Audit Interactive has been cancelled

For more information about the cancellation of AI
please visit the "About" section of the website.


Program

 
Conference participants are eligible to receive a maximum of 20 CPE credit hours. The Association of College and University Auditors (ACUA) is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE sponsors. State boards of Accountancy have final authority on the acceptance of individual courses for CPE credit.  Complaints
regarding registered sponsors may be addressed to the National Registry of CPE Sponsors through its website: www.learningmarket.org.

Fields of study that qualify for Continuing Professional Education.

To download and print the Audit Interactive Program Schedule Matrix click here.

Sunday, April 5th

Monday, April 6th

Tuesday, April 7th

Wednesday, April 8th

4:00 PM - 7:00 PM
Registration Desk Open
7:00 AM - 8:00 AM
Breakfast
8:00 AM - 4:30 PM
Registration Desk Open
8:00 AM - 11:40 AM
A1: The Business of Higher Ed
Presenter(s): Sandy Jansen, CIA, CCSA, CRMA, Chief Audit Executive, The University of Texas at Austin
Kimberly Turner, CPA, Chief Audit Executive, Texas Tech University System

This session is ideal for new auditors or those new to the higher education environment. We will provide an overview of the higher education landscape, including an explanation of the different types of higher education institutions and how they operate. We will discuss various organizational structures of different audit functions and ways to ensure effectiveness, even in less-than-ideal situations. We will introduce the IIA Standards (GAGAS) and other authoritative sources that will guide your work.
 

After attending this session, participants will be able to: 
  • Demonstrate an understanding of the unique aspects of the higher education environment and how Audit can best add value within the organization.
  • Discuss ACUA’s resources to help connect new – or new to higher ed – auditors with peers, industry experts, and tools that will prepare you for success in their roles.
  • Discuss ways to “sell the value” and “get a seat at the table” with key members of the organization.
     
Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None


 
8:00 AM - 11:40 AM
B1: Auditing Title IX from a Title IX Perspective: A Productive Partnership
Presenter(s): Ashley Blamey, DSW, TItle X Coordinator, University of Tennessee

Christina Moradian, J.D., System Deputy Title IX Coordinator, The University of Tennessee System

Issues regarding sexual harassment and gender discrimination are taking center stage in our society and on our campuses. The consequences are well documented when workplaces and institutions fail to adequately address and prevent these issues. The aftermath of a scandal or a systemic failure has long-lasting affects that can undermine the mission of the institution and create insurmountable cost. The cultural shift has begun and society demands increased accountability for campus sexual harassment and gender discrimination.  College and University Auditors are at the forefront of this issue and can be the key to an institution’s Title IX success.  

After this session, participants will be able to:
  • Demonstrate an understanding of the laws and regulations that pertain to Title IX.
  • Explain the application of Title IX at an institution of Higher Education. 
  • Evaluate a Title IX program for compliance. 

Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None
8:00 AM - 11:40 AM
C1: The Trend is Your Friend. Or, Is it?
Presenter(s): Trevor Hughes, CPA, Senior Auditor for Data Analytics, Virginia Tech
 
How many times has someone asked “What’s the trend?”  Sure, you can right click and add a trend line to an Excel chart.  It shows you the trend, but is it a usable piece of information?  What if you have a value that looks like it is far away from that line?  Is it really something odd?  By understanding Linear Regression, you can tell if values fall into a reasonably predictable pattern.  Knowing this may assist in selecting a good sample, determining the basic risk of a set of transactions, or in determining if a new transaction fits the established pattern. This session explores the application of linear regression to analyzing audit date.  Using Excel, it explores how to create multi-variable regression models, how to determine the effect of each variable, how to evaluate the strength of the model, and how to apply what you learn from the process to better plan and perform audits.  

After attending this session, the participant will be able to:
  • Build a regression model. 
  • Identify the effect each component has on the model. 
  • Apply the model to measure how well data fits the modeled pattern.

Knowledge Level:  Intermediate
Advanced Preparation:  Yes (required software needed on a laptop)
Field of Study:  Statistics
Prerequisites:  Experience in Statistics/Auditing       
 
8:00 AM - 11:40 AM
D1: Get in the Game: Auditing Athletics
Presenter(s): Justin Noble, CIA, Director of Internal Audit, Virginia Tech
 
Often called the University’s “front porch”, intercollegiate athletics presents an amazing amount of opportunity and risk.  In this session, we will endeavor to understand the multitude of areas in athletics that could be reviewed outside of the historically standard NCAA processes.  Designed as a highly collaborative session, we will work together as a group to identify an athletic risk universe, talk through ways to attack key areas, and leave with concrete audit steps that we can implement in our reviews.  

After attending this session, participants will be able to:
  • Establish an intercollegiate athletic risk universe applicable to their campus.
  • Create a detailed audit program for areas of high risk.
  • List several key resources and personnel that can assist in their reviews.

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Specialized Knowledge
Prerequisites:  None
8:00 AM - 11:40 AM
E1: Fundamentals of Financial Aid and Ways to Assist with Compliance Needs
Presenter(s): Ron Day, Director of Financial Aid, Kennesaw State University
The partnership between the Financial Aid Office and Auditors is vital in ensuring that compliance is properly addressed.  The delivery of financial aid funds is a collective responsibility for any college or university, and basic knowledge is essential in navigating the processes and procedures.  This session will approach basic knowledge and provide examples of how to note areas of need and how to employ corrective action plans.  

After this session, participants will be able to:
  • Distinguish between the various financial aid types and identify what could lead to compliance concerns.
  • Identify areas of need and explain how to be proactive in addressing these needs.
  • Design ways to obtain an accurate sampling that can effectively address compliance. 

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None
 
10:00 AM - 10:20 AM
Networking/Refreshment Break
11:40 AM - 12:40 PM
Lunch/Networking
12:40 PM - 4:20 PM
A2: Risk and Planning Approaches for 2020 and Beyond
Presenter(s): Sandy Jansen, CIA, CCSA, CRMA, Chief Audit Executive, The University of Texas at Austin
Kimberly Turner, CPA, Chief Audit Executive, Texas Tech University System
Become the perfect planner you want to be! Whether developing the annual audit plan or performing engagement level planning, this session is designed to introduce participants to various risk assessment approaches and planning tools and techniques. Participants will gain confidence in their ability to conduct risk assessments and use the information to develop audit plans and programs. Whether you have recently assumed a new role or would like a refresher to build upon your knowledge and skills, you will walk away from this session with tips and tricks to tackle the challenges of audit planning. 

After attending this session, participants will be able to:
  • Discuss strategies for gathering risk information and developing a risk-based audit plan.
  • Demonstrate effective interviewing techniques to gain valuable insights into operations and to facilitate effective risk-based conversations.
  • Describe the different methodologies to execute engagement level risk assessments.

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None
12:40 PM - 4:20 PM
B2: Fraud Evidence Collection and Advanced Interview Techniques
Presenter(s): Paul Coleman, Certified Fraud Examiner, MA Criminal Justice, Retired Special Agent, National Science Foundation, Consultant to Higher Education Institutions, Paul J Coleman, LLC
This session will cover evidence collection and advanced interview techniques in fraud. Our vision is to follow a Learn, Apply, Collaborate model where attendees learn about the methods of collecting evidence and interviewing techniques used during fraud investigations conducted at Higher Education Institutions.  The attendees will then have the opportunity to apply their knowledge in an interactive way (i.e. role playing, interacting with other attendees during exercises, and case studies).

After attending this session, the participant will be able to:
  • Describe where to go to collect evidence for a Fraud Examination.
  • Explain how to use the evidence collected to prepare for Interviews of key witnesses and subjects.
  • Demonstrate advanced interviewing techniques to conduct interviews to resolve Fraud Examinations.

Knowledge Level:  Advanced
Advanced Preparation:  None
Field of Study:  Specialized Knowledge
Prerequisites:  Experience in conducting investigations/special reviews related to resolving alleged improprieties
 
12:40 PM - 4:20 PM
C2: Human Subjects Research and Animal Care and Use
Presenter(s): Jamie Caldwell, MBA, Associate Vice Chancellor for Research Administration, Executive Director,  KUMC Research Institute, University of Kansas Medical Center
Lisa Hoebelheinrich, J.D., Associate Vice Chancellor and Chief Compliance Officer, The University of Kansas Medical Center
 
The conduct of human subjects research and animal research can present significant risks to an institution. This session is intended to demonstrate the applicable ethical and regulatory frameworks. The roles and responsibilities of an Institutional Review Board (IRB) and an Institutional Animal Care and Use Committee (IACUC) will be explored.  Particular attention will be paid to the identification of compliance issues and risks that can arise in the conduct of Human Research Programs and Animal Care and Use Programs within a college or university setting.

After this session the participant will be able to:
  • Identify key ethical principles and regulatory requirements that govern IRB and IACUC activities.
  • Demonstrate procedures for reviewing human subjects and animal research.
  • Recognize common compliance issues and risks that can arise in the conduct of Human Research Protection Programs and Animal Care and Use Programs.

Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Specialized Knowledge
Prerequisites:  None
 
12:40 PM - 4:20 PM
D2: Higher Ed Compliance - Where are We Now?
Presenter(s): Kimberly Ginn, CIA, Higher Education Practice Principal, Baker Tilly
Mike Cullen, CISA, CISSP, CIPP/US, Higher Education Practice Director, Baker Tilly
Adrienne Larmett, MBA, CRA, Senior Manager, Baker Tilly 
This interactive discussion, with real-time polling questions, will cover current and emerging trends in the Higher Education industry for internal auditing professionals. As scandals break, new regulations and other pressures are put into place by governmental agencies, accreditation commissions, and institutional boards, internal auditors must keep current on the risks and challenges in higher education. The presenters will cover a variety of hot topics, including:
  • Admissions integrity
  • Athletics
  • Campus safety
  • Cybersecurity and privacy
  • Financial pressures and affordability concerns
  • Foreign influence and intellectual property theft
  • Student wellness
The speakers will facilitate an engaging discussion on these topics, share case studies and experiences, and encourage audience participation. Come learn where we are and where we are going. 

After this session, participants will be able to:
  • Identify relevant trends in the higher education industry and understand how it impacts your institution’s internal audit program
  • Gain insight into external factors that affect your institution’s audit program and be knowledgeable enough to develop a plan of action to mitigate risk for specific external factors
  • Be able to confidently discuss emerging trends and possible compliance threats to your institution with key stakeholders

Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None

 
12:40 PM - 4:20 PM
E2: IT/IS Cybersecurity
Presenter(s): Jason Gould, CISSP, CISA, PMP, Managing Director, KPMG LLP
Barry Lyons, CISSP, Director, Advisory, Federal Cybersecurity Practice, KPMG LLP
 
Today organizations react when a cyber event transpires. This is too late, it’s “after-the-fact."  We have to move from reactive cyber resilience to pro-active cyber resiliency, where enterprises can stop threats before they exploit systems.  Enter Prosilience.  Prosilience incorporates new techniques and preemptive threat intelligence using machine learning and artificial intelligence convergence, delivering cyber resiliency to a level beyond what is currently performing today.  KPMG’s Prosilience provides the building blocks to transform organizations from a cyber-reactionary position to unparalleled pro-active cyber protection. The future of cybersecurity and the emerging trends and risks will also be covered. 

After attending this session participants will be able to:
  • Demonstrate actionable knowledge of how to move from a reactionary cyber state to a pro-active cyber position.
  • Explain how to move the cyber vulnerability paradigm, specifically,  how to move from knowing what each device does in an enterprise to knowing how the devices relate to one another and why that is so important, also how to move from knowing vulnerabilities to prioritizing vulnerabilities and the actual risk and impact before initiating a change.
  • Identify the difference between “hunting” and “intelligent hunting” in the concealed uncontested live-memory computer location; explain how to pro-actively protect un-patched applications and how to obtain threat information up to 51 days before a threat initiates an attack.
  • Describe the audit implication of Ransomware, Supply Chain, Industrial Control Systems (ICS), Automation, Cloud Mobility.

Knowledge Level:  Intermediate
Advanced Preparation:  None
Field of Study:  Information Technology
Prerequisites:  Some basic understanding of cybersecurity and/or IT systems protection
 
2:40 PM - 3:00 PM
Networking/Refreshment Break
6:00 PM - 7:30 PM
Dine Arounds
The host committee will lead attendee groups to local restaurants for a fun-filled evening of conversation and networking. Check out the restraurants below and sign up for a group when you arrive on site in Nashville at the registration desk!

Amerigos Italian Restaruant - www.amerigo.net 
Tavern Nashville - www.mstreetnashville.com/tavern
The Stillery Midtown - www.stillerynashville.com
Saltine Restaurant - www.nashville.saltinerestaurant.com
7:00 AM - 8:00 AM
Breakfast
8:00 AM - 4:30 PM
Registration Desk Open
8:00 AM - 11:40 AM
A3: Adventures in Interviewing and Fieldwork
Presenter(s): Sandy Jansen, CIA, CCSA, CRMA, Chief Audit Executive, The University of Texas at Austin
Kimberly Turner, CPA, Chief Audit Executive, Texas Tech University System
Do you want to produce high quality audit projects? Participants will learn about meeting audit objectives by conducting and documenting effective fieldwork. This session will include tools to improve critical thinking, focusing on techniques for reaching sound conclusions through value-added fieldwork. There will be plenty of group exercises and discussions to provide opportunities to share best practices and learn from each other. Participants will walk away with tips, tricks, and pointers to help fieldwork run smoothly allowing auditors to focus energy on adding value to clients. 

After attending this session, participants will be able to:
  • Describe proven techniques for the effective performance and documentation of fieldwork.
  • Identify and demonstrate critical thinking tools to boost your audit work.
  • Explain how fieldwork and review work together to ensure quality and consistency.

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None


 
8:00 AM - 11:40 AM
B3: Leadership and Soft Skills and the Auditor
Presenter(s): Kevin Robinson, CIA, CFE, Associate Vice President for Audit, Compliance & Privacy, Auburn University

This session will focus on ways that internal auditors can develop and improve leadership skills.  Leadership skills can be improved and developed with effort.  These skills are vital to becoming an effective internal auditor.  Improved leadership skills also increase your ability to influence others and grow professionally into larger roles.  Lastly, this session will discuss the importance of “soft skills” and how they relate to leadership, influence and improved communication.

After attending this session, participants will be able to:

  • Identify what leadership is, and is not, along with ways they can become better leaders.
  • Recognize influence principles and how they relate to leadership.
  • Describe interview and communication skills and explain how these skills can enhance a person's influence and leadership capabilities.

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Personal Development
Prerequisites:  None
 
8:00 AM - 11:40 AM
C3: Conquering the Data: Understanding, Obtaining and Preparing Data for Analytics
Presenter(s): Kate M. Head, CPA, CFA, CISA, CIG, Associate Director, University of South Florida
Diana Hidalgo, CIA, CISA, ACDA, ACP, Content Development Manager, Galvanize
 
Most auditors spend the bulk of their “data analytic time” trying to determine where their data is, what their data is, and how to get their data into a format that can be used for meaningful analysis.  The focus of this session will be on understanding, obtaining and preparing data for analysis using an interactive case based approach. Participants will help identify the objective(s) to be achieved by the analytics, the data needed to perform the analysis, and the approach to preparing data using higher education specific case studies.  ACL Analytics will be used to demo steps to be performed using data sets associated with each case.  This session is relevant to all data analytic tools.

After attending this session, participants will be able to:
  • Define what the objective of the analytic is and the data needed.
  • Identify data sources available, determine who the data owner is, and how to retrieve the data.
  • Specify which institutional data is relevant to the auditor's needs and determine what the data means and whether the data is reliable.
  • Describe methods to efficiently prepare data for analysis and to ensure accuracy and completeness of data sets is maintained.      

Knowledge Level:  Intermediate
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  Experience in Data Analytics
 
8:00 AM - 11:40 AM
D3: Leveraging Federal Audit Reports to Inform Research Audits
Presenter(s): Ashley Deihr, CPA, CIA, CFE, Higher Education Practice Partner, Baker Tilly
Matt Johns, CIA, Higher Education Practice Senior Consultant, Baker Tilly
This four-hour course will provide attendees with an in-depth, hands-on crash-course on how to read and understand Federal Office of Inspector General (OIG) audit reports, leverage reports to better understand current research compliance risks, identify and monitor red flags at your institution, and develop meaningful internal audit plans over research. We will utilize recent OIG reports to conduct a number of case studies to identify specific common audit focus areas, observations, recommendations, and institutional responses.

After this session, participants will be able to:
  • Provide an overview of available Federal audit materials including audit workplans, reports, and responses, and where to locate these materials.
  • Identify how to read and comprehend Federal audit reports, including how to “read between the lines” to better understand risks and observations.
  • Share best practices for identifying, assessing, and monitoring the risk that common Federal audit findings may occur at your institution.
  • Outline audit tools and techniques to address common Federal audit findings as part of your institution’s audit plan.

Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None

 
8:00 AM - 11:40 AM
E3: Using a Comprehensive IT Risk Assessment to Identify Audit Opportunities
Presenter(s): Tim Marley, CPA, CIA, CISSP, CISM, GSNA, CIPP/US, PCIP, Director, Risk Advisory Services, True Digital Security
In this session we will leverage your existing experience and knowledge in risk assessment and apply it to the world of information technology.  Prepare to step through a case study in how to complete a risk assessment for a complex University IT environment.

After attending this session, participants will be able to:
  • Utilize information security frameworks as a baseline for a risk assessment.
  • Evaluate different methodologies and options available for risk scoring, utilizing likelihood and impact.
  • Compare and contrast risks within an assessment and identify clear opportunities for an IT audit. 

Knowledge Level:  Advanced
Advanced Preparation:  None
Field of Study:  Information Technology
Prerequisites:  Experience in Risk Assessment      
 
10:00 AM - 10:20 AM
Networking/Refreshment Break
11:40 AM - 12:40 PM
Lunch/Networking
12:40 PM - 4:20 PM
A4: Revved Up Reporting and Fearless Communication
Presenter(s): Sandy Jansen, CIA, CCSA, CRMA, Chief Audit Executive, The University of Texas at Austin
Kimberly Turner, CPA, Chief Audit Executive, Texas Tech University System
Effective communication is a necessity in the audit business and is really the cornerstone of all our work. This session will include methods for developing audit reports that spur positive change and that clearly demonstrate the value of our work.  We will cover ways to enhance communication among audit teams, between auditors and our clients, and with senior leaders. The session will cover effective audit reports, the “dos and don’ts” of effective communication, and situational responsiveness in communication, using both discussions and collaborative work. 

After attending this session, participants will be able to: 
  • Identify and use tools for developing impactful audit reports.
  • Describe appropriate communication skills related to various constituencies.
  • Demonstrate and articulate the value of your work.

Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None

 
12:40 PM - 4:20 PM
B4: Fraud Case Studies and Emerging Trends in Higher Ed
Presenter(s): Sam McCall, PhD, CPA, CGFM, CIA, CGAP, CIG, Chief Audit Officer, Florida State University 
 
This session will provide a framework for identifying and investigating fraud from both an audit and investigate approach.  The COSO internal control framework will be discussed and used to demonstrate how each internal control element relates to case studies presented.  Standards for investigations will be discussed to include the difference between administrative and criminal investigations and the role of the auditor and investigator based upon powers within their respective office.  The presenter will share his experience in working with City and University police departments, State Attorneys, U. S. Attorneys, the FBI, and the Secret Service. 

After attending this session, participants will be able to:
  • Recognize the role of the auditor and investigator in administrative and criminal investigations.
  • Identify the fraud warning signs and what to do if management is suspected of committing fraud.
  • Determine how to establish a good working relationship and ways to assist law enforcement in criminal investigations.  

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None
 
12:40 PM - 4:20 PM
C4: Understanding the IT Perspective: Emergency Preparedness, Disaster Recovery, and Business Continuity
Presenter(s): Brian Markham, CISSP, CISA, ITIL Expert, CIPT, CCP, Chief Information Security Officer, EAB, Inc.    
James Purcell, CISA, CISSP, CCSK, PMP, ITIL, IT Audit Manager, University of Tennessee

 
Are you ready for the Zombie Apocalypse (or maybe just a broken water pipe)? In this session we will learn how to create and audit an IT Business Continuity Plan (BCP).  A well-designed BCP will help your institution deliver critical IT services during an unplanned disruption or a natural disaster. 

After attending this session, participants will be able to:
  • Describe the who, what, when, where, and why of BCP.
  • Develop a BCP using a case study and BCP templates.
  • Build a BCP audit plan with tips on executing the plan against our case study.

Knowledge Level:  Intermediate
Advanced Preparation:  None
Field of Study:  Information Technology
Prerequisites:  Experience in audit
 
12:40 PM - 4:20 PM
D4: How Robust is Your Academic Honesty Framework?
Presenter(s): Chris Garrity, MBA, CPA, CFE, CIA, CGMA, Director, Internal Audit, Saint Joseph’s University
Adrienne Larmett, MBA, CRA, Senior Manager, Baker Tilly 
 
While colleges and universities may be known for success in areas such as athletics, research or acclaimed faculty, the reputation of an institution is ultimately built upon its academic programs. In recent years, headlines in higher education have reported increased rates of cheating, inappropriate awarding of course grades or degrees due to a variety of reasons. Such instances create reputational harm for the institution which could negatively impact the institution’s standing with accreditation agencies, alumni or other potential donors. To protect the integrity and viability of an institution, leaders should consider the design and operation of policies, procedures, systems and other controls which safeguard the academic honesty of the institution.

After attending this session, participants will be able to:
  • Identify and understand key risks associated with academic honesty.
  • Recognize elements of an academic honesty control framework and apply those elements in an audit program.
  • Develop an audit approach to assess governance, oversight, and related processes of an academic honesty framework. 

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Business Management & Organization
Prerequisites:  None
 
12:40 PM - 4:20 PM
E4: Everything You’ve Ever Wanted to Know about Higher Education Insurance & Compliance
Presenter(s): Kathy Hargis, MBA, DRM, Associate Vice President of Risk Management and Compliance, Lipscomb University
 
College and university risk management professionals, like internal auditors, must navigate the length and breadth of an organization so the institution can safely and effectively achieve its education and research missions including the insurance portfolio. In this in depth session on insurance and compliance you will learn what internal auditors should know about insurance risks, how to determine if your institution has the right type and amount of coverage, insurance best practices that internal auditors could recommend to their institutions, real world insurance risk stories applicable to internal auditors, and take aways for internal auditors to implement or use soon after returning to their campuses. You will also get familiar with Clery Act/Title IX/Violence Against Women Act/Violence Prevention and Response or certain copyright issues and things to consider when beginning an internal audit of compliance.  Where do risk management and internal audit interests intersect?  Both internal audit and risk management build their programs on an assessment of the risk that could adversely affect institutions of higher education. The range of activities in which educational institutions engage creates an array of risks which is wider than found in most other industries.  Topics explored will include:
  1. Financing Risk and Insurance (Total Cost of Risk, Insurance, Purchasing Insurance,
      Property Insurance Valuation and Protection)
  2. Regulatory Compliance
  3.  Managing Incidents and Claims

After attending this session, participants will be able to:
  • Determine if your institution has the right type and amount of coverage. 
  • Describe insurance best practices that internal auditors could recommend to their institutions
  • Identify things to consider when beginning an internal audit of compliance.

Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Finance
Prerequisites:  None
 
2:40 PM - 3:00 PM
Networking/Refreshment Break
7:00 AM - 8:00 AM
Breakfast
8:00 AM - 11:30 AM
Registration Desk Open
8:00 AM - 9:40 AM
A5: Powerful Project Management
Presenter(s): Sandy Jansen, CIA, CCSA, CRMA, Chief Audit Executive, The University of Texas at Austin
Kimberly Turner, CPA, Chief Audit Executive, Texas Tech University System
Are your audit projects over budget? Is scope creep preventing you from delivering results? Are your audit reports stale because of project delays? Powerful project management techniques will help you overcome these challenges so you can provide impactful results and gain credibility with your clients. Whether you have recently started managing projects, or would like a refresher to build upon your knowledge and skills, you will walk away from this session ready to tackle the daily challenges of managing projects. 

After attending this session, participants will be able to:
  • Describe effective techniques for project management. 
  • Identify methods for setting priorities and staying focused on objectives.
  • Recognize scope creep prevention approaches.

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None
 
8:00 AM - 9:40 AM
B5: How to Cover IT Risks Without a Dedicated IT Auditor
Presenter(s): Tim Marley, CPA, CIA, CISSP, CISM, GSNA, CIPP/US, PCIP, Director, Risk Advisory Services, True Digital Security
 
In higher education, it isn’t uncommon to see decentralized or hybrid information technology structures with multiple data centers, complex networking strategies, resources outsourced to external providers and dozens of enterprise-wide applications.  All the while in an environment struggling with compliance requirements including FERPA, HIPAA, PCI DSS and DFARS.  This session will focus on strategies for addressing these IT Risks in a resource-constrained environment.

After attending this session participants will be able to:
  • Discover options for resourcing IT audit work utilizing other departments in a University setting.
  • Identify resources that provide IT education and learning opportunities for enhancing existing skillsets.
  • Utilize frameworks and tools that may be leveraged to complete IT audit work within the department, utilizing existing internal audit resources.

Knowledge Level:  Intermediate
Advanced Preparation:  None
Field of Study:  Information Technology
Prerequisites:  Experience in Information Technology     ​
 
8:00 AM - 9:40 AM
C5: SEVIS Compliance - Strategies to Consider for Auditing this Process at Your Institution
Presenter(s): David Terry, CPE, CFE, CIA, Director of Internal Audit, Portland State University
 
This session is designed to provide a summary overview of SEVIS reporting and compliance requirements for F-1 and J-1 visa holders.  Then we will take a deep dive into examples and strategies for auditors to consider for testing specific SEVIS compliance requirements.  Session examples will be based primarily on institutions that use Banner, however, the strategies covered in this session can be utilized at non-Banner institutions.  

After attending this session, participants will be able to:
  • Demonstrate an understanding of the Code of Federal Regulations on SEVIS for F-1 and J-1s.
  • Apply strategies on how to test for key SEVIS compliance requirements.
  • Identify other operational areas and controls to consider and analyze from SEVIS reporting data.

Knowledge Level:  Intermediate
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  Experience in auditing in higher ed
 
8:00 AM - 9:40 AM
D5: CAE/Audit Director Roundtable
Presenter(s): Ashley Deihr, CPA, CIA, CFE, Higher Education Practice Partner, Baker Tilly
Kimberly Ginn, CIA, Higher Education Practice Principal, Baker Tilly
 
This interactive roundtable will provide a forum for Chief Audit Executives and internal audit leadership to discuss the most meaningful and impactful opportunities and challenges facing their functions today. We will hold a facilitated discussion on relevant topics in higher education internal audit including internal audit’s role as a strategic partner, emerging and high risk areas and how internal audit can address these risks, and operational considerations to enable internal audit’s success. We encourage attendees to come ready to share concerns, challenges, best practices, and lessons learned with peers in an open and collaborative environment.

After attending this session, participants will be able to:
  • Provide an interactive forum for Chief Audit Executives to share best practices with peers and discuss strategic objectives and practices to enhance internal audit’s ability to provide value to the institution.
  • Identify emerging risk areas and how internal audit can help in these areas; specific risks discussed may include student health and wellness, sponsored research compliance and research integrity, and cybersecurity and privacy.
  • Discuss challenges and apply lessons learned to enable the operational success of internal audit; topics may include recruitment, succession planning, and the intersection of internal audit with ERM and compliance initiatives.

Knowledge Level:  Advanced
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  Current or past experience leading an internal audit function

 
8:00 AM - 9:40 AM
E5: The ABCs of ADA Compliance and OCR Resolution Agreements
Presenter(s): Marion Candrea, CIA, CFE, Manager, Audit and Advisory Services, Rutgers, The State University of New Jersey
Colleen Tedeschi, CIA, Senior Auditor, Rutgers, The State University of New Jersey
Whether you are in a private or public college or university, the Americans with Disabilities Act (ADA) on Higher Education of 1990 impacts all of our institutions. In fact, some of your schools may have already been named in a complaint filed with the Office of Civil Rights for non-compliance with ADA.  In this interactive session, we will provide a brief overview of the laws and regulations impacting our institutions and review some current complaints filed to discuss the components and outcomes of the resolution agreements. The group will take a holistic look at the direction that enforcement has gone with the introduction of new and ever-changing technologies.  Let us help your schools go from REACTIVE to PROACTIVE!


After attending this session, participants will be able to:
  • Locate applicable regulatory guidelines and resources to aid in auditing ADA compliance.
  • Recognize potential violations of ADA compliance, including an awareness of web content accessibility guidelines (WCAG).
  • Evaluate existing controls and identify process gaps or inefficiencies.

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Specialized Knowledge
Prerequisites:  None
 
9:40 AM - 10:00 AM
Networking/Refreshment Break
10:00 AM - 11:40 AM
A6: Navigating Ethical Dilemmas in Higher Education
Presenter(s): Kevin Robinson, CIA, CFE, Associate Vice President for Audit, Compliance & Privacy, Auburn University
Ethical dilemmas are common in higher education with the unique nature of our industry.  Understanding the common ethical risks encountered in higher education can help auditors in assisting their institutions through the maze of commonly encountered dilemmas.   This session will focus heavily (though not exclusively) on conflict of interest related issues along with looking at other hot topics that are ethics related.
 
After attending this session, participants will be able to:
  • Identify common ethical risks in higher education.
  • Describe common areas where conflicts of interest are found and ways they can be managed.
  • Explain how ethical dilemmas should be evaluated when giving advice on campus.


Knowledge Level: Basic
Advanced Preparation: None
Field of Study: Behavioral Ethics
Prerequisites: None

10:00 AM - 11:40 AM
B6: Empowering Owners to Eliminate Construction Overcharges
Presenter(s): Martin Howell, Principal, Fort Hill Associates     
Curt Plyler, CFA, CCA, Principal, Fort Hill Associates
Participants will learn the multiple phases of a complete construction audit and gain an appreciation of the potential costs savings which can be realized in each phase. Specific phases to be discussed include the pre-construction contract review, interim construction audit(s), and the construction closeout audit. Special focus will be given to the pre-construction phase as it ultimately defines owner expectations while establishing the contractual basis on which the follow-on phases are administered. The presentation will also include an overview of pertinent procurement/contract documentation, issues relating to a contractor’s construction cost proposal, an in-depth discussion of contractor labor and equipment charges, a review of contract insurance and bond costs, and contract change order costs. 

After attending this session, participants will be able to: 
  • Identify the nature of various construction contracts and recognize the inherent need for enhanced management processes to protect the owner's interests and control costs. 
  • Describe the steps involved with an effective auditing process for work performed under certain construction contract types.
  • Recognize the supplemental value of a construction contract audit relative to traditional project administrative roles performed by Facilities Management and/or Internal Audit staff. 

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None
 
10:00 AM - 11:40 AM
C6: Special Topics in Research
Presenter(s): Ashley Deihr, CPA, CIA, CFE, Higher Education Practice Partner, Baker Tilly
Matt Johns, CIA, Higher Education Practice Senior Consultant, Baker Tilly
 
This two-hour course will provide attendees with a targeted overview of auditing special topics in research with a particular focus on auditing research financials. We will discuss common compliance challenges with regards to the Office of Management and Budget's (OMB) Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance) and sponsor-specific regulations, identify audit techniques to provide assurance that these challenges are mitigated, and review how to identify red flags of non-compliance.

After attending this session, participants will be able to:
  • Define the Uniform Guidance requirements that are often subject to Federal audit scrutiny including: cost allowability, direct versus indirect cost charging, indirect cost rates/allocations, cost share/matching, service centers, program income.
  • Identify red flags of non-compliance and tips for monitoring and auditing these areas.
  • Discuss concrete internal audit methodologies for auditing sponsored research compliance in these areas.

Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Specialized Knowledge
Prerequisites:  None

 
10:00 AM - 11:40 AM
D6: Partner Successfully with University Peers while Performing Investigations
Presenter(s): Erin Egan, CPA, CIA, Senior Auditor, Rutgers, The State University of New Jersey
Don’t be intimidated by the word “investigation!” Through discussion of actual experiences, this session will provide an overview of: investigation procedures (scoping, research, documentation, interviewing); communication during an investigation; identifying units critical in the investigative process; and maintaining independence, confidentiality and relationships—while still communicating the mission of Audit. 

After attending this session, participants will be able to:
  • Demonstrate the knowledge needed to perform investigations as an auditor.
  • Identify situations that require communication and partnering with university partners.
  • Analyze investigation case studies. 

Knowledge Level:  Basic
Advanced Preparation:  None
Field of Study:  Specialized Knowledge
Prerequisites:  None

 
10:00 AM - 11:40 AM
E6: Establishing a Data-Driven Audit Culture – Our Grass Roots Approach for Success
Presenter(s):

M’Shiela Hawthorne, CIA, CFE, Auditor, North Carolina State University
Joe Oringel, CIA, CPA, Managing Director, Visual Risk IQ


 
Getting started with data analytics can be a challenge. Sustaining a successful start and continuing to innovate can be even more challenging. In this short, high-impact session, we will share examples of value-added data analytics and visual reporting that we’ve developed at NC State for several different business process areas. More than the “what”, we’ll also share the “how” these analytics have been built and describe the importance of tone at the top and the culture changes needed to help facilitate repeatable application of similar analytics for other audits.


After attending this session, participants will be able to:​

  • Explore the technical and non-technical skills needed to establish a data-driven internal audit culture.
  • Determine common challenges related to data acquisition and business domain expertise and learn how we've overcome these challenges at North Carolina State University(NC State) and across the UNC System.

  • Discover how we've established a community of knowledge sharing, including web-based resources to help throughout planning, data acquisition, fieldwork, and reporting.

  • Observe examples of thoughtful and innovative data-driven auditing, and how we've combined traditional data analytics and visual reporting to make an impact for our key stakeholders.


Knowledge Level:  Overview
Advanced Preparation:  None
Field of Study:  Auditing
Prerequisites:  None
6:00 PM - 7:30 PM
Opening Reception
Come for hors d’oeuvres and beverages while connecting with longtime ACUA friends and make some new ones before visiting area restaurants for dinner on your own.  Show your school pride by wearing your university/college emblazoned attire!
tracka
trackb
trackc
trackd
tracke