Navigate Up



 August 2019 Full Day Seminar

Chapter Training
8/16/2019 8:00 AM
8/16/2019 4:30 PM
GM Financial Fort Worth | Texas

Cyber Security is the highest risk and at the top of the minds of C-suite members at every company. This course will provide a practitioner’s viewpoint for both audit and cyber security professionals. Beginning with underlying fundamentals of cyber security, then going step by step through the primary focus areas, risk prioritization and key audit steps, this is a course for any auditor wanting to learn how to address cyber security as a key audit risk.
Who Should Attend: Auditors who want a better understanding of cybersecurity, key risks and audit considerations (NASBA Field of Study: Information Technology)
Learning Objectives:
·         Select and implement a cybersecurity framework
·         Understand how to audit a cybersecurity framework and key risks to consider
·         Develop a prioritized remediation plan for your cybersecurity risk assessment

      I.        Overview/Key Terms
    II.        Primary Focus Areas
a.   Protection
                                      i.        Top 4 Control Frameworks
                                     ii.        PCI DSS
                                    iii.        ISO 27001 / 27002
                                   iv.        CIS Critical Security Controls
                                    v.        NIST CSF (Cybersecurity Framework)
b.   Detection
                                      i.        Technical Controls designed to discover the occurrence of a cybersecurity event in a timely manner
                                     ii.        Review Examples of Detection Capabilities
c.    Response
                                      i.        Crisis Management
                                     ii.        Incident Response
d.   Recover
                                      i.        Resilience
1.    Business Continuity
2.    Disaster Recovery
   III.        Continuous Improvement
a.   Cyber Security Strategy Review
  IV.        IT Risk Management
a.   IT Risk Prioritization
b.   IT Risk Register
c.    Executive Reporting
   V.        Key Audit Steps

Auditing AI/RPA (Two Hours)
As technology continues to evolve, organizations continue to look for ways to become more efficient and effective.  Many companies are utilizing Artificial Intelligence and Robotic Process Automation to do this.  Auditors have to understand all emerging technologies and key risks associated with each.  This session will take attendees through the basics of auditing these new technologies.
Who Should Attend: Auditors who want a better understanding of AI and RPA, key risks and audit considerations (NASBA Field of Study: Information Technology)
Learning Objectives:
·         Understand what is Artificial Intelligence and Robotic Process Automation
·         Understand Key Risks associated with each
·         Learn about a simple approach to auditing AI and RPA and just about anything!
Succession Planning (Two Hours)
The loss of valuable leadership can cripple a company. Business succession planning is essentially preparing successors to take on vital leadership roles when the need arises. It is essential to the long-term survival of a company. Every company should have a form of succession planning in its portfolio as it is not the expected absences that can cripple a company, but the unexpected ones.
Whether it is preparing someone to take over a position of leadership in a corporation, or the sole proprietor of a small business, Business Succession Planning will teach you the difference between succession planning and mere replacement planning. How you prepare people to take on the responsibilities of leadership so that the company thrives in the transition is just as important as picking the right person for the job.
Who Should Attend: Professionals that are looking for a deeper understanding of succession planning and direction and how to apply in their current roles (NASBA Field of Study: Business Management & Organization)
Learning Objectives:
     Create a plan, assign roles, and execute the role in your company plan
     Define business succession planning and its
     Lay the groundwork to develop a succession plan
     The importance of mentorship
     Define and use a SWOT analysis to set goals
     Communicate to develop support and manage change
     Anticipate obstacles, and evaluate and adapt goals and plans
     Characterize success
Who Should Attend: Auditors who want a better understanding of cybersecurity, key risks and audit considerations (NASBA Field of Study: Information Technology)
Speaker Bios
John Sapp, CISSP, CGEIT, CRISC, HCISPP, is currently the Global Information Security Officer at Orthofix International, a global medical device company focused on improving patients' lives by providing superior reconstructive and regenerative orthopedic and spine solutions to physicians worldwide.
John is a seasoned, visionary and strategic global Information Security professional, Data Privacy and IT Risk Management executive with 30 years of combined in-depth cross-industry experience, which includes (among others):
·                        Healthcare (Clinical Trials, Payer, Provider and Technology Solutions Vendor)
·                        Financial Services (Consumer Banking, Investment Banking and Insurance)
·                        Management Consulting
·                        Telecommunications
John has worked at many highly-regarded organizations throughout his 30+ year career, including Oracle, McKesson, Cap Gemini and Coopers & Lybrand.  John is also a first cousin of NFL Hall of Famer Warren Sapp.  John is a celebrated leader in his field.  He has been honored for his leadership and ingenuity in information technology, including:
·         2013 ISE Nominee Information Security Executive of the Year (Healthcare) North America Region
·         2013 ISE Celebrated Information Security Executive of the Year Central Region
In 2012, John was one of 25 professionals awarded the  TBS Cyber Security Visionary Award.  Additionally, in May of 2012, John was one of 65 cybersecurity industry leaders invited to The White House in May 2012 to discuss the National Strategy for Trusted Identities in Cyberspace (NSTIC).
Danny M. Goldberg is a well-known speaker on internal auditing and People-Centric Skills. Danny co-authored People-Centric© Skills: Communication and Interpersonal Skills for Internal Auditors, via Wiley Publications.  This is the first book published specifically to address the wide-ranging topic of communication skills for internal auditors.  It has been offered through the IIA and ISACA bookstores since July 2015 and has sold over 2,500 copies (through 2017).
Danny has over 21 years of professional experience, including five years leading/building internal audit functions.  Danny was named as one of the Fort Worth Business Press 40 Under 40 for 2014.  He has published numerous articles in trade magazines, including:
·         HFTP Journal: Practice Ethics (November 2014)
·         The Audit Report (Critical Thoughts on Critical Thinking, June 2013) – Cover Article
·         ISACA Journal (The Missing Piece: Optimized Interpersonal Skills, Volume 3, 2012)
·         Dallas Business Journal (The Yes Man Phenomenon, January 2011)
Danny is also accredited as the Professional Commentator of the Bureau of National Affairs - Internal Audit: Fundamental Principles and Best Practices (Professional Commentator).  This book was authored by renowned audit scholars Curtis C. Verschoor and Mort A. Dittenhofer – co-author of Sawyer’s Internal Auditing.
Mr. Goldberg has been recognized as a top speaker at numerous events over the past five years, including:

·         Top Rated Speaker, 2016 IIA/ISACA GRC Conference
·         Top Rated Speaker, 2016 ISACA CACS Conference
·         3rd Ranked Speaker, 2015 IIA All-Star Conference
·         One of the Top Rated Sessions, 2015 IIA GAM Conference
·         8th rated speaker – 2015 MISTI AuditWorld
Mr. Goldberg is a very active member of the Institute of Internal Auditors, both at a local and national level.  Leadership roles include:
·         Current IIA Dallas Chapter Board Member
·         Former IIA Fort Worth Chapter Board Member (2014-17)
·         Current IIA Dallas and Fort Worth Chapter Programs Committee Co-Chair (for the past three years)
·         Member of the IIA North America Learning Solutions Committee, 2014