Morning IT Session:
Project Management and Quality Assurance – How to Effectively Audit Large Projects and System Implementations
Larry Hessney, CIA, CISA, PCI
QSA, and Sanath Rajapaskse, PMP, CISA Freed Maxick CPAs, P.C.
The typical organization initiates complex projects, including large
implementations, in an effort to design and implement improved business
processes and state-of-the art technology that
streamlines and optimizes the business and supports future growth. The promise of new technology by vendors is
exciting, so the company chases visions of huge improvements in efficiency and
effectiveness. . However, studies show
that even today, most major projects and system implementations are severely
troubled by issues including: cost
over-runs, long delays, failure to realize the desired benefits and major
disruptions to the business.
Internal Audit is frequently asked to provide assurance
services over large projects, frequently new technology system
implementations. This presentation will
focus on how Internal Audit can add the most value in helping the organization
meet its objectives for these projects in terms of realizing:
Business Outcomes (benefits
Project Outcomes (on time, on budget)
Control Outcomes (reduce risk,
Some of the leading practice areas that we will touch upon
Auditing Project Governance and PMO’s
Effective Project Management
Risk and Issue Management
Effective Data Conversion, Data
Role-based Security and SOD
System Development Life Cycle
Larry is a managing director (partner) leading the Risk and Technology Consulting practice of Freed Maxick in Western New York, where he is actively involved in leading several PCI, IT Security, IT Audit, SSAE 16, Internal Audit and System Implementation engagements. Larry has significant experience working with over 100 clients on IT Security, PCI, HIPAA, SSAE 16, SOX and Internal Audit engagements, including working the following industries: Healthcare, Insurance, Banking, High Technology (Software and Services), Manufacturing and Business Process Outsourcing.
• 15 years of experience with Public Accounting and Consulting firms including Pricewaterhouse Coopers, Arthur Andersen and Freed Maxick.
• 17 years in manufacturing and software industries.• 15 years as Adjunct Faculty with the State University of New York.• Bachelor of Arts – Dartmouth College
• Masters of Business Administration – University of Rochester Simon School of Business
Sanath is a Principal in the Risk and Technology Consulting practice of Freed Maxick in Western New York, where he is actively involved in leading several ERM, IT Security, IT Audit, SSAE 16, Internal Audit and System Implementation engagements. Sanath has significant experience working with over 80 clients on PMQA, IT Security, SSAE 16, SOX and Internal Audit engagements, including working the following industries: Banking, Healthcare, Insurance, Government, High Technology (Software and Services), and Business Process Outsourcing.
• 14 years of experience with Public Accounting and Consulting firms including KPMG and Freed Maxick• Certified Project Management Professional from the Project Management Institute• Certified Information System Auditor from ISACA• Bachelor of Science – State University of New York, studies at U. Buffalo and Empire State
Fraud & Fraud Detection
Brian Lafountain, CPA, CFE, and Timothy Ball, CFE, The Bonadio Group
Lafountain, CPA, CFE and Tim Ball, CFE are experienced fraud investigators
within the financial and accounting industry.
They will provide training on the updated statistics and industry
standards of fraud and fraud detection, while adding current case studies and
their own personal experiences along the way.
They will provide insight on the use of fraud interviews, data analytics
and other forms of testing to identify, analyze and calculate both the total
value and impact of financial fraud.
Brian is a Partner of The Bonadio Group and leads the Bonadio Fraud and Forensics Accounting and Litigation Support Team. He joined Bonadio in 2006. Prior to joining Bonadio, Brian spent several years in public accounting with Ernst & Young and Grant Thornton, as well as spending time in the internal audit functions for Xerox Corporation and the Rochester City School District. In his tenure with Bonadio, Brian has provided a wide variety of forensic accounting, auditing, fraud investigations, litigation support, expert testimony and internal auditing services to a wide variety of public and private corporations in several industries. In addition, Brian has provided operational consulting and management advisory services for several county governments in New York State as well as consulting services for New York State directly. Brian received his B.S. degree in Accounting from LeMoyne College in Syracuse, NY. Brian is a Certified Public Accountant and a Certified Fraud Examiner. Brian is a member in good standing of the American Institute of Certified Public Accountants, the National Association of Certified Fraud Examiners, and the Rochester Chapter of the Institute of Internal Auditors.
Tim is a Manager in the Bonadio Fraud and Forensics Accounting and Litigation Support Team of The Bonadio Group. Tim currently provides a wide array of consulting, forensic and auditing services for the Fraud and Forensics team. Tim specializes in providing forensic examination and consulting support for both criminal and civil litigation. He is an expert in designing on-site examination programs to both identify and uncover fraud. In addition, Tim has been a consultant to local governments and not-for-profits for assistance in strengthening their internal control structure and detecting and deterring fraud.
Tim received his B.S. degree in Accounting from Alfred University. Tim is also a Certified Fraud Examiner (CFE) and a member of the National Association of Certified Fraud Examiners and the Western New York Certified Fraud Examiners Association.
§ Location: Comfort Inn
& Suites, 6701 Buckley Rd., Syracuse, NY 13212 - Directions inside The Dispatch.
Registration/Coffee & Pastries 9:00 – 9:30 AM
IT Session 9:30 AM –
Lunch 12:15 – 1:00 PM
Fraud Session 1:00 – 3:00 PM
§ Cost: All Day / One Session
(includes buffet lunch)
IIA Members $75 / $50
Non-members $85 / $60
Students / Retirees
$60 / $35
§ CPEs—5 CPEs in the field
of Auditing (3 CPEs for IT session; 2 CPEs for Fraud session)
§ R.s.v.p. by April 13,
2016 to Lynn Wilber at email@example.com or 315.471.5656 x 7498
Pay by credit card or check (same price) made out to IIA CNY mailed to: Lynn Wilber Columbian Financial Group P.O. Box 1056, Syracuse, NY 13201-1056 Cancellation after April 13 incurs the cost.