Leadership · Insight · Knowledge
Welcome to the Institute of Internal Auditors New Zealand, the professional body for internal auditing
Our theme conveys the increasing reliance on digital technology and the rise of cyber threats, organisations must adapt and evolve their risk management and assurance practices to stay ahead of the curve. The phrase “new frontier” suggests that this is a constantly evolving and dynamic area and as Internal Auditors will need to be flexible and adaptable in our approach. The Education Day will highlight the importance of balancing risk and opportunity in the digital landscape, and the need for internal auditors to play a key role in ensuring their organisations are equipped to manage both. Tee Chow head’s the Internal Audit team at New Zealand’s largest developer and property manager, Kāinga Ora. He brings with him 15 years of experience in New Zealand and Singapore across diverse roles in internal audit, finance, consulting, corporate, and private and public sectors. This deep experience, at all levels of management and governance, has driven Tee Chow’s passion for Internal Audit advocacy, development and maturity. Tee Chow is looking forward to contributing to the Board and the future of the profession. Grace is an Assistant Manager at KPMG based in Wellington and has been an IIA NZ member since 2016. During this time, Grace has been involved in numerous events and brings enthusiasm and passion for internal audit. Her recent entrance to the profession means that she can bring new ideas and align the interests of those new to this profession to those with more experience. Grace has experience providing internal audit and advisory services to both public and private organisations and is a strong advocate for the value of internal audit.
Adam Boileau is an executive director at CyberCX, with 25 years experience in the infoSec industry. Outside of that, Adam is known as the cohost of weekly infosec news podcast Risky Business, and the frontman of Kiwicon, the NZ hacker conference. Topic: “From the Early Days of Computing to the Digital Age: The Evolution of Cyber Risk and Assurance, How We Got Here, and What the Future holds?” Cyber risk refers to the potential loss or damage that can arise from a failure in the security of an organisation’s digital systems and networks. This can include data breaches, cyber attacks, and other incidents that can compromise the confidentiality, integrity, and availability of critical information. Assurance, on the other hand, refers to the processes and controls that organisations put in place to mitigate cyber risk and ensure the security of their digital assets. This can include security audits, risk assessments, and other measures that are designed to identify vulnerabilities and ensure that appropriate controls are in place to mitigate them. The evolution of technology and the increasing reliance on digital systems and networks have led to a corresponding increase in cyber risk. This has been driven by a range of factors, including the growing sophistication of cyber criminals, the proliferation of new attack vectors, and the increasing interconnectedness of digital systems. To address these challenges, organisations have turned to a range of cyber assurance practices and technologies, including threat intelligence, vulnerability assessments, and advanced security controls. These measures are designed to help organisations stay ahead of evolving cyber threats and ensure the security and resilience of their digital assets. Internal auditors attending the speaker session on “From the Early Days of Computing to the Digital Age: The Evolution of Cyber Risk and Assurance, How We Got Here, and What the Future holds?” will gain insights into the historical development of cyber risk and assurance practices, as well as a forward-looking perspective on emerging cyber threats and technologies. They will learn about the increasing complexity and sophistication of cyber risks, as well as the various assurance practices and technologies that organisations use to mitigate these risks. By understanding the evolution of cyber risk and assurance practices, internal auditors can help organisations stay ahead of emerging cyber threats and ensure the security and resilience of their digital assets in the future.
Hugh Devereux-Mack is a Senior Advisor with CERT NZ, the government agency created to help increase New Zealand’s cyber resilience. With more than 10 years’ experience in the private sector, he uses this experience to help both businesses and individuals understand the cyber security environment they operate within. Topic: Stories from the trenches – CERT NZ will provide insights into the current cyber security environment based on their recently published 2022 Report Summary. This presentation will also to explore different lessons from businesses case studies that have suffered from cyber attacks before finishing with a practical exercise to help you understand how to check whether your password has been compromised. CERT NZ works to support businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents. We provide trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand. CERT NZ is a key component of New Zealand’s Cyber Security Strategy, contributing to the delivery of the Strategy’s vision of a confident and secure digital New Zealand.
As a Principal Cybersecurity Consultant, I am privileged to work with large and small organisations across New Zealand raising and fortifying their cybersecurity maturity by providing advice and guidance into system design, governance and risk based decision-making, supported by a Datacom team that includes some of the most highly qualified cybersecurity professionals in the country. Cybersecurity is a constantly changing and evolving domain, and our customers need dedicated professionals to help defend their organisations and data. By applying Zero Trust principles, our team help organisations to embed these security principles into their technology and architecture. My primary goal is to position Datacom as the go-to option for organizations that recognize cybersecurity as a critical part of their overall strategy. With 20 years of experience in both Cybersecurity and IT, I am well-versed in bridging the gap between business and technology. I have worked with a range of public and private sector agencies, giving me an understanding of both the measured, compliance approach of government and the quick and adaptable approach of the private sector.
Ramon has been practicing internal audit for more than 25 years across 11 countries. In 18 of these years, he led internal audit teams for large complex international organisations both in the private and public sectors. He is currently Chief Audit Executive and General Manager at Health New Zealand-healthAlliance. He has held this role since 2010 overseeing the growth of the internal audit function from 5 members serving 3 organisations to a current team of 12 looking after 7 organisations and along the way getting the IIA’s Team Excellence in Internal Auditing award. His lifelong passion is internal audit and developing high-performing audit teams. He constantly upskills staff, challenges the existing processes, and embraces new technologies. When trusted and respected, he believes internal audit can make a positive difference since its recommendations reach the highest levels in the organisation. A lifelong learner and at this stage of his career, Ramon is looking forward to freely sharing his vast experience and insights through mentoring (via the Auckland IIA mentoring pilot last year), training, coaching, and board memberships at not-for-profit organisations - such as the IIA. In his role as speaker in national conferences, webinars, and round-table discussions, he is hard at work ensuring that current and future internal auditors have the skills needed to become trusted advisers. He is prepared to do his part by networking with fellow auditors in securing the continued relevance of the internal audit profession in decades to come. Ramon is blissfully married with two lovely daughters who now can out-run, out-swim and out-ski him. He attended university in America finishing with an MBA then a Masters Degree in Accounting - with distinction. He is also a Chartered Accountant, a Certified Internal Auditor, an ACL Certified Data Analyst, and in 2017 was named Internal Auditor of the Year. Education day registration fees Members: $499.00
Exclusive of GST. This is a HYBRID event, we welcome you to register and attend in person or via video conference. For those attending an event face to face, the ticket price includes morning tea, a light luncheon, renowned speakers, AV and event management. If you are attending the event online, the ticket price includes renowned speakers, AV, online video conference connectivity and event management. *Further information relating to CPE and the IIA NZ Event and Attendance Policy
Venue: Intercontinental Hotel, 2 Grey Street, Wellington or online CyberCX Cyber Security Experts Topic: “From the Early Days of Computing to the Digital Age: The Evolution of Cyber Risk and Assurance, How We Got Here, and What the Future holds?” Cert NZ Topic: “Stories from the trenches” CERT NZ will provide insights into the current cyber security environment based on their recently published 2022 Report Summary. Principal Cybersecurity Consultant (Datacom) Topic: “taking a zero trust approach to organisational security” Chief Audit Executive and General Manager (Health Alliance) Topic: A proactive approach to risk — what risk profiling and risk controls need to be considered. How the risk culture of an organisation contributes to Cyber risk management. IIA NZ Facilitator IIA NZ Facilitator IIA NZ Facilitator Topic: How can we help protect organisations in New Zealand (private and public sector) from cyber risk in the future? * See below for further information relating to the interactive Round Robin Workshops and Case Study discussion A round-robin 30-minute education workshop is a format that allows for engaging and interactive learning. In this format, the audience is divided into three groups, and each group rotates between three different workshops, each lasting 30 minutes. The workshops are facilitated by an Internal Auditor and a speaker, who will present a case study topic relevant to the industry. The case study topic will be designed to provide a practical example of how the industry can effectively manage cyber risk and ensure the effectiveness of its assurance practices. The facilitator and speaker will encourage active participation from the audience and engage them in hands-on activities that reinforce the learning outcomes of each workshop. The round-robin format allows participants to engage in focused learning sessions and interact with multiple facilitators and speakers. This format provides a dynamic and interactive learning experience, where participants can learn from each other, share insights, and gain practical knowledge that can be applied in their role as internal auditors. Overall, the round-robin 30-minute education workshop is an effective format for internal auditors to gain practical knowledge and skills in managing cyber risk and ensuring the effectiveness of assurance practices. It provides a practical and engaging learning experience that can help participants stay ahead of emerging cyber threats and ensure the security and resilience of their organisation’s digital assets. Please note that by purchasing a ticket to the event, you agree to the terms and conditions outlined in this refund and attendance policy. Attendance for either session will provide 1 CPE per hour. A CPE certificate will be emailed to those registered following the sessions attended.Institute of Internal Auditors Education Day Wellington 2023
2 Grey Street, Wellington
Or Online
Education Day 2023 (Wellington)
Navigating the Internal Auditors New Frontier: CyberRisk and Assurance in the Digital Age
A Hybrid face-to-face and online event
Seize the opportunity, let us come together, and let us connect
Theme
Navigating the Internal Auditors New Frontier: CyberRisk and Assurance in the Digital Age
Our Hosts
Tee Chow Lee
IIA NZ Board member
Grace Nunn
IIA NZ Board member
Our Speakers
Adam Boileau
CyberCX (Cyber Security Experts)
Hugh Devereux-Mack
Senior Advisor (Cert NZ)
Christopher Miller
Principal Cybersecurity Consultant (Datacom)
Ramon Manzano
Chief Audit Executive and General Manager (health Alliance)
Registration
Non-members: $659.00
Wellington Programme
Wednesday 31 May 2023
9:00am
Introduction
9.15am
Adam Boileau
10.00am
Hugh Devereux-Mack
10.30am
Morning Tea & Networking
11.00am
Christopher Miller
11.30am
Ramon Manzano
12.00pm
Lunch & Networking
12.45pm
*Interactive Round Robin Workshops and Case Study Discussion
Cert NZ
1.15pm
*Interactive Round Robin Workshops and Case Study Discussion
Christopher Miller
1.45pm
*Interactive Round Robin Workshops and Case Study Discussion
Ramon Manzano
2.15pm
Panel Discussion/ Q&A
Cert NZ
IIA NZ Facilitator
Ramon Manzano
Christopher Miller
2.45pm
Concluding remarks
3.00pm
Event Ends
Additional Event Information
Interactive Round Robin Workshops and Cast Study Discussion
IIA NZ event refund and attendance policy for the event
CPE