THE NISQUALLY CHAPTER OF THE IIA
AUDITING SOCIAL MEDIA:
A GOVERNANCE AND RISK GUIDE
Social media defined: "...a form of interactive online communication in which users can generate and share content through text, images, audio, and/or video."
Social media cannot be ignored: "A[n organization]/institution should have a risk management program that allows it to identify, measure, monitor, and control the risks related to social media."
Social media risk mitigation spans the organization: "The risk management program should be designed with participation from specialists in compliance, technology, information security, legal, human resources, and marketing."
Social media risk management program components: These should include a governance structure, policies and procedures, a risk management process, an employee training program, an oversight process, audit and compliance functions, and parameters for appropriate reporting to the board of directors or senior management.
Social media risk areas defined: These include compliance, reputation, and operational. As would be expected, there are significant details about compliance. But there is a good deal of information on reputation risk also, including information related to fraud and brand identify, third party concerns, privacy concerns, consumer complaints and inquiries, and employee use of social media sites.
The use of social media continues to grow faster than anyone could have predicted, and organizations throughout the world are making tough decisions about how they will participate (if at all). As organizations come to grips with this new challenge, Internal Audit can partner with the business/organization by providing insights on the strategies and risks that are unique to social media.
This seminar will provide participants with a basic understanding of how internal audit can begin to evaluate its organization’s efforts in social media. This will include an understanding of the unique strategies, governance structures, and metrics that social media presents.
Through lecture, discussion, and small group exercise, participants will gain a basic understanding of the risks related to social media, as well as how an effective risk assessment audit program might be developed. Upon completion, participants (Managers, Auditors, Internal Control Officers, Risk Officers, technology, information security, legal, human resources, and marketing) will be able to:
· Identify the aspects of good social media strategies, governance & oversight, and policies.
· Understand the basic risks to which organizations are exposed with social media
· Use the information presented in establishing an audit of the organization’s social media.
Lacey Community Center
6729 Pacific Ave. SE
Lacey, WA 98513
Thursday, May 8, 2014
Registration: 7:30 – 8:00 AM
Program: 8:00 AM – 5:00 PM
* Verified Members of the IIA, AGA, or ISACA
CPE Credits: 8
Morning & afternoon snacks
Payment due by April 30, 2014 There is a late payment fee due of $25, if unpaid before date of the event.
Cancellations: Cancellations made more than five business days in advance will be refunded the advance registrations fees, less processing fees from the chapter's registration administrator, EventBrite. Substitutions are always welcome. However, a substitute will be charted at the appropriate rate (member or non-member).
On your own for lunch
We cannot accept credit cards at the event; checks or cash only.
MIKE JACKA; CIA, CPA, CPCU, CLU, FCLS
Mike Jacka worked for 30 years in internal audit for Farmers Insurance. During that time he was responsible for projects as far-ranging as development of fraud investigation procedures for a 100-person audit shop, overseeing 30 associates as head of Western Regional Auditing Operations, and designing a new auditor training program for a global organization of 200 staff members.
Since retiring from the corporate world in January 2013, Jacka co-founded and became the designated chief creative pilot at Flying Pig Audit, Consulting, and Training Solutions
(FPACTS), a group dedicated to working with internal auditors to improve their departments, their organizations, and their profession.
Jacka is the co-author of Business Process Mapping: Improving Customer Satisfaction, now in its second edition, and the accompanying workbook. He is also co-author of Auditing Social Media: A Governance and Risk Guide, and The Marketing Strategy: A Risk and Governance Guide to Building a Brand, both published by The IIA. His latest book will be published in 2014, a collection of humor pieces titled “Auditing Humor and Other Oxymorons.”
He wrote Lighter Side articles for The IIA’s member magazine, Internal Auditor, such as “Alice in Auditland,” “Auditing Songs for the Holidays,” and "Auditors Anonymous.” Not having learned their lesson from that experience, the magazine now has him contribute his column titled "The Mind of Jacka." He also writes the associated blog, “From the Mind of Jacka.”
He holds a Bachelor of Arts in archaeology and a Bachelor of Science in accounting from Arizona State University. He is a member of The IIA’s Phoenix Chapter, the American Institute of Certified Professional Accountants, and the Society of Chartered Property Casualty Underwriters.
The Federal Financial Institutions Examination Council (FFIEC), on behalf of its members, is issuing this final supervisory guidance entitled "Social Media: Consumer Compliance Risk Management Guidance" (Guidance). The Guidance is being published after consideration of comments received from the public.