In this episode, Terry Ray, a top expert in data security, talks with David Pretrisky, director of Professional Standards at The IIA, about why asking the right questions is key to boosting data security and compliance in organizations. They’ll dive into how internal auditors can strengthen their organization’s security, the hurdles they encounter, and practical strategies for success.

Guests:

Terry Ray, senior vice president, data security GTM, field CTO, and fellow at Imperva

Host:
David Petrisky, director, Professional Standards, The IIA

Key Points:

• Introduction to Data Security and Compliance (00:00:02 - 00:00:22)
• Breaking Down Data Defense (00:00:31 - 00:02:45)
• Prioritizing Security Controls (00:02:52 - 00:04:24)
• Key Frameworks for Security (00:04:58 - 00:06:22)
• Common Vulnerabilities and Breaches (00:06:22 - 00:08:25)
• Advice for Internal Auditors (00:08:25 - 00:11:10)
• Compliance and Regulatory Frameworks (00:11:15 - 00:14:05)
• Internal Auditors’ Role in Security (00:14:05 - 00:17:11)
• Final Advice for Internal Auditors (00:17:11 - 00:17:32)

• NIST Cybersecurity Framework
• General Data Protection Regulation
• PCI Data Security Standard

Follow All Things Internal Audit:

Apple Podcasts
Spotify
Libsyn
Deezer

In this episode, Frontier Foundry Co-founder and COO, Nick Reese, delves into the groundbreaking world of quantum computing and its game-changing potential for auditing. Discover how this cutting-edge technology could revolutionize the profession and learn practical tips on how internal auditors can stay ahead of the curve.

Guest:

Nick Reese, co-founder and COO of Frontier Foundry & former director of emerging technology at DHS

Frontier Foundry Website

hello@frontierfoundry.com

Host:
Lynn Moehl, director of internal audit and chief audit executive at The IIA

Key Points:

• Introduction to Quantum Computing(00:00:02 - 00:00:21)
• Quantum Computing’s Impact on Auditing(00:00:54 - 00:02:47)
• Data Security and Cryptography Risks(00:03:2 - 00:06:22)
• Opportunities with Quantum Technology (00:07:41 - 00:08:54)
• Resources for Staying Informed (00:10:23 - 00:10:43)
• Practical Steps for Auditors (00:06:32 - 00:07:07, 00:10:15 - 00:11:48)
• Current State and Future of Quantum Computing (00:02:54 - 00:03:08, 00:14:44 - 00:14:49)
• Workforce Education and Preparation (00:18:12 - 00:19:34)
  
  

Resources Mentioned:

• DHS Post-Quantum Cryptography Roadmap
• National Institute of Standards and Technology (NIST)
  
  

The IIA Related Content:
Interested in this topic? Learn more about the role of internal auditors in providing organizations assurance for emerging technologies here.

Visit The IIA's website or YouTube channel for related topics and more.

All Things Internal Audit: Fraud Podcast
"Playing the Fraud Card"

Listen to The IIA’s new Fraud Podcast brought to you by All Things Internal Audit. The Fraud Podcast provides fictionalized accounts of real-world frauds featured in Internal Auditor magazine’s Fraud department.

In the latest episode, City Auditor Michelle Martinez uncovers a gift card scam orchestrated by Jonathan Erick, a former City of Sommerville employee, using city funds. Martinez's keen auditing skills reveal Erick's misuse of purchase cards, leading to his arrest and highlighting the importance of robust internal controls. Listen to “Playing the Fraud Card.”

IIA members can access bonus content in the form of lessons learned by reading the full Fraud article.

Available now on all major podcast platforms and our Youtube channel.

All Things Internal Audit Tech:
AI Governance & Ethical Considerations

In this episode, hear from industry thought leaders about governance and ethical considerations of artificial intelligence usage in the internal audit profession. Experts discuss strategies to mitigate risks of sensitive data disclosure in public AI tools and emphasize the importance of governance and monitoring in AI implementation. They address ethical concerns, including preventing AI-generated risks and ensuring safe AI practices in applications involving human safety.

• Mitigating Risk of Sensitive Data Disclosure
• Governance and Monitoring in AI
• Importance of oversight and ethical auditing practices
• Preventing AI Hallucinations and Risks
• Strategies for ensuring ethical AI outputs through human intervention.
• Ensuring Safe AI Practices
• Addressing ethical and safety concerns in AI applications.

Speakers:

• Brian Willis, LBMC senior manager, cybersecurity advisor
• Charles King, Managing Director, Advisory Services, KPMG LLP
• Alex Gacheche, Head of Information Security, Meta
• Ivan Martinez, Managing Director, Internal Audit, Goldman Sachs
• Ethan Rojhani, Grant Thornton principal, risk advisory services
• Wes Luckock, Grant Thornton senior manager, AI, automation and analytics

This episode is available on our website on our YouTube channel.

All Things Internal Audit:
Key Takeaways from Occupational Fraud 2024: A Report to the Nations

In this episode, Mason Wilder, research director of the Association of Certified Fraud Examiners, discusses the findings and implications of the Occupational Fraud 2024: A Report to the Nations.

This conversation covers:

• Fraud detection and reporting methods
• Fraud profiles
• Impact of the COVID-19 pandemic on fraud
• Importance of fraud risk management
• Using reports to enhance fraud prevention efforts
• Value of fraud awareness training

This episode is available on all major podcast platforms or on our YouTube channel.

All Things Internal Audit: Risk & Cyber Audit Opportunities with AI

In this episode, thought leaders discuss the groundbreaking applications of AI in enhancing compliance programs, continuous risk assessment, and cybersecurity audits. Industry experts share real-world examples, such as the use of ChatGPT for PCI DSS compliance and dynamic risk scoring frameworks. Discover how AI is making audit processes more efficient, accurate, and cost-effective, and learn about the crucial role it plays in improving internal audit services.

• AI's role in developing and testing PCI DSS compliance programs
• Training AI models on organizational systems for tailored risk assessments
• Continuous risk assessment through AI-powered automation
• AI applications in scenario analysis using cross-departmental data
• Enhancing dynamic and efficient risk assessment processes with AI
• AI in cybersecurity audits for improved accuracy and cost reduction
• Leveraging AI for better communication and collaboration in audits
• Real-world examples of AI tools streamlining risk assessment and compliance tasks

Speakers:

• Brian Willis, LBMC senior manager, cybersecurity advisor
• Kunal Agrawal, Diligent customer success director
• Ethan Rojhani, Grant Thornton principal, risk advisory services
• Wes Luckock, Grant Thornton senior manager, AI, automation and analytics

All Things Internal Audit: Public Sector Considerations for New IIA Standards

In this episode, Pamela Stroebel Powers, the IIA director of professional practices, discusses the newly released 2024 Global Internal Audit Standards, with an emphasis on the public sector. She explores the changes, challenges, and resources available to help internal auditors adapt to these updates.

This conversation covers:

• Inclusion of public sector considerations
• Governance complexities in the public sector
• Strategies for meeting new standards
• Conformance readiness assessment tool
• Strategic planning and performance measures
• Regional and public sector-specific challenges
• Resources and support from the IIA for public sector auditors

This episode is available on all major podcast platforms or on our YouTube channel.