Pre-Conference Workshops - Monday, September 14

W1 Strategies for Better Audit Report Writing

Monday, September 14
9:00 AM – 5:00 PM
One-Day, 8 CPEs
Alec Arons, Founder, Alec G. Arons Consulting

Audit reports can significantly lose their effect if not written well and presented in an easy-to-read format. But getting to that beautiful report stage can be painful. This full-day report-writing workshop is a fresh take on stale report writing. Using real issues from companies, the focus is on how to write effective, succinct issues and how to create reports that get noticed. Not only will managers spend less time editing reports, but auditors also learn techniques to reduce that lengthy report writing stage.

This workshop focuses on writing skills. It will help auditors at all levels refine their writing skills and brush up on the basics. The course provides instruction on all aspects of effective writing that applies to any audit or business-related documents. You will learn techniques for organizing information and ideas and strategies for achieving clear, concise, and complete communication. Together we'll explore how to help one another improve writing and achieve a consistent voice in writing between all audit teams. We will look at the methods to improving communication both during and after fieldwork that contribute to an overall shorter report writing stage.

  • Writing challenges and considerations
  • Knowing your audience and writing for them
  • Plotting the report at the beginning of fieldwork
  • Methods for consistent client communication
  • Key differences between causes, conclusions, and evidence
  • The difference between issue, symptom, and root cause
  • Reporting root causes: positive vs. negative wording
  • Writing strong business risks
  • Using action verbs to create change
  • Keeping recommendations SMART12
  • Using recommendations for issue follow-up

Post-Conference Workshops - Thursday, September 17

W2 Building an Agile, Customer-Focused Internal Audit Function

Thursday, September 17 
12:30 PM – 5:00 PM
Half-Day, 5 CPEs
Alec Arons, Founder, Alec G. Arons Consulting

While the coronavirus crisis brings with it a special set of conditions and challenges for companies and internal audit functions, it highlights the need for internal audit to become more agile and enabled to adapt to rapidly changing circumstances. If internal audit is to add value at companies where operations are innovating and adopting new technologies at mind-boggling speed, it must also embrace change, explore promising new technologies, and develop a mindset of innovation.

In this half-day workshop we will look at how to transform the internal audit function into a more nimble, agile function. We’ll look at how to think of audit stakeholders as customers and work backward, using principles of Design Thinking to look at how internal audit can be transformed into a more customer-focused entity that meets the needs and expectations of various stakeholders.

  • How well we are meeting expectations and what can we do to improve?
  • How to respond to rapidly evolving and emerging risks
  • How to start thinking of stakeholders as customers
  • Agile internal audit meets Design Thinking
  • Reshaping customer interviews and interactions
  • Identifying changes in customer expectations and reacting accordingly
  • Facilitation and brainstorming techniques
  • Building the imperfect beast - prototype
  • Rethinking the internal audit function

W3 The Internal Audit Value Chain: Aligning IA and Organizational Strategy

Thursday, September 17
12:30 PM – 5:00 PM
Half-Day, 5 CPEs 
Jonathan Ngah, Principal and Internal Audit Director, Synergy Advisors

There are six links in the Internal Audit Value Chain that when all executed properly and working together can elevate internal audit and provide great value to the organization. They can act as a blueprint for building a successful and robust internal audit function. The first link in the Internal Audit Value Chain, and perhaps the most critical, is strategic alignment. It is vital to align the strategic direction of the internal audit function with the overall strategy of the organization and the priorities of the business units.

Misalignment between internal audit and the enterprise-wide strategy is all too common and is at the root of many recent corporate blunders that have resulted in costly and embarrassing public scandals and reputational damage. When internal audit or other assurance functions and business units have different or misaligned approaches to executing the strategy, disaster is often not far behind.

This workshop will cover the eight primary reasons why strategic misalignment occurs and how management and internal auditors can resolve those imbalances when they do occur.

  • Improving communication to combat lack of awareness of organizational goals and strategy
  • Understanding the cost of strategic misalignment with business unit priorities
  • Identifying and resolving competing priorities between internal audit initiatives and organizational strategyEvaluating existing policies and procedures with an eye toward aligning strategic direction
  • Identifying and mitigating risks from a strategic alignment perspective
  • Internal audit’s role in improving “tone at the top” and ending a business-as-usual attitude
  • Developing adequate metrics and key performance indicators, and providing ongoing monitoring and oversight

W4 Conducting an Internet of Things (IoT) Risk Assessment

Thursday, September 17
12:30 PM – 5:00 PM
Half-Day, 5 CPEs 
Jason Claycomb, Founder and Cybersecurity Lead, INARMA, LLC

As IT auditors, we've audited mainframes, servers, applications, and many other IT devices and systems for years and have become proficient in determining the reasonable effectiveness of a company's suite of controls to safeguard them. Today, a new breed of interconnected devices, affectionately called the Internet of Things or IoT, is presenting new auditing opportunities along with a few challenges.

The Internet of Things (IOT) is growing dramatically in organizations. Are you ready for all these devices to be connected to your network? This workshop will help the security professional or IT auditor build and conduct a risk assessment for these devices.

  • What are IoT connected devices? How they differ from other devices that connect to networks?
  • How do these devices connect to your enterprise network and how do I identify them
  • What the common threats and vulnerabilities relating to these devices
  • What controls we can deploy to these devices
  • Tips for performing an IoT Audit
  • Understand Industry 4.0 and smart manufacturing
  • Evaluate network connections related to IoT devices
  • Evaluate data gathered and communicated by IoT device
  • Review device configuration and managementndicators, and providing ongoing monitoring and oversight

Post-Conference Workshop - Friday, September 18

W5 Conducting Operational Audits

Friday, September 18
9:00 AM – 5:00 PM
One-Day, 8 CPEs
Hernan Murdock, VP, Audit Division, MISTI

Achieving organizational goals requires more than meeting compliance requirements. Financial results often show the impact of operational weaknesses long after they have damaged the organization’s products and services. To succeed in today’s challenging environment, organizations must build and run their programs and processes efficiently and economically. Furthermore, effectiveness is only possible when goals are clear, and strategy and execution are aligned.

  • How to plan and perform operational audits
  • Ways to identify and assess opportunities to increase efficiency, effectiveness and economy
  • What methods, skills and tools are most effective during operational audits
  • How to collect and analyze operational data and information
  • Techniques to identify the cause of process breakdowns
  • Common failure points in programs and processes