ISACA Vancouver and IIA - Assessing Organization Culture - Practical Tools and Techniques

We see organizations today putting great emphasis on defining their values and maintaining strong cultures. Why? These values are meant to translate in specific desired behaviors to support the achievement of organizational objectives. Examples of such behaviors are: taking personal responsibility, admitting to and learning from past mistakes, having an open and honest dialogue regarding important issues, including key risks, and willingness to provide constructive challenge in the name of making the best decision, to name a few. Deviating from these desired behaviors creates cultural risk which can have significant financial and reputational repercussions.

Many organizations have realized the importance of culture and have taken steps to evaluate and manage their cultural risks. Boards of Directors are specifically called to heighten their attention to cultural risk and apply the same oversight to culture as they give to other corporate risks. Internal Audit and Risk Management play important roles in this process.

Join us for this half-day session to learn from practitioners who have experienced cultural assessment and cultural auditing in real life. You will take away valuable frameworks and practical tools and techniques to incorporate in your audit approach, provide greater context to your audit findings, bring more clarity and rigor to your discussions with management, and ultimately help strengthening the cultures of your organizations.

Speakers Information

Frank Martens, CPA
Global Risk Framework and Methodology Leader at PWC

With over 30 years of experience, Frank helps clients implement practical plans that retain the conceptual integrity of risk management, internal control and audit. His work spans public and private companies, public sector entities, crown corporations, and not-for-profits in the energy, health care, higher education, mining, oil and gas, software, and tourism sectors.

In addition to serving his clients, Frank is also a thought speaker and author on Enterprise Risk Management (ERM) and Internal Controls. As a 15-year contributor to the Committee of Sponsoring Organizations of the Treadway Commission (COSO), he has spoken about and co-authored numerous publications. He was a principal contributor to the COSO Enterprise Risk Management-Integrating with Strategy and Performance, led the revision of its Internal Control-Integrated Framework, and have produced several articles on risk and control for Canadian and US publications. A key tenant of the ERM Framework is its combined focus on culture, capabilities, and practices that must work together in managing risk.

Wayne Thompson, CA, CPA , CIA and CRMA
VP Internal Audit at Coast Capital Credit Union

Wayne is the Chief Auditor at Coast Capital Savings, and a member of the Senior Leadership Team. He leads a team of auditors conducting a range of assurance and advisory services to the organization. He has an administrative report to the CEO and a function reporting line to the Chair of the Audit Committee.

Prior to joining Coast, Wayne worked for 15 years in public practice, most recently as the Risk Practice leader for a Big 4 Consultancy firm. Wayne’s professional experience is concentrated in the areas of Internal Audit, Risk Management and Regulatory Compliance, including CEO/CFO Internal Controls Certification programs in Canada, the United States and Japan. He also worked extensively with client on other regulatory compliance programs in areas such as anti-money laundering, anti-corruption and privacy. Assessing Risk Culture was one of the main components of his advisory and assurance work. He will speak to his experience related to auditing culture.

Maggie Ivanova, MSc. Acc., MBA, CIA and CRMA
Manager Integrated Risk at Central 1 Credit Union

Maggie is a senior business professional with over 10 years of experience in governance, risk management, strategic planning, internal audit and performance improvement. She started her career as a consultant and worked on a variety of consulting and internal auditing projects in many industries including: construction and mining, public sector and crown corporations, education, health care and financial services. She then moved through a variety of risk management roles in different organizations and is currently the Integrated Risk Manager at Central 1. Throughout her career, Maggie has conducted many cultural assessments, both as an internal auditor and as a risk management advisor, and has helped organizations develop practical improvement strategies. In her current role, Maggie led the development and implementation of Central 1 first Cultural Risk Assessment Methodology.

Maggie has Bachelor’s and Master’s degrees in Accounting and Control, an MBA in Strategic Management, and certifications in Internal Auditing and Risk Management Assurance.

REGISTRATION INFORMATION: To register, please click here
Registration Fees: IIA and ISACA Members: $99; Non-Members: $110 (breakfast is included)
CPEs: Total of 4 CPE credits
DATE: February 23, 2018
TIME: 8:30am to 12:00pm (registration starts at 8:00am)
LOCATION: BC Hydro, 333 Dunsmuir St Downtown Vancouver

*  *  *  *  *  *  *  *  *  *

ISACA Vancouver and CPABC Social Mixer

The CPABC and ISACA Vancouver Chapters are organizing a social mixer for members of our two chapters. This will be a great opportunity to catch up with your fellow CPABC and ISACA members in a cozy and fun atmosphere, increase your professional network and win door prizes. While attendance is free, we ask that you please register for the event for logistics purposes as we have a limited number of spaces.


5:00 pm Doors open & Registration
5:30 pm Welcome and Introductions by Chapter President/Chair
5:30 pm - 7:30 pm Networking and Canapés


Tuesday, 6th March 2018
5:00 PM – 7:30 PM PDT

Steamworks Brewing Co.
375 Water St, Vancouver, BC V6B 5C6

To register, please follow this link :

*  *  *  *  *  *  *  *  *  *

ASIS International - Enterprise Security Risk Management

Enterprise Security Risk Management (ESRM) is an ASIS International strategic priority, with the project charter recently being approved by the Board of Directors. This luncheon event will focus on the importance of a holistic approach to security management, with insights provided by a leading industry professional.

Dana Adams, CPP, CISSP, MBA, is the Director of Security Services at TELUS, a leading national telecommunications company in Canada. With over 20 years of experience in the security industry, Dana has successfully transitioned the Security Services from command and control, to a strategic consulting partner with internal stakeholders, clients and both provincial and national law enforcement organizations.

During his tenure with TELUS, Dana has successfully developed and delivered the TELUS security plan for the 2010 Winter Olympic Games in Vancouver, established effective partnerships with Law Enforcement and Public Safety, redesigned and implemented a new executive protection program, and developed and delivered asset protection programs for network infrastructure (copper cabling), retail operations, supply chain security and data protection. <br.
As the 2018 President of the ASIS International Professional Certification Board, Dana will further discuss the significant impact of industry designations, and address the necessity for these to continuously align to the shifting marketplace.

3 Course Meal Served:
Salad: Strawberry Frisée Salad
Entrée: Grilled Peppered Beef Sirloin
Dessert: Mango Cheese Cake with Raspberry Coulis
*Any allergies and dietary restrictions can be accomodated*

Date and Time: Wed, 7 March 2018 - 11:30AM-1:30PM PST
Location: Sutton Place Hotel Vancouver/ 845 Burrard Street Vanvouver BC
Cost: $45-$50

To register, please click here

*  *  *  *  *  *  *  *  *  *

IIA and ISACA Vancouver - Innovative disruption and its impact on our audit approach. Do we need to become the agile pioneers?

Innovation is solving complex problems across every industry and benefitting individuals in ways unimagined. At the same time, the rapidly evolving technology is disrupting the way organizations do business. It is becoming increasingly crucial for internal auditors to keep pace by addressing changing risk and compliance requirements and, more importantly, by effectively serving as a strategic technology trend advisor. Internal auditors are also challenged to rethink their own audit approach and to become the agile pioneers in their organizations.

Join professionals from EY as they discuss maturing, emerging and future technology trends and take a deeper dive into select topics such as demystifying the Blockchain and the risks and opportunities the distributed ledger present to the internal auditor. You will also learn how to adapt your own audit program to the new business reality.

Speakers Information

Kevin Teo, Risk Senior Manager, EY
Kevin leads EY’s Risk Assurance practice in BC and has over 10 years of professional experience applying a business risk focused approach to IT assurance, IT security, and IT consulting. Kevin helps clients realize value through harnessing new technology in a risk-informed manner by assessing technology risk and implementing strong but enabling governance frameworks and processes. Passionate about increasing trust in and from information systems, Kevin also serves on the Board of Directors for ISACA Vancouver, where he is currently the President.

Kyle Krystalowich, Risk Manager, EY
Kyle is a Manager in EY’s BC Risk Assurance practice where he focuses on IT audits, IT risk assessments, data analytics, cybersecurity program assessments and security audits. His experience spans across industries including power & utilities, technology, mining, oil & gas, government/public sector and telecommunications. Always up to date with the new trends in technology, Kyle is a trusted advisor to his clients.

REGISTRATION INFORMATION: To register, click link
Registration Fees: IIA and ISACA Members: $90; Non-Members: $100 (breakfast is included)
CPEs: Total of 4 CPE credits
DATE: March 12, 2018
TIME: 8:30am to 12:00pm (registration starts at 8:00am)
LOCATION: BC Hydro, 333 Dunsmuir St Downtown Vancouver

*  *  *  *  *  *  *  *  *  *

ISACA Vancouver and IIA Social Media, Social Engineering and Ethics (two training sessions)

Social Media and Social Engineering Risk: What every internal audit and risk management professional needs to know (3.5 hours, qualifies for 4 CPEs)

Social media is a dominant force in today’s world of connectedness. Its use is still growing in all parts of the world, and with that, risk is growing exponentially. Within an organization, use of social media by different departments can compromise the reputation of the organization and staff. Changes in internet usage, such as the proliferation of mobile devices and the rising use of social media, have presented many new challenges, including for cyber security. In this session you will learn how to identify and mitigate the new risks related to the changing social media landscape by:

• Looking at some of the worst corporate social media blunders, understanding what caused them and what could have been done differently
• Discussing fallout from real life cases of cybersecurity breaches, formulating a pragmatic approach toward combating cyber threats and building cybersecurity strategies
• Understanding the key elements of a successful social media strategy and what needs to be in the social media policy

This session will also touch upon social engineering. Discover how vulnerable your organization can be to social engineering and it’s easier than we think. The greatest security threat any organization faces today is the human threat. You will discover how easily confidential information leaks out of your organization daily by:
• Recognizing how the bad guys can infiltrate your organization
• Understanding how the good guys mitigate the problem
• Learning how to incorporate human vulnerability checks into your standard audit practice
• Learning how to make yourself and your organization more secure

Ethics: Making ethical decisions in times of uncertainty (3.5 hours, qualifies for 4 CPEs)

Hailed by many participants as the best ethics course ever, Ethics Viewpoint illustrates the challenges in implementing an organization wide ethics policy. Explore how best to embed ethics into a corporate culture. Ethical issues are associated with workplace deviance or corruption and its counterparts – lying, evasion of accountability, and abuse of authority. What causes them and how should they be dealt with?
This session focuses on integrating ethics with everyday corporate life. Ethics breaches begin with people – understand the team you work with. In an interactive session, participants will put into practice ethics issues that will help build a strong ethical business culture. The seminar’s topics include:
• Personal ethics vs. professional ethics
• How easy are ethics to define in the workplace?
• Does employee behavior influence ethical practice?
• Most common ethical breaches

Nejolla Korris is a popular speaker on lie detection, fraud prevention and investigation, workplace fraud, social engineering, social media risk, organizational justice and ethics. She has spoken internationally throughout the US, Canada, Europe, Asia and Africa. Her clients include associations, corporations, government agencies, law enforcement, and the military. Ms. Korris is also a frequent presenter for The Institute of Internal Auditors, ISACA and the American Institute of Certified Public Accountants. Last year we had her deliver two sessions to our members in Vancouver: Fraud Detection – Words Never Lie and Building Your Corporate Fraud Team.
Nejolla has a BA in Law from Carleton University. She was awarded the Queen's Diamond Jubilee Medal for her international work in linguistic lie detection. Nejolla served as the Honorary Consul for the Republic of Lithuania as well as the Chair of the Consular Corps in Edmonton. She writes a column in Edmontonians magazine entitled Civil Wars and a blog called the Korrispondent.

REGISTRATION INFORMATION: To register, please click here
Registration Fees:
• IIA and ISACA Members: Social Media and Social Engineering Risk – $150; Ethics – $150;
Special Bundle: Both Courses - $280
• Non-Members: Social Media and Social Engineering Risk -$175; Ethics - $175;
Special Bundle: Both Courses: $330
CPEs: Total of 8 CPE credits
DATE: Friday, March 23rd, 2018
TIME: 8:00am to 5:00pm
LOCATION: BC Hydro, 333 Dunsmuir St Downtown Vancouver