Jul 29, 2010 01:47PM

U.N. Appoints Former IIA Chairman as Director of Watchdog Group

Former IIA Chairman (1994-1995) Carman Lapointe, CIA, CCSA, CFE has been appointed under-secretary-general for Internal Oversight Services (OIOS) at the United Nations. The United Nations issued a statement on behalf of Secretary-General Ban Ki-moon last week welcoming the General Assembly’s quick approval of his nominee to the challenging position. “Ms. Lapointe ossesses the breadth and depth of experience and expertise required for this demanding position,” the statement reads. It goes on to point out that “transparency and accountability are essential to the work of the Organization, and OIOS is critical to advancing that effort. That is why the Secretary-General acted as quickly as possible to propose an experienced, high-profile and able successor to this important post.” Lapointe, a Canadian, will be expected to build up the OIOS team, filling vacancies and taking on responsibilities that have largely gone unmet in recent years. She brings much experience to the post, having formerly served as auditor general of the World Bank and most recently as the director of the Office of Audit and Oversight of the International Fund for Agricultural Development in Rome.   Beyond her IIA chairmanship in 1994, Lapointe has been an active volunteer leader of The Institute. She currently serves as The IIA’s representative to the International Federation of Accountants’ Task Force revising auditing standard 610 on Using the Work of Internal Auditors. Most recently, she served on IIA committees to help develop a Capability Maturity Model for the public sector and The IIA’s value proposition to internal audit stakeholders. And as a leader of the IIA’s professional issues committee in the early 90s, Lapointe was key contributor to The IIA’s role in helping develop COSO’s original Internal Control Integrated Framework. She also assisted in the development of the Certification in Control Self-Assessment. Lapointe has served on The IIA’s global advocacy committee, board of regents, research foundation board of trustees, and global and North American nominating committees

Jul 14, 2010 12:00PM

AGA Presents IIA President and CEO with Distinguished National Award

IIA President and CEO Richard Chambers, CIA, CGAP, CCSA, CGFM was conferred the 2010 Frank Greathouse Distinguished Leadership Award from the Association of Government Accountants (AGA). The award is conferred upon individuals who have provided sustained, outstanding leadership in financial management in the public sector over a period of years, resulting in notable contributions to the government accounting profession. Before coming to the helm of The IIA, Chambers had a long career history working in the public sector, including as inspector general of the Tennessee Valley Authority, deputy inspector general of the U.S. Postal Service, and director of the U.S. Army Worldwide Internal Review Organization at the Pentagon. The award was presented Wednesday, July 14, 2010 at the AGA’s Professional Development Conference & Exposition at the Orlando World Center Marriott in Lake Buena Vista, Fla., USA.

Jun 24, 2010 05:00PM

New IIA Guidance Addresses IT Risks

GTAGs 14 and 15 tackle spreadsheets, databases, and information security governance The IIA is releasing two new issues of its ongoing Global Technology Audit Guide (GTAG) series – both aimed at helping internal auditors and their management learn about and assess technology related risks. Almost every organization uses some form of User Developed Applications (UDAs) such as spreadsheets and databases. They can be easily developed, cost effective to produce, and changed with relative ease.  However, risks such as data integrity, availability, and confidentiality can pose threats to an organization and internal auditors may consider auditing UDAs. New GTAG 14, Auditing User-developed Applications, explores, among other topics, how best to risk rate and scope a UDA audit. The 32-page GTAG also proffers a sample audit program, best practices for implementing controls over UDAs, and advice on how internal auditors can work in a consulting role to help management develop an effective UDA control framework “In most organizations, selected staff members are permitted as a matter of business necessity to extract, manipulate, analyze, and report on enterprise data using spreadsheets, databases, or other user-developed applications (UDAs). This practice gives rise to risks concerning data integrity, availability, and confidentiality,” said IIA Director of Standards and Guidance Lisa Hirtzinger, CIA. Standard 2110.A2 of The IIA’s International Standards for the Professional Practice of Internal Auditing requires the internal audit activity to assess whether the organization’s information systems sustains and supports agreed-upon strategies and objectives. New28-page GTAG 15, Information Security Governance (ISG), explores internal auditing’s roles in and responsibilities for overseeing IT security. It assists organizations in incorporating an audit of ISG into the audit plan, focusing on whether the organization’s ISG activity delivers the correct behaviors, practices, and execution of information services. “IT failures, especially information security (IS) breaches, can place the organization at risk for reputation damage, diminished competitiveness, noncompliance with laws and regulations, and other adverse consequences,” added Hirtzinger. “These impacts should not be underestimated.” GTAGs, which are written in straightforward business language to address timely issues in IT management, control, and security, are strongly recommended, but not mandatory, guidance under The IIA’s International Professional Practices Framework. They are available from The IIA at www.theiia.org/guidance/standards-and-guidance/ippf/practice-guides/gtag/.

Jun 23, 2010 09:10AM

IIA/MIS Cohost IT Audit & Controls 2010

 The IIA and MIS Training Institute proudly present IT Audit & Controls 2010, being held in Orlando at the Hilton Disney World Resort on October 12 – 14, 2010.  Now more than ever, aligning IT audit with business risk is critical to IT audit's effectiveness. Without conveying clearly to management the bottom-line risks of practices, procedures and technologies, IT audit faces a future on the sidelines of the enterprise. At the same time, never has IT audit faced so many game-changing technologies – from clouds to iPads, from Droids to virtual desktops. Increasing insider fraud, escalating regulatory requirements, and the rising number of external hacks compound to make the role of the IT auditor at best demanding, at times near impossible.  During this conference you will hear how world-class IT auditors are dealing with these challenges, and learn their hard-won insights into how to provide effective, risk-based coverage in these unprecedented times. This event features 50 sessions. CLICK HERE to view the brand new 2010 agenda!   Attention IIA Members: Receive 10% off the main conference registration fee. Please note, the 10% discount only applies to the IT Audit & Control’s main conference. It can not be applied to add-on workshops, or used on previous registrations. Registrations are now being accepted. For the lowest registration rates, you must register early! Your Registration Code is CONF30/IIA. CLICK HERE to register.                  

Jun 22, 2010 04:00PM

Attention Certified Internal Auditors (CIAs)!

Attention Certified Internal Auditors (CIAs)!  And CCSAs, CFSAs, and CGAPs The deadline to report continuing professional education (CPE) credits for the 2010 reporting year has passed. CIAs are required to report 80 hours of CPE every two years, and your reporting year is based on the last digit of your IIA member/customer ID number. Members/customers whose ID ends in an even number were required to report by May 31, 2010. ID numbers that end in an odd number must report by May 31, 2011. To reinstate your active status of your IIA certification, please visit www.theiia.org/Certification and click on “Report Continuing Professional Education” to access the CPE Reporting form. IIA Members MUST login to the Web site BEFORE accessing the form to save US $50.