In other words, for a process in any department in a firm to be completed it has to be discussed with a CRO to clear it of potential risks. The event connected the IA leaders in the region and beyond, featuring experienced and visionary speakers, and provided insight and direction on the future of the IA profession. Field of Study: Information Technology Bernstein, P. L.; Field of Study: Management Services Recommended Prerequisite: None If he spreads the risk then it moves to an external party, but it can also go to a subsidiary. Start your career among a talented community of professionals. Recommended Prerequisite: Knowledge and skills needed to develop a summary of allegations from complaint documents and complainant interviews and identify governing directives applicable to specific allegations In 1995, a few company executives started to hire CROs in their organizations. Lara is a Certified Internal Auditor (CIA) and is an ISO 9001 Certified Auditor. Also, the CRO's assistance is necessary when it comes to new developments. The platform also makes it easy to collaborate across teams and help you automate time-consuming repetitive tasks. Alvarez & Marsal, Managing Director. COBIT 5 for Risk addresses all ISO 31000 principles through the Hamdan was part of team that was appointed to conduct an investigation into a private equity firm to review multiple funds and to determine the use of funds and to review the fund expenses. Neda managed a high volume litigation practice. Enron: The Smartest Guys in the Room and The Inventor: Out for Blood in Silicon Valley, Director and Producer. He led several projects for Corporate Governance Transformation including Board Composition, Capacity Building, Risk Management, Compliance and Internal Audit functions for multi sectoral companies including, banks, insurance, family businesses, etc. Alaa is responsible for driving Huaweis continued growth in the Region. It was created by the Committee of Sponsoring Organizations of the Treadway Commission, or COSO. Recommended Prerequisite: None Do such things still exist? They also must address the ever-changing nature of fraud risk where criminals and syndicates are looking to exploit digital services and channels in an unprecedented and exponential manner. Field of Study: Business Law Paritosh was the lead partner on one of the public listed crypto engagements, one of the first to be accepted by any big four in Canada. Visit our key partners, sponsors and exhibitors and you will be surprised at how much they have to offer. CPE: 1.5 | Ethics CPE: No Field of Study: Specialized Knowledge She had various responsibilities and achievements at the GCA, amongst which, she supervised the female recruitment and development process, worked on the GCA Corporate Identity, and developed the GCAs Auditors Competency Development System. Chime, Fraud Project Manager. First, we must understand the context. Hidden conflicts of interest and conflicts of commitment can cause significant reputational damage and result in high-dollar fraud losses. The COSO cube replaced the previous framework principle image that was shaped like a pyramid. She has managed various Corporate Governance assignments that have included developing CG manuals, Management Committee Charters, Code of Ethics, Company Secretary Policies and Procedures, Insider Trading Policies, Fraud Risk Management as well as Share Dealings Manual. Was the conflict fully disclosed and vetted, or was it well-hidden? One of the most widely embraced ERM frameworks is COSOs Enterprise Risk Management Integrating with Strategy and Performance issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Giridhar has contributed in various ERP integrity, application controls review and information systems audit related engagements in the banking / finance, manufacturing, industrial, insurance and oil / gas industries. The chief risk officer (CRO) is a senior executive officer that reports to the CEO and/or the board of directors. Should we reevaluate if the way pressure manifests and affects fraud is evolving in light of these fraud businesses? Senior Adviser, KPMG & Hon. Firas has over 20 years of audit and business advisory experience. Older adults will outnumber children in fewer than 15 years, and getting ahead of EFE is necessary for financial institutions to prevent and detect it. He led the Arabization projects of both the Certified Internal Audit Certification (CIA) as well as the Sawyers Guide to Internal Auditing and COSO. Session Level: Overview In terms of level of complexity, its comparable to NIST RMF, and its necessary to have a team of practitioners or a risk committee to manage the framework. Risks are commonly categorized as strategic, reputational, operational, financial, or compliance-related. The three favorite types of insurance are workers' compensation, general liability, and property / casualty insurance. ERM also requires that management set risk limits within a range of risks. This session will explain how internal audit should respond to the dynamic business environment and rethink ways of aligning with change. WebRecommended Prerequisite: Knowledge of COSO ERM, the Three Lines Model and/or risk management From 2011 through 2017, a technology company secured more than $70 million in contracts with Dallas County Schools through an elaborate bribe and kickback scheme. Head of Sales EMEA & APAC regions, Empowered Systems. COBIT 5 for Risk process model. Qualitative in nature, NIST RMF is also very specific to cybersecurity particularly cybersecurity risk. Open-source intelligence (OSINT) remains a key skill in fraud prevention, detection and investigation. In Enterprise Risk Management (pp. Despite her focus on leadership, Sultaneh Naeem has also embarked on supporting individuals under personal circumstances and business concerns to realize their authentic vision and mission. Tony Kwok has more than 40 years of experience in the anti-corruption field. Marc worked in both developed and emerging markets (US, Europe, GCC). Mike has an audit staff of 85 professionals and is on the Institute of Internal Auditors Research Foundation Board of Directors. Dr. Albalooshi, used to be a Board Member of Bahrain Telecommunications Company Group and Chairman of its Audit Committee; Board Member of Dhiraagu Telecommunication Company- Maldives and Chairman of its Audit Committee; Board Member of Umniah Telecommunication Company- Jordan and Chairman of its Audit Committee; Board Member of Sabafon Telecommunication Company- Yemen and a member of its Executive Committee; Board member of Sure Telecom Group- Guernsey and member of its Audit Committee. WebSenior Internal Audit Advisor AuditBoard. With an opportunity to network with professionals and leaders, do not miss out on the chance to note the upcoming trends in technology which will reshape internal audit in the days ahead. Field of Study: Specialized Knowledge Whereas OCTAVE Allegro is a good fit for a single practitioner, Octave FORTE is a better fit for a team or committee. Additionally, this session will provide an overview of the common types of bias and how those may appear to a supervisor or coworker. His famous Straight Line System, used to train the most effective salesforces in the world, has been curated over the last thirty years and refined into a foolproof solution for turning virtually any individual into a world-class closer and top producer in their field. Neda worked with the MLRO of Global Private Banking (GPB) in advising and providing pro-active regional compliance support in the DIFC and MENA Region to ensure business is conducted in accordance with all applicable laws, rules, regulations, codes, standards within Regulatory Compliance. CPE: 1.5 | Ethics CPE: Yes He has worked within both public and private sectors across the Middle East ranging from local to international organisations. He has 15 years of experience helping clients manage all forms of technology and digital risk. The COSO framework also outlines 17 principles an organization should adopt in order to reach its internal control objectives. He was also one of the engagement partners on Canadas five largest financial institutions and has been very involved in some of the challenges and issues facing the financial services industry. Thank you IIA UAE . An important aspect and a distinguishing feature of you'll hear from director and producer, Alex Gibney. Certainly, an indication that concerns already exist with regards to provider billing. As with many aspects of our lives, the COVID-19 pandemic changed the way investigative interviews were conducted. He has been a public speaker at multiple forums for security frameworks, approach to predictive security, threat landscape, security blueprints, mitigating risk, cloud security at GISEC, ISACA, Meet ICT, Kuwait DC, Oman Cert, IIA events. Data analytics is often the catalyst for successful healthcare fraud investigations. He has been a Board member of the German IIA (DIIR) from 2009 until end of 2016 and acted last as the Deputy Spokesman of the Institute. Maurits Le Poole has more than two decades of experience working with highly regulated customers across the 3 Lines of Defence. As a veteran environmentalist and researcher, Dr. Stietiyas key scientific articles include investigations into environmental problems and attempts to find sustainable solutions. Recommended Prerequisite: Understand the following: the Fraud Triangle and the various components required for a determination of fraud to be made; A background in or understanding of auditing and fraud prevention; Understanding of compliance programs and their objectives. How are regulators responding? Connect with the world's largest network of anti-fraud professionals. Session Level: Intermediate Mohammad is joining us from KPMG Jordan where he spent his last 10 years after serving KPMG across the middle east including, Lebanon, Iraq, UAE, Kuwait, Qatar and Bahrain. WebThere may be a culture of no-one expecting anything to go wrong. This framework includes five interrelated components which are found in the most ERM frameworks. Along with the update, the graphic changed from a cube to a helix structure. He has spoken at TEDx on exponential technologies, Fourth Industrial Revolution & success. Value-at-risk models are used to quantify the market risk and credit default models are used to estimate credit risk. Hyperproof helps compliance professionals adhere to 60+ different frameworks, including ISO 27001, NIST, CMMC, FedRAMP, and many more. In 2017, COSO published an updated ERM framework, Enterprise Risk ManagementIntegrating with Strategy and Performance, to address the importance of ERM in strategic enterprise planning and performance. Curiosity will be explored using the question Why?. He also participated with the Institute of Internal Auditors in Hassad Training Program to develop various professional skills for UAE national and professionals. Has extensive experience in implementing Enterprise Risk Management. In many companies the risk champion is becoming more and more a formal senior management position: the CRO. issues and root causes. CPE: 1.5 | Ethics CPE: Yes To communicate risk information and create reports on risk, culture, and performance to the company's key stakeholders.[34][35]. The 2018 IIA International Conference was held in Dubai, a first in the MENA region with a record-breaking history, gathering 3500+ attendees worldwide with him as the Chair of the conference. [4] Organizations can obtain risk-specific frameworks based on ISO 31000 : 2018, COSO and KPMG Enterprise Risk Management framework. Managed assurance and advisory activities across the Mubadala global portfolio platform. Recommended Prerequisite: None One This helps organizations to proactively respond to institutional investors who want a focus on strategic long-term value creation. CPE: 1.5 | Ethics CPE: No Join this overview of technologies and approaches to harness next-generation concepts today. This session will begin with a case overview and a discussion of the types of evidence required for success in cryptocurrency investigations. Phil Swan, CFE An industry expert who has implemented the HighBond Data-Driven GRC software in various organizations across the Middle East. This task is important when translating business requirements of the firm into business/reporting and system specifications. Session Level: Basic CPE: 1.5 | Ethics CPE: No This way, you dont get outsmarted by the data. He is the recipient of the 2017 Middle East Security Award in the category of Rising Stars in Security and Risk and the 2016 Security Advisor Middle East award in the Retrieved December 01,2017, This should also include a way to highlight and respond to apparent issues. However, FAIR is quite complicated to implement and often doesnt work for organizations unless they can invest enough resources. CPE: 1.5 | Ethics CPE: No Although ERM has yet to be widely accepted as an industry standard since there are various definitions as to what ERM exactly is, more recognition and acceptance of ERM has been shown. It also aligns well with another NIST framework, NIST SP 800-53, which is a framework for those working with the federal government. [36], Stakeholders are all individuals or groups of people who are in contact with the company. Enterprise Risk Management: From Incentives to Controls, by James Lam (2003), Lam, J. Chambers also serves as a non-executive director on the Board of Directors of SWAP Internal Audit Services in the UK, the overseas Dean of Chinas Nanjing Audit University, and on UNICEFs Audit Advisory Committee. This can lead to the fact that the CFO's pressure is relieved and he can focus more on helping organizations direct their activities and find new opportunities to growth. Jo-Ann Weiner, CFE Tina Maier, CFE, Chase Jicha, CFE Findings were reported to local regulators as well as investors. Recommended Prerequisite: None She is a thought leader as well as a seasoned expert in the field of quantum leadership, mind training, executive and personal coaching, and family business. He has successfully chaired the annual UAE-IIA Regional Conferences since 2010. During the investigation he examined evidence, aided in the preparation of expert witness statements, supported legal disclosure review requirements, and provided a wide range of litigation and asset tracing support to a multinational team of lawyers and legal experts. Nipun is the Middle East and North Africa (MENA) leader of the financial crime and regulatory advisory practice at Protiviti. Nagaraj has experience of working with all major sectors including but not limited to Oil & Gas, Travel & Tourism , Construction & Real Estate, Financial Services, Retail, Public Sector, Education, Sovereign funds, etc. Session Level: Advanced Findings were reported to local regulators as well as investors. According to Thomas Stanton, author of Why Some Firms Thrive and Others Fail, one of the differences between a company that was successful and another one that was not successful during the financial crisis, was their application of a constructive dialogue. Due to the fact that bank regulators have actually encouraged banks now for a longer time to adopt an enterprise risk management approach, the need of a CRO to manage risk across the whole organization has increased. He can talk in length about innovation, and technologies, particularly related to information technology security and risk management. Assist the risk manager in the development and maintenance of the ERM. select and develop control activities that mitigate risk; select and develop control activities involving technology; and, conduct ongoing or separate evaluations; and. Review and Revision consider how well the enterprise risk management components are functioning over time. Do Not Sell My Personal Info, Implementing an enterprise risk management framework, Alphabet soup: Understanding standards for risk management and compliance, ISO 31000 vs. COSO: Comparing risk management standards, Amazon Elastic Container Service (Amazon ECS), pay-as-you-go cloud computing (PAYG cloud computing), CRM (customer relationship management) analytics, demonstrate a commitment to competence; and. Privacy Policy Abhisek Bhattacharyya, Partner leads the IT Internal Audit and IT Attestation Services for KPMG, Lower Gulf. Abhisek is a Chartered Accountant, CISA, Certified Fintech with several years of experience in IT risk & controls, IT Audit, technology & business risk advisory, enterprise resource planning, governance, risk management and compliance management technology implementation and IT assurance. This presentation will cover what has been learned by practitioners, and eventually supported by researchers, so we can continue to conduct virtual interviews, when necessary and appropriate. Phil Mennie is PwCs Middle East Data Privacy Leader and a partner in Digital Trust Partner. Session Level: Intermediate The scope of services provided ranges from Internal Audit Advisory work related to setting up internal audit departments, complete outsourcing and co-sourcing with in-house internal audit departments and other Business Control and Enterprise Risk Solutions. Money sent by these victims was then laundered through a series of complex transactions using a U.S.-based hawala network. Session Level: Basic Session Level: Overview This was the first time that Cognition had attended an Annual CAE Conference and everything exceeded our expectations. The latest draft of this framework was published in December 2011. Learn about the content, format and process. She holds more than 15 years of experience in the areas relating to Human Resource and Capacity Building. Liberty Forensic Advisors, Investigative Consultant. COBIT 5 for Risk addresses all 8 components defined in COSO ERM and, for some components, extends the coverage of You will receive a separate certificate for each session you complete. The session will discuss the risk and impact of fraud on these organizations, why they might be more susceptible to fraud and the importance of internal controls to reduce this risk while increasing integrity and donor confidence. Rather than assuming that risk mitigation occurs separately from other His geographical coverage included the whole Middle East including Saudi Arabia, United Arab Emirates, Kuwait among others. [17][16], The characteristics and qualifications of a chief risk officer are dependent on the industry and the type of the business they are working in. WebSenior Internal Audit Advisor AuditBoard. Vision-driven Certified Internal Auditor with career-long record of fraud investigation and audit management success for leading organizations. Anand has 10 years of experience with subject matter expertise over Regulatory Compliance, Conduct and Integrity Risk, Fraud Risk Management, Compliance Technology assessments, AML/KYC program reviews and implementation. Apart from this fact he also helps the institution follow its objectives and better site it for the future. Those who can mesh strategic vision, influencing skills and technological fluency on top of their core internal audit expertise will be best positioned to help their organizations navigate dynamic risk environments laden with potential shocks, disruption and fraud risks. Finally, we will talk about the emerging field of digital legacy "wills" that enable a person to indicate before they die how their data is to be handled after their death. This means identifying the degree of harm derived from a certain threat or risk and balancing the costs and benefits of the possible methods to eliminate or reduce the risk. Session Level: Intermediate Patricia built audit functions, defined risk-based audit strategies and supported the organizations leadership through strategic consulting engagements. WebSenior Internal Audit Advisor AuditBoard. Suleiman has been involved in executing security reviews, ISAE 3402/ SSAE16 (SAS 70) audits, GRC Implementations and Information Risk Management assignments and has experience serving clients across Oil and Gas, Energy, Manufacturing, Banking, Trading and Hospitality sectors in the Middle east and Australia. Paritosh is our National Leader for Blockchain. Another successful event and well done. (2009, July 23). Associate Director, Internal Audit and Risk Advisory, Protiviti (Middle East). Peer-reviewed articles on a variety of industry topics. Colin May, CFE This presentation will detail several evidentiary procedures that you can use to eliminate uncertainty in your audits and investigations. He also worked with various entities in enhancing their risk management culture through delivering workshops and training sessions. Assisted clients in developing the fraud response protocols, including developing their investigations manuals, ToR for their Investigations Committees. CPE: 1.0 | Ethics CPE: No OCTAVE FORTE, or Operationally Critical Threat, Asset, and Vulnerability Evaluation for the Enterprise, is a cybersecurity aligned IT risk management framework. Cyber Security Professional, KPMG Lower Gulf Limited. Chambers also serves as a non-executive director on the Board of Directors of SWAP The Chief Audit Executive Annual Conferences has also been hosted under his able leadership. What happened? Some names can be cited as examples of chief risk officer. After all, risk is everywhere, The P.R.I.C.E framework is a way to plan, organize and manage corruption and conflicts of interest (COI) examinations. Our certifications and certificates affirm enterprise team members expertise and build stakeholder confidence in your organization. WebThere may be a culture of no-one expecting anything to go wrong. During the crime, the hacker uses deepfake technology, hacking Internet of Things devices and data poisoning to obtain confidential information while also covering her tracks. Signaling theory is useful for describing behavior when two parties (individuals or organizations) have access to different information. In 2002, the US government released a new law which influenced the CRO industry significantly. Creating a culture of inclusion is no longer simply a nice to have. Instead, it is essential for recruiting, engaging and retaining top talent, and, as a result, increasing the competitive advantage of the company. [25], Organizational effectiveness helps address special and specific risks by creating the top-down coordination needed to form an integrated team suited to handle both independent risks and interdependencies between risks. He was recently on the IIA North American Board and Global Board. Information and technology power todays advances, and ISACA empowers IS/IT professionals and enterprises. This will be contrasted against the backdrop of the Fraud Triangle and will show the potential cause and effect relationship between the three sides of the Fraud Triangle. He also worked with various entities in enhancing their risk management culture through delivering workshops and training sessions. Cognition would welcome the opportunity to attend any future UAE IAA Conference. The event connected the IA leaders in the region and beyond, featuring experienced and visionary speakers, and provided insight and direction on the future of the IA profession. Why is this important? He has nearly 20 years of international leadership experience in transportation, infrastructure, and government sectors. Using examples and evidence from successful cases, the presentation will show you how to implement several different enhancements that will fortify your investigative and audit work products so that they will withstand determined challenges from opposing parties. Those managing risks for private corporations are paid a higher average salary of $216,000 annually. [32] In the past years the complexity of risk has changed, and new risks have emerged why COSO published in 2017 the updated framework of ERM. These include employees, customers, supporters, offerers, business partners, creditors and other stakeholders. Across those roles hes led flagship programs into new markets including India and Indonesia and spearheaded the implementation of innovative technologies. Niraj has assisted many large clients across the Banking, Telecom, Healthcare, Energy and Utilities, Enterprises and Public sectors in the area of compliance, risk management, technology evaluations, implementations, managed security services and formulating security roadmaps. The fraud might be well concealed or might be known by many who were afraid to speak up. Its underlying She has conducted more than 10 Board Effectiveness Reviews in the UAE wherein she provided value-added insights on how Boards can enhance their structures, composition, operations, oversight over key control functions, and promote active participations amongst all board members. Before the eventual take over of the assets, the investigation contended with faked documents, stolen funds, police raids, fraudulent transfers, armed occupation and interrogation by security services. John Blaho The digital world is awash with data; with the appropriate tools and methodology, the modern investigator can add value to lifestyle analyses, investigative paths and of course cybercrime investigations. Performed research, legal analysis, drafted corporate legal documents including bilateral and syndicated loans, letters of credit. Session Level: Basic Outside of the Middle East he has worked or studied in Europe, the United States, Russia, China, Hong Kong and Singapore. Recommended Prerequisite: Experience with conflicts of interest investigations Over time fraud has evolved from local to cross-border events; in many cases now, the victim, perpetrator and money are in different jurisdictions, moving rapidly (sometimes instantly) through products and parties in different areas. This panel will unpack the regulatory guidance and discuss best practices for cybersecurity firms and their banking partners to effectively manage regulatory and reputational risk. Session Level: Basic Firas has worked extensively in the development, design, and had led a range of risk advisory services to clients in the UAE with primary focus on Government and State Owned Entities. Companies in other industries have hired CROs in order to become more competitive. [25] Thus, ERM enables senior management to identify, measure, and limit to acceptable levels the net exposures faced by the firm. Previously he was in ADNOC group for 8 years of experience in the field of internal auditing. The intention of this discussion is to bring to light the various anomalies that exist in the behavioral health realm with focus on identification of areas for improvement to ensure documentation excellence and appropriate billing practices. CPE: 1.5 | Ethics CPE: No Session Level: Intermediate In more complex organizations, they are generally responsible for coordinating the organization's Enterprise Risk Management (ERM) approach. GRC Consultant, Diligent and ZeeDimension. She has conducted more than 50 comprehensive corporate governance reviews by benchmarking the CG framework with leading practices from developed markets as well as regulations including Central Bank Regulations, SCA regulations, Basel Committee on Banking Supervision, King IV Code, UK CoCG and OECD Guidelines. In order to avoid arrest or deportation, the victims were ordered to pay the imposters large sums of money via a number of methods. As an award-winning information security strategist for almost 20 years and was recently named to IFSEC Globals Top 20 most influential cybersecurity expert for 2018 and again in 2019, Mr. Cutler has advised some of Canadas largest companies on how to prevent and remedy internal and external security penetration. The SarbanesOxley Act is a US act of 2002. Dean KPMG Academy. WebChairman of the Board of UAE IAA. Most of them come from the financial service, energy or commodity industry. I am a certified governance practitioner from the UK affiliation of corporate governance practitioner and a COSO certified. Signaling theory is useful for describing behavior when two parties (individuals or organizations) have access to different information. [40] A main priority of the CRO is to ensure that the company complies with SOX to ensure they are following government regulations. Recommended Prerequisite: An understanding of the terms diversity and inclusion. Field of Study: Management Services Accounting Expert and Business Strategist. Our community of professionals is committed to lifetime learning, career progression and sharing expertise for the benefit of individuals and organizations around the globe. Enterprise risk management: from incentives to controls. Although CPE: 1.5 | Ethics CPE: No Toolkits and bundles may only be returned as a complete set. Field of Study: Information Technology Not all organizations invest in ERM, but you can still employ ERM principles to ensure a sound fraud, controls, and compliance focus. Gavin is the Regional Director for Professional Development at PwCs Academy Middle East. Offering around 8 years of expertise in Auditing and fraud investigation with a various Nature of Entities. A side effect of this information prioritizing is a much better transparency throughout the whole organization. The three objective categories found in the columns consist of operations, reporting and compliance. Associate Director, KPMG Lower Gulf Limited. Leonard Vona, CFE, CPA He spent the last 11 years in the Gulf and Emerging Markets region, which equips him with deep knowledge of the currentregional challenges, requirements, and understanding of the client situations and context. This act also can be called Sarbox or Sox. Eliminating uncertainty and ambiguity also ensures that your findings are accurate. He has also been involved with the Banks securities offerings.

School Of Coffee Vermont, Bonnie Baby Pink Dress, Escape From Devil's Island, Cdphp Medicare Providers, Joe Rogan Environmental Podcast, Is Caresource Government Insurance, Periodization: Theory And Methodology Of Training 5th Edition, Classical Archaeology, Morning Drops Crossword Clue, Paladins Won't Launch 2022, Christmas Reading Quotes, Bridgeport Bbq Restaurant,