WEATHER POSTPONEMENT: This IIA Training Event, originally scheduled for February 10th, has been postponed due to weather.  It will now be held on February 18th, at the same time and location. 

See our Inclement Weather Policy for further details.

Join the Baltimore Chapter of the IIA for a day geared towards information technology issues facing the internal auditor.

Topics: Overview of SAS 70 Methodology - explore the history, interpretation and technical application of the AICPA’s SAS 70 and provide insight into SAS 70 methodology from both an internal and external auditor perspective.   As a result, attendees will gain the knowledge to identify when a third party service provider (Service Organization) should provide a SAS 70 report, the ability to facilitate a SAS 70 at one’s own organization, and the ability to evaluate findings in such a report.

IT General Controls and Data Privacy – This session will focus on IT audit considerations, implications and practical IT general controls audit skills.  This includes controls over program development and changes, access to programs and data and operations of computer systems.  It will also discuss the relation of IT controls to overall internal controls.  The session will also discuss requirements over data privacy in various business sections and what internal auditors should be aware of.

Speakers: Dan Burgoon - Port Solutions, Michael Hankin, - PwC, Hugo Teufel III - PwC

Time:  8:00AM to 4:30PM, (Registration starts at 7:30). Lunch from 12:00 to 1:00

Cost:  $150 members / $175 non-members

CPE:  8 Hours

Speaker Bio: Daniel A. Burgoon brings 9 years of experience in the IT Audit and Assurance fields to his role as President of Port Solutions, an IT Audit and Assurance Consulting firm that provides services to Fortune 500 Internal Audit departments, Office of Inspector Generals, and CPA firms.  Mr. Burgoon’s experience as an IT Audit & Security Consultant at KPMG, Senior IT Auditor & Operations Audit Manager at CitiFinancial, and IT Audit Project Manager at Legg Mason provides unique perspective gained through years of managing external and internal audit teams  in the private and federal sectors.  He is a strategic thinker, effective leader, and adept in finding simple and effective solutions to complex challenges.  Mr. Burgoon holds a B.S. in Management Science & Information Systems from the Pennsylvania State University, where he graduated with High Distinction, and has attained the Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), and Cisco Certified Network Associate (CCNA) designations.  He is an active member of the Institute of Internal Auditors, Information Systems Audit and Control Association, and the Association of Government Accountants. 

Michael Hankin is a Manager with the Systems and Process Assurance (SPA) group in the Baltimore office of PricewaterhouseCoopers LLP. Michael has over six years experience in risk based auditing with an emphasis on business and IT processes and controls. Michael has extensive knowledge of, and experience with internal controls assessments, gap analysis, and remediation procedures. During his career Michael has lead several major SAS No. 70 Audit engagements for clients within the Financial Services, Retail, and Technology and Communication industries. Further, Michael has lead SAS No. 70 and IT audits for numerous health insurance and health provider companies.

Additionally, Michael has been engaged on several major ERP (i.e., SAP, Oracle Financials, PeopleSoft) implementation projects and security configuration assessments, Sarbanes-Oxley audits, securitization and compliance reviews, and has served as a consultant on various internal audit projects, including Sarbanes-Oxley compliance and external audit preparation. Michael also has significant experience dealing with security and configuration controls within Mainframe, UNIX, Windows, and database environments. Michael is a Certified Information Systems Auditor (CISA).

Hugo Teufel III joined PricewaterhouseCoopers LLP (PwC) in April 2009, as a director in PwC's US Advisory practice, and serves as colead of the firm's privacy practice. Teufel, former Chief Privacy Officer for the US Department of Homeland Security, focuses on helping organizations with issues involving the privacy and security of data, cyber crime and corruption. He is based in PwC's McLean, VA (Tysons Corner) office and services a wide range of clients in matters of privacy compliance, security and identity theft assessment, privacy/security breach investigation and overall risk management strategies.

While serving as the Chief Privacy Officer for the Department of Homeland Security, Teufel was primarily responsible for privacy policy at the Department, reporting directly to the Secretary and Deputy Secretary. He testified regularly before various House and Senate committees and reported annually to Congress on the activities of the Department that affect privacy. Teufel was also a principal of the High Level Contact Group, a joint US/EU effort on transatlantic exchanges of data, and he regularly interacted with various European data protection authorities, parliamentarians and the European Commission.  From 2004 to 2006, Teufel served as the Associate General Counsel for General Law within the Office of the General Counsel at the Department of Homeland Security. Previously, he served as Associate Solicitor for General Law at the US Department of the Interior. He has worked with the Office of the Attorney General for the state of Colorado and law firms Hall & Evans, LLC and McKenna & Cuneo LLP. Teufel currently serves as a judge advocate in the Army National Guard.

Teufel graduated from the Washington College of Law of the American University and was the Senior Articles Editor of The Administrative Law Journal. He also holds a master’s degree in national security and strategic studies from the Naval War College. He is a member of the bars of Colorado and Maryland (inactive). Teufel also holds the Certified Information Privacy Professional/Government (CIPP/G) certification from the International Association of Privacy Professionals.