When: December 01, 2021 - 0800-1630
Registration: Webex Registration
CPEs: Up to 8
Handouts: Will Be Uploaded When available
Topic 1 - 5 Critical Elements for Quality Questions
Great auditors and fraud professionals must be able to ask good questions. Battling difficult clients while trying to overcome our own insecurities often leaves us with unanswered questions and incomplete projects. What if I told you that you can improve your questioning skills with five simple changes?
In this session, participants will:
• Identify and discuss the five elements of effective questions.
• Understand the power of questions.
• Describe and avoid the barriers to asking good questions.
• Utilize a five-step approach to ask better questions, get better answers, and perform better audits.
Topic 2 - Making Remote Auditing Work
We’ve been thrust into the world of remote work. Which means it is a perfect opportunity to take advantage of operational efficiencies when you use technology effectively.
The 1 hour course explores a few tools and techniques that can help you win at remote auditing. Topics covered include
• Boosting morale for remote workers
• Collecting audit evidence in a remote environment
• Building trust and relationships in a remote environment
Topic 3 - Introduction to Active Listening for Internal Auditors
People often confuse the physical act of hearing with the emotional art of listening. The modern educational system emphasizes speaking and writing, but does not teach the important skill of active listening. When you genuinely listen you show respect, create trust, and develop rapport.
Active listening also helps you
1) identify and solve problems,
2) increase your knowledge and
3) avoid misunderstandings
By the end of this session, participants should be able to:
Define Active Listening
Explain why you should care about active listening
Explain why we listen
Identify what's stopping you from actively listening
Explain the listening styles
Identify and explain listening strategies
Speaker: Robert Berry, CPA, CIA, CISA - President, That Audit Guy
Robert Berry, CPA, CIA, CISA, is the President of That Audit Guy, a consulting and training company. He helps improve people, who in turn improve processes, which improves profits. He is an international speaker, corporate trainer and writer. He specializes in active listening, asking questions, making remote work more efficient and better business writing. He is the author of three books, including Creating Wonderful Workpapers and Ask Better Questions, Get Better Answers, Perform Better Audits,, along with 100+ articles on audit and life. You can find him hanging out on LinkedIn or www.thatauditguy.com.
Afternoon Session: Cloud Identity Management, Hacks and Countermeasures
As organizations expand their multi-cloud environments, managing permissions in the cloud becomes increasingly complex. Permissions in the cloud are being granted based on guesswork, admin permissions are difficult to understand, and every cloud environment is growing like a carbon life form. All of this has contributed to the attack surface being used by attackers to target cloud infrastructures. In this presentation, we'll discuss the Cloud Infrastructure Cyber Kill Chain to uncover attacks beyond the perimeter. We'll uncover aspects of cloud privilege escalation, lateral movement, alternate backdoors, and more. This will provide the basis for then discussing a new approach to managing permissions in the cloud and pursuing least privileges in a more calculated and automated way to eliminate guesswork and assumptions based approaches.
Speaker: Mike Raggo
Michael T. Raggo has over 20 years of security research experience. Over the years he has uncovered numerous vulnerabilities in products including Samsung, Checkpoint, and Netgear. His current research focuses on hybrid cloud security risks and threats. Michael is the author of “Mobile Data Loss: Threats & Countermeasures” and “Data Hiding” for Syngress Books, and contributing author for “Information Security the Complete Reference 2nd Edition”. His Data Hiding book is also included at the NSA’s National Cryptologic Museum at Ft. Meade. A former security trainer, Michael has briefed international defense agencies including the FBI, Pentagon, and Queensland Police; and is a former participating member of FSISAC/BITS and the PCI Council. He is also a frequent presenter at security conferences, including Black Hat, DEF CON, Gartner, RSA, DoD Cyber Crime, OWASP, HackCon Norway, and SANS. He was also awarded the Pentagon’s Certificate of Appreciation.