Navigate Up

​Member Benefits for Training and Events

The IIA offers numerous benefits for members:
  • Members-only rates on conferences, seminars, and executive development through Vision University can save you hundreds of dollars.
  • Exclusive monthly Members-only Webinars are part of your core membership benefits and provide you with CPE units without ever leaving your desk or paying additional fees.
  • Members-only rates for other specialty webinars and self-study courses provide easy access to advance your knowledge from the convenience of your own desktop.




 Events in This Chapter


Topic: Third-Party Cyber Risk

Unearth the Hidden Risks Buried Among Your Vendors & Suppliers

Who is at risk? Customers, Vendors, business partners and others who have access to one or more of a company’s information systems or facilities, store confidential entity information on their systems or otherwise transmit information back and forth between, or on behalf of the entity.

Kelly Felder, CISSP, Enterprise Security Assessment Specialist at TSC Advantage.

Mrs. Felder is experienced with third-party risk management and vendor assessments as part of TSC Advantage’s Enterprise Security Team. In this role, Mrs. Felder specializes in Internal and External Business Operations, which includes the analysis on information security programs and third-party risk management. Mrs. Felder holds her Master’s degree in High Technology Forensics from the University of Baltimore and is a Certified Third-Party Risk Professional (CTPRP) and Certified Information Systems Security Professional (CISSP).


Topic: Cyber Security and Machine Learning - an atomic combination

Cyber Security and Machine Learning - an atomic combination. This unique discussion co-presented by two subject matter experts from Capital One’s world class Internal Audit Department will provide an overview of key cybersecurity concepts, emerging threats and mitigation strategies merged with an overview of cutting-edge security considerations when deploying Machine Learning, as well as basic concepts in the field. After this innovative must-see presentation, the attendees will be able to articulate main concepts in both Cyber Security and Machine Learning, preparing the attendee for providing valuable assurance well into the 21st century.

Randi Kieffer is a Vice President in Capital One’s Corporate Audit Services. She is responsible for cybersecurity within the Information Systems audit practice. She provides cybersecurity expertise and oversight as Capital One continues to implement its forward-thinking technology strategy. Prior to joining Capital One Randi spent 12 years with the Department of Homeland Security in various cyber leadership roles. She served as the Deputy Director of the National Cybersecurity Communications & Integration Center, the Federal Government’s main cybersecurity center for protection, prevention, incident response and recovery. Previously, Ms. Kieffer served as the Chief Information Security Officer for the Transportation Security Administration working to shift the agency from a compliance emphasis towards a more operationally and cybersecurity focused agency. Ms. Kieffer holds a M.A. degree in Computer Fraud Investigations and a B.A. Degree in Criminal Justice with a minor in Computer Science from The George Washington University. She also possesses a Master’s Certificate in Project Management, and is a graduate of the Senior Executive Fellowship program from the Harvard Kennedy School for Executive Education.

Andrew Clark is a Principal in Machine Learning Audit for Capital One. At Capital One, Andrew is establishing approaches for auditing and interpreting machine learning algorithms along with building machine learning tools to optimize the audit process. He has designed, built and deployed a continuous auditing infrastructure across 17 global manufacturing subsidiaries for a publicly traded manufacturing conglomerate, built a consolidated Data Mart off the AICPA Audit Data Standards and built a multi-domain Active Directory Data Mart for streamlining the logical access audit process. Mr. Clark received a B.S. in Business Administration with a concentration in Accounting, Summa Cum Laude, from the University of Tennessee at Chattanooga and an M.S. in Data Science from Southern Methodist University. His primary research focus is the application of advanced statistical and computational techniques to create value-added financial auditing solutions with the use of open source software, primarily in the Python ecosystem. Mr. Clark is passionate about bringing the best of the open source and data science communities to auditing in order to shift the auditing paradigm from a reactive to a proactive posture. An avid conference speaker, Mr. Clark has appeared as a speaker at MISTI ITAC 2016, ISACA NACACS 2017, MISTI ITAC 2017 conferences presenting on open source audit analytics, machine learning, and emerging technologies.

1/15/2018 - 2/5/2018

2018 CIA Part 2 Prep Course by CIA Lead Facilitator Raven Catlin, CPA, CIA, CFSA, CRMA

When:   Every Monday & Thursday from January 15th – February 5th

              Class meets at 4:30pm – 6:30pm (ET)

Where: Online

Price:    $800*

*includes CIA training materials and online access for Part 2 CIA exam prep system



Are your vendors the path of least resistance to the next data breach?

Session Overview:

Companies are moving more of their data to third party cloud providers every day. The likelihood and impact of data breaches is increasing, with no signs of slowing down. Companies spend hundreds of thousands of dollars on audits of internal people, processes and technology but barely skim vendor SOC reports, if they get them at all. It's time internal auditors start taking a closer look at the significant risk exposure third party service providers present to their company. In this session we will describe the current landscape of vendor management and why much of what companies are doing isn't working. Additionally, we will breakdown what SOC 2 reports really are, introduce recent changes to the guidance, as well as incorporating details from recent high-profile data breaches and their applicability to the SOC 2 controls. Lastly, we will give a series of tools and techniques for effectively reviewing SOC 2 reports so you can get past the fluff and be in a position to challenge vendor control descriptions.

Session Objectives:

At the end of this session participants will:

  • Understand management's responsibilities around Vendor Management
  • Understand what a SOC 2 report is, the intended audience, and it's benefits
  • Understand recent changes to professional guidance, including the addition of the Cybersecurity Risk Management Examination
  • Obtain a practical approach to reviewing SOC 2 reports as part of a vendor management audit


Aaron Kerr, CISA, CISSP Director, IT Risk Advisory, Clearview Group, LLC

Mr. Kerr is a Certified Information Systems Auditor (CISA) and a Certified Information Systems Security Professional (CISSP). Aaron is a nationally recognized speaker by the Institute of Internal Auditors (IIA) on IT audit and security related topics. Prior to joining ClearView, he managed the IT and Regulated audit teams for Constellation Energy and Exelon and was a technical consultant with Protiviti. In his time at Constellation, he managed audits covering several large-scale system implementation projects that transformed Constellation’s regulated utility and commodity investment and trading operations.

Aaron serves clients ranging from local to not-for-profit organizations to the Fortune 50 across all industry verticals, with specialized experience in the energy/utilities, financial services, healthcare, hospitality and professional services industries. He has expertise in IT audit, IT risk management, regulatory compliance (i.e. FFIEC, HIPAA, SOX), process improvement, ISO readiness and compliance, SOC 1&2 readiness and assurance engagements, IT security reviews, and special projects. This includes extensive experience with IT frameworks such as COBIT, ISO, NIST and the FFIEC Information Security Workbook and Cybersecurity Assessment tool.

Mike Molloy, CISA Manager, IT Risk Advisory, Clearview Group, LLC

Mike has experience planning and leading IT audits and assists in diverse operational integrated audits using TeamMate. Mike’s areas of expertise include, but are not limited to, application and IT general controls, completeness and accuracy of corporate interfaces as well as SOC reviews, IT Governance, and the system development life cycle for healthcare, insurance, financial services, government contractors and not for profit companies.

Mike has experience coordinating with internal and external audit teams to support managements compliance with IT General Controls and IT Dependent manual controls. He provides expertise in control design, issue remediation, and effective oversight of various compliance programs. Additionally, Mike has developed internal tools using SharePoint to manage and report ISO compliance throughout large organizations.

2/12/2018 - 4/19/2018

CIA Part 3 Prep Course by CIA Lead Facilitator Raven Catlin, CPA, CIA, CFSA, CRMA

When: Every Monday & Thursday from February 12th – April 19th

Class meets at 4:30pm – 6:30pm (ET)

Where: Online

Price: $1,100*

*includes CIA training materials and online access for Part 3 CIA exam prep session

5/31/2018 - 6/21/2018

CIA Part 1 Prep Course by CIA Lead Facilitator Raven Catlin, CPA, CIA, CFSA, CRMA

When: Every Monday & Thursday from May 31st – June 21st

Class meets at 4:30pm – 6:30pm (ET)

Where: Online

Price: $800*

*includes CIA training materials and online access for Part 1 CIA exam prep session