عرض العناصر حسب علامة : IIA
الثلاثاء, 09 نوفمبر 2021 09:27
ندوة IIA الافتراضية: أخذ تحليلات البيانات من التخطيط إلى التدقيق المستمر
معلومات إضافية
- البلد عالمي
- نوع الفعالية برسوم
- بداية الفعالية الثلاثاء, 02 نوفمبر 2021
- نهاية الفعالية الخميس, 04 نوفمبر 2021
- التخصص محاسبة ومراجعة
- مكان الفعالية أونلاين
نشر في
فعاليات مهنية
موسومة تحت
الخميس, 22 سبتمبر 2022 08:59
المواقف المتميزة وسط الأزمة
في الوقت الذي لا يوجد فيه الكثير من الأخبار السارة في العالم للإبلاغ عنها، نحن متحمسون جدًا لأن نكون قادرين على القيام بذلك من خلال تقديم خبر "القادة الناشئين لعام 2021 لمجلة المدقق الداخلي".
معلومات إضافية
-
المحتوى بالإنجليزية
At a time when there’s not a lot of good news in the world to report, we are very excited to be able to do just that by introducing Internal Auditor magazine’s 2021 Emerging Leaders.
As we’re all well aware, working during a worldwide pandemic has introduced a host of new challenges for internal auditors, including remote work, travel restrictions, and communication issues, not to mention helping their organizations form COVID-19 response plans. This year’s Emerging Leaders have been required to address these and many other issues while continuing to add value in their daily work. And, as you will read in “Emerging Leaders: 2021,” they have done just that.
As Bill Mulcahy, longtime practitioner and IIA volunteer, explained in his nomination of honoree Christy Beers, “She handled the ultimate audit double dip — a large company merger while managing the changes that come with remote work during the pandemic.” Bill, who sadly passed away earlier this year, was one of Christy’s biggest advocates. “I’m grateful for having known him,” she told us. “I wouldn’t be where I am today without his mentorship.”
Bill was also a big advocate of Internal Auditor’s Emerging Leaders, nominating a young professional each year. Whenever one of his nominees was chosen, Bill would be sure to take out a full-page ad to congratulate him or her. We will greatly miss his dedication to, and enthusiasm for, advancing the next generation of internal auditors.
Bill’s 2021 nomination is one of 15 Emerging Leaders who hail from across the U.S. and five additional countries — The Bahamas, Canada, Ghana, United Arab Emirates, and Vietnam. Five men and 10 women from a variety of industries and backgrounds share their stories of success. From using virtual meetings and telehealth systems for virtual walk-throughs, to creating a collaborative onboarding portal and team intranet site, to creating new opportunities to be agents of change during the pandemic, their stories are diverse and impressive.
And speaking of impressive, beginning on page 41, we check in with some of our past Emerging Leaders. Whether they continue to rise through the ranks of internal auditing or are using their audit experience to move into a new profession, many of our past Leaders, as expected, continue to excel in their chosen career paths.
Hear more from past and current Emerging Leaders about just what it takes to be a leader in a series of videos on InternalAuditor.org.
Congratulations to our 2021 Emerging Leaders! You’ve persevered through a pandemic and are more prepared than ever to be leaders in your profession.
نشر في
موضوعات متنوعة
موسومة تحت
الثلاثاء, 05 أكتوبر 2021 21:21
توظيف الأفضل لمستقبل التدقيق الداخلي
منذ عام 2013، مجلة المدقق الداخلي تعرض القادة الناشئين في المهنة. أولئك الذين يتم اختيارهم لهذا التميز كل عام هم الرواد الذين تقل أعمارهم عن 30 عامًا والذين يقومون بتشكيل المهنة وتنميتها من خلال الابتكار والمهارات التكنولوجية والإبداع والعمل الجاد.
معلومات إضافية
-
المحتوى بالإنجليزية
Since 2013, Internal Auditor magazine has been showcasing emerging leaders in the profession. Those chosen for this distinction each year are the 30-and-under trailblazers who are shaping and growing the profession through innovation, technology skills, ingenuity, and hard work.
The IIA’s celebration of youthful talent in the profession could be short-lived without a thoughtful approach to recruiting and serving the needs and expectations of even younger potential members.
The IIA’s Internal Audit Education Partnership program supports development of internal audit curricula at participating colleges and universities. The program helps ensure graduates have the skills to conduct basic internal audits and prepares them to achieve the Certified Internal Auditor designation. However, it is not designed to inspire young people to become internal auditors.
The changing dynamics of modern business demand that we do more. Change is occurring at lightning speed, and disruption driven by technology is part of the new normal. The next generation of internal auditors must possess innately agile, curious, and innovative minds, and encouraging young people who exhibit such drive to consider a career in internal auditing begins at the high school level. The IIA’s new strategic plan speaks directly to addressing this.
Data from the 2020 Career Interest Survey by the National Society of High School Scholars suggest we have some work to do. It finds medicine and health-related careers (37%) the top choice of the more than 14,000 respondents. Another 17% chose business/corporate as an expected career path, which tied for second with sciences and biology/biotechnology. More traditional career paths for internal auditors — accounting/tax and finance/fintech — ranked considerably lower at 4%.
In the coming months, we will explore new and creative ways to reach Generation Z and will develop strategies, tactics, and resources to address our opportunity as a profession. This must include supporting diversity, equity, and inclusion (DEI) efforts at all levels. I’ve noted before that beyond being the right thing to do, supporting DEI is as much a business decision as an ethical one.
With the guidance and support of our North American chapters and affiliates around the world, we hope to soon reach out to high school guidance counselors or their equivalents to boost knowledge of the profession, dispel negative stereotypes, and encourage the best and brightest to consider internal auditing as a career.
As you read about the impressive group of emerging leaders featured in this issue, I hope you’ll join me in seeking new ways to mentor and nurture the next generation. The IIA understands this begins at the local level, and we will work diligently with our members to build a pipeline of future-ready auditors.
نشر في
موضوعات متنوعة
موسومة تحت
الأربعاء, 21 سبتمبر 2022 15:01
ما الذي يميز المدقق الداخلي الاستثنائي ومن يمثل مستقبل المهنة؟
البحث عن قادة التدقيق الداخلي غدًا قيد التشغيل
معلومات إضافية
-
المحتوى بالإنجليزية
Internal Auditor's Emerging Leaders
What defines an extraordinary internal auditor, and who represents the future of the profession?
The search for tomorrow’s internal audit leaders is on. Internal Auditor magazine will recognize up-and-coming internal audit professionals in its October 2021 issue. What defines an extraordinary internal auditor? Innovation, integrity, business acumen, passion? Do you know a high-performing internal auditor who possesses the qualities to become a thought leader in the industry?
Nominees must be members of The IIA and have, or be working toward, The IIA’s Certified Internal Auditor® (CIA®) certification. The magazine will not feature more than one emerging leader from the same company. Self nominations will not be accepted. All nominees must be age 30 or younger as of Dec. 31, 2021.
Nominators will be asked to fill out a brief questionnaire and provide statements about their nominee’s performance in the areas of business acumen/leadership, service to the profession, community service, and innovative thinking.
All nomination material becomes the property of Internal Auditor magazine. By submitting a nomination, you grant The IIA a license to publish the nomination material in Internal Auditor magazine. Those chosen as emerging leaders will be interviewed for the article. By agreeing to be interviewed, nominees grant The IIA permission to use their quotes in other materials. The emerging leaders will be asked to participate in various IIA initiatives throughout the following year to help bring forth the voice of The IIA's young professionals.
Nominations are open April 1 through May 14, 2021
نشر في
موضوعات متنوعة
الأحد, 12 سبتمبر 2021 21:34
هل تعرف الخطوات الخمس لرسم خريطة مسيرتك المهنية؟
بداية رحلتك
نشر في
موضوعات متنوعة
موسومة تحت
الثلاثاء, 24 مايو 2022 08:29
اكتشف كيف يتوافق اختبار شهادة ضمان إدارة المخاطر المعتمدة CRMA مع تطلعاتك.
تعرف على المزيد حول الامتحان
معلومات إضافية
-
المحتوى بالإنجليزية
Earning the CRMA Is on the Road After CIA
To keep pace with the dynamic global risk arena, The IIA is relaunching its Certification in Risk Management Assurance® (CRMA®) program to reflect the in-depth organizational knowledge and advanced skill sets that are required to provide effective risk management assurance to audit committees and executive management. You can apply and register now and sit for the exam starting in October.
Significant changes were made to the overall program, including expanding the prerequisites and making the required work experience more robust. For example, an active CIA® is now required, as opposed to just passing CIA Part 1.
Earning the CRMA helps address the impact of risk and demonstrates you have the ability to:
Provide assurance on core business processes in risk management and governance.
Educate management and the audit committee on risk and risk management concepts.
Offer quality assurance and control self-assessment.
Focus on strategic organizational risks.
Add value for your organization as a trusted advisor.
Get started now.
نشر في
شهادات مهنية
موسومة تحت
الأربعاء, 25 أغسطس 2021 17:57
التوظيف من أجل النجاح
حفز الدور الرئيسي للتدقيق الداخلي في معالجة التهديدات الرقمية الحاجة إلى خبرة في مجال الأمن السيبراني في فريق التدقيق.
معلومات إضافية
-
المحتوى بالإنجليزية
Internal audit's key role in addressing digital threats has spurred the need for cybersecurity expertise on the audit team.
Geoffrey NordhoffAugust 24, 2021Comments
Organizations are moving gingerly into the post-pandemic world with a heightened focus on cybersecurity, with overall cybersecurity spending projected to grow as much as 10% this year, according to IT research firm Canalys. Regulators — already concerned about cybersecurity — have ratcheted up their oversight, vividly illustrated by the U.S. Office of the Comptroller of the Currency's $80 million fine against Capital One last year (see "Capital One Data Breach" below). In fact, cybersecurity was one of the top-ranked risks identified by board members, management, and chief audit executives (CAEs) in The IIA's OnRisk 2021 report.
In this environment, internal audit, as part of its oversight function, has a critical role of helping organizations manage cyber threats by evaluating risks and providing an independent assessment of controls. In turn, this role has spurred the need for cybersecurity skills in internal audit functions.
The heightened concern around cybersecurity has inevitably increased the demand for suitably experienced auditors, says Jamie Burbidge, founder of Bickham Montgomery, a London-based internal audit recruiting firm. "Due to cybersecurity being a relatively recent concern for business leaders, the number of internal auditors at the senior level with relevant experience is quite small," he noted. At present, potential internal audit hires who have the experience and a good grasp of cybersecurity likely are coming from the Big Four accounting firms at slightly more junior levels.
Regardless of the talent source, experts point to several skills and qualifications to look for when hiring. They also cite the importance of soft competencies, the need to plan ahead for resource needs, and the advantages of developing skills internally.
The Right Expertise
Shawna Flanders, director, IT Curriculum Development, at The IIA, says two general skills are important for internal auditors who will be involved in cybersecurity audits: data analysis capabilities and critical thinking. "Deploying critical thinking skills gives auditors the ability to determine how a cyber threat in the wild could impact their organization," Flanders says. Plus, they need to be able to use data to discover unusual activity, inappropriate access, and fraud, and possess a broad understanding of IT general controls as well as application, network, and information security controls, she adds.
In addition, practitioners need to have a deep understanding of relevant threats, such as malware, ransomware or spyware, denials of service, phishing, and password attacks. Given the demands, internal audit functions should consider building dedicated expertise on their team, says Jim Enstrom, senior vice president and CAE at Cboe Global Markets of Chicago. The type of person who can fill this role probably has come up through a technology, cybersecurity, or consulting background, rather than internal audit, he adds.
Ongoing training and an emphasis on more technical cybersecurity-related certifications should also be a focus area, Enstrom says. Certifications demonstrate a basic level of aptitude and indicate that a person is motivated for self-improvement and self-learning. The IIA offers several seminars on IT topics, including cybersecurity, as well as more than a dozen IT courses on-demand. In mid-July, The Institute launched its IT General Controls Certificate, demonstrating the certificate holder's ability to assess IT risks and controls.
In addition, more universities are offering advanced degrees in cybersecurity, in which students also are learning the principles of assurance, as well as how to evaluate controls and risk. For example, the University of Central Florida in Orlando, which offers a certificate in cybersecurity, will begin offering a master's degree in cybersecurity and privacy this fall that will include a technical track covering topics such as hardware, software, and security, and an interdisciplinary track that addresses the human aspects of cyberattacks. These types of programs are an opportunity for recruiting, Enstrom says.
Robert Berry, former executive director of internal audit at the University of South Alabama and now president of consulting firm That Audit Guy, says hands-on experience in cybersecurity is important in considering a hire. Berry says he would look for someone experienced in technology, especially with experience in how networks operate and are secured. "You want to look for somebody who is actively engaged and involved in the craft," he adds — the kind of person who builds his or her own network and tinkers with it, and who is active in chat rooms and forums.
Capital One Data Breach
The U.S. federal government's enforcement actions against Capital One in August 2020, which included an $80 million fine from the Office of the Comptroller of the Currency (OCC), illustrates its increased oversight of cybersecurity issues. The actions stemmed from a 2019 cyberattack that stole the personal information of about 100 million individuals. The OCC fine was the first significant penalty against a bank in connection with a data breach or alleged failure to comply with OCC guidelines. The OCC specifically called out Capitol One's internal audit function, saying it failed to identify numerous control weaknesses and gaps and did not effectively report them to the audit committee.
Training, Sourcing, and Collaboration
Rather than hiring from outside, developing skills internally is sometimes a better option, especially in small- to moderate-size departments, Berry says. That way, the auditor is already familiar with the organization and with the procedures involved in conducting engagements, he explains. This approach also might be advantageous for a small department in an industry that does not pay well, which likely will have a hard time recruiting cybersecurity expertise, Berry adds.
In a midsize department or a midsize organization with a small audit department, audit staff might not have the necessary IT knowledge. Keeping in mind The IIA's International Standards for the Professional Practice of Internal Auditing, the organization might consider a co-source provider, Enstrom says, adding that training, skill building, and certifications also are important for these departments. In addition, where the Standards allow, internal audit should consider collaboration with the organization's information security department, he says. Standard 1210: Proficiency, and Standard 2050: Coordination and Reliance, provide guidance in these areas.
Seek Out Soft Skills
"Curiosity is the cornerstone of internal audit," Berry says. "If you can't be curious and ask really good questions, you will fail in your career in audit." Soft skills are probably the most important skills, he says, because a person who possesses them can be taught audit skills. Critical thinking and other soft skills give internal auditors, especially those dealing in a technical area such as cybersecurity, the ability to communicate outside their area and to understand how a cyber threat could affect the organization.
When he started Bickham Montgomery about 10 years ago, Burbidge found that technical proficiency was by far the most sought-after trait for companies when hiring internal auditors. Now, he sees more emphasis on communication skills as part of an internal auditor's role. "You need to be able to communicate, need to be able to persuade, need to be able to partner with the business," he says.
Jeannie Alday, director of Internal Audit for Chatham County, Ga., says in hiring someone with an IT background, she wants to determine whether the candidate will be able to communicate with IT staff, and IT management, but also with county management and others who may have limited background in IT. "Those soft skills are huge, and they're not always easy to spot in the limited interview process," Alday says.
Looking Ahead on Hiring
Given the rapidly changing environment, cyber awareness is fundamental to the execution of an organization's strategy. "In any organization today, cybersecurity is one of the top risks," Enstrom says. In the present environment, boards, management, and other stakeholders need to focus continually on cyber risk and whether their organization has the right skills and resource strategy, he says. Importantly, organizations need to make necessary investments in skills and resources.
Post-pandemic, hiring likely will become more challenging because of pent-up demand, Enstrom says, and demand already exceeds the number of candidates. As a result, audit hiring managers should think more creatively about compensation and other job benefits. He also notes that many cybersecurity professional have had limited exposure to internal auditing and assurance, may see auditing as having limited opportunity for advancement, and might not consider going into the field.
This perception underscores the necessity of selling the opportunities and value proposition of the profession to prospective job candidates. Compared with going directly into information security, internal audit offers the potential for greater diversity of experience and breadth of opportunity — working with senior executives and board members — and exposure to different projects, Enstrom says. Moreover, because of the importance of good communication skills, time spent in internal audit can be a great learning opportunity for someone who is less comfortable in this area.
"Early in a person's career, working in internal audit really represents a great learning opportunity because you have so many different projects you can work on," Enstrom says. "I think we don't sell that enough as a profession."
As another area of focus for hiring, Enstrom emphasized the importance of partnering with outside firms, or organizations that can help with the candidate sourcing process. He highlights one example — the Greenwood Project. "The Greenwood Project is a nonprofit organization dedicated to introducing Black and Latinx students to careers within the financial industry," he says. "We've had success working with Greenwood Project and we continue to look for ways to strengthen our relationship and promote the profession of internal auditing to Greenwood students and diversity candidates. In addition to accounting and business students interested in financial services, we have been working with Greenwood to promote an interest in IT audit, data analytics, and cybersecurity roles in the internal audit profession."
Meanwhile, when recruiting through universities, internal audit functions need to look beyond the accounting and finance departments and build relationships with computer science and cybersecurity programs. "In my experience, many students in computer science or other IT disciplines are unaware of job opportunities in the internal audit profession," Enstrom says. "Given this, it's really important for the company and recruiter to understand and have relationships with faculty and staff in these colleges, not just the business schools."
The bottom line? "You have to offer competitive salaries, and you have to be very clear and crisp in your value proposition — how internal audit will benefit them in their career," Enstrom says. Moreover, companies recruiting in the post-COVID-19 marketplace will need to think more broadly and consider hiring candidates from outside their geographic area.
نشر في
تكنولوجيا المعلومات
الإثنين, 23 أغسطس 2021 14:30
مؤتمر تبادل الخدمات المالية 2021
معلومات إضافية
- البلد عالمي
- نوع الفعالية برسوم
- بداية الفعالية الإثنين, 27 سبتمبر 2021
- نهاية الفعالية الثلاثاء, 28 سبتمبر 2021
- التخصص محاسبة ومراجعة
- مكان الفعالية أونلاين أو شخصيا
نشر في
فعاليات مهنية
موسومة تحت
الخميس, 25 أغسطس 2022 12:26
شهادة الضوابط العامة لتكنولوجيا المعلومات من معهد المدققين الداخليين (IIA)
سيعلمك برنامج شهادة الضوابط العامة لتكنولوجيا المعلومات التابع لمعهد المدققين الداخليين الدولي (IIA) كيفية تقييم مخاطر وضوابط تكنولوجيا المعلومات.
معلومات إضافية
-
المحتوى بالإنجليزية
The IIA's IT General Controls Certificate
Register Now
*IIA Members, please log in for member pricing.
The IIA’s IT General Controls Certificate Program will teach you how to assess IT risks and controls. Achieving the certificate will validate your knowledge and experience in IT auditing. It’s time to exhibit expertise and audit more effectively.
This innovative self-study program is available exclusively through the convenient IIA Training OnDemand platform and focuses on the following:
IT Essentials: Introduction to IT IT Essentials: Introduction to IT General Controls Logical Security: Application, Database, and Operating System Layers
Logical Security: The Network Layer Auditing IT Change Management Understanding the SDLC
Exploring Corrective Controls Computer Operations Physical and Environmental Controls
Governance of Enterprise IT Auditing Project Management Practices Auditing Third-party Technology-related Risk
Exhibit your expertise and specialized knowledge with the IT General Controls Certificate.
نشر في
شهادات مهنية
الأحد, 15 أغسطس 2021 14:39
ميزة البدء الذكي: ندوة عبر الويب لعضو جديد في معهد المدققين الداخليين (IIA)
معلومات إضافية
- البلد عالمي
- نوع الفعالية برسوم
- بداية الفعالية الخميس, 26 أغسطس 2021
- نهاية الفعالية الخميس, 26 أغسطس 2021
- التخصص مراجعة داخلية
- مكان الفعالية أونلاين
نشر في
فعاليات مهنية
موسومة تحت