Navigate Up



 April 2018-IT Seminar

4/12/2018 8:00 AM
4/12/2018 5:00 PM
San Diego | California
Join the all-day IIA & ISACA San Diego Chapters’ IT Seminar at 8:00AM on April 12, 2018.
Click HERE to register.
Location: Marina Village, 1936 Quivira Way, San Diego CA, 92109, Starboard Room. Parking is free. Breakfast and lunch is provided.
Program Description & Learning Objectives:
Auditing Third Party Risk Management Programs – The average company has 89 different vendors accessing the network on a weekly basis. This session is designed to assist auditors in understanding the practice of Third Party Risk Management (TPRM), why TPRM is important, the TPRM process, and how to effectively audit a TPRM program.  At this session you will learn about the:
·       Overview of TPRM Programs and Assessment Process
·       TPRM Program Maturity Modeling
·       TPRM audit strategy (from scoping to reporting)
Preparing your Data using Python – Data comes in many different formats. How do you get your data into a clean format that is ready for analysis? What tools should you use? This presentation will walk you through the importance of preparing your data, various data formats you may encounter, and sample use cases demonstrated using Python. During this session you will learn to:
·       Understand the importance of preparing your data for analysis
·       Understand different types of data you may encounter
·       Understand what Python is and why you should use it
·       Understand strategies and techniques for importing, preparing, and saving your data using Python
Robotic Process Automation – In this interactive session, we will provide an overview of Robotic Process Automation (RPA), and the potential implications to the role of Internal Audit. We will examine how companies are establishing and advancing this business solution, and discuss proven methodologies to achieve sustainable results. Specifically, we will address:
·       Understanding RPA
·       Summarizing the hard and soft potential benefits of RPA
·       Understanding the criteria for scoping & prioritization of RPA opportunities
·       Providing examples of Finance & Accounting RPA opportunity areas
·       Understanding how RPA can be applied to Internal Control, risks of RPA, and the impact of RPA to Internal Audit
2018 Cybersecurity Roadmap – The session will provide an overview of current cybersecurity priorities that boards and organization management teams should be asking questions about, and review practical approaches to assess the organization’s ability to prevent, detect or limit the impact of the latest cybersecurity risks. In this session, participants will:
·       Obtain an understanding of the General Data Protection Regulation (GDPR) coming into effect and how to assess its impact on their organization.
·       Obtain an understanding of the new SOC for Cybersecurity and the value it can provide to either a service organization, customers of service organizations or public organizations.
·       Obtain an understanding of the elements of a cybersecurity assessment methodology to help identify areas where the organization can strengthen its controls to prevent, detect or limit the impact of the latest risks.
Revenue Recognition – Implementation Phase and Lessons Learned – In this session, the new ASC606 standard has presented unique risk and control challenges for companies. For those impacted by the new revenue standard (ASC606), we will explore different ways companies are approaching implementation from a systems, process and data perspective as well as the risk and control implications. How do they obtain reasonable assurance that all transactions required to determine the opening balance are included in their approach?  How is the control environment impacted by the dual reporting period for those implementing using the modified retrospective approach?  We will touch on these questions and more in our session. We will share our experiences, insights, and lessons learned:
·       Discuss IT control environment changes being driven by the new revenue standard
·       Describe information system risk areas related to the Revenue Recognition process
·       Discuss lessons learned related to controls in a Revenue Recognition implementation
Field of
7:30 AM – 8:00 AM
Registration and Breakfast
8:00 AM – 8:10 AM
Chapter Announcements
IIA President, Kathleen Medlin
ISACA President, Kim Lamoureux
8:10 AM – 9:25 AM
Auditing Third Party Risk Management
Zach Couasnon
9:25 AM – 9:35 AM
9:35 AM - 10:50 AM
Preparing your Data using Python
Sam Mori, CISA
Computer Software & Applications
10:50 AM – 11:00 AM
11:00 AM – 12:15 PM
Robotic Process Automation
Lester M. Sussman, CPA
David Matthews
Information Technology
12:15 PM – 12:40 PM
12:45 PM – 1:30 PM
2018 Cybersecurity Road Map
Sumari Witt, CISA, CISM, CISSP
Information Technology
1:30 PM – 1:35 PM
1:35 PM – 2:30 PM
2018 Cybersecurity Road Map
Sumari Witt, CISA, CISM, CISSP
Information Technology
2:30 PM – 2:35 PM
2:35 PM – 4:00 PM
Revenue Recognition – Implementation Phase and Lessons Learned
Joshua Dalton,
Stephen D’arcy CISA
Unemployed Members
Retired Members

Instructional delivery methods: Group-Live
Field of Study: Various – See table above
CPE credit: 8 CPE            
Prerequisites: None
Advanced preparation: None
Program level: Basic
Course registration requirements: To register for this event, click here.
Zachary Couasnon
Zach is a Manager for RiSK Opportunities, Inc. currently advising and assisting clients with PCI, ISO, SOX, and Third Party Risk Management compliance. His experience includes over 11 years in the professional services space comprised largely of IT Audit and IT GRC related disciplines. Before joining RiSK, Zachary was an Internal Audit Manager for a multi-national electronics manufacturing firm. Zachary is also a PwC and Deloitte & Touche LLP alum.
Sam Mori, CISA
As Managing Partner of Analytics & Advisory Services for Spyrion LLC, Sam is dedicated to supporting client needs in our Compliance, Governance, Audit, and Data Analytics services. He has over 10 years of IT and Operational audit, Business Intelligence, and Compliance, covering a variety of industries, including biotech, retail, entertainment, and technology.
Sam has a BS in Cognitive Science (Human computer Information specialization) from University of California, San Diego, MS in Accountancy (Information Systems specialization) from San Diego State University, and is currently an MS in Data Science candidate specializing in Analytics and Modeling at Northwestern University. He is a Certified Information Systems Auditor (CISA) and Six Sigma Green Belt.
Lester M. Sussman, CPA
Les has 40 years of professional services and private industry experience in accounting and corporate governance. Since 2005, Les has been the senior national leader in Governance Risk & Compliance (GRC) practice area for Resources Global Professionals (RGP), providing corporate governance, risk management and compliance services to clients globally. Les is a frequent speaker on internal audit, corporate governance and risk management topics. After 26 years with Deloitte, Les joined Gemstar TV Guide as Senior Vice President of Finance and Chief Accounting Officer. Les is currently a member of the Board of Directors of East West Bancorp, where he serves as chairman of the Audit Committee and a member of the Risk Oversight Committee.  Additionally, Les is the immediate past Chairman of the Board and is currently a member of the Executive Committee of the Braille Institute.
 Les is a licensed certified public accountant in the State of California and maintains current memberships with the American Institute of CPA’s, the California Society of CPA’s and the Institute of Internal Auditors.
David Matthews
David has more than 25 years of global process management experience across multiple industries in both Australia and the United States, both as a practitioner and currently as the Regional VP, Advisory Services and National RPA Lead at RGP.  He has held numerous global senior management positions, including a Centre of Expertise Group Manager where he was responsible for building organizational capability, driving operational efficiencies, and supporting the execution of multiple process optimization initiatives that delivered significant sustainable bottom line results. Prior to RGP, David was with Clorox for fifteen years and during this time he held numerous positions in both Australia and the United States.
Sumari Witt, CISA, CISM, CISSP
Sumari Witt is a director within KPMG’s Risk Consulting practice. She has 14 years of experience in cybersecurity and IT auditing, and has served clients in various industries, including financial services, education, local government and utilities, across 3 continents including Africa, the UK, Canada and the US. Sumari has a bachelor’s degree in Economics, Investment Banking and IT, and also holds the CISA, CISM and CISSP certifications. She is currently a board member of the ISSA San Diego Chapter.
Stephen D’arcy, CISA
Stephen is a leader in the National Enterprise Systems practice at PwC. Based in Southern California he is has over fourteen years of experience implementing software solutions within the Oracle eco system including Oracle EBS, PeopleSoft, Oracle Cloud and most recently RevPro for clients adopting ASC 606. Stephen recently led a large RMS implementation at a global professional services Organization across multiple different revenue streams.
 Stephen is a member of the PwC Global ERP Leadership committee tasked with innovating new products and services, developing ERP best practices, and developing training for Oracle applications. Stephen has a dual B.A. and M.A. in Business and Economics B.S. from Trinity College Dublin, Ireland. Stephen's clients have included multiple Fortune 500 companies in the software, technology, cable, telecommunications, utilities and FS industries.
Joshua Dalton, CISA
Josh is a leader in the National Enterprise Systems (Oracle) practice at PwC. Based in Southern California he is has over nine years of experience implementing software solutions within the Oracle eco system including Oracle EBS, Oracle Cloud and RevPro. He has led multiple Oracle GRC (Advanced Controls) Suite implementations in Oracle EBS.
 Josh is a leader in the PwC Revenue Recognition Center of Excellence within PwC’s Risk Assurance practice driving consistent methodology, approach and delivery across RevPro implementations.  Josh has presented at multiple external conferences on ASC 606 adoption with a systems, process and data perspective including Zuora RevPro’s Revenue Recognition Summit, RevStream’s RevConnect, and PwC’s external focused Revenue Recognition Bootcamps.
Josh has a Bachelor’s degree in Information Systems from Brigham Young University, Provo, Utah.  Josh’s clients have included multiple Fortune 500 companies in the Technology and Financial Services industries.
We hope that you will join us at this event. If you have any questions, please reply to this email or contact Dan Ebert at or John Villard at
Refund Policy: Registered participants who give a cancellation notice less than three (3) business days in advance of an event, or who do not attend the event, will be charged the full price of the event. It is acceptable to have a substitute attend the event on behalf of the registered participant. In addition, for luncheon events only, the participant may request to apply their payment to the following month’s luncheon event. The option to apply payments to future events does not apply to seminars.
The chapter will process and issue any eligible refunds the week after the event. Please contact Dan Ebert, listed on our website, for additional details related to refunds, complaints, or cancellation policies.
Institute of Internal Auditors, San Diego Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: