletree Hotel Dallas
Joint Meeting with North Texas ISACA
Meeting 12:00pm - 1:30pm
Registration begins at 11:30pm
Governance, Risk, and Compliance (GRC) - the Impact to Your
Organization and Your Role from Auditor to Governance Guru!
Robert Stroud, Vice President of CA Service Management, ITSM and Governance Evangelist, CA, Inc.
With the current financial turmoil, attention is turning globally to
effective risk mitigation, compliance with the ever changing world of
regulations, and delivering transparency to the business through
effective governance. This session will discuss the ever-increasing and
changing world of Governance, Risk, and Compliance (GRC), and how an
understanding is not only critical but mandatory for auditors,
compliance officers, risk officers, and governance professionals.
Participants will explore the following topics:
- Understanding of GRC domains and impacts
- Determining effective GRC
- The impact of GRC on the Auditor
- The future of GRC, and the impact on your role
Robert Stroud is the IT Service Management and IT Governance
Evangelist at CA, Inc. and a vice president within CA’s Service
Management business unit. Mr. Stroud serves as an international
vice president of ISACA and the IT Governance Institute (ITGI), and is
the chair of the ITGI COBIT Steering Committee. He also serves as a
board member of the IT Service Management Forum (itSMF) USA and is a
member of the itSMF International Executive Board.
As CA’s global evangelist for IT service management and IT
governance, Mr. Stroud is dedicated to the development and communication
of industry best practices and acts as a strong advocate for the
customer by working closely with users, industry organizations,
government agencies, and IT luminaries to identify and communicate IT
best practices. He is a mentor to many organizations, advising them on
their implementations to ensure they drive maximum business value
throughout the process. Stroud also helps ensure that CA’s solutions
adhere to industry best practices.
A 26-year IT veteran, Mr. Stroud has significant practical industry
experience and is a recognized industry speaker and leader. He is
considered a global authority on governance, leading the ITGI COBIT
Steering Committee and setting product strategy and direction. He has
contributed to multiple publications, including Guidance for Basel II,
COSO ERM and COBIT versions 4.0 and 4.1. As an IT service management
expert, he also has contributed to several titles regarding ITIL, and
was a member of the ITIL refresh process in the role of mentor, reviewer
and Advisory Group member.
Mr. Stroud spent more than 15 years in the finance industry
successfully managing multiple initiatives in both the IT and retail
banking sectors related to IT service management and process governance.
Mr. Stroud joined CA from the Australian computer security company,
Cybec, where he held several management positions and was responsible
for the company's successful global expansion, including successful
entry into the North American market.
1 Hour Continuing Education
As part of this particular joint association event, the CAST meeting
topic will replace the traditional Pre-meeting topic this month. There will be only one 10:30 session.
CAST Meeting 10:30am - 11:30am
Registration begins at 10:00am
Statistical/Non-Statistical Based Sampling
Chris Mitchell, Principal Risk Advisory Services
KBA Group, LLP
Chris Mitchell will kick-off the New Year, as we continue our
monthly Core Audit Stills Training, with a presentation on
statistical based sampling. This session will focus on the
fundamentals of statistical / non-statistical sampling, and how it
is utilized within the audit process.
Areas of focus will include:
- Statistical Sampling Terminology
- Attribute and Variable Sampling
- When to use Statistical / Non-Statistical Sampling
- Requirements of a Statistical Sampling Plan
- Applicability of Attribute and Variable Sampling to Auditing
- Compliance Tests
- Reporting Results
Chris Mitchell , CIA, CISA, CCSA has over 13 years of risk advisory,
finance and IT consulting experience. He has held the positions of
Internal Audit Director, Senior Program Manager, and Managing Consultant
at various companies in industries including financial services,
telecommunications, software development, manufacturing, and government.
His practice focuses on assisting clients with 404 implementations, Type
I & II SAS 70, risk assessments, leading internal audit teams, and
making cost-effective recommendations to enhance internal controls,
maximize efficiency, and minimize exposure to loss and regulatory risk.
1 Hour Continuing Education
Post-Meeting 1:30pm - 2:30pm
Governance of Outsourced IT Services
Donna Hutcheson, Information Technology Audit Director
Energy Future Holdings Corporation
Business and corporate resiliency relies on IT organizations to
outsource the tasks, not the responsibility for adequate service or
adequate controls. Companies that outsource “broken” or
ineffective processes and procedures will not reduce the total cost
of the services to the degree they anticipate. Successful
outsourcing of IT services must include appropriate controls,
performance measurement, and communication; in other words,
effective IT Governance. This session analyzes the risks
of outsourcing, trends in outsourcing domestically and offshore, the
legal / regulatory consequences of outsourcing, approaches for
managing outsourced services, and governance techniques.
Participants will explore the following topics:
- Common failures in governing
outsourced IT services
- Services with higher risk due to
- Integrating internal business
processes, outsourced business processes, and outsourced IT services
with effective governance for all
- Guidelines for oversight of key
performance indicators that truly measure the effectiveness of
outsourced IT services
Donna Hutcheson is the Director of Internal IT Auditing for Energy
Future Holdings Corporation. She has extensive and diversified
experience in forming, managing, and motivating highly effective
technical work teams. She has applied these skills in various areas,
including auditing, operations management, customer service, application
development, technology planning, and executive training for domestic
and global organizations. Ms. Hutcheson has also conducted
significant research in outsourced IT services, IT governance, and
business resiliency through IT. She has presented findings from
her research efforts in Ireland and Canada at the ISACA International
1 Hour Continuing Education
reward that you can feel.
Dallas IIA monthly meetings are rewarding in their own right –
whether for the great line up of speakers, the CPE credit, to
network with colleagues, or to hone your skills with the new CORE
Audit Skills Track (CAST), there are plenty of reasons to attend
each month. This year, the Membership Committee is sweetening the
deal even more: each monthly IIA meeting you attend increases your
chance to win an iPod touch that will be awarded during our May
This meeting is being held at the
Doubletree Hotel Dallas Near the Galleria
4099 Valley View Lane, Dallas 75244 ~ 972-385-9000
Place and confirm your reservation via the
web site at
|Meeting / Luncheon Fees:
Dallas IIA &
ISACA Members: $35
Walk-ins/late registrations (members or non): $45
Reservations must be received by 5:00 PM on Friday,
January 2, 2009.
Registration Cancellation and No-Show Policy
- The deadline to cancel your registration is 11:00pm on the Tuesday
prior to the luncheon.
- If you register for an event and do not
cancel prior to the deadline, you will be charged for the event. If
you did not pre-pay for the event, an invoice will be sent to you.
You may alternatively send someone in your place.
- To cancel your
registration, please send an email to
We Now Accept Credit Cards - Online Only
The IIA Dallas Chapter, in conjunction with PayPal, will now
accept payment online for the monthly luncheons. There is no change in the cost
to you for the lunch. We accept VISA, MasterCard, Discover, American Express, or
eCheck. Note that some corporate-issued cards are not accepted by PayPal. This
service is only available online at the time the reservation is made. This can
be used to pay for individual or group reservations. Follow the instructions on
our web site. If you properly cancel a reservation before the meeting, the
Chapter will either return the funds to you or reserve you for the next meeting. Any questions, contact Abe Paul at
After you place your reservation online, you will see the
link to pay via PayPal if desired.
mark your calendars for the 60th Anniversary celebration of the IIA
Dallas Chapter on February 5, 2009. Our guest speaker for this
event is Patricia K. Miller, Chairman of the Board of Directors –
IIA International. The celebration will include a luncheon,
followed by an afternoon of continuing education, and culminating in
a celebratory reception complete with entertainment by the band “The
Soul to Soul Review”, featuring our own Dallas Chapter Past
President David Price. Don’t miss out on this celebration!
If you have been a member of the Chapter for 20 years or more and
have pictures or memorabilia exhibiting the IIA-Dallas Chapter
history, please contact one of the committee members. We would
love to showcase leaders, events, and items from the IIA-Dallas
Corinne Bryan -
Lori Rainwater -
David Shackelford -
Melinda Lokey -
Ceremony to Honor New CIA’s
The Dallas Chapter honored 10 new CIA’s at the November luncheon
meeting. Congratulations to the following for earning their
- Scott Myers
- Lacey Pavliska
- Jairo Cardozo
- Christopher Mowery
- Eric Rattanavong
- Ben Zimmerman
- Riti Doshi
- Tonya Wilborn
- Sally Luber
- Benjamin Bryant
Members completing their exam requirements during the July –
September time frame will be honored at the February 5, 2009
meeting. Certificates will be mailed before the meeting, and CIA
honorees will receive a free luncheon for them and a guest.
Information on registration for those members being honored will be
emailed to them in January.
Frequently Asked Questions
Q: I haven’t received my certificate yet – where is it?
A: Contact the IIA certification department: Email at
Q: How do I register for the exam?
Mark Your Calendars! 2009 CIA Review Course Schedule
The Dallas Chapter will once again sponsor an interactive CIA
review course to help prepare candidates. This four day course will
be taught by Dr. Glenn Sumners, Director of the Center for Internal
Auditing at LSU. Comprehensive printed study materials will be
provided for the course. Registration is now open. For more
information on how to register, please visit
Register Online Registration Deadline is January 28, 2009.
The course will be taught from 8:00 AM to 5:00 PM each day, according
to the following schedule:
||Feb. 6, 2009
||8:00 AM - 5:00 PM
||Internal Audit Activity’s Role in Governance, Risk, and
||Feb. 7, 2009
||8:00 AM - 5:00 PM
||Conducting the Internal Audit Engagement
||Feb. 8, 2009
Feb. 9, 2009
|8:00 AM - 5:00 PM
8:00 AM - 12:00 PM
|Business Analysis and Information Technology
||Feb. 9, 2009
||1:00 PM - 5:00 PM
||Business Management Skills
|Dallas Chapter Members
|Non members or other Chapter IIA Members
|UTD IIA Dallas Student Chapter Members
Another CIA review course will be held in October 2009 and taught
be Dr. Glen Sumners of LSU. Courses will be held at The
University of Texas at Dallas. Registration will be announced
in July 2009 for the October course.
October 2 - Part I 8-5
October 3 - Part II 8-5
October 4 - Part III 8-5
October 5 - Part III 8-12
October 5 - Part IV 1-5
Research Committee Update
The annual Research Committee survey is coming up in January!
This year’s objective is to “Evaluate the Awareness of SAS 70
Reports”. The survey will be comprised of approximately 30
questions regarding your general background, experience, and then
specifically your awareness of SAS 70 Report evaluation. Remember –
when you complete the survey and provide contact information, you
will be entered in a prize drawing which will be held at the March
2009 IIA Luncheon. You could be one of five winners who will
receive a $50 Gift Card to use wherever you like! The survey will
be sent via email and embedded link to all the members.
Thank you in advance for participating in the Research Committee
The IIA Research Foundation
The IIA Research Foundation has recently issued a book entitled
Auditing the Procurement Function. Procurement is the largest
or second-largest category of expenditure in most organizations.
This book offers practical advice for auditing the procurement
function, and it is intended to be of relevance for all types and
sizes of organization globally -- in the private sector, the
not-for-profit or charitable sectors, local and national government,
and international organizations. The book discusses:
- The definition, scope and importance
- The core challenge of procurement
and concept of “best value for money;”
- The important risk areas of fraud,
ethics, and socio-economic factors;
- Common risks, procedures, and
internal controls at different stages of the procurement process;
- Procurement strategy and planning;
- The typical sequence of events in
the procurement cycle for individual transactions.
This book can be ordered online at the following link: http://www.theiia.org/bookstore/product/auditing-the-procurement-function-1307.cfm
(Order number 1044, IIA member price - $45, non member price -
Report Your Speaking and Writing
It's time again for the survey to determine which IIA Dallas
Chapter members have submitted articles or spoken since November 1. Each
speaking engagement on internal auditing that a Dallas Chapter
member completes will earn the Chapter 1 credit per CPD hour. Each
full article, Roundtable article, Fraud Finding, etc. submitted that
meets basic editorial guidelines will earn 5 credits. For each full
article published 20 credits are earned. Each internal audit related
article published in any other trade or professional journal that is
authored by a chapter member is 5 credits.
To report your writing and speaking go to
http://dallasiia.org/Speaking.htm and complete the provided form
by January 15, 2009.
Fraud, Internal Audit and Networking
This years Fraud Summit at the University of Texas - Dallas will
be held on March 27, 2009, and is planned to be bigger and better
than ever. This year we are planning on having three afternoon
tracks. A case study approach will be used in some of the
sessions and give practical solutions to fraud detection techniques.
Jim Radley, President of ACFE International, is one of the planned
keynote speakers. The Fraud Summit will include a number of
other speakers who will cover areas such as the current Financial
Crises. Last year, the Fraud Summit was sold out three weeks
in advance, so please register early if you plan to attend.
Registration received before January 31, 2009 will include reduced
pricing and specials. What better way is there to receive 8 hours of
CPE at a reasonable price, and meet other professionals from ISACA,
ACFE, IIA and AGA?
The internal audit program at UTD continues to grow, but still
faces challenges related to advocating the profession. All of you
have an opportunity to help in this effort. We have in place a
number of methods to have employers meet students and explain the
benefits of careers in internal audit. The good news is there
are avenues to recruit students; however, you should plan to
interact with them early. A new batch of students gets
involved every semester, so reviewing the status of students
available every February and September is a great idea.
You should see a lot of new faces in the spring of 2009.
To schedule a reception, site visit, interview or just peruse
resumes, contact Mark Salamasick at 972-883-4729 or
firstname.lastname@example.org. The student chapter will
have resumes posted in early February, and interviews beginning in
mid February. Resumes are posted on the student chapter website at
contact Mark Salamasick for the user id and password.
Children’s Medical Center Dallas (12/10/08)
Children’s Medical Center Dallas is currently seeking a Senior
Internal Auditor for our Internal Audit Department. Internal Audit
reports to the Chief Compliance Officer and the Audit Committee of the
Board of Directors. This position will report to the Manager of Internal
Audit and will be required to:
- Develop risk-based audit programs to conduct financial and
- Document and evaluate operational risks and related internal
- Draft audit reports and make recommendations to improve the
efficiency and effectiveness of internal controls or business
- Tactfully and professionally engage and brief management during
the audit process.
- Coach and train junior internal auditors with constructive work
- Perform follow-up procedures to evaluate the status of
- Assist the Compliance Department with special projects.
The ideal candidate for this position will be a CPA with a
combination of Big 4 public accounting and internal audit experience.
Qualified candidates must possess the following:
- Bachelor's Degree in Accounting required. Master's Degree in
Accounting or MBA preferred.
- Minimum 4 years recent public accounting or internal audit
- CPA, CIA or CISA certification required.
- Ability to plan and complete audits in accordance with
International Standards for the Professional Practice of Internal
Auditing, and within established deadlines.
- Confidence and poise to organize and conduct audit meetings with
all levels of management.
- Ability to multi-task and successfully meet established
- Advanced knowledge of MS Office (Access, Excel, PowerPoint and
- Knowledge of flowcharting software (Visio) preferred.
- Knowledge of ACL and TeamMate preferred.
Children’s Medical Center Dallas is a private, not-for-profit
hospital that is the only academic healthcare facility in North Texas
dedicated to the comprehensive care of children from birth to age 18. As
the primary pediatric teaching facility for the University of Texas
Southwestern Medical Center at Dallas, the medical/dental staff at
Children’s conducts research that is instrumental in developing
treatments, therapies, and greater understanding of pediatric diseases.
Children’s is licensed for 411 beds, has more than 50 subspecialty
programs and is the only pediatric hospital in the Southwest with a
designated Level I trauma center. To better serve the region’s growing
pediatric population, the 72-bed Children’s Medical Center Legacy opened
in 2008 in Plano, Texas. Children’s enjoys a stellar reputation as one
of the finest pediatric facilities in the United States. The Joint
Commission awarded Children’s an “outstanding” ranking, and both U.S.
News & World Report and CHILD magazines have named Children’s as one of
the nation’s top pediatric providers. In 2006, the Dallas Business
Journal recognized Children’s as a “Best Place to Work.”
Children’s makes life better for the patients it sees during more than
340,000 visits each year.
Please apply on line at
The position is No. 10018 and is posted under
Careers/Professions/Auditing. Questions may be addressed to
Equal Opportunity Employer
Comments, questions, suggestions?
© Dallas Chapter Institute of Internal Auditors
P. O. Box 261747, Plano, TX 75026-1747
The following links will take you to our web site,