Hot Topics in Information Technology - Facilitated by Grant Thornton LLP
Friday, February 19, 2016 from 8:00 AM to 5:00 PM (EST)
Course Title: Hot Topics in Information Technology (8 CPE)
Instructor: Various Speakers with significant subject matter expertise from Grant Thornton LLP
On behalf of the IIA Baltimore Chapter, Grant Thornton will host a day of internal audit training on integrated audit and IT audit hot topics facilitated by Ryan Abdel-Megeid, CISA, IT Experienced Manager, and a team of specialists. This meeting will be similar in depth to an ISACA meeting. This training will demystify IT audit and empower participants to immediately apply the concepts! In addition to frameworks for IT risk identification and scoping, hot topics of discussion will include:
- Understanding Third-Party Risk
- Cloud Computing - Different Implementations and Associated Risks
- Introduction - Ryan Abdel-Megeid
- Understanding Third-Party Risk - Jannifer Jones and Karen Cardillo
This presentation will provide guidance helping Internal Auditors to understand fundamental third party risk assessment activities, will identify various projects/services that may be used to assess third party risk, and will identify the framework for selecting the right type of project for the Company's needs.
- Demystifying IT for the Financial Auditor - Ryan Abdel-Megeid and Ben Harder
In today's world of increasing reliance on systems for processing, storing, and reporting financial information, understanding how those systems work no longer solely resides within IT. Both end users and Internal Audit professionals should be armed with the tools to understand and recognize risks.
- Cybersecurity - Howard Grodin
The cybersecurity 'buzzword' is thrown around often in enterprise risk discussions. This course breaks cybersecurity down into three tangible areas: recognizing associated risks and threats to technology infrastructure, understanding risk-based and data-driven approaches to mitigating intrusion/breach impacts, learning about industry solution offerings aligned with frameworks.
- Cloud Computing - Different Implementations and Associated Risks - Ryan Abdel-Megeid and Ben Harder
Cloud-based systems are here to stay. As an internal audit professional, this model of outsourcing technology can either have huge positive impact, or result in unmanagable risk. In this course we will identify unique threats and risks within cloud computing models, describe regulation and public policy changes driving cyber security, and recommend risk management strategies and best practices.
- Technology Risk Model - IT Audit Scoping - Ryan Abdel-Megeid and Ben Harder
When planning your technology audits, determining the appropriate scope is the most critical, and often one of the most challenging tasks to get right; What framework do I use? What systems should be included? Which technology layers should I focus on? We will discuss the answers to these questions and talk through specific situations the group has encounters.
- Wrap-up and Q&A
Target Audience: Internal Auditors of All Levels interested in integrated audit and IT topics
Date: Friday, February 19, 2016
Time: 8:30 – 5:00 (Registration starts at 8:00)
Notes: Continental Breakfast, Lunch and Coffee Breaks included
Charity Drive: When you attend the training, please bring toiletries (shampoo, razors, soap, shower gel, etc.), canned goods, or educational supplies (paper, pens/pencils, spiral notebooks, etc.) to benefit Helping Up Mission, an organization that helps men fight addiction and homelessness throughout Maryland.
CPE: 8 Hours
Ryan Abdel-Megeid, CISA - IT Experienced Manager
Ryan is an Experienced Manager in Grant Thornton’s Mid-Atlantic Advisory Services group with seven years of experience in performing IT audits, IT controls testing, Sarbanes-Oxley consulting & auditing services, IT business consulting, as well as WebTrust/SysTrust compliance. Ryan is a Certified Information Systems Auditor (CISA) and a member of the National Capital Chapter of the ISACA as well as the Institute of Internal Auditors (IIA).
Jennifer Jones, MBA, CIA, CFE, CRMA, CCSFP - Senior Manager
Jennifer is a Senior Manager within Grant Thornton’s Advisory Services Group with twelve years of experience in performing IT audits, IT controls testing, Service Organization Controls attestation reports, WebTrust/SysTrust engagements, and Sarbanes-Oxley consulting and auditing services.
Karen Cardillo, CPA, CISA - Manager
Karen is a Manager within Grant Thornton’s Advisory Services Group with six years of experience in performing IT audits, IT controls testing, Service Organization Controls attestation reports, and Sarbanes-Oxley consulting and auditing services.
Ben Harder, CISA - IT Assurance Director
Ben Harder is an IT Director based in Grant Thornton’s McLean, VA office, and the IT Assurance Practice Leader for the Atlantic Coast Market. Ben has over 12 years of experience overseeing teams performing information technology assessments in conjunction with management consulting engagements and financial statement audits. He has extensive experience coordinating multiple, simultaneous projects with teams spread across geographical locations (both the U.S. and Europe), helping clients to achieve their primary objectives. His client base includes both public and private companies, Fortune 500 industrial products companies, Fortune 100 financial institutions and large government agencies.
Howard Grodin, Cybersecurity Director
Howard Grodin is a veteran technologist with over 20-plus years of experience. As Director, Advisory Services for Grant Thornton’s National Cyber Risk Team, Howard is currently focused on creating and delivering innovative and advanced services focused on mitigation of Cybersecurity risks. Howard’s professional certifications include Certified Information Systems Security Professional (CISSP) & Certified Cloud Security Professional (CCSP).
Questions or for more information: Contact Liz Brogan, VP of Programs at firstname.lastname@example.org or 410-537-5338