April 2004

Thursday, April 22, 2004
CityPlace Conference Center

Meeting 12:00pm - 1:20pm
Registration begins at 11:30pm

Privacy – Review and Application of
the AICPA/CICA Privacy Framework

Sagi Leizerov, Ph.D.
Ernst & Young

One of today's business challenges is maintaining the privacy of a customer's personal information, and good privacy practices make good business sense.

The AICPA/CICA Privacy Framework contains best practices that any organization can use, whether online or offline, and incorporates all significant domestic and international privacy laws, regulations and guidelines.

Although designed for CPAs/CAs in public practice, the framework can be used by Internal Auditors as well to assist their organizations with privacy strategic and business planning, privacy gap and risk analysis, benchmarking, privacy policy design and implementation, performance measurement, and independent verification of privacy controls. Internal Auditors (as well as CPAs) can perform internal assessments against something they can measure-the AICPA/CICA Privacy Framework.

Dr. Sagi Leizerov is a leader in Ernst & Young’s privacy practice and has worked with organizations from both the private and public sectors on privacy-related issues serving clients in the on-line, computer, financial, human resources and healthcare industries.

Sagi holds a BA from the University of Maryland in behavioral sciences, an MBA with a marketing concentration from Johns Hopkins University, and a Ph.D. in conflict analysis and resolution from George Mason University. Sagi’s dissertation studied the conditions and variables affecting Internet companies’ approaches to privacy. His articles have appeared in both business and academic publications, and he is a frequent presenter in privacy conferences.

Pre-Meeting 10:30am - 11:30am

Current Ethical Considerations for Audit Professionals

Presented by Dr. Raymond Clay, University of North Texas

An informative and entertaining look at ethics and the impact ethical behavior can have on the personal life and professional career of audit professionals. This presentation will examine both the ethical rules that are designed to govern professional behavior and the accepted ethical norms that are designed to suggest acceptable personal behavior. Some observations are provided as to how audit professionals can improve their work environment and their interactions with others.

Raymond J. Clay, Jr., DBA, CPA currently holds the Internal Audit Professorship in Accounting at the University of North Texas. Prior to joining the faculty at North Texas, he spent three years as Director of Professional Development for Union Pacific Corporation. Dr. Clay received his Bachelor’s and Master’s degrees from Northern Illinois University and his Doctorate degree from the University of Kentucky. He has held faculty positions with Indiana State University and Texas Tech University and spent time on the audit staff of Price Waterhouse & Co. in their Chicago office. He has held significant committee appointments with the American Accounting Association, American Institute of Certified Public Accountants, and the Institute of Internal Auditors. He is the author of five books, 12 continuing professional education courses, and numerous articles appearing in professional journals. Dr. Clay serves as a consultant for several firms and has twice been named the Outstanding Continuing Education Discussion Leader by the AICPA and three times by the Texas Society of CPAs. He also received the 1999 Leon Radde Educator of the Year Award from the Institute of Internal Auditors, and was named Outstanding Accounting Educator by the Texas Society of CPAs in October 2000.

Post-Meeting 1:30pm - 2:30pm

Panel Discussion – Auditing Privacy Related Issues

Scheduled to Participate:
Sagi Leizerov, Ph.D., Ernst & Young
Ken Askelson, JCPenney
Scott Sullins, JCPenney
Sonya Yoo, Texas Instruments

To supplement the luncheon discussion on privacy, this panel will share their experiences with privacy-related issues in the scope of internal audit work.

• Sagi Leizerov, Ph.D., from Ernst & Young Privacy Assurance and Advisory Services. Sagi is a member of AICPA Privacy Taskforce.
• Ken Askelson, JCPenney Senior Audit Manager. Ken is a member of the AICPA Privacy Taskforce.
• Scott Sullins, JCPenney Senior Audit Manager. Scott is involved in his company’s privacy committee and privacy related audits.
• Sonya Yoo, Texas Instruments Senior Auditor. Sonya participated on the TI.com Web site audit team that reviewed various work processes and control points surrounding the Web site and created and executed the audit program on privacy for that audit.

This meeting is being held at CityPlace Conference Center, 2711 North Haskell Street, Dallas, Texas 75204

The DART light rail station at CityPlace serves both the RED and BLUE lines. Check for schedules, routes and fare information at  http://www.dart.org/default.asp

Preferred Method:

The best method to place and confirm your reservation is via the web site at http://www.dallasiia.org/Reserve.htm.

Secondary Method:

An optional method is to use the telephone, fax, or e-mail. However, a $2 phone/fax/e-mail fee will be assessed to each reservation.

Reservations must be received by noon on Friday, April 16, 2004 or a $5 late fee will be charged.

Those who register by the deadline and attend the Pre-Meeting will be able to "pre" check-in for the luncheon from 9:25am until 10:10 am.

We reserve the right to bill for "no-shows."

Please mark your calendar for the balance of the 2003-2004 chapter year:

• Thursday, May 20

We Now Accept Credit Cards - Online Only

The IIA Dallas Chapter, in conjunction with PayPal, will now accept payment online for the monthly luncheons. There is no change in the cost to you for the lunch. We accept VISA, MasterCard, Discover, American Express, or eCheck. Note that some corporate-issued cards are not accepted by PayPal. This service is only available online at the time the reservation is made. This can be used to pay for individual or group reservations. Follow the instructions on our website. If you properly cancel a reservation before the meeting, the Chapter will either return the funds to you or reserve you for the next meeting. Any questions, contact Pamela Krakosky, 972-849-3440 or pkrakosky@aol.com.

After you place your reservation online, you will see the link to pay via PayPal if desired.

The Annual Dallas IIA Almost Free Seminar

Behavior & Communication Skills

Presented by Courtenay M. Thompson

The University of Texas at Dallas School of Management Building 
Friday, May 21, 2004
8:30 a.m. – 4:30 p.m.

Join us for an exciting day!

Internal auditors are expected to do more in 2004 than ever before, in perhaps the most challenging environment of all times. Success at work and at home depends upon our ability to deal effectively with others. Auditors are charged with selling new ideas, introducing change and resolving conflict. This course is designed to help auditors better understand themselves and others, and offers specific suggestions so auditors can be more effective in achieving desired results. Examples and exercises are based upon actual internal audit situations.

Topics covered in this one-day course include:

• Communication - verbal and non-verbal
• Communication - listening
• Managing your mind
• Using belief
• Practical approaches for difficult situations
• Maintaining emotional control
• Developing and maintaining rapport
• Suggestions for more effective interviews
• Mistakes to be avoided
• Practical approaches to problem solving
• Using brainstorming
• Empathy and understanding

This course combines participative lecture with exercises designed to reinforce and anchor learning points. Participants will learn and practice proven techniques for enhancing interactions and relationships.

This course is for auditors at all levels who want to improve their personal effectiveness in dealing with colleagues and auditees.

Fees are $35 for Members; $15 for Student Members; and $200 for Non-Members.

For questions or registration information, contact Jeff Seutter at Seutter1@comcast.net or 972-431-8906.

COURTENAY M. THOMPSON JR.

Courtenay Thompson is a recognized authority on training and development for internal auditors. Since entering the educational consulting field in 1981, he has written and presented courses for numerous corporations, government and professional associations.

Although best known for training auditors in effectively meeting the challenge of fraud, Courtenay also develops and conducts courses on improving audit effectiveness, behavior and communication skills. He is the co-developer of courses on audit and control of construction costs and health benefits administration. His courses are known for providing practical approaches to real problems encountered by internal auditors.

Mr. Thompson's experience prior to consulting includes public accounting, audit supervisor for consumer financial services for a large retailer, and director of auditing for a life insurance company.

Thompson received his BBA and MBA degrees from Southern Methodist University and is a Certified Public Accountant. He is a member of various accounting and auditing professional associations.

The Dallas Association of Certified Fraud Examiners’ 14th Annual Fraud Seminar, “Advanced Interviewing Techniques,” will be held on Friday, May 7, at CityPlace. Speakers are as follows:

Mac Fulfer will present “Amazing Face Reading.” For more information, please refer to www.amazingfacereading.com.
Ginger Allen, Investigative Reporter, Channel 11.
Joseph Buckley, President of The Reid Institute.

Eight hours of continuing education credit, continental breakfast, lunch, snacks, etc, are included. The member and guest prices are $100 and $125, respectively, if paid in advance; or $125 and $150 on the day of the seminar.

To register, please contact Vickie Blair at FraudSolutions@aol.com or 972-772-9466.

NAFTA Seminar/Compliance Certificate Series

The International Trade Center is part of the Small Business Development Center network. It is a non-profit organization that is funded by a partnership of the Small Business Association, Dallas County Community College District, Greater Dallas Chamber of Commerce, and International Business Development.

The International Trade Center is presenting a global market series that focuses on import/export trade and includes compliance issues. The seminars have been approved for CPE/CPM credit.

BIS Licensing & Compliance Certificate Program*: This two-day seminar will address EAR structure and policy changes, all considerations of licensing process, compliance and record keeping. Date: June 2-3, Time: 8:00 a.m. - 4:30 p.m., Cost: $285 (if payment is received by May 12, the cost is $235). Classification Workshop: Half-day workshop Date: June 4, Time: 8:00 a.m. – Noon, Cost: $65 (if payment is received by May 12, the cost is $50). You must complete both full-day seminars, June 2-3, to earn the BIS Licensing & Compliance Certificate.

NAFTA Certificate Series: NAFTA has created significant opportunities for Texas Exporters. Don’t let the customs rules become a trade barrier! Seminar Topics include: NAFTA Rules of Origin, Customs Procedures, Marking & Labeling. Date: June 10, Session I Time: 8:00 a.m. –noon; Session II Time: 1:30 p.m. - 4:30 p.m., Cost: $90 ($45 per session). If payment is received by May 26, the cost is $80 ($40 per session).

Contact: 214-747-1300 or www.iexportimport.com for more information.
*Dates, times and cost are subject to change.
Seminar location: World Trade Center

Chapter News

New Dallas IIA Members

The Dallas IIA added 73 new members in the months of January, February and March! As the Chapter grows, so do the opportunities for networking and the sharing of knowledge. Please welcome the following new Chapter members:

Refer a New Member and You Might Cruise the Caribbean for Free!

The gentle lull of a rocking boat, the warmth of the tropical sun, the intoxicating smell of suntan lotion, and the sight of seabirds soaring overhead could be yours as the grand prize winner in The IIA's Refer-a-Friend Membership Drive.

Fill out the sponsor section of a special Membership Application and pass it on to prospective members, or send The IIA a list of prospects and we'll send them membership information and mention your name as their sponsor. For each new member you are credited with sponsoring before May 31, you will receive an entry in a drawing for an exciting seven-night Caribbean cruise for two. All participating members and new members will automatically receive a special IIA gift.

A Membership Application can be obtained on line at the IIA's Web site at https://www.theiia.org/iia/index.cfm?act=form.newmember

IIA Research Foundation – Update on Research Projects

The Research Foundation has instituted an Emerging Issues Series that is designed to provide internal audit practitioners with up-to-the-minute information and guidance, based on qualitative and quantifiable research. This Series advances The Foundation's goal to respond more quickly to important changes in the profession and get the results of the research into the hands of more people faster than ever before.

The first of the Series is entitled The Sarbanes-Oxley Act of 2002: Effect on Audit Committee Meetings at Publicly Traded Companies.
http://www.theiia.org/iia/index.cfm?doc_id=4624

This report is provided as a service to members of The IIA. IIA members may reproduce and distribute copies for use within their organizations. Non-members are asked to make a tax-deductible contribution (suggested amount of $40) to The IIA Research Foundation before downloading the files.

The second in the Series is expected to be issued shortly and will be entitled The Sarbanes-Oxley Act of 2002: Effect on Audit Committee Meetings at Organizations that are Not Publicly Traded.

FRAUD: Upcoming Publication Supplement

On May 7, 2004, the Dallas Business Journal will publish a special advertising supplement designed to educate local businesses and consumers on how to detect, report and deter all types of fraud. This supplement may be of interest to Chapter members.

Fraud Practitioners: If you are interested in reserving your advertising space, please contact Megan Harrison at 214-706-7134 or mharrison@bizjournals.com. The space deadline is April 24, 2004. If you contact Ms. Harrison, be sure to mention that you saw this information in the Dallas Chapter IIA newsletter. The Dallas Business Journal reaches over 92,000 readers per week!

Please note: Dallas IIA is not sponsoring this supplement. It is noted here only as a sharing of information.

Endorsed Internal Audit Program Update at the University of Texas at Dallas – Upcoming Events

I would like to start by thanking everyone from the Dallas IIA Chapter for making this first year at UTD and the Endorsed IIA Program a big success! I know there is so much more we could do, but I feel like the students got a lot out of the involvement with the auditors of the Chapter.

In March, John Calhoun presented on SOX and the Whistle Blower Implementation for the Student Chapter. The students also continued to work on three audits at UTD.

April started with a bang and the first golf outing that the Student Chapter coordinated at the Firewheel Golf Course in Garland. The end of April is final exam week, so the students are busy completing projects, studying for the CIA and CISA, interviewing, and deciding what they want to do next year.

On April 16, the IIA Student Chapter has planned a Happy Hour at Jack’s Pub beginning at 5 p.m. For more information contact Roby Singh at 972-248-9092. Many students plan to attend and all auditors are also welcome to participate. In that same week, on April 14, we are having our second panel of six professional auditors to discuss: “Career Opportunities in Internal Audit.” These discussions are recruiting events for attracting students who want to learn more about internal audit.

A resume book of students in the UTD IIA Chapter is available. We have students available for internships or full-time internal audit positions. Most of them have been through the Internal Audit class. If you have a need for additional audit resources and would like to review the resumes you can contact Mark Salamasick at 972-883-4729 or mark.salamasick@utdallas.edu.

The new Endorsed Internal Audit Program is also designed to meet the needs of those employees transferring from other areas of the company to an internal audit role. The program also encourages audit practitioners who would like to get current on audit techniques and prepare for the CIA exam. The courses in “Internal Audit” and “IT Risk Management” are offered every fall and spring semester. In addition another new course is planned for this fall on “Analytical Reviews Using Audit Software.” If you are have interest in the program or the new course please contact Mark Salamasick. The new course will be offered on Saturdays during the 2004 fall semester.

Plans are being made for the upcoming Dallas IIA and North Texas ISACA Chapter meetings at UTD, in addition to a seminar with the Institute of Corporate Governance at the University. If you have ideas for additional activities during 2004, or would like to provide assistance, please contact Mark.

Free Audit and Assurance Software Expo Materials Available Online

At the conclusion of the March 11, "Making Sense of Audit and Assurance Software In The SarbOx Environment" expo, The IIA's North Jersey Chapter made all of the content available online for anyone to download. This was the first expo of its kind, bringing together 23 of the top audit and assurance software vendors and close to 200 participants. The expo was geared to auditors and financial analysts looking to:

• View the entire landscape of audit software products through practical presentations by more than 20 leading software vendors.
• Gain new ideas and practical tools on how to maximize audit and assurance software.
• Obtain information on each product and the product category to assist in any vendor selection process.
• Network with peers on the challenges and opportunities these categories present.

Visit www.theiia.org/chapters/NJIIA for additional details and a link to all presentation materials, vendor information, and other free tools for downloading.

Report Your Speaking and Writing

It's time again for the survey to determine which IIA Dallas Chapter members have submitted articles or spoken in March, or earlier if not previously reported. Each speaking engagement on internal auditing that a Dallas Chapter member completes will earn the Chapter 1 credit per CPD hour. Each full article, Roundtable article, Fraud Finding, etc. submitted that meets basic editorial guidelines will earn 5 credits. For each full article published 20 credits are earned. Each internal audit related article published in any other trade or professional journal that is authored by a chapter member is 5 credits.

To report your writing and speaking go to http://dallasiia.org/Speaking.htm and complete the provided form by April 15, 2004. Contact Magdalena Kovats (214-777-0581 or magdalena.kovats@resources-us.com) if you have any questions.

Career Opportunities

Are you currently in the job market either voluntarily or involuntarily? Let the Employment Committee help you. Send us your resume and we will include you in our resume database. We receive calls from recruiters and hiring managers for open positions and will forward your resume if there is a match. We get calls for staff to director levels, IT to finance, local to out of town. All inquiries will be handled confidentially. If you have any questions, give us a call or e-mail us. We look forward to helping you.

Fred Herman, Employment Committee Chairman, 972-801-1208, fsjnherman@aol.com.

Audit Senior/Audit Specialist

Accountabilities of an Audit Specialist include planning and directing a wide range of complex audits of TXU's policies, procedures, and business processes using advanced audit expertise. Frequently using sophisticate audit and risk management techniques. Often times acting as Auditor-In-Charge (AIC) of an audit project team. Developing audit programs, planning and directing audits, preparing reports, briefing all levels of management and reviewing work papers for accuracy and completeness. Identifying business risks and providing advice, along with consulting management on internal controls to manage the business risks. Additional accountabilities include:

• Using integrated auditing techniques to audit computer dominant business processes.
• Participating in the development and implementation of the annual audit plan.
• Monitoring developments within the industry and advising management of potential risks to their business objectives.
• Actively participating in client teams in the re-engineering and design of business processes.
• Developing an open and positive relationship with all levels of line and executive management based on mutual trust and respect and focus on common business objectives.

Qualifications

• Bachelor’s degree in Accounting or other appropriate discipline.
• Five to seven years of relevant audit experience.
• Knowledge of commodity risk terminology, control activities, and measurement techniques is highly desirable.
• Graduate degree in a business discipline and /or certification (CPA, CIA, CCSA).
• Advanced written and oral communication skills.
• Effective interpersonal skills (i.e., relates well to people and builds appropriate rapport).
• Ability to plan, organizes, analyze, and conceptualize. * Effective time management.
• Ability and presence to effectively lead self-assessment workshops with all levels of management.
• Ability to consult in all areas of risk management.
• Broad-based business knowledge and audit experience that combines the ability to see the big picture with appropriate attention to detail.

Apply on line at: http://www.txucorp.com/working/na/jobs/our_positions/listings.asp?ID=6488

Affirmative Action/Equal Opportunity Employer

Project Audit Manager

BASIC FUNCTION:

Plan, lead and conduct complex business process audits of energy trading operations including trading, risk management, risk control, contract administration, credit and accounting to provide management and the Audit Committee an independent and objective assessment of the adequacy and effectiveness of the internal control environment.

PRINCIPAL ACCOUNTABILITIES:

Understand the policies, processes, procedures, risks and relationships of a wide array of functional areas- both individually, as they interrelate with each other, and their impact on the overall business control environment.

Understand industry best practices with respect to energy trading policies, processes and procedures.

Perform, manage and/or coordinate reviews and audits of a wide variety of areas including:

•Deal capture processes and control practices providing recommendations of control measures to ensure that the risks in all physical and financial instruments (e.g., forward contracts, derivative financial instruments including swaps, options, futures , and structured transactions) executed by energy trading have been disaggregated and captured in a central transaction management system.

•Deal confirmation processes and control practices to provide independent assurance to management that all transactions executed by trading and reflected in the transaction management system have been confirmed with the counterparty.

•Contract administration processes and control practices to ensure adequacy and effectiveness of the contract development, review and execution processes including specific provisions for notices, events of default, financial responsibility, failure to perform and remedies, term, form of confirmation and billing/payment.

•Forward price curve validation processes, methodologies and control practices to ensure price curves are developed for each traded commodity on an on-going basis, independently validated by Middle office personnel to represent fair market values and captured in a central system for use in daily mark-to-market valuations and other analysis by risk management and trading operations.

•Quantitative model development processes to determine the effectiveness of the application of internally developed valuation and pricing models (e.g., value-at-risk (VaR), cash flow-at-risk, stress testing, back testing, options, weather derivatives and credit VaR) and assess model certification processes and methodologies.

•Processes, procedures and assumptions of internally developed quantitative models designed to properly measure energy risk using Monte Carlo simulation including validation of the adequacy of confidence levels and time horizons, and identification of risks and limitations of models.

•Mark-to-market portfolio valuation processes and controls including an examination and assessment of the overall structure of the risk book (i.e., commodity, risk type, region, tenor, etc.), trends, analysis and valuation techniques to ensure consistency, appropriateness, applicability and integrity of valuation processes.

•Quarterly compliance audits of critical areas of risk management such as deal capture, confirmation, validation of forward price curves and mark-to-market valuations to provide assurance that established processes and control practices are operating as intended and provide assistance to external auditors in the quarterly review for 10-Q/K reporting.

•Coordinate integration of process reviews and control assessments with information system security and functionality audits to provide a more balanced view of overall systems application and business process risks and controls.

•Credit risk processes and controls to ensure that credit risk has been identified, measured, monitored, reported and mitigated in accordance with industry practice and corporate policy and procedures.

•Settlement processes with respect to physical and financial trades involving natural gas, power, coal, oil, emissions credits, weather derivatives and capacity auction with a variety of counterparties including ERCOT, ISO’s QSE’s, brokers, other affiliated entities and over-the-counter trading partners.

Develop written reports that succinctly explain complex business issues and associated recommendations for modifying policies, processes and/or procedures to mitigate risk and improve the control environment.

Prepare and deliver verbal presentations to senior management that summarize audit reviews and include the supporting business rationale for recommended policy, process or procedural changes.

Develop and maintain effective partnering relationships with business unit management.

Assist Portfolio Management in identifying and assessing business risks, controls, strengths and improvement opportunities by facilitating risk and control self-assessment workshops for front, middle and back office management.

Provide input and assist in preparation of annual Portfolio Management audit plan.

Provide support to internal audit management and, as requested, represent internal audit in monthly risk management forum or risk monitoring committee meetings with executive management of Energy Trading and Corp.

NATURE & SCOPE:

The primary role of internal audit is to provide management and the audit committee an independent assurance that business processes and controls are established and functioning as intended in accordance with sound risk management policy and procedures. The Project Audit Manager is required to provide the technical, managerial and professional expertise necessary to incorporate an understanding of the risk drivers into the preparation of risk based functional, operational and compliance audits of energy trading operations. Key activities include developing a more progressive value-added risk assurance orientation and maintaining effective working relationships with the officers of trading, risk management, accounting and credit as well as many mid-level directors and managers. The role of Project Audit Manager is challenged with a fluid target of risks that expand and contract as portfolio management implements process and system changes, expands into new commodities and markets, and interfaces with generation and retail systems and processes in deregulated markets.

MINIMUM REQUIREMENTS:
•Undergraduate degree in accounting, finance, mathematics or related discipline
•8 to 10 years of audit / risk management experience
•Energy Trading experience
•Strong qualitative, financial and deregulated energy market experience supporting commodity trading or risk management functions
•Thorough understanding of 1) forward contracts involving physical delivery of wholesale and retail energy commodities 2) derivative financial instruments including futures, options, swaps and applicable pricing and valuation methodologies
•Clear understanding of energy risk management methodologies and internal audit strategies
•Excellent written and verbal communication skills appropriate to interact with senior management team
•Excellent organizational and managerial skills
•Notable experience in leading and performing complex projects
•Strong understanding of credit risk management methodologies and credit enhancement/mitigation tools

Comments:
This position is mainly responsible for individual audits of a complex nature.
Large, complex reviews and audits may require a team of 2 auditors in order to timely complete the project. The Project Audit Manager, as team lead, is responsible for planning, developing, coordinating, scheduling, managing the resources, completing the project and communicating the results and recommendations to internal audit and management.

Apply on line at: http://www.txu.corp.com/working/na/jobs/our_positions/listings.asp?ID=6414

Affirmative Action/Equal Opportunity Employer

SENIOR INTERNAL AUDITOR
Parkland Health & Hospital System
Dallas, Texas

At Parkland, we care about our patients and our employees. Parkland employs over 6,500 people and has full and part time job opportunities throughout the hospital and its community-based clinics. Parkland employees are a diverse team that depends on one another to provide quality health care to patients and improve the quality of life for employees. We welcome you to join us on our journey to continue to be the best.

SENIOR INTERNAL AUDITOR

Description: Conducts routine and more complex audits of specific operations requiring the development of data, interpretation of intangible or unusual factors, summarization of findings and presentation of recommendations and suggestions, and serves as the lead auditor when necessary.

Requirements: Must have a Bachelor's degree in Business with eighteen hours of Accounting courses plus five years of previous operational & financial audit experience in a healthcare environment; OR, must have a Bachelor's degree in Business with eighteen hours of Accounting courses plus six years of progressively responsible experience doing operational and financial audits in an internal audit environment.

Certification/Registration/Licensure: CIA preferred

To apply: Please send you resume to:

Parkland Health & Hospital System
Attn: Yolanda Roach
5201 Harry Hines Blvd.
Dallas, TX 75235
Phone: 214-590-8269
Fax: 214-590-2767
E-mail: yroach@parknet.pmh.org