June 2020 Detroit IIA Newsletter

Read the latest edition of the chapter newsletter with information on exciting events and happenings within the Detroit chapter.

THE INSTITUTE OF INTERNAL AUDITORS DETROIT
CHAPTER VIRTUAL MAY CHAPTER MEETING
TUESDAY MAY 12, 2020 @ 3 PM – 5:15 PM

JOINT MEETING WITH THE INSTITUTE OF MANAGEMENT ACCOUNTANTS
ALSO, 2020-2021 IIA DETROIT CHAPTER BOARD ELECTIONS WILL BE HELD

THE STATE OF MICHIGAN’S ECONOMY
Scott Darragh, Economist, State of Michigan Department of Treasury

Scott Darragh has been an economist with the Office of Revenue and Tax Analysis (ORTA) in the Michigan Department of Treasury since 1999.  His work includes providing revenue and legislative analyses on many parts of Michigan’s tax system, focusing on the individual income, sales, use, and tobacco taxes.  Prior to ORTA, Scott worked as a tax policy advisor for the Michigan House of Representatives and as a pension analyst for two Detroit-area benefit consulting firms.  From 2004 through 2012, Scott was an adjunct lecturer in economics at the University of Michigan – Flint where he taught more than thirty courses. Scott received his B.A. from the University of Michigan - Dearborn, M.A. from Wayne State University, and Ph.D. from Michigan State University.  Scott and his wife Kendel have two daughters.

FEDERAL ECONOMIC OUTLOOK ~ THE IMPACT OF COVID – 19
Paul Traub, Senior Business Economist, Federal Reserve Bank of Chicago

Paul Traub currently holds the position of Senior Business Economist at the Detroit Branch of the Federal Reserve Bank of Chicago where his responsibilities include both research and current analysis.  Prior to joining the economic research department of the Chicago Fed, Traub was the president of Scenario Economics LLC and senior economist for Americas Commercial Transportation Research Company, LLC (ACT Research).

Traub retired in 2008 from the position of corporate economist with 25 years of service at Chrysler LLC.  He worked in Chrysler's corporate economist's office for over 17 of those years where his responsibilities included tracking the economy and forecasting its impact on North American auto sales; supporting new product development; and speaking to auto dealers and numerous professional organizations.  His speaking engagements have included the Michigan and Ohio Governors' Councils of Economic Advisors, the Society of Automotive Analysts Automotive Outlook Conference, the Forum on Global Energy, Economy and Security (The Aspen Institute) and the Bear Stearns Global Transport and Logistics Conference.  Traub currently is on the board of directors of the Detroit Association of Business Economists; is a member of the National Association of Business Economists and the Detroit Economic Club; is on advisory boards for Lawrence Technological University College of Management, Baker College of Flint Business School and the U.S. Army TACOM LCMC; and has served as an adjunct faculty member at Oakland University in the School of Business. He holds a B.B.A. from the University of Michigan - Dearborn and an M.B.A. from Oakland University.

Watch

Free Webinar: AUDITING CLOUD PROVIDER

Date: 5/21/2020   Time: 12 to 1pm  CPE Credit(s):1
Presenter: Rajiv Das, Principal Plante Moran Management Consulting

Cloud migration is on the top of the “To-do List” for CIOs and CISOs for the current year, especially with the COVID-19 pandemic which has created a new norm of remote work for majority of the work force. Transition and reliability on the organizational compute, storage and network needs are shifting from on-premise to cloud.

CISOs and Cybersecurity leaders have an important role to play in advising the business leaders/CIOs for the selection of an appropriate cloud provider and ensuring that they meet the cybersecurity needs for the organization. Cloud provider business agreements are time consuming to finalize, have multi-year obligations and hence they require appropriate due diligence.

In this webinar, Rajiv will discuss the following aspects of auditing cloud provider:

• Preparation for Cloud Provider audit
• Organizational readiness for transition
• Framework and key artifacts for auditing
• What happens after audit?

Watch

Chapter’s 2020-2021 Officers and Board of Governors.

On behalf of the IIA Detroit Chapter’s Nominating Committee, we present the nominations for Chapter’s 2020-2021 Officers and Board of Governors.

We Would Like To Hear From You

Share an Audit Innovation

Dear Detroit IIA Members,

We hope everyone is doing well during this time and staying healthy.  We are working on our Spring Newsletter.  We would like to include a section to capture innovative and effective ways that our members have approached their audit and risk management goals during this challenging time, in addition to keeping motivated and connected. We would like you to share approaches, tools, techniques, etc. We would also like to learn about how you addressed these emerging risks and what new controls and policies you've implemented.  

Please take a brief survey to help us with this section in our the upcoming newsletter.  To help make sure your response is considered, we would appreciate your response by Thursday, April 30, 2020.   We will compile the results and include some of our favorites in the Spring Newsletter next month.

 We hope everyone continues to keep healthy and safe!

Take Survey

Sincerely,

The Detroit IIA Board of Governors

Karen A. Muglia, 2019/2020 Chapter President

2020 IIA ISACA Spring Training Virtual Sessions

The Detroit Chapters of the IIA and ISACA are committed to our members and are proud to co-sponsor the 2020 Virtual Spring Training Event. Due to the need to cancel our onsite Spring Training Event, we are now offering our sessions online from Tuesday, April 14, 2020 through Friday, May 22, 2020

Register today!  Space is limited so registrations will be accepted on a first-come, first-serve basis.  Registration for each course will close at 8 am two business days prior to the start of each virtual course.

Click here to Register
View Virtual Schedule

Recorded​ Detroit IIA Webinar: 

How Your Hiring Practices Make the Talent Gap Worse

Dr. Joe Adams joins us to address an important topic on hiring practices in light of the cybersecurity workforce gap. As the founder of the Michigan Cyber Range, Dr. Adams has significant experience in workforce development and training.

The webinar discusses the huge gap between the supply and demand of qualified talent in the cyber security industry. This gap is estimated to be almost 3 million unfilled jobs around the world, with almost half a million of these in the US alone. The gap’s impact is most apparent as organizations struggle to keep up with increasing government regulations, system complexity, and expanding attack surface. Dr. Joe Adams will look at some of the causes of the gap and how companies can change their recruiting and retention policies to fill positions with the right people.

This webinar is designed not only for the CAEs but all members of the Board of Directors for both private and public companies.

Bio:

Dr. Joe Adams, is a retired Army officer, former CIO, and founder of the Michigan Cyber Range. Joe retired as a Colonel from a 26 year career in the US Army Signal Corps, which included diverse assignments such as designing networks for NATO, teaching hacking at the US Military Academy (USMA), and building security programs as the Chief Information Officer of the National Defense University. After retiring, he joined Merit Network and built the Michigan Cyber Range, before starting his own company, Cyber By Design, and focusing on helping companies address their strategic cybersecurity issues. Throughout his career, he has been an innovative force for technological and cultural change in the organizations he works with.

Joe earned a B.Sc. in Computer Engineering from Syracuse University and a M.Sc. in Computer Systems Engineering from the University of Arkansas. He earned his Ph.D. in Computer Engineering from Virginia Polytechnic Institute and State University, where his research focused on network security in mobile ad-hoc networks. He also is a CISSP and a Senior Member of the IEEE.

Watch Download Slides

​Recorded Detroit IIA Webinar: 

THE FUTURE OF TALENT ACQUISITION FOR INTERNAL AUDITORS

A month ago, we were all begging for talent. Any warm body that could come close to doing the job we were ready to talk to. Now, a few weeks later the entire industry might have been flipped upside down. The reality is, for Internal Auditors, the demographics are still not on our side! We will still need a robust recruiting and talent attraction strategy to fill the jobs and skill shortages we have currently, and that are increasing as more and more talent retire. Tim Sackett, is an expert in talent acquisition technology, recruiting execution, and author of the best-selling book the Talent Fix. In this session he will show us what world class organizations are doing to attract talent to the most hard to fill jobs across the world, and how some simple changes can have a huge impact in how we communicate to potential talent in getting them to want to come to work for you. Right now is when we prepare for hiring what’s next. Great organizations increase their talent during difficult times, so that they can take advantage of the upswing like no one else. Having the right tech stack and strategy in place will make all the difference.

Bio:

Tim Sackett, SHRM-SCP, SPHR is the President of HRU Technical Resources a leading IT and Engineering Staffing firm headquartered in Lansing, MI. Tim has over 20 years of combined Executive HR and Talent Acquisition experience, working for Fortune 500 companies and he has his Master’s degree in HR Management. Tim is a highly sought-after international speaker on leadership, HR Tech, talent acquisition and HR execution. Tim is currently a Senior Faculty member with the Josh Bersin Academy. 

Tim is the author of the best-selling SHRM published book, “The Talent Fix: A Leader’s Guide to Recruiting Great Talent”. He also writes every day at his blog the Tim Sackett Project and over at Fistful of Talent. Tim is married to a hall of fame wife, has three sons, and his dog Scout. In 2019, he was named a Top 10 Global HR Influencer by Workforce Magazine, and the #8 Influencer Globally on Recruitment. He has more Twitter followers than his 3 GenZ sons combined, which they love to point out (@TimSackett). He is a lifelong workplace advocate for Diet Mt. Dew fountain machines and he considered the world’s foremost expert on workplace hugs.

Register View Slides

Recorded Webinar: Leveraging NIST’s Publications to 

Build Cybersecurity Audit Programs

As a continuation to last month’s webinar where Jeff Sisolak discussed how to leverage the National Institute of Standards and Technology (NIST) library to assist in planning and development of audit strategy, this month’s topic will cover select NIST publications which provide details on how to assess cyber security controls. Whether you are an IT Auditor, Audit department leader, business manager or just personally interested in understanding IT and Security best practices, this webinar will touch on specific actions to help assess related policies, practices and procedures. Armed with this information, risk and control assessments can be developed or enhanced to help organizations align with regulatory, professional and/or industry expectations for proper and secure information technology controls.

Bio:

Brad Barton is the owner of Century Governance, Risk, Compliance and Security (GRCS), a consulting company specializing in assessment of Information and Security policies, practices and procedures. He has over 30 years of experience leading multiple information technology operations and support roles. He is the past Global Director of IT Governance, Compliance, Controls and Security for Lear Corporation where he provided company-wide leadership in the analysis of IT risks and implementation of related controls. This assignment included global IT Security responsibility where Brad led the implementation of the company’s security policies, practices and awareness initiatives. Brad also was Lear’s Global IT Audit Director with responsibility for world-wide IT audit activities and reporting. Other responsibilities previously held include an IT leadership role for a customer support function headquartered in Paris, France, and world-wide responsibility for Lear’s global voice, data and video communications network. Prior to Lear, Brad was responsible for global infrastructure, communications and IT services at Johns Manville corporation.

Watch
Download presentation

Recorded Webinar: Seeing the Risk Management Forest for the

Trees

The National Institute of Standards and Technology or NIST has issued a comprehensive library of special publications related to cyber security, risk, and their own risk management framework. The framework is compulsory for Federal systems but also gaining popularity in commercial enterprises because they are free, ubiquitous, and often necessary for doing business with government entities anyway. However, the sheer volume of this body of work can be daunting. While thoroughness and precision can be an asset, it can also make it difficult to see the forest for the trees.

This presentation will define the foundational elements of any meaningful cyber security risk management program using the NIST Special Publications (SP) as a guide, with an emphasis on what it means for the internal auditor. It will cover the more common documents such as 800-37, and 800-53. It will cover more obscure documents such as SP 800-18, SP 800-60 vol. I & II, and other related documents not published by NIST. It will conclude with tips and techniques for any cyber security risk management audit program, regardless of the actual framework in use.

Watch View Slides

The Institute of Internal Auditors (IIA) Detroit Chapter 2020

Scholarship Award Announcement

• Academic achievement of a minimum 2.8 GPA overall (transcripts required*)
• Participation in extra-curricular or volunteer activities
• Actively enrolled in a college/university in pursuit of a degree (part- or full-time)
• Any business major (undergraduate or graduate)
• Winners must be present at the Tuesday, April 14 meeting of the IIA Detroit Chapter monthly meeting held at VisTaTech Center, Livonia, MI
• Winners must complete a W-9 Form prior to payment

Qualified candidates should prepare a 300 – 500 word essay (double-spaced) on the following topic:

What are the most important soft skills internal auditors need to develop to be successful in today's business environment, and why?

Students are encouraged to contact industry specialists for advice and counsel.

Please submit your qualifications and essay to the Scholarship Award Committee at by Monday, March 30, 2020.

Awards will be presented at the Detroit Chapter IIA Meeting on Tuesday, April 14, 2020 held at VisTaTech Center, Livonia, MI at 4:30PM.

Building a Vulnerability Management Program Webinar

Join Erik in talking about building a thriving vulnerability management program that focuses on improving business risk through refocusing efforts on the vulnerabilities that matter most.

Vulnerability Management is one of the most important, but least sexy, components of an Information Security program coming in at number 3 on the CIS Top 20.  Despite its criticality, many organizations fail to get a program off the ground leading to low hanging fruit for attackers.  Overwhelming volumes of vulnerabilities, lack of asset visibility and missing foundational components to support a vulnerability program are just a couple of reasons programs fail.

Watch

Download slides

2020 Member Survey

All IIA Members - please complete the 2020 Member Needs Survey by January 12, 2020.  This survey provides valuable feedback to the IIA on how to best meet the needs of our members and our chapter.

 You should have received an e-mail from the IIA (with Member Needs Survey in the title) which contains a direct link

December 2019 Detroit IIA Newsletter

Read the latest edition of the chapter newsletter with information on exciting events and happenings within the Detroit chapter.

Presentation Slides from Dec Meeting 2019 Chapter Meeting


Technology's Impact On Fraud Schemes: What You Need to Know Download


California Consumer Privacy Act
Download

1-hour Webinar (On-Demand) for Michigan Specific Ethics

Anytime through June 30, 2021 On-Demand One (1) CPE Credit Cost: Free!

In addition to the 2-hour free webinar on Ethics held on November 20, 2019, the IIA–Detroit Chapter is sponsoring an additional hour of Michigan Specific Ethics 2019-2021 for our chapter members that are licensed CPAs. We have partnered with the Michigan Association of Certified Public Accountants (MICPA) to provide this 1-hour On-Demand webinar training.  We have purchased 50 seats to participate in the webinar and will provide the course access code (and a webinar link) to member registrants after registration is complete.  Our chapter will have to provide a list of registered members to the MICPA to regulate participation up to the maximum of 50 students.

Photo from the November CAE Roundtable 2019

IIA Detroit Chapter Ethics Webinar

Photos from the Nov 2019 Meeting

Webinar: To FAIR or not?

There are several ways to get the risk assessment wrong. If the risk is considered a “thing”, and not a “quantity”, we probably got it wrong. Werner Enterprises adopted the FAIR (Factor Analysis of Information Risk) framework to perform quantitative risk assessment of information security and operational risk. Dave will walk the audience through their process of adopting FAIR, what worked, what didn’t and the lessons learned as they go through their risk management journey.

Presentation Slides from Oct 2019 Chapter Meeting

PwC’s 2019 State of the Internal Audit Profession Study

Photos from the Oct 2019 Meeting

Photos from the Sept 2019 Meeting with Richard Chambers

Recorded Webinar: Following the Digital Investigative Trail.

How Digital "Currency" is Exposing a Wealth of Information to Investigators.

Presentation Slides from September 2019 Chapter Meeting with

Richard Chambers

Fall 2019 Tentative Program Schedule Detroit IIA Chapter

President's Message

I am honored and grateful to be the incoming President for the IIA Detroit Chapter and I’m very proud of our role and achievements. The Detroit Chapter has a 76-year history of promoting the internal audit profession, providing excellent educational programs to members, giving support for certifications, and providing meaningful networking opportunities for members. With increasing risks and ever-changing technology, the IIA is more relevant today than ever, ​and Internal Auditors play a vital role in protecting organizational value and are agents of positive change...

Eloise L. Bradley Distinguished Service Award

The Awards Committee is seeking nominations for the 2020 Eloise L. Bradley Distinguished Service Award ...

Internal Auditor of the Year Award Nomination Form

We are seeking nominations for the 2020 Internal Auditor of the Year award...

IIA Rock Star of the Month

This awards committee is seeking nominations from Detroit Chapter IIA members each month for the Rock Star of the month award for the 2019 – 2020 chapter year. ...

June 2019 Detroit IIA Newsletter

Read the latest edition of the chapter newsletter with information on exciting events and happenings within the Detroit chapter.

Chapter’s 2019-2020 Officers and Board of Governors

Meet the Chapter’s 2019-2020 Officers and Board of Governors

We Have a New E-Mail Address!

Our new e-mail address is Chapter2@iiachapters.org. Please use this e-mail address to send correspondence to our Chapter Administrator, Amber Dunn-Egerer. You will also be receiving meeting invitations, newsletters, and other Detroit IIA communications from this e-mail, so please set this as a known address so that it does not go into your spam account.