eNews - December 2011

The President’s Letter

Greetings Dallas Chapter of the IIA, and thank you again for another great meeting on November 1st. We had a tremendous turnout for our “Fraud Day” and joint meeting with the Association of Certified Fraud Examiners (ACFE). Our speakers were informative and entertaining as well, judging from our speaker feedback. This year has been a success thus far thanks to YOU – our outstanding membership of DIIA!

For our December meeting, we will be back at Cityplace Conference Center on Thursday, December 1, 2011 for our “Risk Assessment” month. This will be a timely theme, as many of us are going through our planning process for 2012 activities. Online registration will end at the close of business on Friday, November 25, 2011, so please register early by visiting the chapter web site.

Our December CAST meeting will cover the basics of performing a risk assessment and will feature Al Bazis from DART. Al is a member of the Dallas Chapter of the IIA Board of Governors and delivers an informative and tactical presentation on this topic.

Our Pre-Meeting will feature the renowned Courtenay Thompson, who will present “Separating Fact from Fantasy - What Auditors Really Need to Know & Do about Risk in 2012”. Many of you have seen Courtenay speak at other chapter events or seminars, and we are certainly fortunate to have him cover this topic in December.

Our CAE Spotlight will feature David Shackelford, Director of Internal Audit at Fossil, who will briefly discuss a background of his team, industry and best practices at Fossil.

You’ll certainly not want to miss our featured luncheon speaker, Katherine Findlay from Southwest Airlines, who will present “Evolving the Risk Assessment Process and Designing Your Audit Plan”.  This will be an excellent opportunity to hear Katherine speak strategically and tactically on how Internal Audit and Risk Management work at one of the world’s largest and most successful companies, Southwest Airlines.

Our Post-Meeting will feature Chris Mitchell from Whitley Penn, who will present, “Why is ERM so Important to Today’s Executive Management Team”.  This session will provide a better understanding of Enterprise Risk Management and its evolved use and focus within companies.

Finally, in closing, I would like to remind you to register for our Fall SMART Seminar, which will feature Dr. Dan Kneer, who will present “Business Process Analysis in Complex Systems: Getting Over the IT Fear Factor.”  This seminar will be held on Tuesday, November 29, 2011, at the Doubletree near the Galleria. We feel this will be an excellent training opportunity, as the course endeavors to bridge the gap between “process” and IT auditing in today’s ever-changing business landscape.  Dr. Dan is a very popular and accomplished speaker, and as such, his seminars nearly always sell out.  Please register on the Dallas Chapter of the IIA web site by November 18, 2011 to guarantee your spot.

Thanks again to our excellent membership and Happy Holidays!

Sincerely,
Brian Amend
2011/12 President – Dallas IIA
president@dallasiia.org

Thursday, December 1, 2011

Joint meeting with

Risk Assessment/Audit Planning

Meeting 12:30pm - 1:30pm
Lunch to start being served at 11:45
Registration begins at 11:30pm

Evolving the Risk Assessment Process and Designing Your Audit Plan
Katherine Findlay, Managing Director of Internal Audit, Southwest Airlines

Objectives: A Company’s Audit Plan should contain audits designed to test high risk areas and process improvements which provide value to the organization and shareholders. An Audit Plan that achieves those goals is designed through the knowledge gained in the risk assessment process. This presentation will allow you to gain an understanding of the following:

  • Potential inputs to the risk assessment process
  • The frequency in which assessments are performed
  • The Team Members’ roles in evaluating risk
  • How to synthesize risk assessment results into a risk-based Audit Plan.

Katherine Findlay serves Southwest Airlines (SWA) as its Managing Director, Internal Audit.

The SWA Internal Audit Department champions compliance and offers practical solutions to improve business operations and assist in corporate governance. Katherine’s Internal Audit Team designed and piloted the Company’s first Mentorship Program. She has received the “Leading by Example” and “Winning Spirit” awards at Southwest Airlines.

Prior to joining SWA in 1993, she was with Ernst & Young where SWA was one of her most valued Clients. Katherine began her career at SWA in the Internal Audit group before moving into the Finance organization as Director of Maintenance Finance & Budgets. Prior to returning to the Company’s Internal Audit Department in 2010, Katherine served as the Senior Director of Maintenance Services where she oversaw the Company’s outsourced maintenance activity, Maintenance Training and a unionized warehouse management workgroup in Maintenance & Engineering. Katherine is a member of SWA's Diversity Council, a group with companywide representation that seeks to promote diversity and inclusion outside and inside the organization. She is member of the University of Texas at Dallas (UTD) Internal Audit Education Partnership Advisory Board and Endowment Committee. She also participates in both the DFW Audit Executive Roundtable and Ernst & Young’s Enterprise Risk Roundtable. Katherine supports her Department’s participation in IIA events and training, Committee participation, and local roundtables. She is an advocate for the profession, and continues to host UTD students and visitors as they explore internal audit as potential careers.

Education: Katherine graduated with honors from Texas Tech University in 1990 earning a B.B.A. in Accounting. She is a Certified Public Accountant.

Personal: Married (Troy) with two children, Noah (8) and Cole (6). In her spare time, she enjoys spending time with her family, reading, boating, traveling, and just relaxing. She serves as the PTA Volunteer Coordinator for both children’s school classes, and teaches religious education at her Church.

1 Hour Continuing Professional Education


CAE Spotlight 12:00pm - 12:30pm
Registration begins at 11:30pm

David Shackelford, Sr. Director of Internal Audit, Fossil, Inc

No prerequisites required.

The objective of this brief presentation is to provide Insight into the best practices, organizational structure and types of audits performed by an Internal Audit department within the manufacturing industry.

David Shackelford is the Sr. Director of Internal Audit at Fossil, Inc. Fossil is a global design, marketing and distribution company that specializes in consumer fashion accessories that are sold in over 120 countries world-wide. Mr. Shackelford has been instrumental in establishing and growing Fossil’s Internal Audit function over the last eight years. Fossil has over 10,500 employees and has operations in over 30 financial reporting entities globally. Mr. Shackelford is responsible for all global internal audit activities for the company. Internal Audit focuses on evaluating internal controls of business processes and operational improvements and is also the Project Management Office for Fossil’s SOX404 compliance initiatives.

Mr. Shackelford has 19 years of internal audit and risk assurance experience in numerous industries including retail, wholesale, distribution, manufacturing, professional services, real estate, telecommunications, government, banking and healthcare. He has been active in the international and local chapter organizations of the IIA, including serving 4 years on the IIA’s Professional Issues Committee where he chaired and/or contributed to the composition of various white papers, practice advisories and revisions to the Standards. He also recently ended his sixth year of serving on the Board of Governors for the Dallas Chapter of the IIA. Mr. Shackelford is a CIA and CISA has a Bachelor of Business Administration with a major in Accounting from Stephen F. Austin State University

No Continuing Professional Education


CAST Meeting 10:30am - 11:30am
Registration begins at 10:00am

Risk Based Audit Plan
Albert Bazis, Director of Internal Audit, Dallas Area Rapid Transit

No prerequisites required

Objectives:  We will discuss the merits of a risk based approach to audit planning and demonstrate a risk assessment methodology that has worked at Associates, Ford Motor, and DART. We will also discuss how the results of the risk assessment are applied to develop the audit plan.

After graduation from Creighton University, Mr. Bazis joined Arthur Andersen & Co. where he was an Audit Manager. After leaving Arthur Andersen, he joined Associates First Capital Corp. (now Citigroup) where he was Senior Vice President of corporate audit. He is now with Dallas Area Rapid Transit (DART) where he is Director, Internal Audit. At both Associates and DART he has initiated COSO based audit approaches, using control self assessment (CSA) at Associates and a risk/control matrix approach at DART as the basic audit tools. Both the CSA and matrix approaches are interactive and start with business objectives and proceed to risks to objectives, risk ranking, and then to risk control. Also at both Associates and DART, an annual risk assessment model is applied to form a basis of the audit plan.

1 Hour Continuing Professional Education


Pre-Meeting 10:30am - 11:30am
Registration begins at 10:00am

Separating Fact from Fantasy –
What Auditors Really Need to Know & Do about Risk in 2012
Courtenay M. Thompson Jr., Courtenay Thompson and Associates

No prerequisites required

Objectives: Scandals and business failures in recent years have led to legislation and initiatives aimed at improving controls over financial reporting. Auditors are being encouraged to do risk based auditing. Consultants offer to help organizations document and assess their risks. But are these activities the remedy? Or are we chasing yet another illusion?

The purpose of this session is to provide a forum to discuss some myths about risk and risk appetite including:

  • how some results oriented auditing has helped management understand and manage certain risks.
  • practical risk driven approaches to enhance the effectiveness of auditors and management.

Courtenay Thompson provides training on fraud detection and investigation, and fraud awareness for managers. Courtenay also conducts training on audit interviewing, leadership, personal and professional skills and contract auditing. Other courses offer practical approaches to fraud in construction, contracting and procurement. With Rich Townsend he jointly offers a series of courses on control and audit of construction costs. Courtenay’s background prior to entering consulting includes internal auditing and investigation, and public accounting.

1 Hour Continuing Professional Education


Post-Meeting 1:30pm - 2:30pm

Why is ERM So Important to Today’s
Executive Management Team?
Christopher Mitchell, MBA, CIA, CISA, CCSA,
Director of Risk Management, Assurance and Advisory Services, Whitley Penn

Objectives:  Since the introduction of Sarbanes-Oxley in 2002, companies have been searching for a better way to manage risk that impact their businesses. Conducting an Enterprise-wide Risk Assessment can help pinpoint, analyze and remediate risks associated with technology, operations, regulations, environment, etc.

The purpose of this session is to provide a forum to help executive management and the internal audit professional better understand the ERM implementation process.

Chris Mitchell has over 17 years of risk management, finance and IT consulting experience. He has held the titles of Internal Audit Director, Senior Program Manager and Managing Consultant at various companies in industries including financial services, telecommunications, software development, manufacturing and government. Chris’ practice focuses on assisting clients with 404 implementations, Type I & II SSAE 16 audits, leading internal audit teams and making cost-effective recommendations to enhance internal controls, maximize efficiency and minimize exposure to loss and regulatory risk.

1 Hour Continuing Professional Education

 


Meeting Location

Cityplace Conference Center,
2711 North Haskell Street, Dallas, Texas 75204


View Larger Map

Preferred Method:

Place and confirm your reservation via the web site at http://www.dallasiia.org/Reserve_1211.htm.

Contact:
Pamela Krakosky
reservations@dallasiia.org

May 2015 Social Meeting Prices:

  • Dallas IIA Member $55
  • Other IIA Member or Non-member $65

NO WALK-INs will be allowed. Price includes up to 2 CPE and game ticket; there is no prorated price for attending just one of the meeting day sessions.

Reservations & Payment must be received by 5:00 PM on Monday, November 28, 2011.

Seminars -- SMART Series

Business Process Analysis in Complex Systems:
Getting Over The "I.T. Fear Factor"

Class size is limited!

Date: November 29, 2011 (Tuesday)
Time: 8:30 am – 4:30 pm; check in begins at 8:00 am
Location: DoubleTree (near the Galleria)
4099 Valley View Lane
Dallas, TX 75244
Cost:
Early Bird by November 4, 2011: $275
After November 4, 2011:  $350

Price includes training materials, continental breakfast, lunch, snacks and beverages.

Payment is due at time of registration. We recommend that you pay through PayPal to confirm your registration.

CPE Credits: 8
Overview: Ever wonder why I.T. seems to talk in “gibberish”? (“Our applications, why they are all REAL-TIME, NUCLEAR-POWERED, and we bounce signals off remote transponders on Jupiter.”) Yea, right! And, yet, when you really look at their apps … slowly and analytically, there really AREN’T so complex! Maybe we just need to DEMYSTIFY the seemingly mystical world of I.T.? So, how about we take a slow ride into the world technology … enabling an IT infrastructure and business applications. Along the way, we’ll discover this truism…
I.T. RISK = BUSINESS RISK

We will delve into 1) network architectures, 2) Public Key Infrastructure, 3) firewalls and scanning and 4) access controls/schemas. Additionally, let’s differentiate real-time from run time, database versus a base of data and edits versus validations. Then we’ll take typical business applications, like kiosks or phone apps, and look at the related business risks.

Another part of this course is Business Process Analysis (BPA) in complex systems. Here is the typical “groans list” of frustrations that Dr. Dan receives from Internal Audit managers regarding BPA, “Our audit staff doesn’t understand the process, focus on the critical processes/functions or focus on the essential controls.”

As applications become more automated, it sometimes becomes difficult for the auditor to “see the controls.” Further, if the dialogue between process audit and I.T. audit is not clear (and front-loaded) control opportunities may fall thru the cracks. Thus there exists the possibility of a disconnect between risk assessment and control assessment/testing. This course provides the capabilities, perspectives, tools, awareness and opportunities to have more comfort in BPA.

One outcome of this class is to be able to LOCATE embedded control opportunities (for invoking) and quantify business rules (for modeling) to allow for enabled automated controls/control testing/monitoring. This will result in a more sustainable Control Environment, Reduction in Business Risk, quick response auditing, stronger compliance and governance.

One conclusion we’ll reach from this course is … We’re All I.T. auditors now!!

This course is case-based. Computers are not necessary to bring to class.

Who should attend: ALL auditors: process, compliance, fraud/waste/abuse, I.T., SOX, efficiency, program, performance … anyone who has to ask the following questions: What does this process really look like? Where are the control points? Can this be audited faster … better … remotely? Is this “in” or “out” of control?
Prerequisites: No advance preparation is required
Course Outline:
  1. The Audit Process … A “Process” Focus
    1. Risk Assessment (the “dog”) and Sample Size (the “tail”)
    2. The Audit Risk Model and a Diagram of an Audit
    3. Radically different costs of evidence (by type)
    4. Shifting from Field work to Remote Telemetry
  2. Demystifying I.T.
    1. Network Architecture
      1. I.T. “Zones:” defense in depth
      2. Classic 3-tier design
    2. Public Key Infrastructure: Do you know a “secret?”
    3. Firewalls and the notion of “scanning”
      1. Outside-in versus inside-out traffic scanning
    4. Access Controls and User Schemas
      1. User roles/rights/privileges in a liquid world … CHANGE CONTROL!
    5. Let’s learn some I.T. concepts and terms and apply them in a business context
    6. What are the risks in a complex app?
    7. Business Process Analysis: it’s ALL about Controls!
      1. Can you “see” controls … present and working/present and not working/present and redundant … and MISSING?
      2. Documenting a process: Let’s learn GOOD flowcharting
      3. Could a parallel, undocumented, system be operating (off-the-grid)?
      4. How to get your arms around a technology-based process (real-time, paperless, human-less)
      5. Application controls (computerized AND manual)
    8. Can you STAY FOCUSED and concentrate on ESSENTIAL PROCESSES and CRITICAL controls (scope it down!)
  3. The Future of Controls … Embedded in the Apps (ERPs)
    1. A re-visit to great concepts: edits and validation controls
    2. Process-level controls IN the apps … they never sleep!
    3. SAP configurables and Oracle/PeopleSoft triggers
    4. Helping management: process optimization
  4. Control TESTING, not “reviews”
    1. Tests of Operating Effectiveness (TOEs) versus Tests of Design (TODs)
    2. Auditing around, thru, with and continuous) and dangerous assumptions
  5. All of this leads to an improved “Integrated Audit”
    1. The shifting sandbox of audit turf: we’re all IT auditors now! Yikes! Now we need the integrated audit.
Objectives: Upon completion of this course participants will be able to:
  • Enumerate the Audit Risk Model
  • Distinguish between costs of evidence
  • Recognize IT architecture “zones”
  • Discover how key-pair exchanges work
  • Differentiate levels of firewall/router “sniffs”
  • Determine how to restrict granular user access
  • Demystify I.T. phrases
  • Explain the business risks related to new technologies
  • Perform robust tests of controls
  • Recognize controls placed in operation versus operating effectively (and tests)
  • Decompose advanced business applications into understandable chunks
  • Perform process flowcharting
  • Consider remote testing for audit leverage
  • Improve
  • Recognize the assumptions in auditing around, thru, with and continuous
  • Explain the Internal Control trilogy.
  • Identify embedded controls IN the apps.
  • Explain the move towards continuous monitoring and assurance. Improve risk assessment with real-time data feeds.
Register: Seminar_Reserve_112911.htm. Please contact Pamela Krakosky at pkrakosky@verizon.net if you have any questions, or would like to be placed on a wait list.
Instructors: Dr. Dan Kneer is a rarity as he possesses rich knowledge of audit practice and audit education. He is "trained in training" … specifically he’s trained in training auditors. What makes Dr. Dan so well-equipped to work with auditors are his TWO PARALLEL CAREERS, with decades of on-board experiences in audit practice, teaching, theory and research.  Dr. Dan was the Director of Research of the ISACA and ran the largest Masters Program in I.T. Audit in the US for 15 years.  http://dankneer.com/about.html
Deadline: November 18, 2011 is the last day to register.  Payment must be received by this date to confirm your registration..
Cancellation: There is a $50 cancellation fee per registrant on cancellations between November 4 and November 18.  Refunds will not be granted after November 18, however, substitutions are permitted by notifying Pamela Krakosky.

Location:

DoubleTree (near the Galleria)
4099 Valley View Lane
Dallas, TX 75244


View Larger Map

Auditing Contracts – Auditing That Pays!

Class size is limited!

Date: February 16 – 17, 2012 (Thursday and Friday)
Time: 8:30 am – 4:30 pm; check in begins at 8:00 am each day
Location: UT Dallas (School of Management)
800 West Campbell Road
Richardson, TX 75080-3021
Cost: Early Bird by January 13, 2011: $425
After January 13, 2011:  $475

Price includes training materials, continental breakfast, lunch, snacks and beverages.

Payment is due at time of registration. We recommend that you pay through PayPal to confirm your registration.

CPE Credits: 16
Overview: This training is loaded with overcharge examples from a variety of contracts including IT, leases, research, as well as revenue contracts.
Who should attend: Audit executives interested in starting contract auditing for their  organizations.  Controllers committed to improving controls over contract activity.  Seasoned contract auditors interested in expanding the scope or enhancing effectiveness of their audits.  Auditors just beginning contract auditing.
Prerequisites: No advance preparation is required
Course Outline:
  • Understanding exposures in contracting
  • Contract audit findings
  • Determining contract audit objectives and strategy
  • Deciding what to audit
  • Audit Plan – A Preliminary Survey
  • Checklist for development of a contract audit program
  • Auditing costs
  • Common cost exceptions and how to find them
  • Defining costs
  • Case studies in auditing costs
  • Why controls over contracts break down
  • Gifts and entertainment related to contracting
  • Auditing technology contracts
  • Using technology in contract auditing
  • Revenue and sales contracts
  • Consulting, maintenance and research & development
  • Items to include in contracts
  • Fraud exposures in contracts
  • Applying the Five Step Approach to Fraud Detection· Ten items to include in your fraud policy
Objectives: Attendees will:
  • Understand the risks associated with contracting and contractors.
  • Learn how to partner with management on controlling contracts and mitigate losses.
  • Develop approaches to audit contracts for cost recovery.
  • Learn exposures for different types of contracts.
  • Discover how to maximize the return on the contract audit resource.
Register: Online Registration.  Please contact Pamela Krakosky at pkrakosky@verizon.net if you have any questions.
Instructors: Courtenay Thompson is a recognized authority on providing practical, proven approaches to real problems. These practical approaches have yielded dramatic results for class attendees.

Courtenay Thompson received his BBA and MBA degrees from Southern Methodist University and is a Certified Public Accountant. He is a member of the Institute of Internal Auditors, Inc., the American Institute of Certified Public Accountants, and the Texas Society of Certified Public Accountants.

Deadline: February 3, 2012 is the last day to register.  Payment must be received by this date to confirm your registration.
Cancellation: There is a $50 cancellation fee per registrant on cancellations between January 15 and February 3.  Refunds will not be granted after February 3, however, substitutions are permitted by notifying Pamela Krakosky.

Location:

UTD School of Management (SOM).  A map with directions to UTD can be found at: http://www.utdallas.edu/campusmap.html

Chapter News

IIA Research Foundation

The Research Foundation has recently issued a handbook entitled Evaluating and Improving Organizational Governance. Corporate scandals, distrust in organizational leadership, and stakeholders demanding more information, fairness, and direct action have heightened awareness of the need for greater governance. As an experienced internal auditor you know there is no one-size-fits-all governance model and no “blueprint” for what an organization’s governance structure should look like. A comprehensive, effective governance system will help you discover what it is that you didn’t know you did not know. This is why it is important that all personnel — from the governing board to the organization’s front line — use this handbook to ensure that effective governance exists.

Author Dean Bahrman, CIA, provides comprehensive information, including:

  • Building blocks such as defining objectives, goals, strategies, and risk management.
  • Outlining the legal requirements and governance codes.
  • An Organizational Governance Framework.
  • Identifying and defining the roles and responsibilities of key “players” in organizational governance.
  • More than 20 internal governance processes to provide basic criteria for evaluation.

The handbook also includes helpful appendices and suggested further readings. Whether your organization is big or small, public, private, or not-for-profit, this handbook is an important resource in providing guidance on fulfilling your governance responsibilities.

The handbook can be ordered online at http://www.theiia.org/bookstore/product/evaluating-and-improving-organizational-governance-1530.cfm (Item number 1074, IIA member price - $55.00, non member price - $67.00).


CIA Programs

Honoring Dallas Chapter New CIAs

Dallas Chapter Members completing their examination requirements in April - June of 2011 were honored on at the November 1st Dallas Chapter Luncheon. Congratulations to the following CIA’s (see picture attached to email).

 Congratulations to the following:

Certified Internal Auditor® (CIA®)
Adrienne Adame
Brandon Adel
Latoya Duncan
Damien Jones
 
Sheba Kuruvilla
Jeffrey Mathew
Matthew Neal
Jeff Odell
Kendy Reed
Nicole Reed
Craig Sonoda
Travis Swindle
Linh Truong

Review Course

The Spring CIA Review Course, led by Dr. Glen Sumners, will tentatively be held February 10-13, 2012, at the UT Dallas Naveen Jindal School of Management. Registration information will be available this summer. See website at http://dallasiia.org/Certifications.htm  for registration information as it becomes available.

Certification News from the IIA

Continuing Professional Education (CPE) Requirement Reminder

Three months remain in 2011 for certified individuals with even number IDs to earn the minimum continuing professional education (CPE) credits required for the 2010-2011 time period. All CPE must be earned by Dec. 31, 2011, and reported by May 31, 2012, to maintain an active certification status.

Certified individuals with odd number IDs should be proactive in earning their CPE throughout 2011 and 2012 to ensure they complete their minimum requirements by year-end 2012.

Take a moment and map out a path for meeting the necessary CPE requirements.

Enhancement Coming to IIA Certification Program

Coming in early 2012, an e-fulfillment process will enable the electronic delivery of certificates immediately to those who have achieved the certified status in any of The IIA’s five certification programs. Certified individuals will still have the option of ordering a paper certificate at no additional cost. E-certificates will also provide an added convenience for individuals needing documentation of their successful completion of a certification program.

This improvement enhances The IIA’s ability to effectively service participants in the five certification programs and efficiently streamline internal operational processes.

IIA Announces the Development of the Certification in Risk Management Assurance™ (CRMA™)

During The IIA’s Governance, Risk, and Compliance Conference in August in Orlando, Fla., IIA President and CEO Richard Chambers, CIA, CCSA, CGAP, announced that The Institute will offer a new certification enabling audit practitioners and other risk-focused professionals to demonstrate their ability to provide advice and assurance to audit committees and executive management on the existence and effectiveness of key risk management and governance processes within their organizations. The Certification in Risk Management Assurance™ (CRMA™) exam will be offered starting mid 2013.

Beginning in October 2011, qualified individuals with knowledge and experience in risk management assurance can apply for the CRMA before the exam launch through a “professional experience recognition” process. Additionally, The IIA will conduct a job analysis study to shape the final content of the exam. More information on the specifics of both of these processes will be available later this year.

In addition to The IIA’s premier CIA® designation, the CRMA will complement The IIA’s suite of specialty certifications, which include the Certified Financial Services Auditor® (CFSA®), Certified Government Audit Professional® (CGAP®), and Certification in Control Self-Assessment® (CCSA®). The CRMA exam ultimately will be translated into multiple languages and the designation offered globally. For more information about the new CRMA designation, visit www.theiia.org/certification/crma.

Frequently Asked Questions

Q: I haven’t received my certificate yet – where is it?
A: The IIA sends out certificates to a Dallas Chapter representative each quarter.  Those passing the exam between April and June 2011 should be received around July 2011.

If you do not receive your certificate by the above dates, contact the IIA’s certification department: certification@theiia.org, or call +1-407-937-1100.  In many instances, certificates are not received until the experience and education requirements are met.
Q: How do I register for the exam?
A: For more information, please visit the IIA’s website at http://www.theiia.org/certification/.
Q: When is the next CIA Review Course?
A: More details will be forthcoming, but keep checking the Dallas Chapter’s Certifications Website at http://dallasiia.org/Certifications.htm.

Membership Updates

The Dallas IIA Chapter would like to extend a warm welcome to our new members who joined the Chapter in September 2011:

October 2011 New Members
Annette Rangel
Ashly Perez Ballesteros
Benjamin Segars
Bill Fite
Brenda Allen
Bruce Lane
Cammera Heerwagen
Cecilia Arredondo
Chantal Tokerud
Cheryl Stewart
Christopher Collins
Christopher Pray
David Fink
Deepak Rajan
Diane Foote
Ganesh Ramaswamy
Grant Nowell
Harry Lee
Isaac Julian
James Scogin
Janice Aquino
Jeff Hemphill
Jessica Grigsby
Jorge Garcia
Kyla Thomas
Lily Ang
Lisa Conner
Margaret Schieffer
Megan Sherrod
Minhee Kim
Mitt Mehta
Muhammad Abedin
Paula Golac
Sara Mulatu
Sean McAloon
Shondra Fields
Steven Rose
Timothy Kramer
Yan Zhang

Please look for the monthly eNews (electronic newsletters) as a source of information for future events within the Dallas Chapter and other internal audit related news.  If you have any questions regarding your membership or need additional information about the Dallas Chapter, please feel free to contact the Membership Chair (membership@dallasiia.org).


12+ Free CPE Annually PLUS Free Training

As a member of The IIA, you have access to a free monthly Members-Only Webinar. The topics have included identity theft, risk, linguistic lie detection, and more.

How can chapters tie in these free CPE opportunities to chapter events? Consider holding a roundtable session the day after the Webinar to discuss the matter further. Or offer a panel session with professionals addressing the same subject matter as the Webinar. If you have other ideas on how to tie in the Members-Only Webinars, please let us know at ChapterRelations@theiia.org.

Here is the upcoming schedule of events - all WebEx sessions begin at 1:00pm EDT and last for 60 minutes, with the exception of the panel, which will be 90 minutes in length:

Date Topic*
Nov. 15, 2011 Third Party Risk Assessment
Dec. 13, 2011 Write it Right: Communicating Audit Report Findings
Jan. 17, 2012 Panel: Anti-Corruption Practices

*Note: Topic subject to change - please click here for access to the most current information.


18 Free CPE Credits for Members

For more than 67 years, Internal Auditor magazine has shared leading practices with internal auditors around the globe. Now in addition to supporting you in your career with print and online news and information, Internal Auditor is helping you earn CPE credit as well. With the release of each bi-monthly edition of the magazine, you have the chance to earn three IIA CPEs to support your IIA designations. Available to members for free, the online quiz takes your experience with the publication to the next level by testing your internal audit knowledge and providing valuable CPE credits.

Upon successful completion of the quiz, be sure to print/save your transcript for your IIA CPE reporting purposes.

Click here to access the quizzes online


2011 – 2012 Membership Participation Drive

Be Rewarded... For attending monthly IIA meetings!

WHO IS ELIGIBLE?
All Dallas IIA chapter members attending chapter meetings during September 2011 - May 2012

HOW DOES IT WORK?
Attend monthly IIA lunch meetings to earn a drawing entry (i.e., one drawing entry per lunch meeting).  Attend more meetings this year for more chances to win the grand prize!

WHAT ARE THE PRIZES?
  • The grand prize winner will receive… a brand new iPad!
  • Four runners-up will receive… a $50 Gift Card!!

Please contact your membership chair’s with any questions! 
Marc Doyle (marc.doyle@protiviti.com) or
Valerie Mitsynskyy (valentina.mitsynskyy@fedex.com)

** Winners will be announced at the May 2012 meeting; you do not need to be present to win.


2011 – 2012 New Member Appreciation Drive

Be Rewarded... For joining the chapter in the 2011 – 2012 year!

WHO IS ELIGIBLE?
All new Dallas IIA chapter members who joined the chapter from May 2011 - April 2012.

WHAT ARE THE PRIZES?
  • The grand prize winner will receive… a $100 Gift Card!
  • Two runners-up will receive… a $50 Gift Card!!

Please contact your membership chair’s with any questions! 
Marc Doyle (marc.doyle@protiviti.com) or
Valerie Mitsynskyy (valentina.mitsynskyy@fedex.com)

** Winners will be announced at the May 2012 meeting; you do not need to be present to win.


GTAG 16 Data Analysis Technologies

The IIA has released a new practice guide entitled “GTAG 16 Data Analysis Technologies.” This guide aims to help CAEs understand how to move beyond the tried and true methods of manual auditing toward improved data analysis using technology. After reading this guide you will:

  • Understand why data analysis is significant to your organization.
  • Know how to provide assurance more efficiently with the use of data analysis technology.
  • Be familiar with the challenges and risks that you will face when implementing data analysis technology within your department.
  • Know how to incorporate data analysis at your organization through adequate planning and appropriate resource structures.
  • Recognize opportunities, trends, and advantages of making use of data analysis technology.

To further assist CAEs and other individuals who use this guide, we also have included a detailed example of the application of data analytics to procurement control activities in Appendix A. Consistent with where most data analysis starts, these examples are largely focused on simple data matching and performance of automated system functionality used in providing assurance.


Interaction with the Board

The IIA has released a new practice guide entitled “Interaction with the Board.” The purpose of this practice guide is to assist the chief audit executive (CAE) in meeting the requirements of the International Professional Practices Framework (IPPF) as it relates to interacting and communicating with the board.

Boards and internal auditors have interlocking goals. A strong working relationship between the two is essential for the internal audit activity to fulfill its responsibilities to not only the board, but also senior management, shareholders and other stakeholders. This practice guide covers several activities, primarily accomplished through the CAE, that are key to an effective relationship between the board and the internal audit activity.


New Certification in Risk Management Assurance (CRMA) in Development

The Institute of Internal Auditors (IIA) will offer a new certification allowing audit practitioners to demonstrate their ability to provide advice and assurance to audit committees and executive management on whether key risk management and governance processes in their organizations are in place and effective. The Certification in Risk Management Assurance (CRMA) exam will be offered starting in mid-2013.

Beginning in October, qualified individuals with knowledge and experience in risk management assurance can begin applying for the CRMA prior to the exam launch exam through a “professional experience recognition” process. More information on the specifics of this process will be available later this year.

In addition to The IIA’s premier CIA designation, the CRMA will complement The IIA’s suite of specialty certifications which include the Certified Financial Services Auditors (CFSA), Certified Government Audit Professional (CGAP), and Certification in Control Self-Assessment (CCSA). The CRMA exam will ultimately be translated into multiple languages and the designation offered globally. For more information about the new CRMA designation, visit www.theiia.org/certification/crma.


Are You Connected?

Connect with the Dallas IIA and colleagues in the profession via social networking pages at the following links: Twitter, LinkedIn, and Facebook. Gain instant access to the latest chapter news and excitement!!

Follow us on LinkedInFollow us on FacebookFollow us on Twitter

Report Your Speaking and Writing

It's time again for the survey to determine which IIA Dallas Chapter members have submitted articles or spoken since October 1, 2011.  Each speaking engagement on internal auditing that a Dallas Chapter member completes will earn the Chapter 1 credit per CPD hour.  Each full article, Roundtable article, Fraud Finding, etc. submitted that meets basic editorial guidelines will earn 5 credits. For each full article published 20 credits are earned.  Each internal audit related article published in any other trade or professional journal that is authored by a chapter member is 5 credits.

To report your writing and speaking go to http://dallasiia.org/Speaking.htm and complete the provided form by November 30, 2011.

Employment Opportunities

Raytheon   (11/11/11)

Internal Auditor II

Raytheon is a technology and innovation leader specializing in defense, homeland security and other government markets throughout the world. With a history of innovation spanning 88 years, Raytheon provides state-of-the-art electronics, mission systems integration and other capabilities in the areas of sensing; effects; and command, control, communications and intelligence systems, as well as a broad range of mission support services. Raytheon has 75,000 employees worldwide and revenue of $25 billion in 2009.

Job Details

The Staff Auditor will provide independent and objective assurance services to Raytheon by bringing a systematic, disciplined approach to evaluate and improve the sufficiency and effectiveness of risk management, financial and operational controls, and governance. Conducts a variety of internal audits and offers process improvement solutions aimed at assisting management in attaining their goals and meeting their objectives. Provides advice and direction to other staff members. Develops audit findings, identifies root causes and offers recommendations to create positive change throughout Raytheon.

Staff Auditor responsibilities include:
  • Plan and perform independent audits and special reviews of Company functions, processes, business units, contracts and other activities to ensure reliability and integrity of information, proper recording of transactions, safeguarding of assets, compliance with policies and procedures, achievement of operational goals and objectives, and effective and efficient use of resources
  • Conduct interviews for the purpose of documenting and evaluating business processes to determine the adequacy of internal controls
  • Design and implement audit test programs to determine the adequacy and effectiveness of internal controls and compliance with regulations
  • Develop findings and make recommendations for inclusion in the audit report
  • Identify the root cause of specific problems, present practical recommendations to eliminate the root cause and the potential related effect
  • Meet with clients/stakeholders for the purpose of presenting audit findings and recommendations
    Participate in investigations
  • Review progress on work plan with audit management on a regular and timely basis; seek advice and counsel.
  • Demonstrate proficient written & verbal communication skills
  • Continue professional education
  • Provide advice and direction to internal audit trainees
  • Demonstrate a commitment to diversity
  • Travel up to 40% is required
Basic Qualifications and Education:
  • Bachelor's Degree in IS, finance, accounting, computer science or related field
  • Attained or working toward CISA, CIA, CPA
Required Experience
  • 2+ years experience in internal audit (preferably with a medium to large organization)
  • 2+ years experience in public accounting
Desirables
  • Experience in the Aerospace & Defense industry and government contracts
  • Demonstrates business acumen, problem-solving and political savvy
  • Self-motivated, organized, effectively achieves team and group goals
  • Working knowledge of internal audit methodology such as internal controls, fraud indicators, risk assessment, workpaper documentation, etc.
  • Demonstrates independent, objective, open-minded thinking during planning discussions and during execution of fieldwork. Challenges the work being performed, as needed, and maintains a professionally skeptical attitude during the execution of the audit
  • Begins developing change management skills by working with senior/experienced RIA members. Is able to conduct dialogues and partner with functions with the assistance of senior team members
  • Familiarity with Six Sigma principles
  • Experience with Sarbanes-Oxley, COBIT and COSO
  • Knowledge of MS Office Suite of products and Lotus Notes
Financial/Operational Audit Skills
  • Knowledge of finance, accounting, budgeting, and cost control principles
  • Familiarity of auditing standards
  • Practical knowledge of CAATS and general audit software
  • Experience in applying relevant technical knowledge in at least one of the following engagements: (a) financial statement audits; (b) internal or operational audits

Raytheon is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status, or any other protected factor.

Requisition ID: 19113BR
Relocation: Eligible No
Clearance Type: None / Not Required
Expertise: Accounting Finance
Type Of Job: Full Time Work
Location: TX – Dallas

Forward Resume To:

Craig.trammell@raytheon.com or eric.atwood@raytheon.com


Orth, Chakler, Murnane & Company, CPAs   (10/24/11)

Audit Position Open…

Orth, Chakler, Murnane & Company, CPAs is an accounting firm providing audit and consulting services to the credit union industry. Due to continued growth, we are looking for a quality, highly motivated professional to join our firm as auditor in our Plano, Texas office. We offer a competitive salary/benefits package with an excellent opportunity for advancement. Financial institution experience is a plus but is not required. Travel in Texas and other states is required

  • Bachelor’s degree or equivalent experience in related field.
  • Minimum three years audit, accounting, or financial institution experience.
  • Practical knowledge of processes, risks and internal controls.
  • Excellent verbal and written communication skills.
  • Strong analytical, deductive, and problem solving skills.
  • Excellent interpersonal and organizational skills.

Please email your resume to mkoehler@ocmcpa.com


Safety-Kleen  (10/3/11)

Sr. Internal Auditor

Safety-Kleen has an immediate opening for a Sr. Internal Auditor in Plano, TX. This individual will report to the Manager of Internal Audit, the Senior Auditor plays a key role within the Internal Audit team.  This individual adds value to business units, functions and departments by performing operational, financial and compliance audits, providing guidance on risk and related control activities, including control design and operational effectiveness, preparing reports for Internal Audit Management review.  The Senior Auditor collaborates with process owners and management and reports and / or gives presentations in a professional manner, working closely with Internal Audit Management.

This individual will be responsible for engaging in risk-based audits in complex/specialized processes and functional areas, preparing clear and concise audit documentation, including drafting findings and recommendations for improvement in selected areas within the organization.  The Senior Auditor works with Internal Audit Management and audit staff to assess the adequacy of internal controls in alignment with Company objectives. Completes assigned tasks with minimal supervision, and assists in coaching of peers to deliver quality work product, adding value to the department and company.

Responsibilities
  • Plans engagements by obtaining sufficient knowledge of the business and/or functional process under review.
  • Provides appropriate level of audit evidence and work paper preparation to support observations, conclusions, and recommendations.
  • Ensures projects are in compliance with established standards and methodology.
  • Conducts/organizes exit conferences with management following completion of review
  • Reports findings to process owners and managers and Internal Audit management.
  • Evaluates process needs and opportunities for improvement and performs appropriate follow-up.
  • Effectively utilizes information technology tools.
  • Projects a positive and professional image and serves as a professional role model for peers and others.
  • Assists the Internal Audit Manager in enhancing relationships with internal management and external auditors.
Qualifications
  • Bachelors Degree in Finance, Accounting or related field required.5+ years experience in external and / or internal auditing.
  • CIA and /or CPA certification required.
  • Sound project management skills as evidenced by performing multiple, simultaneous audits, or equivalent engagement/project experience.
  • Strong analytical skills and knowledge of IIA Standards and / or GAAP.
  • Direct experience performing financial, operational and / or compliance audits.
  • Excellent written and oral communication / presentation skills.
  • Excellent knowledge of Excel, Word, and PowerPoint required. Experience with Access, Visio, ACL, and / or SAP highly desirable.
  • Ability to travel at times with short notice, up to 10%

Interested candidates should go to www.safety-kleen.com/careers


Federal Reserve Bank of Dallas  (9/30/11)

JOB POSTING NOTICE
Federal Reserve Bank of Dallas

IT Auditor

LOCATION:  Dallas
JOB NUMBER #:  309
DEPARTMENT:  Audit
MINIMUM SALARY:  Market Priced

Primary Responsibilities
This position is responsible for auditing the processes, procedures and controls integrated into applications during development and in production; reporting on the state of compliance with policies, procedures and standards; and establishing and maintaining relationships with business units.  This position will also interact with various levels of management, other Federal Reserve System auditors, and external parties.

Responsibilities include:
  • Develop and execute audit objectives/procedures to assess controls for new or existing IT assets/systems/processes, including developing criteria, reviewing and analyzing evidence; identifying and defining issues; documenting work in compliance with standards; making sound recommendations to enhance controls and efficiency; and reporting on results.
  • Serve as auditor-in-charge of or assist on audit engagements.  As the auditor-in-charge, will direct and review the work of other audit team members to ensure compliance with departmental procedures and the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing.
  • Employ Federal Reserve endorsed risk assessment methodologies to gauge risks and drive work plans.
  • Review new and existing standards, regulations, guidance, best practices, policies and customer initiatives to maintain expertise and add business value.
  • Conduct data extraction, analysis, and security reviews utilizing software tools.
  • Interface with all levels of management to assess operations and communicate results.
  • Work with various groups to follow-up on issues until appropriately resolved.
  • Build business relationships and act as an audit subject matter expert in assisting business owners.
Job Requirements
  • Bachelor’s degree in Computer Science, Information Systems, Accounting/Finance, or a related discipline.
  • Experience conducting risk assessments.
  • Experience conducting SDLC reviews.
  • Experience with current legal and regulatory requirements and guidance related to information security (e.g., SOX, FISMA, NIST, NSA, FDCC, ITIL, etc.)
  • Proven ability to work on and lead audit engagement teams, devise and perform complex analyses, and prepare documentation which establishes objectives, issues, options, and recommendations.
  • Strong understanding of system security (Microsoft Windows Server/AD/XP/Vista/7, Linux/UNIX, SQL, Oracle, SharePoint and WebSphere platforms).
  • Strong understanding of IT controls, vulnerabilities, and assessment tools.
  • Excellent interpersonal skills and the ability to work effectively as part of a team.
  • Excellent written and oral communication and presentation skills.
  • Superior organizational and time management skills.
  • CISA, CISSP, MCSE, CPA, CIA or other related professional certification is a plus

Auditor

LOCATION:  Dallas
JOB NUMBER #:  310
DEPARTMENT:  Audit
MINIMUM SALARY:  Market Priced

Primary Responsibilities
This position is responsible for auditing the processes, procedures and controls within various business lines but with an emphasis in Financial Management; reporting on the state of compliance with policies, procedures and standards; and establishing and maintaining relationships with business units.  This position will also interact with various levels of management, other Federal Reserve System auditors, and external parties.

Responsibilities include:
  • Develop and execute audit objectives/procedures to assess controls for new or existing operational areas primarily in the Financial Management business line, including developing criteria, reviewing and analyzing evidence; identifying and defining issues; documenting work in compliance with standards; making sound recommendations to enhance controls and efficiency; and reporting on results.
  • Employ Federal Reserve endorsed risk assessment methodologies to gauge risks and drive work plans.
  • Serve as auditor-in-charge of or assist on audit engagements.  As the auditor-in-charge, will direct and review the work of other audit team members to ensure compliance with departmental procedures and the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing.
  • Build business relationships and act as an audit/internal controls subject matter expert in assisting business owners in the Financial Management arena.
  • Review new and existing standards, regulations, guidance, best practices, policies and customer initiatives to maintain expertise and add business value.
  • Conduct data extraction, analysis, and security reviews utilizing software tools.
  • Interact with all levels of management to assess operations and communicate results.
  • Work with various groups to follow-up on issues until appropriately resolved.
Job Requirements
  • Bachelor’s degree in Accounting or a related discipline.
  • Working knowledge of Lawson Financials Software or extensive knowledge of generally accepted accounting principles.
  • Experience conducting operational, financial and IT audits.
  • Experience conducting risk assessments.
  • Working knowledge of Sarbanes-Oxley legislation and associated public accounting standards.
  • Proven ability to work on and lead audit engagement teams, devise and perform complex analyses, and prepare documentation which establishes objectives, issues, options, and recommendations.
  • Strong understanding of financial and operational controls, vulnerabilities, and assessment tools.
  • Excellent interpersonal skills and the ability to work effectively as part of a team.
  • Excellent written and oral communication and presentation skills.
  • Superior organizational and time management skills.
  • Experience with Lawson Financials, PeopleSoft, or ImageNow a plus.
  • CIA, CPA, CISA or other related professional certification is a plus.


This page was last updated on Thursday, February 19, 2015 at 03:22 AM PST.

For problems or comments concerning this information,
please contact the webmaster@dallasiia.org

© 1998-2015 Dallas Chapter Institute of Internal Auditors
P. O. Box 261747, Plano, TX 75026-1747


This page was last updated on Thursday, February 19, 2015 at 03:22 AM PST.

For problems or comments concerning this information,
please contact the webmaster@dallasiia.org

© 1998-2015 Dallas Chapter Institute of Internal Auditors
P. O. Box 261747, Plano, TX 75026-1747



Follow us on LinkedInFollow us on FacebookFollow us on Twitter
Social Media Policy

AUDIT LINKS

theiia.org
The Institute of
Internal Auditors

Fort Worth Chapter
of the IIA

http://som.utdallas.edu/iaep
UT Dallas
School of Management
Internal Auditing
Education Partnership

UTD Students Chapter

itaudit.org
IT Audit Forum

auditnet.org
Audit Net


North Texas Chapter
of ISACA

Information Systems Audit
and Control Association

Dallas Chapter
of ACFE

Association of
Certified Fraud
Examiners

aicpa.org
American Institute of
Certified Public Accountants

cpadallas.org
Dallas Chapter
of TSCPA

Texas Society of CPA's


Dallas Chapter
AGA

Association of
Government Accountants

HOME ~ MEETINGS ~ SEMINARS ~ REGISTRATION ~ LEADERS ~ CAREERS