Professional Networking Events

IIA NZ Topic: Learning From Disasters

The lessons learnt from Global financial disasters. Where was the internal auditor?

Presenter: Dr Keith Blacker

Keith joined the UK Institute of Internal Auditors in 1985 and has been actively involved in helping develop the profession, having being a past chairman of the South West district and a UK council member for three years from 2002 to 2005. A chartered accountant by training, Keith has a doctorate in operational risk management from Henley Management College. Keith co-authored "People Risk Management" with Pat McConnell and is currently Chair (of the trustees) of Valley Leisure as well as a Consultant and Trainer.

ISACA Topic: Quantitative Risk Assessment in Action: A Real Life Example.

Presenter: Bruce Edwards

Risk assessment basic principles don't necessarily change. Bruce will review a data driven risk assessment model developed quite a while back that could lend itself to continuous auditing in today's environment and help flag areas for a closer look. The model reviewed was first developed in the early 1990s to assess risk within the field offices of a life insurance company but the approach would work in any area given accurate definition of risk factors and access to data supporting these factors. The statistical approach taken was very accurate in pinpointing outliers that could (and frequently did) indicate inappropriate activity within a field office. The information developed was used to help with customising and targeting the annual internal audit plan and, as a true indicator of its utility, was adopted by operational management to aid them in there management of the field offices.

Bruce has over 25 years information security, audit and training experience in the public and private sectors including life insurance, health insurance, government, university and utilities sectors and has performed both operational and advisory roles.

Bruce is currently Manager, Information Systems Audit and Assurance, in Wellington. Immediately before moving to New Zealand from the U.S.A. in 2010, Bruce was the CISO at the University of Louisville, a position he held for nearly six years where he lead successful projects on eHealth security compliance, information security training and awareness, risk management and assessment, policy and standards redesign/adoption, business owner engagement, research facility security compliance and staff education, among many other efforts.

In the U.S., Bruce was a member of the Kentucky eHealth Network Privacy and Security Subcommittee, the Louisville Health Information Exchange, the Health Care Compliance Association (HCCA) and the Health Information Security and Policy Collaboration Project (HISPC). He is President of ISACA's Wellington chapter and has been involved with ISACA boards/committees first in Louisville, Kentucky and then in Wellington since 1999. He has spoken or instructed at National and International Conferences or events in New Zealand, Australia and the United States from 2005 to the present on implementing information security programmes, practical information security policies and standards, and other audit, risk and compliance topics.

Bruce completed his Masters in Public Health in 2010 and maintains CISM, CISA, CRISC, CIA and Prince2 Practitioner qualifications.

Register now!