January 2009

Next Meeting - Thursday, January 8, 2009
Doubletree Hotel Dallas

Joint Meeting with North Texas ISACA

Meeting 12:00pm - 1:30pm
Registration begins at 11:30pm

Governance, Risk, and Compliance (GRC) - the Impact to Your Organization and Your Role from Auditor to Governance Guru!
Robert Stroud, Vice President of CA Service Management, ITSM and Governance Evangelist, CA, Inc.

With the current financial turmoil, attention is turning globally to effective risk mitigation, compliance with the ever changing world of regulations, and delivering transparency to the business through effective governance.  This session will discuss the ever-increasing and changing world of Governance, Risk, and Compliance (GRC), and how an understanding is not only critical but mandatory for auditors, compliance officers, risk officers, and governance professionals.

Participants will explore the following topics:

• Understanding of GRC domains and impacts
• Determining effective GRC
• The impact of GRC on the Auditor
• The future of GRC, and the impact on your role

Robert Stroud is the IT Service Management and IT Governance Evangelist at CA, Inc. and a vice president within CA’s Service Management business unit.  Mr. Stroud serves as an international vice president of ISACA and the IT Governance Institute (ITGI), and is the chair of the ITGI COBIT Steering Committee. He also serves as a board member of the IT Service Management Forum (itSMF) USA and is a member of the itSMF International Executive Board.

As CA’s global evangelist for IT service management and IT governance, Mr. Stroud is dedicated to the development and communication of industry best practices and acts as a strong advocate for the customer by working closely with users, industry organizations, government agencies, and IT luminaries to identify and communicate IT best practices. He is a mentor to many organizations, advising them on their implementations to ensure they drive maximum business value throughout the process. Stroud also helps ensure that CA’s solutions adhere to industry best practices.

A 26-year IT veteran, Mr. Stroud has significant practical industry experience and is a recognized industry speaker and leader. He is considered a global authority on governance, leading the ITGI COBIT Steering Committee and setting product strategy and direction. He has contributed to multiple publications, including Guidance for Basel II, COSO ERM and COBIT versions 4.0 and 4.1. As an IT service management expert, he also has contributed to several titles regarding ITIL, and was a member of the ITIL refresh process in the role of mentor, reviewer and Advisory Group member.

Mr. Stroud spent more than 15 years in the finance industry successfully managing multiple initiatives in both the IT and retail banking sectors related to IT service management and process governance.  Mr. Stroud joined CA from the Australian computer security company, Cybec, where he held several management positions and was responsible for the company's successful global expansion, including successful entry into the North American market.

1 Hour Continuing Education

As part of this particular joint association event, the CAST meeting topic will replace the traditional Pre-meeting topic this month. There will be only one 10:30 session.

CAST Meeting 10:30am - 11:30am
Registration begins at 10:00am

Statistical/Non-Statistical Based Sampling
Chris Mitchell, Principal Risk Advisory Services
KBA Group, LLP

Chris Mitchell will kick-off the New Year, as we continue our monthly Core Audit Stills Training, with a presentation on statistical based sampling.  This session will focus on the fundamentals of statistical / non-statistical sampling, and how it is utilized within the audit process.

Areas of focus will include:

• Statistical Sampling Terminology
• Attribute and Variable Sampling
• When to use Statistical / Non-Statistical Sampling
• Requirements of a Statistical Sampling Plan
• Applicability of Attribute and Variable Sampling to Auditing
• Compliance Tests
• Reporting Results

Chris Mitchell , CIA, CISA, CCSA has over 13 years of risk advisory, finance and IT consulting experience. He has held the positions of Internal Audit Director, Senior Program Manager, and Managing Consultant at various companies in industries including financial services, telecommunications, software development, manufacturing, and government. His practice focuses on assisting clients with 404 implementations, Type I & II SAS 70, risk assessments, leading internal audit teams, and making cost-effective recommendations to enhance internal controls, maximize efficiency, and minimize exposure to loss and regulatory risk.

1 Hour Continuing Education

Post-Meeting 1:30pm - 2:30pm

Governance of Outsourced IT Services
Donna Hutcheson, Information Technology Audit Director Energy Future Holdings Corporation

Business and corporate resiliency relies on IT organizations to outsource the tasks, not the responsibility for adequate service or adequate controls.  Companies that outsource “broken” or ineffective processes and procedures will not reduce the total cost of the services to the degree they anticipate.  Successful outsourcing of IT services must include appropriate controls, performance measurement, and communication; in other words, effective IT Governance.  This session analyzes the risks of outsourcing, trends in outsourcing domestically and offshore, the legal / regulatory consequences of outsourcing, approaches for managing outsourced services, and governance techniques.

Participants will explore the following topics:

• Common failures in governing outsourced IT services
• Services with higher risk due to outsourcing
• Integrating internal business processes, outsourced business processes, and outsourced IT services with effective governance for all
• Guidelines for oversight of key performance indicators that truly measure the effectiveness of outsourced IT services

Donna Hutcheson is the Director of Internal IT Auditing for Energy Future Holdings Corporation.  She has extensive and diversified experience in forming, managing, and motivating highly effective technical work teams. She has applied these skills in various areas, including auditing, operations management, customer service, application development, technology planning, and executive training for domestic and global organizations.   Ms. Hutcheson has also conducted significant research in outsourced IT services, IT governance, and business resiliency through IT.  She has presented findings from her research efforts in Ireland and Canada at the ISACA International Conference.

1 Hour Continuing Education

A reward that you can feel.

Dallas IIA monthly meetings are rewarding in their own right – whether for the great line up of speakers, the CPE credit, to network with colleagues, or to hone your skills with the new CORE Audit Skills Track (CAST), there are plenty of reasons to attend each month. This year, the Membership Committee is sweetening the deal even more: each monthly IIA meeting you attend increases your chance to win an iPod touch that will be awarded during our May meeting.

This meeting is being held at the Doubletree Hotel Dallas Near the Galleria
4099 Valley View Lane, Dallas 75244 ~ 972-385-9000

Preferred Method:

Place and confirm your reservation via the web site at http://www.dallasiia.org/Reserve_0109.htm.

Reservations must be received by 5:00 PM on Friday, January 2, 2009.

Registration Cancellation and No-Show Policy

• The deadline to cancel your registration is 11:00pm on the Tuesday prior to the luncheon.
• If you register for an event and do not cancel prior to the deadline, you will be charged for the event. If you did not pre-pay for the event, an invoice will be sent to you. You may alternatively send someone in your place.
• To cancel your registration, please send an email to CANCEL@dallasiia.org.

We Now Accept Credit Cards - Online Only

The IIA Dallas Chapter, in conjunction with PayPal, will now accept payment online for the monthly luncheons.  There is no change in the cost to you for the lunch. We accept VISA, MasterCard, Discover, American Express, or eCheck.  Note that some corporate-issued cards are not accepted by PayPal.  This service is only available online at the time the reservation is made.  This can be used to pay for individual or group reservations.  Follow the instructions on our web site.  If you properly cancel a reservation before the meeting, the Chapter will either return the funds to you or reserve you for the next meeting.  Any questions, contact Abe Paul at treasurer@dallasiia.org.

After you place your reservation online, you will see the link to pay via PayPal if desired.

Please mark your calendars for the 60th Anniversary celebration of the IIA Dallas Chapter on February 5, 2009.  Our guest speaker for this event is Patricia K. Miller, Chairman of the Board of Directors – IIA International.  The celebration will include a luncheon, followed by an afternoon of continuing education, and culminating in a celebratory reception complete with entertainment by the band “The Soul to Soul Review”, featuring our own Dallas Chapter Past President David Price.  Don’t miss out on this celebration!

If you have been a member of the Chapter for 20 years or more and have pictures or memorabilia exhibiting the IIA-Dallas Chapter history, please contact one of the committee members.  We would love to showcase leaders, events, and items from the IIA-Dallas Chapter past.

Committee members:
Corinne Bryan - Corinne.Bryan@ChasePaymentech.com
Lori Rainwater - lori.rainwater@wnco.com
David Shackelford - dshackelford@fossil.com
Melinda Lokey - Melinda.lokey@tenethealth.com

CIA Programs

Ceremony to Honor New CIA’s

The Dallas Chapter honored 10 new CIA’s at the November luncheon meeting.  Congratulations to the following for earning their certification!

• Scott Myers
• Lacey Pavliska
• Jairo Cardozo
• Christopher Mowery
• Eric Rattanavong
• Ben Zimmerman
• Riti Doshi
• Tonya Wilborn
• Sally Luber
• Benjamin Bryant

Members completing their exam requirements during the July – September time frame will be honored at the February 5, 2009 meeting.  Certificates will be mailed before the meeting, and CIA honorees will receive a free luncheon for them and a guest.  Information on registration for those members being honored will be emailed to them in January.

Frequently Asked Questions

Q:  I haven’t received my certificate yet – where is it?

A:  Contact the IIA certification department: Email at certification@theiia.org or call 407-937-1100.

Q:  How do I register for the exam?

A: http://www.theiia.org/certification/certified-internal-auditor/certification-candidate-management-systems/

Mark Your Calendars!   2009 CIA Review Course Schedule

The Dallas Chapter will once again sponsor an interactive CIA review course to help prepare candidates.  This four day course will be taught by Dr. Glenn Sumners, Director of the Center for Internal Auditing at LSU. Comprehensive printed study materials will be provided for the course.  Registration is now open.  For more information on how to register, please visit http://www.dallasiia.org/CIA_Review_S09.htm.

Register Online  Registration Deadline is January 28, 2009.

The course will be taught from 8:00 AM to 5:00 PM each day, according to the following schedule:

Costs:

Another CIA review course will be held in October 2009 and taught be Dr. Glen Sumners of LSU.  Courses will be held at The University of Texas at Dallas.  Registration will be announced in July 2009 for the October course.

Dates/Times:
October 2 - Part I 8-5
October 3 - Part II 8-5
October 4 - Part III 8-5
October 5 - Part III 8-12
October 5 - Part IV 1-5

Research Committee Update

The annual Research Committee survey is coming up in January!  This year’s objective is to “Evaluate the Awareness of SAS 70 Reports”.  The survey will be comprised of approximately 30 questions regarding your general background, experience, and then specifically your awareness of SAS 70 Report evaluation.  Remember – when you complete the survey and provide contact information, you will be entered in a prize drawing which will be held at the March 2009 IIA Luncheon.   You could be one of five winners who will receive a $50 Gift Card to use wherever you like!  The survey will be sent via email and embedded link to all the members.

Thank you in advance for participating in the Research Committee survey.

The IIA Research Foundation

The IIA Research Foundation has recently issued a book entitled Auditing the Procurement Function.  Procurement is the largest or second-largest category of expenditure in most organizations.  This book offers practical advice for auditing the procurement function, and it is intended to be of relevance for all types and sizes of organization globally -- in the private sector, the not-for-profit or charitable sectors, local and national government, and international organizations.  The book discusses:

• The definition, scope and importance of procurement;
• The core challenge of procurement and concept of “best value for money;”
• The important risk areas of fraud, ethics, and socio-economic factors;
• Common risks, procedures, and internal controls at different stages of the procurement process;
• Procurement strategy and planning; and
• The typical sequence of events in the procurement cycle for individual transactions.

This book can be ordered online at the following link:  http://www.theiia.org/bookstore/product/auditing-the-procurement-function-1307.cfm  (Order number 1044, IIA member price - $45, non member price - $60.)

Report Your Speaking and Writing

It's time again for the survey to determine which IIA Dallas Chapter members have submitted articles or spoken since November 1. Each speaking engagement on internal auditing that a Dallas Chapter member completes will earn the Chapter 1 credit per CPD hour. Each full article, Roundtable article, Fraud Finding, etc. submitted that meets basic editorial guidelines will earn 5 credits. For each full article published 20 credits are earned. Each internal audit related article published in any other trade or professional journal that is authored by a chapter member is 5 credits.

To report your writing and speaking go to http://dallasiia.org/Speaking.htm and complete the provided form by January 15, 2009.

Seminars

Fraud, Internal Audit and Networking

This years Fraud Summit at the University of Texas - Dallas will be held on March 27, 2009, and is planned to be bigger and better than ever.  This year we are planning on having three afternoon tracks.  A case study approach will be used in some of the sessions and give practical solutions to fraud detection techniques. Jim Radley, President of ACFE International, is one of the planned keynote speakers.  The Fraud Summit will include a number of other speakers who will cover areas such as the current Financial Crises.  Last year, the Fraud Summit was sold out three weeks in advance, so please register early if you plan to attend.  Registration received before January 31, 2009 will include reduced pricing and specials. What better way is there to receive 8 hours of CPE at a reasonable price, and meet other professionals from ISACA, ACFE, IIA and AGA? 

The internal audit program at UTD continues to grow, but still faces challenges related to advocating the profession. All of you have an opportunity to help in this effort. We have in place a number of methods to have employers meet students and explain the benefits of careers in internal audit.  The good news is there are avenues to recruit students; however, you should plan to interact with them early.  A new batch of students gets involved every semester, so reviewing the status of students available every February and September is a great idea.   You should see a lot of new faces in the spring of 2009.

To schedule a reception, site visit, interview or just peruse resumes, contact Mark Salamasick at 972-883-4729 or mark.salamasick@utdallas.edu.  The student chapter will have resumes posted in early February, and interviews beginning in mid February. Resumes are posted on the student chapter website at www.utdallas.edu/orgs/iia;; contact Mark Salamasick for the user id and password.

Employment Opportunities

Children’s Medical Center Dallas  (12/10/08)

Children’s Medical Center Dallas is currently seeking a Senior Internal Auditor for our Internal Audit Department.  Internal Audit reports to the Chief Compliance Officer and the Audit Committee of the Board of Directors. This position will report to the Manager of Internal Audit and will be required to:

• Develop risk-based audit programs to conduct financial and operational audits.
• Document and evaluate operational risks and related internal controls procedures. 
• Draft audit reports and make recommendations to improve the efficiency and effectiveness of internal controls or business processes.
• Tactfully and professionally engage and brief management during the audit process.
• Coach and train junior internal auditors with constructive work paper review.
• Perform follow-up procedures to evaluate the status of agreed-upon recommendations.
• Assist the Compliance Department with special projects.

The ideal candidate for this position will be a CPA with a combination of Big 4 public accounting and internal audit experience.  Qualified candidates must possess the following:

• Bachelor's Degree in Accounting required. Master's Degree in Accounting or MBA preferred.
• Minimum 4 years recent public accounting or internal audit experience required.
• CPA, CIA or CISA certification required.
• Ability to plan and complete audits in accordance with International Standards for the Professional Practice of Internal Auditing, and within established deadlines.
• Confidence and poise to organize and conduct audit meetings with all levels of management.
• Ability to multi-task and successfully meet established deadlines.
• Advanced knowledge of MS Office (Access, Excel, PowerPoint and Word).
• Knowledge of flowcharting software (Visio) preferred.
• Knowledge of ACL and TeamMate preferred.

Children’s Medical Center Dallas is a private, not-for-profit hospital that is the only academic healthcare facility in North Texas dedicated to the comprehensive care of children from birth to age 18. As the primary pediatric teaching facility for the University of Texas Southwestern Medical Center at Dallas, the medical/dental staff at Children’s conducts research that is instrumental in developing treatments, therapies, and greater understanding of pediatric diseases.

Children’s is licensed for 411 beds, has more than 50 subspecialty programs and is the only pediatric hospital in the Southwest with a designated Level I trauma center. To better serve the region’s growing pediatric population, the 72-bed Children’s Medical Center Legacy opened in 2008 in Plano, Texas. Children’s enjoys a stellar reputation as one of the finest pediatric facilities in the United States.  The Joint Commission awarded Children’s an “outstanding” ranking, and both U.S. News & World Report and CHILD magazines have named Children’s as one of the nation’s top pediatric providers.  In 2006, the Dallas Business Journal recognized Children’s as a “Best Place to Work.”  Children’s makes life better for the patients it sees during more than 340,000 visits each year. 

Please apply on line at www.childrens.com.  The position is No. 10018 and is posted under Careers/Professions/Auditing.  Questions may be addressed to yolanda.crawford-roach@childrens.com.

Equal Opportunity Employer 

Comments, questions, suggestions?
Contact the webmaster@dallasiia.org

© Dallas Chapter Institute of Internal Auditors
P. O. Box 261747, Plano, TX 75026-1747

The following links will take you to our web site, http://dallasiia.org: