1

New York Chapter of the Institute of Internal Auditors www.nyiia.org

NEW YORK REPORTS PLATINUM AWARD CHAPTER August 2012

Knowledge Through Sharing and Learning

As the summer comes to an end, we here at the IIA’s New York Chapter are only

beginning what is sure to be another successful Chapter year. As you can see by

the contents of this newsletter, a full slate of events has been scheduled for our

members. In addition to our popular monthly workshops, two other events are fast

approaching. Both events provide reasonably priced CPEs and offer excellent

networking opportunities.

The Chapter’s Diversity Committee will be holding a 2 hour event entitled, I Didn’t See it Coming.

Many of you attended this event back in June, where the Diversity Committee and keynote speaker

Ellen DiVerniero, Director of Sales for Bedlam Productions Inc. lead a discussion on career

strategies and overcoming adversity. This time around, a further discussion will be had, with the

author of the book I Didn’t See it Coming, Amy Kopelan. The event is co-sponsored by the Chapter

and Deloitte and will be held at Deloitte’s offices from 5:00 PM to 7:00 PM on October 4, 1012.

One and a half CPEs will be rewarded. Registration is now open and can be accessed from our

Events calendar at www.nyiia.org.

Also not to be missed is our joint conference with ISACA’s New York Metropolitan Chapter on

Friday, October 26, 2012. Held at the United Federation of Teacher’s facilities at 52 Broadway, the

full day event will be a must for internal audit professionals looking to gain further knowledge and

insight into the fast changing world of information technology. The conference will consist of

multiple tracks to choose from, and include vendor exhibits and multiple networking breaks. Be on

the lookout for emails from the Chapter announcing the opening of registration for this event.

Additional info for these two events, as well as info on our upcoming monthly workshop on

September 14, can be seen throughout this newsletter. If you are interesting in volunteering, just

reach out to anyone from our Chapter Executive Committee on page 3 of our newsletter and we

would be happy to answer any questions you may have. We are always looking for new volunteers

with new ideas and perspectives. We hope to see you at some of our upcoming events!!

Brian Mannix, President IIA New York Chapter

2

In This Issue

Page

President’s Message 1 NY Chapter Information 2012/2013 Chapter Officers 2012/2013 Committee Chairs Upcoming Events and Workshops

3 4

Schedule 2012 – 2013 September 14th Workshop October 19th Workshop

5 6

10

Diversity Event – October 4th IIA and ISACA Event – October 26th Certification Information

11

12

CIA / CGAP Review Course Flyer CRMA® Professional Experience Recognition iPace Online Course

13 15 16

Member News Member Benefits Social Media Update

18 19

Share your Knowledge 19 Membership Update 19 Employment Opportunities 20 Academic Relations Committee 20

3

2012 - 2013 IIA NY Chapter Officers

President BRIAN MANNIX

New York Life Insurance Company (212) 576-5928

E-Mail: bmannix@nyl.com

Executive Vice President SCOTT KENNEY Deloitte & Touche

(212) 436-2103 E-Mail: skenney@deloitte.com

Vice President-Professional Development RAQUEL OQUENDO

Columbia University Medical Center (212) 305-9622

E-Mail: rm2698@mail.cumc.columbia.edu

Vice President - Professional Services CARMEN CACEDA

Email: Carmen_Caceda@msn.com

Vice President – Treasurer JUAN PEREZ

New York Life Insurance Company 212-576-7984

Email: juan_h_perez@newyorklife.com

Vice President & Secretary ELEONORA PECHENIK

Goldman Sachs E-mail: eleonora.pechenik@gs.com

Immediate Past President (2010-2011 Chapter Year)

JOHN FITZPATRICK Accume Partners

(516) 670-6761 E-Mail: jfitzpatrick@accumepartners.com

4

2012 – 2013 IIA NY Chapter Committees

CAP Reporting Officer: Brian Mannix Chair: Linda Tan Audit: Officer: Brian Mannix Chair: Ines Janssen Nominating: Officer: Brian Mannix Chair: John Fitzpatrick, Diane Napolitano Volunteer: Officer: Brian Mannix Chair: Debra Soumare Long Range Planning: Officer: Scott Kenney Chairs: Paul Flora, Nick DiMola General Auditors’ Roundtable: Officer: Scott Kenney Chair: Paulette Mullings Bradnock Business and Industry: Officer: Scott Kenney Chairs: Stacey Guardino, Uday Gulvadi, Patrick Glenn, Tracey Thomas/Alex Cacanando/Jessica Rodgers Special Events: Officer: Scott Kenney Chairs: Stacey Guardino, Uday Gulvadi, Patrick Glenn, Tracey Thomas Government Audit Committee: Ed Icasiano, Ellen Issacs

History: Officer: Scott Kenney Chairs: TBD Academic Relations: Officer: Scott Kenney Chairs:Rachel Bond, , Olga Davis, Jennifer Morris, Cheryl Lovell, Altagracia Rodriguez Annual Audit Seminar: Officer: Raquel M. Oquendo Chairs: Uday Gulvadi, Carlos Garcia, Andrew Goldberg, Rachel Bond, Erin Morrow Workshops: Officer: Raquel M. Oquendo Chairs: Rachel Bond, Adwait Tare, Uday Gulvadi, Jim McCabe, Anthony Canton, Cheryl Lowell Luncheon: Officer: Raquel M. Oquendo Newsletter: Officer: Carmen Caceda Chair: Dainora Tommasino Social Media /Communications: Officer: Carmen Caceda Chairs: Aleksandra Terzano Public Relations, Advertising and Employment: Officer: Carmen Caceda Chair: Andrew Goldberg

Subscription: Officer: Carmen Caceda Chair: Bill Morello CIA Exam: Officer: Eleonora Pechenik Chair: Olga Davis Membership: Officer: Eleonora Pechenik Chairs: TBD Outreach: Officer: Eleonora Pechenik Chairs: TBD Awards Dinner: Officer: Eleonora Pechenik Chairs: Mariaelena Deloux, Kathy Rennert Diversity: Officer: Eleonora Pechenik Chairs: Junny Rivera Social: Officer: Eleonora Pechenik Chairs: Coryse Farris Financial Reporting: Officer: Financial Controls: Officer: Juan Perez Chairs: Stephanie Mitchell Hoyt Melissa Teti, Anthony Porco i Awards and Gifts: Officer: Juan Perez Chair: Kathy Rennert Carlos Garcia

5

IIA NY Chapter 2012 – 2013

Workshops / Luncheons

September 14, 2012 Location: Baruch College

AM: Protiviti, Third Party Risk Management Luncheon: IIA Global Headquarters Kevin Mayeux, EVP, CO for NA Ops and General Counsel for IIA Global Headquarters PM: Eisner Amper LLP, Risk Assessments/Privacy, data security and breach response compliance /Business Continuity and disaster recovery

October 19, 2012 Location: Hard Rock Café

Full Day session: Crowe, Fraud/FCPA

November 16, 2012 Location: Baruch College

AM: IIA Research Foundation, Preparing Internal Auditors for the Future Luncheon: Grant Thornton, State of Internal Audit PM: Telavance, Internal audit of AML & OFAC

December 7, 2012 Location: United Federation of Teachers (UFT)

AM: AIG, Emerging IT Risk Luncheon: KPMG, Implementing Effective Privacy Monitoring PM: Deloitte, Latest trends and developments in risk governance &

controls monitoring in an era of uncertainty

January 11, 2013 Location: Baruch College

Full Day Session: LSU, Analytics

February 15, 2013 Location: United Federation of Teachers (UFT)

AM: Protiviti, Regulatory Hot Topics Luncheon: Grant Thornton, Vendor Risk Management PM: Grant Thornton, Social Media

March 22, 2013 Location: Baruch College

AM: Goldman Sachs, Continuous Monitoring Luncheon: TBD PM: AIG, Enterprise Risk Management

April 12, 2013 Location: Hard Rock Café

AM: Experis, the Risk Surrounding Cloud Computing Luncheon: TBD PM: Sabre Holdings, Moving IA along the continuum

May 17, 2013 Location: TBD 40th Annual Audit Seminar

6

IIA NY Chapter

September 2012 Workshop

Date: Friday, September 14, 2012

Times: 8:30 AM – 4:30 PM

Location: Two Baruch College 55 Lexington Avenue Room 14-220 New York, NY 10010

CPE: 7 credits will be awarded for the full day workshop 3 credits will be awarded for half-day workshop 1 credit for luncheon workshop

~~Registration is open~~

Members: $175 Non-Members: $195 Luncheon Only (Members): $60 Luncheon Only (Non-Members): $70 ½ day with Lunch (Member): $90 ½ with Lunch (Non-Member) $100 ½ day without Lunch (Member): $90 ½ day without Luncheon Non-Member: $100

Morning Session: AM 8:30 am - 11:30am (3CPE)

Presentation Topic: Protiviti will be presenting our morning session, which will include:

• Third Party Vendor Risk Management

• A Practical Approach to Understanding IT Governance • Bring Your Own Device Risks

Rocco Grillo is a Managing Director with Protiviti and leads the Northeast Security & Privacy Practice. Rocco is a co-founder of the IT Policy Compliance Group, an affiliate Board Advisor for FS-ISAC, a member of the Shared Assessments Program Technology Development Committee, and he has also served on the Board of Directors of the NYM ISSA and(i-4). Rocco has over 20 years of technology and information security experience. He is a CISSP, a PCI QSA, a Certified HITRUST Practitioner and oversees Protiviti’s Incident Response and PCI Forensics Investigator (PFI) programs. He has spoken on leading information security topics

7

including RSA, , the ISSA, IIA, (i-4) and other industry organizations, in CNNMoney, ComputerWorld, Bankinfosecurity.com, and other publications. Rocco is a co-founder of the IT Policy Compliance Group, an affiliate Board Advisor for FS-ISAC, a member of the Shared Assessments Program Technology Development Committee, and he has also served on the Board of Directors of the NYM ISSA and(i-4). Rocco has over 20 years of technology and information security experience. He is a CISSP, a PCI QSA, a Certified HITRUST Practitioner and oversees Protiviti’s Incident Response and PCI Forensics Investigator (PFI) programs. Prior to working for Protiviti Rocco helped develop RedSiren Technologies, a leading full security firm that evolved out of Carnegie Mellon, the co-founders of CERT. He was previously with Lucent Technologies prior to RedSiren. Jim Ambrosini has over 18 years experience in Technology and IT Risk Management. He is currently a Director at Protiviti where he leads various engagements dealing with IT risk, governance and compliance. Prior to joining Protiviti, Jim spent 8 years in Big Four public accounting firms Risk Advisory Service Practice and was also a programmer and systems analyst for a major financial institution. Jim holds the CISA, CISSP, CFE and CRISC certifications and earned his Bachelors degree in Journalism & Communications from Washington & Lee University and Master of Science in Information Management from Stevens Institute of Technology. Jim is currently the President of the New York Metro Chapter of ISACA and is also an Adjunct Professor at NYU, where he teaches a graduate course in Risk Management. Michael Money is a Director in Protiviti’s Information Security & Privacy Solutions Practice based in New York City. Mr. Money is a Certified Information Privacy Professional (CIPP), Certified Information Systems Professional (CISSP), PCI Qualified Security Assessor (QSA)and Certified Information System Auditor (CISA). He has over 20 years experience directing and consulting on information technology risk, secure system implementation & operation, developing & executing global security & privacy programs, assessment and control. He has an undergraduate degree from Fairfield University and a MBA from the University of Houston at Clear Lake. He is an author of several publications and a frequent speaker at industry conferences.

Luncheon Workshop: 12:30pm – 1:30pm (1CPE)

Presentation Topic: IIA Headquarters will be presenting our Luncheon topic

Kevin Mayeux serves as the Executive Vice President, Chief Officer for North American Operations, and General Counsel for the Institute of Internal Auditors Global Headquarters located in Altamonte Springs, Florida. In this role, Kevin supervises the core membership services offered to all 72,000 IIA members in North America in 157 chapters located throughout the United States, Canada, and the Caribbean islands. Functions and product offerings under his supervision include conferences, seminars, publications, chapter services, membership, academic relations, quality assurance, executive services and advocacy. Kevin further provides enterprise-wide leadership serving as the IIA’s General Counsel, as Executive Director of the IIA Research Foundation, and President of the Internal Audit Academic Advancement Fund. He holds a certificate in Risk Management Assurance.

8

An attorney by trade, Kevin has served as an association management professional for sixteen years, including serving as the executive director of a statewide trade association in Tallahassee and CEO of an international individual membership society in Indianapolis. He is a Certified Association Executive and has held leadership positions on both the state and national level within the association management community, including being named Indiana’s association executive of the year for two consecutive years. He has served on the Florida Bar’s Student Education & Admission to the Bar Committee, assisted with numerous political campaigns, and has been deeply involved in a variety of civic and community service organizations. While attending the University of Florida, Kevin served as student body president and held numerous other campus leadership posts. The Tampa native is an active supporter of Gator athletics and currently lives in Winter Springs, Florida.

Afternoon Session: 1:30pm – 4:30PM (3CPE)

Presentation Topic - EisnerAmper will be presenting our afternoon session, which will include:

• Risk assessment

• Privacy, data security and breach response compliance • Business continuity and disaster recovery

John Fodera is a Partner in the Consulting Services Group focusing on delivering consulting and audit services. John has more than 20 years of audit, accounting and business management experience, including extensive experience in internal controls, privacy compliance, strategic planning and process reengineering.

John has established himself as a thought leader, advising clients on compliance and operational audits. He is a frequent speaker to professional audiences on “hot button” internal audit and risk management issues, and has often been quoted in financial publications as an industry expert.

Prior to joining the firm, John spent several years as a Corporate Controller at a public investment management company. He is a member of the New York State Society of Certified Public Accountants (NYSSCPA) where he serves on the SEC Practice Committee. In addition, he is a member of the Institute of Internal Auditors (IIA) and serves as Director of the Institute of Management Accountants (IMA). He is also involved in the Long Island Alliance.

Nancy Brady is Director of IT Risk Services in the firm’s Consulting Services Group. Nancy brings with her extensive experience as a senior audit professional specializing in internal controls and IT risk management. She has a broad range of expertise in external and internal audit, Sarbanes-Oxley, SAS 70, and consulting. Nancy has focused on reviews of business process and application controls, IT general controls, information security, disaster recovery and business continuity planning, trading and operations, asset management, and regulatory compliance. She has worked extensively with banks, insurance companies, hedge funds, and broker/dealers.

9

Before joining EisnerAmper, Nancy was with PricewaterhouseCoopers for almost 15 years and two years as Head of IT Internal Audit at D. E. Shaw & Co., LLP. This enabled her to develop a broad and deep knowledge of the spectrum of financial services companies and their associated products, risks, and controls. Leveraging her deep IT, audit, internal controls, and risk management experience in combination with her significant industry and regulatory compliance experience, Nancy is able to work with our clients in a way to understand their risks and concerns, identify their issues, make recommendations that make sense from a risk cost benefit perspective, and overall add value. Victor Albanese is a Director in the firm's Operations Management Practice. He has more than 30 years of advisory and industry experience, conducting a variety of performance-improvement projects for numerous industries. Within the private and public sectors, Vic has directed management and IT audits; organizational and operational improvement projects; internal-control reviews, including Sarbanes-Oxley Section 404 projects and SSAE 16 reviews; business process re-engineering studies; and facility-planning and design analyses. In addition, Vic has directed numerous due diligence and financial costing studies for clients engaged in multi-national manufacturing and distribution operations, and activity-based costing studies for domestic and multi-national manufacturing, service and not-for-profit clients to achieve significant and sustainable cost reductions.

Vic received his B.S. in Industrial Engineering from Hofstra University, and has completed graduate studies in Management Engineering at C.W. Post University. He is a senior member of the Institute of Industrial Engineers (IIE) and the Association for Operations Management (APICS). Vic also is a member of the Institute of Internal Auditors (IIA) and has been an author and speaker on the subjects of internal control, productivity and performance improvement.

For more information, go to http://www.cvent.com/d/5cq2pp

To register, go to http://www.cvent.com/d/5cq2pp/4W

10

IIA NY Chapter October 2012 Workshop

Date: Friday, October 19, 2012

Times: 8:30 AM – 4:30 PM

Location: Hard Rock Cafe 1501 Broadway New York, NY 10036

CPE: 7 credits will be awarded for the full day workshop

Full Day Session: Crowe, Fraud/FCPA

---------

More information to come soon at www.nyiia.org

---------

11

I Didn’t See it Coming Change the way you think about

your career and redefine your

strategy for success

Thursday, October 4, 2012 - 5:00 - 7:00pm Join us for an interactive discussion featuring co-author Amy Kopelan of I Didn’t See It Coming. This event will provide the audience with insight to how Internal Auditor careers are shaped and defined with personal stories regarding office politics, rules of the workplace, and critical strategies. Ms. Kopelan and our Internal Audit guest speakers will talk candidly about their experiences and talk about the “playbook” Ms. Kopelan wrote to help other professionals, at any level of business, move successfully through any organization.

An Evening Not to Be Missed! From this session you will learn:

• The value in identifying your personal management style • The mistakes to avoid when you’re a manager or run a team • The importance of visibility and alliances • The game of power seating and what it gives away

Program 5:00 – 5:15 p.m. Registration and networking 5:15 – 7:00 p.m. Program Event fee $15 for NY IIA Members | $25 for non-members Note: June 19th session attendees may attend at no charge. Date and Location Thursday, October4th Deloitte | 1633 Broadway (between W50

th and W51

st Streets)

Register Visit the NY IIA website at www.nyiia.org

CPEs Eligible for 1.5 CPE credits

About Amy Kopelan Ms. Kopelan has been featured on FOX and Friends, Business Week online, On The Money, in CEO Magazine, Business Week, Chief Learning Officer Magazine, and CNN.com. As an author and President of Bedlam Entertainment, she produces CEO summits, interviews leading business innovators, moderates panels at industry conferences, speaks at national business symposiums, and consults to institutions and organizations. She serves as an advisor to The Grace Institute and The Institute for Career Advancement Needs. Sponsoring organizations

I Didn't See It Coming provides savvy advice and

strategic insights for recognizing and working

through a variety of

situations in your career.

Peter Lund, Partner, Spencer

Stuart:

“In the fiercely competitive

world of business, these

authors learned how to play

the game with skill and

competence. They are

uniquely qualified to teach

others the rules of the

workplace.”

12

13

14

15

CRMA® Professional Experience Recognition to Close Sept. 30

Time is running out to apply for the Certification in Risk Management Assurance (CRMA) credential and still qualify under the Professional

Experience Recognition (PER) provision for those in North America. For a limited time before the official exam for this new certification is launched in 2013, interested candidates have until Sept. 30, 2012, to use education, certification(s) held, and experience within the 5 domains of the CRMA to

attain a minimum of 155 points required to achieve the designation without having to sit for the exam.

16

17

18

Members Benefits

As a valued member of the Institute of Internal Auditors and the New York Chapter, I’d like to remind you of just some of the benefits that are available to you as members. Membership entitles you to:

• Member Only Discounts through the IIA’s Affinity Program- The IIA has partnered with a select host of companies to provide our members with special discounts on products and services. These companies include: · Dell · Geico · Hertz · Omni Hotels

• Member Only Discounts on Training through the Institute and the New York Chapter- As a member of the IIA, you are entitled to valuable guidance, training, and services at discounted prices including: · Workshops · Conferences · Seminars · Webinars, webcasts and e-learning opportunities · Vision University (for Chief Audit Executives)

• Member Only Rates on Items in the IIA Bookstore and Professional Certification Exam Fees

• Instant Access to Valuable Reference Tools and Resources for the Profession- These include: · Professional Practice Framework · Practice Advisories · Subscription to Internal Auditor Magazine

I hope that you take advantage and enjoy the many benefits the Institute of Internal Auditors and the New York Chapter Please visit the IIA at http://www.theiia.org/ for the latest information on member benefits or at https://www.theiia.org/index.cfm?act=form.newmember to become a new member and take advantage of significantly reduced membership rates. We look forward to seeing you and your colleagues at our upcoming events.

19

Social Media Update We invite our members of the IIA New York Chapter to share your knowledge and enhance networking opportunities to. Please join the NY IIA Chapter LinkedIn group. Follow us on the following sites:

http://www.linkedin.com/groups?gid=2280322&trk=myg_ugrp_ovr

Other IIA sites to follow:

http://www.facebook.com/TheInstituteofInternalAuditors

http://twitter.com/#!/theiia

Share Your Knowledge

New York Chapter is full of experienced auditors; this is an opportunity for members to share and learn from each other. You can contribute in any of the

three ways:

Expertise Stories Books

Wisdom, tip, insight or technique that you’ve

found improves your audit process or saves you time.

How did you get to where you are today?

What have you been reading? We’ll choose two each month and list them.

For other members interested in submitting information to be published in our newsletter, please send an email to our VP of Professional Services and Newsletter Officer Carmen Caced at Carmen_Caceda@msn.com by the 20th of each month.

20

Membership Update

Not receiving Chapter e-mails and Workshop notifications? Please UPDATE YOUR IIA PROFILE! Log onto http://www.theiia.org using IIA Member ID and Password

.

1.

2.

3.

Volunteer Corner

If you are interested in volunteering for our chapter, please reach out to our Volunteer chair, Debra Soumare @ debra.stbernard@aeroflex.com

Employment Opportunities If you are looking for a new opportunity, we currently have new job posting on our website. http://www.nyiia.org/careers/index.php Individuals or organizations interested in posting job opportunities should submit a condensed job description to the Employment Officer, Carmen Caceda @ Carmen_Caceda@msn.com

Academic Relations Committee

The chapter's Academic Relations Committee presents internal audit related subject matter to students at local college and university career fairs. If interested, your organization can take the opportunity to have any open positions communicated at these events. If interested, contact Scott Kenney @ skenney@deloitte.com Also, if anyone with Student Internship opportunities, please contact our Academic Relations Committee Officer Scott Kenney @ skenney@deloitte.com