Session Description  

ITGC

The use of technology within companies today has become highly integrated within an their business and controls processes.  The use of IT is typically no

longer limited to an organisations’ internal users, as many implemented solutions that incorporate business processes that extent to include customers, vendors and in some cases regulators.  This has created a unique challenge for financial and IT auditors

to work in an integrated manner to plan and execute an effective and efficient financial statement audit. This presentation will provide an understanding of the identification of the risk and controls included within a typical IT audit plan, insights into

challenges faced by IT auditors in the completion of their work and finally the integration of the results of the IT audit findings within the overall engagement.  

Auditing the Cloud

As more and more organizations move to the Cloud there are unique audit challenges not present with traditional IT Audits. The Cloud provides organizations with many benefits but also introduces new risks and challenges. Auditors need to understand these risks, be familiar with cloud concepts and terminologies, and understand the shared responsibility model which includes some reliance on the cloud service providers. This session will focus on Amazon Web Services, shed light cloud service models, terminologies, risks, and key areas to focus on when auditing the Cloud.

Speaker Profile:

James knott, CA, CPA, CISA

Senior Manager, Risk Advisory Services, BDO Canada LLP

James is a Certified Public Accountant and Certified Information Systems Auditor with over 30 years of external and internal audit experience, primarily within the financial services, insurance and manufacturing industries.   

James’ as one of the leaders within the Risk and Advisory Services practice is responsible for assisting our Financial Assurance teams assess the overall design and operating effectiveness of the IT controls within the audit clients.  James also has significant experience assisting client in meeting their SOC1, SOC2, Sarbanes Oxley, NI52-109, and internal audit needs.   

PROFESSIONAL AFFILIATIONS

CPA Ontario

Information Systems Audit and Control Association (ISACA)

EDUCATION

B.B.A, Accounting, Lakehead University

Business Administration, Accounting, Conestoga College of Applied Arts and Technology

Andrew janusas, Cisa, cism, Crisc, cdpse

Manager, Cybersecurity, BDO Canada LLP

Andrew is a Manager in the Cybersecurity practice at BDO with over 18 years of industry and public practice experience in IT risk and security consulting, internal audit, operational and enterprise risk management, and systems administration and support. Andrew’s industry experience includes working at a publicly traded energy and utilities company, a leading telecommunications provider, a provincial health authority, a multinational pharmaceutical company, and a global financial services institution.

Andrew also has significant experience in assisting clients with their SOC1, SOC2, Sarbanes Oxley, NI52-109 needs.

PROFESSIONAL AFFILIATIONS

Information Systems Audit and Control Association (ISACA)

High Technology Crime Investigation Association (HTCIA)

CERTIFICATIONS

Certified Data Privacy Solutions Engineer (CDPSE)

Certified in Risk and Information Systems Control (CRISC)

Certified Information Security Manager (CISM)

Certified information Systems Auditor (CISA)

Certified Computer Forensic Examiner (CCFE)

Certified Hacking Forensic Investigator (CHFI)

Please Note:  There is a cancellation policy in effect