eNews - January 2011

Next Meeting - Thursday, January 13, 2011
Renaissance Richardson Hotel

Technology
Joint meeting with North Texas ISACA

Privacy Update
Michelle Dennedy, Vice President, Security & Privacy Solutions for Oracle

Objectives: Ensuring privacy has become a monumental issue for today's enterprises, whether they are conducting e-business or not. What information does a company need to protect? How is the information being used? What happens to information after it is no longer necessary for a business purpose? How do we comply with the multiple privacy laws and regulations impacting businesses on international, national, state, and industry levels? Michelle Dennedy will discuss the privacy concerns affecting today’s companies.

The purpose of this session is for attendees to learn:

• The emerging Privacy issues for 2011
• The concept of ‘Privacy by Design’
• The differences between privacy and security
• The challenges of the dynamic data environment
• Technology’s role in privacy

1 Hour Continuing Legal Education

Pre-Meeting 10:30am - 11:30am
Registration begins at 10:00am

Applying Privacy in a Global Company
Rick Nietubicz, Director of Compliance & Security, ResearchNow

Objectives: Each country and dominion has established or is enacting privacy laws and regulations. Industry and business organizations have published standards that address privacy. How does an international company meet the complexity and challenges required to remain compliant? Rick is responsible for implementing privacy in over 30 countries for a business that depends on data collection. Learn the challenges of driving privacy across an international company.

The purpose of this session is:

• Learn specific examples of corporate privacy challenges
• Understand basic differences between country privacy objectives
• Get exposure to Generally Accepted Privacy Principles and other standards

1 Hour Continuing Education

Post-Meeting 1:30pm - 2:30pm

Panel Discussion on Cloud Computing
Moderator – Austin Hutton, CISA, CISM, CGEIT, Hutton Consulting
Panelists – Michelle Dennedy, Vice President, Security & Privacy Solutions for Oracle
Toby Pennycuff, Senior Vice President & Chief Technology Officer for JCPenney
David Coker, Partner, Glaze & Coker PLLC

Objectives:  Cloud computing is one of the hottest topics in IT today. However, the concepts are abstract with new terminology and risk issues for business operations, technology, privacy and security. The panel discussion will highlight multiple topics of interest to IT Auditors, General Auditors, and Information Security professionals.

The purpose of this session is for attendees to attain an understanding of:

• The general definition of cloud computing and differences from other computing models
• Key governance topics arising from cloud computing
• Key audit topics arising from cloud computing
• Key compliance and contract exposures associated with cloud computing
• Key privacy and security exposures arising from cloud computing

Supplemental references to facilitate individual research will be provided.

1 Hour Continuing Education

Online Registration Requirements

Last year, the Dallas Chapter made a change to the CPE process.  After attending an IIA meeting, an online evaluation is distributed via email.  When you click the link to the online evaluation, you can immediately prepare and print your CE certificate for that specific meeting.  We had an overwhelming positive response to this process improvement, and want to keep making improvements such as this to streamline our processes.

The Dallas Chapter now requires payment prior to confirming your registration.  Almost 90% of our attendees already pay through PayPal, so this is not a change for them.  If you need to pay by check, your check must be received prior to the meeting (see details below).  Our goal is to reduce the wait time at the check in tables, improve controls, and ease the reconciliation process on the back end.

As a friendly reminder and to provide clarification for our new members:

• Registration cutoff is 5:00 pm CST on the Friday before the meeting (unless otherwise noted).
• Payment must be received by the Friday before the meeting (unless otherwise noted).  Your registration is not confirmed until paid.  We strongly encourage you to pay via PayPal to confirm your registration.  If you are mailing a check, the envelope must be post marked 8 days prior to the meeting (i.e., on Wednesday the week prior to the Thursday meeting) to ensure we receive your payment on time.  If the envelope is not post marked within the required timeframe and is received late, you will be notified by email that a) the meeting is sold out or b) an additional $10 late fee per person will be assessed.  Only registrations paid by PayPal will be accepted on Thursday and Friday prior to the meeting.
• If you miss the deadline to register and space is available, you can attend the meeting as a walk-in.  Before coming to the meeting, please check the website to see if we are accepting walk-ins since our meetings tend to sell out.
• The deadline to cancel your registration is 5:00 pm CST on the Friday before the meeting (unless otherwise noted) to receive a refund.  If you do not cancel by the deadline, you may send a substitute in your place after notifying reservations@dallasiia.org.  The substitute will be required to pay an additional $10 if they are not a member of the Dallas Chapter.
• All walk-ins will need to register at a separate table before the start of the meeting.  The walk-ins will be required to complete an on-site registration form which will include name, company name, address, and email address and can pay with cash or check made payable to the Dallas Chapter of The IIA for the applicable amount.

Registration: Place and confirm your reservation via the web site at http://www.dallasiia.org/Reserve_0111.htm.

The following are the current rates for our monthly meetings:

We will keep you posted as we continue to make improvements.  If you have any suggestions, please feel free to contact any of the officers of the Dallas Chapter.  Thanks for your cooperation!

Meeting Location:

Renaissance Richardson Hotel,
900 East Lookout Drive, Richardson, Texas 75082

Preferred Method:

Place and confirm your reservation via the web site at http://www.dallasiia.org/Reserve_0111.htm.

Reservations & Payment must be received by 5:00 PM on Friday, January 7, 2011.

We Now Accept Credit Cards - Online Only

The IIA Dallas Chapter, in conjunction with PayPal, will now accept payment online for the monthly luncheons.  There is no change in the cost to you for the lunch.  We accept VISA, MasterCard, Discover, American Express, or eCheck.  Note that some corporate-issued cards are not accepted by PayPal.  This service is only available online at the time the reservation is made.  This can be used to pay for individual or group reservations.  Follow the instructions on our web site.  If you properly cancel a reservation before the meeting, the Chapter will either return the funds to you or reserve you for the next meeting. Any questions, contact the Registration Chair at reservations@dallasiia.org.

After you place your reservation online, you will see the link to pay via PayPal if desired.

Chapter News

Members-Only Webinars Feature On-Demand Playback

Have you been taking advantage of the free, monthly, Members-only Webinars that The IIA is offering as a benefit to IIA members? The November 16 MOW will focus on Improving Operational Performance: Preventing and Detecting Fraud, Waste, and Abuse. The November 16 event and all archived MOWs (listed below) can be accessed at www.theiia.org/membership/current-members/members-only-webinars.

• October 26, 2010 / Data Loss Prevention: Risk Assessment and Considerations

• September 30, 2010 / Auditing Systems Development Projects and Providing Advice to Management

• August 24, 2010 / Measuring the Ethical Environment of Your Organization

• July 27, 2010 / Transforming an Audit Function to World Class

• June 30, 2010 / Attributes of a Highly Successful CAE

• May 25, 2010 / Internal Auditors and Risk Management: An Approach to Defining the Role of Internal Audit

• April 30, 2010 / Internal Audit: Will We Lead, or Become Irrelevant?

• March 24, 2010 / Taking Fraud Awareness to the Next Level: The Risk Universe, Technology, and Internal Audit’s Role

• September 15, 2009 / Reporting to the Audit Committee: Issues and Approaches

The IIA and ISACA sign MOU

The IIA and the Information Systems Audit and Control Association (ISACA) have signed a memorandum of understanding (MOU) that creates a basis for cooperation and collaboration between the two associations for the advancement of the global internal audit profession through the mutual sharing of knowledge, experience and best practice, thus allowing the associations to benefit from each other’s respective work and involvement. To read more about the MOU, visit IIA President and CEO Richard Chambers' blog to which there is a link from The IIA’s home page at www.theiia.org.

CIA Programs

CIA Review Course

The Spring Review Course, led by Dr. Glen Sumners, will be held April 8-11, 2011 at the UT Dallas School of Management. For registration information on the April course, please see the website at http://dallasiia.org/Certifications.htm .

Ceremony to Honor New CIAs, CFSAs, and CCSAs

The next ceremony to honor those members completing their examination requirements in July - September 2010 will be held Thursday, January 13, 2011. Members honored will receive their certificates at the luncheon meeting. If you are scheduled to receive your certificate but are unable to attend, please contact Toni Messer at tmesser@utdallas.edu. Those receiving their certificates will be contacted via email for more information.

Frequently Asked Questions

A New Year Begins.

As we say goodbye to last year we want to congratulate all the December graduates. We had an exceptional year with the IAEP event in October which was attended by schools around the world. UTD took five students with all five being interviewed and receiving job offers from the event. This was the fourth year for the event that was attended by over 125 students, practitioners and educators it was a great networking event along with case studies which were completed by the students.

With a new semester brings new faces to the class and student chapter. We welcome them all and are planning social events so members may meet and greet the new faces. There are a number of students this semester not only participating in the Internal Audit class but who will be submitting their research papers for the Esther Sawyer Award. We are very fortunate to have three winners of an international award over seven years.

The February student month is so important in encouraging students to become active in the IIA and become internal auditors. We went through a short period of lower demand for internal auditors, but we started seeing an increase in demand starting in the Spring, 2010 semester. We anticipate that trend to continue for a long time in the future. With that change we need to all advocate the profession as an alternative to the next generation of students. It will be even more difficult to convince students to pursue internal audit as the economy improves.

March will also be a significant month for the program as in the past. The UTD School of Management will be hosting a fraud workshop on March 24, 2011, Thursday, with a choice of four different seminars to attend. The following day March 25, 2011, Friday, UTD will host the 6th Annual Fraud Conference. Both events run all day, so make sure to block the time on your calendar and do not forget to register while space is still available and take advantage of the significant discount by January 15, 2011.

If you are interested in recruiting on campus or assisting the program in any way, please contact Mark Salamasick at 972-883-4729 or mark.salamasick@utdallas.edu. We are always looking for additional site tours and always welcome sponsors for our Wednesday receptions. There are a number of students still available for full time and internship opportunities, and a website is available with student resumes at www.utdallas.edu/orgs/iia. Contact Mark Salamasick for password access to the resumes.

IIA Research Foundation

The IIA Research Foundation is scheduled to publish the first results from the Global Internal Audit Survey by the end of December with others to follow during the first quarter of 2011. The Foundation has contracted with different research teams from the United Arab Emirates; Chinese Taiwan, Europe, and the United States to develop five reports on various hot topics. The following reports will be published and available online (free for IIA members) and in print (through The IIARF Bookstore):

• Characteristics of an Internal Audit Activity examines the demographics and other attributes of the worldwide population of internal auditors and what this means for the internal audit profession.

• Core Competencies for Today’s Internal Auditor identifies the attributes of an effective internal audit activity and what internal auditors really need to know to perform their jobs with due care while adding value to their respective organizations.

• Measuring Internal Auditing’s Value focuses on the value of internal auditing under dynamic business conditions by presenting the key elements, criteria, and drivers of the value delivered by an internal audit activity and what needs to be done to maintain the profession’s continuing relevance.

• What’s Next for Internal Auditing? provides forward-looking insight identifying perceived changes in the roles of the internal audit activity over the next five years, changing stakeholder expectations, and what internal auditing must do to adapt itself in a resilient fashion.

• Imperatives for Change: The IIA’s Global Internal Audit Survey in Action contains conclusions, observations, and recommendations for the internal audit activity to anticipate and match organizations’ fast-changing needs to strategically position the profession for the long term.

Like those in any other true profession, internal audit practitioners must continually update their knowledge, skills, and competency to remain current and relevant. The IIA Research Foundation is a valuable resource for achieving those objectives and deserves your financial support. If you would like to donate, follow the link http://www.theiia.org/research/make-a-donation/restricted-unrestricted-donations/.

2010 - 2011 Seminars
Updated 9/9/10

Dallas Chapter Seminar Series

The Dallas Chapter of The IIA is pleased to announce SMART Training Courses for the upcoming year.  Our goal is to provide high quality training at a low cost for our members.  We are continuously planning the next courses so please make sure to check back here often for any updates.

		SMART Training Courses (Seminars on Mastering Audit Real-world Techniques)
COURSE NAME	INSTRUCTOR	CONFIRMED DATES OR EST. TIMEFRAME	DFW LOCATION
Risk Based Auditing: A Value Add Proposition	IIA Lead Instructor	February 17-18, 2011	American Airlines
Advanced Operational Auditing	IIA Lead Instructor	May 24-25, 2011	JCPenney
We are able to bring these seminars to you for a low cost because IIA-member companies are providing their offices for the training sites.  If your company is interested in hosting a course and receive free registrations, please contact Pamela Krakosky at pkrakosky@verizon.net to find out more details.  And if you would like to recommend a course topic and/or instructor, please contact Pamela.

Risk Based Auditing:  A Value Add Proposition

Class size is limited!

Operational Auditing - Advanced

Class size is limited!

Membership Updates

***2011 Membership Challenge Information is coming in the February 2011 eNews.  Please see our next issue for additional details. It will be a challenge you will not want to miss!***

New Ways to Network

The Dallas IIA launched a Facebook and LinkedIn group.  Brought to you by the membership committee, these tools will allow you another avenue to grow your online network, communicate with other Dallas IIA members, and stay on top of current chapter events.  LinkedIn is geared to professional networking; Facebook is used for both professional and social networking

• If you already have a profile at either one of these websites, you can join the Dallas IIA group by searching for it.
• If you don’t have a profile but would like to set one up, visit www.linkedin.com and / or www.facebook.com and follow the instructions.
• If you have questions contact membership@dallasiia.org

As a member of The IIA, you already know the value you receive, and now we’re giving you an incentive to tell your friends and colleagues about it!

With the new, year-round Recruit-a-Colleague membership program from The IIA, the more friends and colleagues you recruit to become members, the more chances you have to win free training and professional development! For complete program details, visit www.theiia.org/Recruit.

The Dallas IIA Chapter would like to extend a warm welcome to our new members who joined the Chapter in October 2010:

To All IIA Dallas Chapter Members:
In order to stay alert of upcoming meetings and other events our local IIA chapter has to offer, we encourage every active member to “like” our page on Facebook! Simply sign onto Facebook using your personal username and password, search for page “Dallas Chapter of the IIA,” and click on “like.” Events and links posted to the Dallas Chapter of the IIA page will start appearing on your personal homepage mini-feed.

Report Your Speaking and Writing

It's time again for the survey to determine which IIA Dallas Chapter members have submitted articles or spoken since November 1, 2010. Each speaking engagement on internal auditing that a Dallas Chapter member completes will earn the Chapter 1 credit per CPD hour. Each full article, Roundtable article, Fraud Finding, etc. submitted that meets basic editorial guidelines will earn 5 credits. For each full article published 20 credits are earned. Each internal audit related article published in any other trade or professional journal that is authored by a chapter member is 5 credits.

To report your writing and speaking go to http://dallasiia.org/Speaking.htm and complete the provided form by January 31, 2011.

6th Annual Fraud Summit - Workshop and Conference-Workshops March 24, 2011 and Conference March 25, 2011

Sign up now! Sessions will close out once the conference and workshops reach capacity. In addition, please note that discount pricing ends January 15 for the conference, including the special discount of “pay for three, get the fourth person free.” Sign up for the workshops or conference separately, but take advantage of the discounts prior to January 15. We are also excited to let you know that in these times of rising prices, we are extending the 2010 Conference prices to the 2011 event so that the cost of this year’s event will be the same as last years.
The Fraud Summit has turned into a two-day event, as many of you requested to add seminars the day before. Last year, we had three workshops that filled up, and this year we have added a fourth. We have four outstanding seminars being offered, and each close out when they reach capacity of around 50 per session. Courtenay Thompson will do a session on, “Fraud Strategies and Tactics: A Workshop for Internal Auditors”. Brian Thomas from Weaver, LLC will do a workshop on, “Current Trends in Information Technology Fraud”. Deanna Sullivan will present a workshop on “Why do People Turn to the Dark Side?” Steve Pedneault will have a workshop on “Preventing and Detecting Employee Theft and Embezzlement”. For more details on the workshops, see PDF/6th_fraud_summit.pdf along with the registration for the workshops.

The conference itself has also expanded to provide even more value. We will have some exciting keynote speakers including Kurt Eichenwald, a well-renowned author and investigative journalist. Because Kurt is speaking, we will also provide a copy of his latest book, Conspiracy of Fools, which he will be signing after the presentation. We will also be offering other exciting speakers, and you will have the option to choose between 18 breakout sessions in the afternoon. The afternoon sessions will be full of real-life examples and with the latest techniques in fraud detection.

Sign up http://dallasiia.org/Seminar_Reserve_032411.htm, or if you have any questions contact Chris Linsteadt at chris.linsteadt@utdallas.edu.

Employment Opportunities

Children's Medical Center Dallas  (11/16/10)

Position Summary

This position is responsible for conducting operational, financial, and compliance audits and consulting projects as approved by the Audit Committees of Children’s Medical Center Dallas and Children’s Medical Center Foundation.  This position helps achieve organizational objectives by improving the efficiency and effectiveness of business processes and providing guidance on control activities to mitigate risks. The position will help achieve departmental goals by assisting in the completion of the Annual Internal Audit Plan with value-added outcomes.

Essential Duties and Responsibilities

• Design, draft and execute audit programs which includes: identifying and prioritizing risks; interviewing personnel; gathering sufficient, competent, relevant and useful evidence for analysis; testing the design and reliability of internal controls; assessing operational effectiveness and efficiency; discerning compliance with laws and regulations; identifying opportunities for improvement; and documenting the results of all work performed in a timely, concise, and accurate manner in accordance with IIA Standards.
• Research, modify and correct audit work based on detailed quality assurance reviews
• Collaborate with audit clients to devise workable solutions to improve the efficiency and effectiveness of internal controls or business processes
• Draft internal audit reports with detail, accuracy and professionalism
• Participate in special projects or assignments as determined by the Internal Audit Manager 
• Participate in educational conferences, seminars or specialized training to improve internal audit effectiveness, maintain required continuing professional education and knowledge of hospital compliance

Qualifications

Education

• Bachelor’s degree in Accounting or related discipline required. Master’s degree in Accounting preferred.

Licenses & certifications

One of the following certifications is required:

• CPA-Certified Public Accountant
• CIA-Certified Internal Auditor
• CISA-Certified Information Systems Auditor

Experience

• A minimum of three years experience in internal audit or public accounting required
• Experience in healthcare industry highly preferred
• Experience with TeamMate, ACL, Epic, and Lawson preferred

Specific knowledge, skills and abilities

• Must possess maturity and professional presence to interact with employees at all levels of the organization
• Must have excellent written and verbal communication and presentation skills
• Must be able to prioritize, multitask and work timely and effectively under taxing situations with minimal supervision
• Must maintain absolute confidentiality and adherence to the IIA Standards and Code of Ethics
• Must be able to work in a team environment and put team interests above individual benefit
• Must have a positive attitude and maturity to support decisions of management in word and deed

United Surgical Partners International  (11/16/10)

Headquartered in Addison, Texas, United Surgical Partners International (“USPI”) is a leader in the ambulatory surgery center and short–stay surgical hospital industry.  Many of our 195+ domestic facilities are jointly owned with not-for-profit healthcare systems. We also operate facilities in London, England.  USPI was founded in February 1998, went public in 2001 and was taken private again in April 2007.

USPI is currently seeking a STAFF INTERNAL AUDITOR, to be based at the corporate headquarters in Addison, Texas, with the following qualifications:

• Bachelor’s Degree in accounting or other similar field
• CPA or CIA strongly preferred, with a minimum of two years in accounting or auditing function
• Experience documenting and testing internal controls
• Information technology auditing and/or Oracle experience a plus
• Ability to write reports and business correspondence
• Ability to effectively present and respond to questions from operational and financial managers
• Ability to travel.  A portion of the job will entail site visits in the US, including overnight travel (no more than 25-30%) and some exposure to patient care areas of the surgical centers/hospitals.

Responsibilities and Expectations
The following description is intended to reflect the major responsibilities of the job, but does not describe the minor duties or other responsibilities as may be assigned from time to time.  Reasonable accommodations may be made to perform the essential functions.

• Perform audit reviews both at surgical facilities and the Home Office, including duties such as selecting testing samples, interviewing auditees, testing internal controls, evaluating the efficiency and effectiveness of processes, developing work papers and documentation of audit findings, and identifying causes or contributing factors relating to problems or control weaknesses.
• Observe and evaluate actual operating procedures.  Assist in the identification of existing or potential inefficiencies and internal control weaknesses.
• Assist in training new auditors and rotational accountants to conduct audits of surgical facilities and Home Office processes.
• Determine data requirements. Accumulate, verify and analyze available data.
• Escalate findings to audit management for development of appropriate recommendations for solution or improvement of any problems or control deficiencies uncovered.
• Assist in drafting audit reports detailing findings and recommendations and in maintaining an audit recommendation repository. 
• Organize and compile final work papers for file maintenance and reference.
• Conduct and summarize internal control testing for Sarbanes-Oxley purposes.
• Assist in the preparation of reports and communications for the Audit Committee.
• Assist senior auditors and/or audit management in special projects as needed.
• Assist in the development of the annual audit plan and schedule.

For consideration, please send your resume to khutter@uspi.com
or fax it to 972-692-5983

If you would like your employment opportunities to appear in this space or in the newsletter, eNews, please contact Chad Duncan at advertising@dallasiia.org.

This page was last updated on Thursday, February 19, 2015 at 03:20 AM PST.

For problems or comments concerning this information,
please contact the webmaster@dallasiia.org

© 1998-2015 Dallas Chapter Institute of Internal Auditors
P. O. Box 261747, Plano, TX 75026-1747