Day Chairman: Philip Keown
Welcome coffee and registration
Worldwide Use of Technology in Internal Audit
Michael Cangemi – Cangemi Company LLC
This session will also cover technology trends, such as BIG DATA, SaaS and cloud that are transforming business, finance and GRC practices using analytics and monitoring.
In addition we will review the results of the research project the Benefits of CM research published by Financial Executives Research Foundation and discuss how companies are benefiting from new technologies with business process improvements and the role the audit should be playing, to expand the implementation of CM for the benefit of the business, customer satisfaction, as well as, control improvement.
The presentation will close with a brief look into the future with predictive, contextual and video analytics and the Internet of Things.
Adrian Hextall – Ernst & Young
By looking at examples from supply chain logistics, tax compliance and historic trend analysis, Adrian will provide some real life case studies on how organisations can identify and saves millions in taxes not only as a result of incorrect tax treatment and reporting but also through analytical assessment of “what if we do it this way..” scenarios.
Visual audit, visual estimating and contextual analytics
William Waller – Turner and Townsend
In this case study based presentation we will demonstrate how the use of software tools with forensic, visualisation and geographical information system (GIS) capabilities can reduce the cost and time associated with audits and have increased quality through defensible and reliable data collection, increased sample sizes (or the elimination of sampling altogether), greater certainty and volume of findings and a recorded retrievable trail. We will also take the audience through the key steps in the process from identifying the client’s challenge to focussing on the impact to their core business.
We will illustrate how utilising geographic and visualisation tools allows us to dynamically analyse a variety of data sets to observe complex relationships and patterns and how this can be achieved. Our case studies will show how such manipulation of the data set reduces time required to gain insight but also highlights patterns that may not have been seen otherwise.
Leslie Krepa – Signet Group
The department has a wide role covering Corporate Audit, Store Audit, Risk Management, Sox and Loss Prevention. The department is also used as an internal consultant meaning it ‘has a finger in many pies’. It’s a wide, varied and interesting role that is supported wherever possible by various pieces of software. Les will go onto describe how the use of this software plays a key part in helping the fulfilment of the departments objectives.
Eric Applewhite – KPMG
One source of potential untapped revenue is the collection of previously written off or hard to collect debt. Estimates have Local Authority bad debt provision across England for 2013-14 at £114 million (DCLG Local Government Financial Statistics). Local Authorities write off debts every year as uncollectible – to take them off their balance sheet. Research shows that these debts may be collectable 2 to 6 years post write off. Using analytics to provide insight into what old debt may be collectable combined with a process for actually collecting the debt can result in millions of pounds in revenue for authorities.
Using data and process change to turn written and current debts into collectable income, then collecting it is one piece if the puzzle in helping Local Authorities bridge their funding and service gaps.
Richard Hollis – Risk Factory
Every day we read about more high-profile breaches and yet these are just the data losses required to be acknowledged by mandatory disclosure laws – in fact only a small percentage of the actual losses incurred. Every type of business, regardless of its size, location or turnover has been attacked and every day the attacks continue to grow in volume and sophistication leaving business’s struggling to stop the data bleed. More often than not, the result is too little, too late.
Come listen to an industry leader go through and explain the Top 10 most serious cyber security threats facing your business this year and outline a simple strategy to help you identify, minimise and manage these threats going forward in the next year.
Mike Comer – Cobasco Ltd
Mike Comer is credited with developing the first automated fraud detection programme in the world -in 1974 - when working as Security Adviser for Esso Petroleum Co Ltd. In the following 40 years, his Critical Point Auditing techniques have uncovered cases involving losses of over £300 million, usually in circumstances where no prior suspicions existed.
This session, developed specially for this conference, discusses the lessons learned for dramatically improving the results of AFD and continuous monitoring and the ways they should be “sold” to senior management. It also makes recommendations for optimising the connection between whistleblowing and AFD as well as methodologies for analysing and benchmarking Codes of Conduct and compliance policies.
--- CONFERENCE END --–
Day Chairman: Michael Cangemi
Welcome coffee and registration
Privacy and Internal Audit
Philip Keown – Grant Thornton
New features and applications
James Loughlin – ACE
Uncovering Financial Statement Fraud: Case Study
Carolyn Newman – Audimation
IT Auditing Fundamentals
Charles Mansour –
At the end of this presentation, you’ll understand:
- The tactics that the sellers, specifically, the acquired company’s CFO, used to trick the purchaser
- The lessons learned that can prevent fraud in financial statements and acquisitions
- How some of the schemes uncovered in this case can be detected with data analytics and data mining techniques
- How to incorporate data analytics into an ongoing process to improve internal controls over financial reporting by detecting and deterring potential financial statement fraud
This session aims to provide non-IT auditors with an ‘entry level’ look at IT auditing and IT itself. By the end of this session delegates should be able to compare and contrast ‘conventional’ auditing with IT auditing. We will briefly look at the main IT processing functional components, the associated key risks and some methods to address them.
The aim is not to bring delegates up to IT audit practitioner level, but to help non IT auditors engage with the main functions of the functions of today’s commercial IT
- Introduction to IT Auditing
Brief introduction, and main risks and controls attaching to, the following areas of IT;
- Operating systems and utilities
- Database and database administration
- Change Control
- Key development stages
- Testing and migration onto production
Networks and Communications
- Network availability
- Integrity of traffic
- IT Operations
Finding Frauds – A Practical Insight
Alan Livesey – D.A.T.A. Services Ltd
The Human Aspect of Cyber Security
Dalim Basu –
In this workshop Alan will discuss various frauds and demonstrate how general office software, such as Microsoft® Excel®, or specialist software, such as CaseWare IDEA® , ACL® or (new kid on the block) Arbutus®, could be applied to identify them.
Alan will start by explaining how simply generating new reports can uncover sophisticated frauds, move on to explain the power of summarisations and venture on to explain the power of more complex analyses.
In addition, using a simple case study, Alan will highlight how easy it is for things to go wrong if users do not understand and apply data analysis techniques correctly. Alan will also give insight into the elimination of the renowned “false positives”.
The workshop will close with a Q&A session to enable the audience either to delve further into the material presented or to expand upon it with “what if…”, “how would you…” or “I have an issue with…” type questions. Use this opportunity to get a world expert in data analysis to give your organisation the benefit of his expertise.
Dan French – Consider Solutions
--- CONFERENCE END --–