Navigate Up



 John Carroll Symposium

2/29/2016 8:00 AM
2/29/2016 4:30 PM
John Carroll |  

Northeast Ohio Institute of Internal Auditors


John Carroll University - IIA Symposium

Monday, February 29, 2016

Internal Audit – Auditing Matters (8 CPEs)

Register Online at JCU Symposium

Directions:      John Carroll’s Dolan Center is located northeast of Fairmount Circle.

Exit I-271 at Exit 32 (Cedar Road Exit). Then, go west on Cedar Road and turn left onto

South Belvoir Boulevard to the JCU campus (approximately 3/4 miles).

The conference will be held in the Dolan Center for Science and Technology located at the Main Entrance of the University.

(See maps below or visit for additional details.)

Parking:          Parking is available in the lots located adjacent to the Dolan Center

Cost:                Full Day All Sessions (8 CPEs)                    $100

Full Day – Including Ethics Session               $140

(Feel free to invite your friends to join us!) Registration: Online at JCUSymposium​

Cash & Checks will be accepted at the door. (We would really encourage payment by credit card on Cvent). NO credit card payments will be accepted at the door.

Make checks payable to the Northeast Ohio Chapter, Institute of Internal Auditors tax ID # 23-7405461.

Make checks payable to the Northeast Ohio Chapter, Institute of Internal Auditors tax ID # 23-7405461.

Please mail all check payments in advance of the meeting to:

Yvonne Horn

P.O. Box 91204

Cleveland, Ohio 44101

NEO IIA – Event Refund Policy

Refund requests must be received in writing (via email) at least 24 hours in advance of the event. If that requirement is met, a complete refund will be granted. Please include name, mailing address and reason for not being able to attend.

As we understand schedules and commitments are dynamic and can change with little notice, we will also consider refunds on a case by case basis provided the request is received in writing (via email) within 24 hours after the event is held. A full or partial refund may be granted minus any applicable event fees (meals, processing, etc.) as some fees are not recoverable.

Please Note: Individuals registering for an event, but not pre-paying, will be asked for payment in full if they are a “no-show” to the event. This is due to final numbers and payments being made based on registrations through Cvent.

7:30-8:15        Breakfast & Registration

8:15-8:30        Kickoff & Announcements

8:30-12:00 Classes 12:00-1:00 Lunch

1:00-4:30        Classes

1:00-4:00        Ethics Class

Session Calendar






Track 1

Track 2

Track 3









Session 1:


Federal Reserve Bank of Cleveland

Scrum for Audit


Cloud Strategery –
Benefits and Risks

Embrace Your Inner
CEO: A Guide to
Becoming More





Session 2:



Real Estate
Construction Audits

Plante Moran

Dale Carnegie
How to Become a
People Person



Session 3:



IT Audit Hot Spots – Building your Audit Approach
to Technology Risk

CPA Ethics
Professional Standards
and Responsibilities





Session 4:



A Practical Approach to
Data Analytics

Embedding Data
Analytics into Internal

CPA Ethics
Professional Standards
and Responsibilities

Scrum for Audit

Internal audit departments throughout the world have become increasingly focused on providing valued audit services that are efficient, collaborative and risk-focused. At the Federal Reserve Bank of Cleveland, we have found that in order to do this effectively amidst rapidly changing business, technology and risk environments, we needed a more agile approach to performing audits than what we have used in the past. Operating under the premise that each audit is its own project, we explored alternative methods of project management and how these methods could be applied to improve the audit process. In partnership with Bank colleagues familiar with various project management techniques, we assessed our needs and adopted an Agile methodology for project management known as Scrum, typically used for software development, and modified it to fit our audit process. We have found Scrum to be a simple and flexible approach to auditing that promotes teamwork and more efficient use of resources.

This presentation describes how the Internal Audit Department at Federal Reserve Bank of Cleveland leverages an Agile methodology for project management known as Scrum to conduct audits as an alternative to more

traditional audit approaches.

After the session, you will have an understanding of:

·         The Scrum approach to managing projects and how it can be applied to the audit process

·         The elements, artifacts, and roles/responsibilities associated with Scrum for Audit

·         The benefits of Scrum for Audit from the perspective of the auditor-in-charge, audit manager, and audit clients


Jeff Campbell, CIA Audit Manager

Larecia Bonner

Internal Auditor

Focus areas include Law Enforcement, Cash Operations, and Financial Support Services

Terry Bingham, CIA, CISA, CRMA, CCSA

Senior IT Auditor

Focus areas include Information Technology, Information Security, and Treasury Services

Yvonne Lewis-Wilson, CFE

Internal Auditor

Focus areas include Enterprise Risk Management, Facilities, Statistics, and Office of the Corporate Secretary

Cloud Strategery – Benefits and Risks

Cloud computing is a model for enabling convenient, on-demand access to a shared pool of configurable computing resources, like software, platforms, storage, infrastructure and services that can be rapidly provisioned and released with minimal management effort or service provider interaction. Studies have shown that businesses taking advantage of productivity-enhancing cloud services grow almost 20% faster than their counterparts that don’t. But while cloud usage produces efficiencies, it also can increase the risk a company will face. Do you know if your employees, contractors or business partners store your confidential company data, social security numbers, tax ID numbers, credit card numbers, debit card numbers, patient diagnoses, medical treatments, medical record IDs, bank account numbers, financial records, business plans, source code, or trading algorithms in a cloud file-sharing service? Is shadow IT a problem for your organization? Come on – be honest.

Gary will provide an overview of the cloud landscape and lead a discussion on the following topics:

·              Risks using the cloud

·              Security and Compliance in the Cloud

·              Shadow IT

·              Cloud Access Security Broker and Cloud Service Broker

Finally, Gary will provide information as to what all companies should ask of a potential cloud provider BEFORE they engage them for services.



Gary Sheehan is the Chief Security Officer and Director of GRC Services for ASMGi. ASMGi provides a variety of IT and security solutions that enable organizations to meet their goals and objectives. Gary has over 30 years experience in information technology with over 25 years of experience in information security, specializing in GRC integration, security management, compliance, policy and awareness development, and security program governance. Throughout his career Gary has worked for and with a number large companies in the banking, insurance, diversified industrial, healthcare, manufacturing and chemical industries. He has successfully executed large, global security projects and implemented enterprise-wide security programs at a number of companies.

Gary is a past President of the Northern Ohio Members Alliance of InfraGard and Founder and Executive Director of Information Security Summit. Gary has a Bachelor’s degree in Business Administration from Baldwin-Wallace College and is a 2006 graduate from the FBI Citizens Academy.

Embrace Your Inner CEO: A Guide to Becoming More Strategic

The business landscape is changing rapidly with digitalization, the globalization of commerce, big data, the “internet of things” and disruption in nearly every industry. In order to become more agile on behalf of our employer as well as to develop in our own careers, it is imperative that finance professionals up their game strategically.

In this session we will learn how to think and act more strategically, even at a time when our existing roles have become more demanding.

In a series of hands-on exercises, we will explore these topics:

1.     Why becoming more strategic is important for you.

2.     Understanding the business strategy of your company, division, department and role.

3.     Developing a strategic mindset.

4.     Aligning your work to support the strategy.

At the conclusion of the session you will have a framework for developing a strategically oriented career, and will be positioned to contribute to your employer’s success in a more meaningful and impactful way.


Randy J. Samsel, MBA


arch Founder and President, Randy has worked in the recruiting field for 25 years. He started eSearch in 1998 along with his business partner Ray Camma. Locally, he has served as President of the Cleveland of Society of HR Managers and on the board of the Northern Ohio HR Planning Society and the board of Towards Employment. Randy also writes career and talent management articles for the eSearch blog.

Randy started his career with Parker Hannifin and spent two years in their internal audit department.


University of Pennsylvania- The Wharton School- MBA

Tri-State University- Bachelor's Degree

CPA (inactive) Ohio and Texas

CMA (inactive)

Raymond A. Camm



Search Founding Partner, Ray Camma has been recruiting Accounting, Finance & Human Resource professionals since 1996. Ray brings 17 years of experience recruiting professionals & executives in the Northeast Ohio area.


Eastern Michigan University- Masters in Educational Leadership

John Carroll University- Secondary Education Certificate

Mount Union College (now University Mount Union)- BA English and BA Physical Education


Prepare for an overview of real estate construction auditing. First we start with the basics, as the terminology used is not part of a normal vocabulary for auditors, such as General Conditions, Fast Track, and Value Engineering.

Next we will cover the different contract types and what distinct risks each of them bring, and why auditing clauses in contracts are so important.

By far the audience favorite is the section on fraud and abuse. Shocking what the average over billings are for construction projects that have been audited. John will highlight stories of construction fraud published, intertwined with his own experiences with abusive billing practices noted during his 20 years auditing commercial properties. We will cover the red flags on how to spot fraudulent situations and relationships. We will go over real life examples that the audience can relate to, including case studies to further expose participants to real forms and reports.

Based on decades of experience, John will share with you his accumulated statistics of the categories of where overbillings hide, and the notable shift over the years from one category to another. The common practice of general contractors overbilling for construction projects has lead to regulations to protect the federal government from deceitful practices, but those regulations do not protect commercial owned projects. Knowing where to look and what to look for is what protects most organizations undergoing construction projects. Do you know what to look for?


John Croy – Senior Director

RSM US LLP (formerly McGladrey)

John is the national leader of real estate construction auditing for the firm, and has a passion for his work that is clearly evident when presenting on the topic. Before becoming an auditor of construction projects, John worked for a large global construction company so he has been on both sides of an audit. He has experience auditing the construction of small banks, billion dollar stadiums and everything in between.

Graduate of University of Idaho BS Accounting and MBA Professional Certifications – CPA (Idaho) CIA, CFE, CCA

Scott Fair – Director

RSM US LLP (formerly McGladrey)

Scott is the Risk and Advisory Services leader for Ohio representing all risk services offered by RSM, specializing in internal audit co-sourcing and SOX projects. Scott has experience leading IA functions of Fortune 600 companies, and serving IA departments of all sizes including Fortune 25 companies to start­ups. He has a wide range of industry experience, with strong concentration of consumer products and automotive clients. Scott is also responsible for managing engagements utilizing resources in the 110 countries that RSM is located.

Graduate of the Ohio State University

Professional Certifications – CPA (Ohio), CIA

Post-Acquisition Integration

Jack will discuss the process and factors to a successful integration of internal controls to your company following an acquisition. He will discuss the nuances of internal controls integration and financial reporting considerations in domestic and foreign markets. The goal of the session is to help you better understand the unique needs of an acquired entity from an internal control perspective, how to ensure financial reporting integrity, and gain comfort (internally and with your auditors) over the controls at a newly acquired entity.



k Kristan, CPA, CIA, MBA Senior ERS Manager

Jack is a senior manager on the Plante Moran Enterprise Risk Services team with over thirteen years (ten with Plante Moran) of global Sarbanes Oxley, internal audit, and finance experience. He manages implementations and recurring management testing of SOX for global manufacturing, healthcare, and real estate clients. Jack leads multiple middle-market client’s internal audit function by developing risk assessments, annual audit plans, internal audit engagements, foreign corrupt practices act reviews and other consulting assignments. In addition to his domestic work experience, Jack has spent significant time working in the UK, Europe, and Asia.

How to Become a People Person

For those of you who don’t know who Dale Carnegie is, he wrote a world-famous book called How to Win Friends & Influence People. It made publishing history as the most widely published non-fiction book of the 20th century, and it has been named the most influential business book of the 20th century.

Marilee is going to teach us some of Dale Carnegie’s principles that can help us build better relationships and influence people on our teams, with our clients, and with our personal relationships as well.



ee MacAskill has been a training consultant with Dale Carnegie Training since 1995, both in Cleveland, Ohio and Grand Rapids, Michigan. She a certified instructor of the Dale Carnegie Course and the advanced High Impact Presentations Program. She holds two international sales awards from Dale Carnegie & Associates, and is regularly among the top in sales in the state for the company.

Prior to joining the Cleveland Dale Carnegie staff in 1995, MacAskill was Vice President, Account Supervisor for Griswold Eshleman Advertising & Public Relations in Cleveland. She handled such accounts as the Royal Dirt Devil Vacuums, Anchor Hocking glass, and American Harvest.

Why does she love Dale Carnegie Training? "I took the Dale Carnegie Course as a young assistant account executive of 24 years old. This course helped me propel my career quickly, by increasing my confidence, my client service and presentation skills, and my ability to handle the stress of a high-pressure environment. I was named Vice President at a large Cleveland agency by the age of 30, due to the skills that the Dale Carnegie Course helped me develop. I wanted to help others achieve more of their potential, and lead richer and fuller lives, and that’s that we do at Dale Carnegie!"

Marilee has a Bachelor of Science in Business Administration in Marketing from Bowling Green State University (1986). She also participated in the Disney College Program while at BG, and is a 2012 graduate of the Disney Leadership Excellence seminar. She resides in Bay Village with her family, and is involved as a member at Bay Presbyterian Church and as a board member for Youth for Christ of Greater Cleveland, as well as an associate board member for Sales & Marketing Executives of Cleveland.

IT Audit Hot Spots – Building your Audit Approach to Technology Risk

Companies continue to face major challenges and risks related to protecting their data and systems. Threats and vulnerabilities, new requirements for risk management, and the push towards new technologies drive Internal Audit to heighten its focus on addressing technology risk.

Experis will present on recent Chief Audit Executive survey findings on technology issues to address in their audit approach and audit/IT audit planning. Further, we will discuss an approach to Technology Risk Assessment supporting all audit efforts.

Attendees of this session will learn how to:

-    Identify and analyze emerging risk areas that Chief Audit Executives anticipate focusing on the

next 6-12 months

- Develop audit approaches deploying best practices regarding technology and information concerns

-     Drive value in addressing technology risks and focusing future audit efforts through a
Technology Risk Assessment

Speaker Bio:

Danny Shaw – CDP, PMP, HISP

National Practice Leader, Experis IT Risk Advisory Services

Mr. Shaw has over 30 years’ experience in technology and security risk management. He has provided business systems and related accounting technology services to companies including the largest professional services firm in the world, fortune 500 companies, and industries including banking, manufacturing and healthcare. Danny has led business consulting efforts for global and municipal organizations including speaking on technology risk management on multiple client roundtable and industry related events.

Danny is the National Practice Leader for IT Risk Advisory Services at Experis. Danny and his teams focus on IT audit, risk management and process improvement for business systems solutions, information security, and privacy compliance. Danny’s team has been recognized for delivering value on information security assessments and controls relating to information technology environments and eliminating or minimizing the impact of unplanned interruptions and ensuring the continuity of critical business services.

Danny has been published in Compliance Week, Business Continuity and Internal Auditor. Danny additionally serves on the HISP -Holistic Information Security Board since 2005 and Children’s Healthcare of Atlanta Community Board since 2006.

A Practical Approach to Data Analytics

This presentation is designed to help auditors bridge the gap between data analytic theory and application. The emphasis of this presentation is to discuss real world application of using data analytics to save time, improve efficiency, reduce risk exposure, add value, motivate team members, comply with best practices, detect potential fraud, and create new opportunities. We will take a hands on approach for several audit scenarios and show how analytics can be applied to achieve these objectives.



Steven Zapolski is a certified internal auditor with an MS in Accounting. He has over 9 years of experience working as an auditor and in his current role as a market development manager with TeamMate has insight into the audit processes of companies across a range of industries. Steven has experience with a range of audit analytics tools including TeamMate Analytics, ACL, CaseWare and SPSS. Steven is active in the IIA and is presenting serving as treasurer for his local chapter.

Embedding Data Analytics into Internal Audit

Companies today are collecting, sharing and creating more data than ever before, thus changing the audit landscape and forcing audit departments to adapt. Incorporating analytics within the audit process provides audit teams with the tools necessary to stay relevant, provide insight and perspective on areas of greatest risk, and drive impactful resolutions to issues. However, incorporating analytics requires audit teams to answer tough questions: "Where do we start?", "What tools should we use?" and "How do we interpret the data?" Building a strategic analytics program will address these questions and greatly increase audit's ability to effectively use data in making decisions and performing assessments.

This presentation will focus on topics such as:

·         Using analytics throughout the audit process

·         Building an analytics strategy

·         Overcoming barriers in using data

·         Analytics tools and techniques

·         Visualizing analytics


Jennifer Morgan is a Manager in PwC's Risk Assurance practice specializing in utilizing data analytics within internal audit. She has more than 10 years of internal audit and Oracle experience and

concentrates in performing control assessments and using data analytics to evaluate complex environments, improve business functions, streamline audit and business procedures, and ensure adequate compliance. Jen has worked with clients in building analytics strategy and through the

assessment of application and business controls during system implementations and compliance activities. Jen graduated with an accounting degree from the University of Akron and an MBA from Baldwin Wallace College. She also sits on the Board of Directors for the Northeast Ohio ISACA Chapter

and has CISA and CGEIT certifications.

CPA Ethics Class

Professional Standards and Responsibilities

Satisfy the Accountancy Board of Ohio's three-hour professional standards and responsibilities requirement to become a CPA, or get an update for the experienced CPA while fulfilling the ABO's professional standards requirement. This course is presented through lecture and group participation using short ethical dilemmas and is recommended for any professional seeking an update on ethical shifts.

Professional Standards and Responsibilities - Set and manage ethical expectations in all aspects of your career while fulfilling the ABO’s professional standards requirement. Improve your understanding of how societal shifts in moral and ethical behavior are changing systems, processes, and impacting decision making in business today. Integrate ethical concepts and crosschecks into your training, auditing, tax, and financial reporting procedures.

Designed for all CPAs licensed to practice in Ohio and exam passers, this course covers the unique ethical shifts in Ohio.


Tiffany Crosby