Auditing the Cloud: Risks, Frameworks, and Real Value

The Institute of Internal Auditors Presents: All Things Internal Audit Tech Charles King sits down with Kavin Anburaj from Meta to explore how privacy intersects with internal auditing. They discuss why auditors should care about privacy, key data risks, global regulations, and practical steps for auditing privacy programs. From core privacy principles such as transparency, consent, and data minimization, to lessons learned in cross-functional collaboration, this episode provides auditors with a roadmap for tackling privacy audits in an AI-driven world. HOST: Charles King, CIA, CPA, CFE, CMA AI and Internal Audit Leader, KPMG LLP GUEST: Kavin Anburaj, CISA, CIPP/US Internal Audit Director, Meta  KEY POINTS: Introduction [00:00–00:00:27] Why Privacy Matters for Auditors [00:01:18–00:02:04] Identifying Data with Privacy Implications [00:02:09–00:04:12] Core Privacy Principles [00:05:21–00:09:34] User Rights and Data Traceability [00:09:41–00:12:27] Auditing Privacy Programs [00:13:02–00:16:30] Lessons Learned from Auditing Privacy [00:18:10–00:21:18] Writing with Precision [00:21:22–00:23:18] Learning Resources for Privacy Auditors [00:23:28–00:25:33] Final Thoughts [00:25:42–00:26:40] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Auditing the Cybersecurity Program Certificate Global Perspectives and Insights: Cybersecurity Technology Hub Knowledge Centers: Artificial Intelligence Privacy and Data Protection: Part 3 2025 Financial Services Exchange Conference Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer

The Institute of Internal Auditors Presents: All Things Internal Audit Tech Sponsored by Grant Thornton Cloud security has become a top board-level concern and a permanent fixture on audit plans. In this companion episode to the Global Best Practices’ A Roadmap to Auditing Cloud Security, Adam Ross talks with Vik Rai and Aadesh Gandhre about the challenges of auditing in multi-cloud environments, regulatory requirements, and the importance of governance and shared responsibility. They explore skill gaps, third-party risk, frameworks, and practical approaches to building a phased cloud security audit program, helping internal auditors strengthen resilience and provide real value. HOST: Adam Ross, CIA, CISA Partner, Grant Thornton Advisors, LLC GUEST:Vik Rai, CISSP, CISA Managing Director, Grant Thornton Advisors, LLC Aadesh Gandhre, CISA, CAMS (Sanctions), ITIL 4, Certified Cryptocurrency Auditor, Certified in Cybersecurity Chief Audit Executive, DTCC KEY POINTS: Introduction [00:00–00:00:47] Why Cloud Security Matters Now [00:00:51–00:03:10] Board-Level Visibility and Audit’s Role [00:03:12–00:05:51] Regulatory Expectations and Frameworks [00:05:54–00:10:28] Skills and Governance at the Board Level [00:11:14–00:13:49] Shared Responsibility and Security Models [00:14:05–00:17:51] Resiliency, Outages, and Accountability [00:17:13–00:18:57] Starting a Cloud Security Audit [00:19:08–00:21:46] Upskilling Auditors for Cloud Environments [00:22:14–00:23:05] Cloud Security Posture Management (CSPM) [00:23:15–00:27:54] Phased and Risk-Based Audit Planning [00:29:07–00:35:42] Final Thoughts [00:37:02–00:40:43] Closing [00:41:28–00:41:46] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Global Best Practices: A Roadmap To Auditing Cloud Security Webinar: Hybrid Cloud Security: A Primer for Internal Auditors Tech: Control in the Cloud 2025 Financial Services Exchange Conference   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

All Things Internal Audit: Fraud Podcast "A Fraudster’s Second Act" Listen to The IIA’s Fraud Podcast, brought to you by All Things Internal Audit. The Fraud Podcast provides fictionalized accounts of real-world frauds featured in Internal Auditor magazine’s Fraud department.  In this episode, a once-trusted employee reemerges after prison with the same charm that once won over colleagues. But beneath the polished image, new schemes quietly unfold, raising the question: how far can fraud go before strong controls bring it to light? Access the full article here.Read the October issue here. Interested in more fraud-related topics? Earn CPEs by registering for The IIA's Fraud Analytics for Internal Auditors Certificate, available online and in-person. Chapters: Introduction to the Case (00:00:00) Part 1: The Generous Colleague (00:00:26) Part 2: A Fresh Start (00:02:22) Part 3: The Payroll Play (00:04:05) Part 4: Caught in the Net (00:05:28) Follow All Things Internal Audit: Apple PodcastsSpotify Youtube LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal AuditIn this special episode, hear from Manisha and Iresh Anarkat; a mother and son whose paths in volunteering highlight two sides of the internal audit pipeline. Manisha shares how chapter leadership builds community, skills, and opportunity, while Iresh offers a student’s perspective on discovering the CIA, promoting the profession on campus, and stepping outside his comfort zone. Together, they show why volunteering, whether two hours a month or leading a chapter, matters for today and tomorrow. HOST:Catherine Brown Associate Manager of Content Development, Producer, The IIA GUESTS: Manisha Anarkat, CPA Managing Partner, MNA FintTech Services President, IIA-Northern California East Bay Chapter Iresh Anarkat Student, California Polytechnic State University-San Luis Obispo Chapter Certification Officer, IIA-Northern California East Bay KEY POINTS: Introduction [00:00–00:00:35] Chapter Goals and Priorities [00:00:41–00:01:36] Why Volunteer? [00:01:36–00:02:43] Finding Value in Networking and Mentorship [00:02:43–00:03:54] Challenges of Chapter Leadership [00:04:06–00:05:21] Building the Internal Audit Pipeline [00:05:27–00:07:32] Engaging Students on Campus [00:07:44–00:08:52] Lessons from Leadership and Professional Growth [00:09:01–00:12:18] The Value of Volunteering [00:13:02–00:13:32] Advice for New Volunteers [00:14:03–00:15:16] Student Perspective: Getting Involved [00:15:16–00:16:08] Promoting Internal Audit Awareness [00:16:16–00:16:56] Rewards and Challenges of Student Leadership [00:17:01–00:18:07] Networking and Career Exposure [00:18:17–00:18:45] Advice for Students Considering Volunteering [00:18:55–00:19:20] Closing Thoughts [00:19:26–00:19:30] THE IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: 2025 Financial Services Exchange Conference Volunteer Leadership Opportunities Volunteer with your local IIA Chapter and Affiliates Vision 2035 Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit  In this episode, Benito Ybarra sits down with Rick Walke to discuss the newly updated Internal Audit Practitioner™ (IAP™) designation. They explore its value as a permanent credential, its role as a stepping stone to the Certified Internal Auditor® (CIA®), and how it equips internal auditors with foundational knowledge. The conversation highlights the IAP’s global reach, employer credibility, and practical benefits for students, rotational auditors, and professionals at the start of their audit journey. Visit the Certifications page on theiia.org for additional information. HOST:Benito Ybarra, CIAExecutive Vice President, Global Standards, Guidance, and Certifications, The IIA GUEST: Rick Walke, CIA, QIAL, CRMA, CPAVice President, Internal Audit and Risk Management, FORUM Credit Union Key Points Introduction [00:00–00:00:38] The 18-Month Development Process [00:01:23–00:01:49] Making the IAP Permanent and a CIA Stepping Stone [00:01:49–00:02:36] Clearing Up Confusion: IAP vs. CIA Part One [00:02:39–00:03:45] Structured Learning for New Auditors [00:04:08–00:05:17] Target Audiences [00:05:47–00:06:54] Building Foundational Knowledge and Ethics [00:07:06–00:07:53] Reliability and Employer Confidence [00:08:17–00:09:04] CIA Exam Alignment and Credibility [00:09:04–00:09:29] Studying the Syllabus: Key Sections [00:09:29–00:10:54] Governance, Risk, and Fraud Concepts [00:11:08–00:12:18] Portability of Knowledge Across Careers [00:12:18–00:13:25] Making the Case to Employers for Support [00:13:26–00:14:07] Employee Development and Organizational Strength [00:14:32–00:15:02] Global Accessibility [00:15:59–00:16:20] Worldwide Recognition and Value [00:16:20–00:17:07] A Team Effort  [00:17:13–00:17:39] Closing Remarks [00:17:39–00:18:13] The IIA Related Content  Interested in this topic? Visit the links below for more resources: 2025 Financial Services Exchange Conference CIA 2025 IAP 2025 CIA Exam: Why and How it is Changing Global Internal Audit Standards Certification Candidate Handbook Certificate Programs   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit TechSponsored by DataSnipper In this companion episode to the Internal Audit: The Catalyst for Strong AI Governance Global Best Practices linked in the show notes, Mike Levy sits down with Vidya Peters, CEO of DataSnipper, to discuss how AI is reshaping audit work and how internal auditors can lead the charge. They discuss real-world leadership lessons, pitfalls in AI adoption, and practical steps for auditors looking to evolve with emerging technologies. HOST:Mike Levy, CIA, CRMA, CISSPCEO, Cherry Hill Advisory GUEST:Vidya PetersCEO, DataSnipper KEY POINTS: Introduction [00:00–00:00:23] AI’s Rapid Evolution in Audit [00:00:38–00:02:38] Balancing Change Management With Innovation [00:02:46–00:05:13] Embedding GenAI into Auditor Workflows [00:05:21–00:07:50] Governance Missteps and Shadow AI [00:08:27–00:10:54] Auditors as Advisors in AI Governance [00:11:03–00:11:37] Compliance and Regulatory Considerations [00:11:38–00:12:34] The Future of Agentic AI in Audit [00:13:16–00:14:47] Resource Shortages and Doing More with Less [00:15:20–00:16:05] Audit Under Siege: Talent, Regulation, Quality [00:16:12–00:17:51] Why AI Won’t Replace Auditors [00:18:07–00:19:59] Three Waves of AI Change in Audit [00:20:20–00:21:07] What Auditors Should Do to Prepare [00:21:19–00:22:53] Final Advice for Auditors [00:23:35–00:24:50] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: 2025 IGNITE Conference Global Best Practices: Internal Audit: The Catalyst for Strong AI Governance Knowledge Centers: Artificial Intelligence Course: Leveraging Artificial Intelligence in Internal Audit Tools: Artificial Intelligence 101 for Internal Auditors Webinar: Demystifying Artificial Intelligence Internal Auditor Magazine: A Guide to GenAI Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal AuditBenito Ybarra sits down with IIA–St. Louis Chapter leaders Sarah Knox-Hansen and Steven Yashuk to discuss why volunteering matters. From being “voluntold” to leading by choice, they share how chapter work strengthens leadership skills, builds camaraderie, and keeps auditors energized. They also explore post-COVID engagement challenges, creative programming shifts, and practical advice for anyone considering raising their hand to get involved. HOST: Benito Ybarra, CIA Executive Vice President, Global Standards, Guidance, and Certifications, The IIA GUESTS:Sarah Knox-Hansen, CPA Principal, Anders Board of Governors Immediate Past President, IIA–St. Louis Chapter Steven Yashuk, CIA, CISA, CFE Senior Auditor, University of Missouri SystemSecretary, IIA–St. Louis Chapter KEY POINTS: Introduction [00:00–00:00:35] How They First Got Involved [00:00:45–00:01:30] Connecting to the Profession Through Chapter Work [00:01:51–00:02:22] Post-COVID Engagement Challenges [00:02:37–00:03:15] Leadership Skills Gained Through Volunteering [00:03:34–00:04:52] Fun and Networking in Chapter Life [00:04:57–00:05:34] Lessons Learned [00:06:03–00:06:47] Shared Chapter Struggles Across Regions [00:06:52–00:07:22] Why Volunteers Are So Essential [00:08:29–00:09:19] Personal and Professional Benefits [00:09:28–00:10:20] Final Thoughts [00:10:35–00:10:55] THE IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: 2025 IGNITE Conference Volunteer with your local IIA Chapter and Affiliates Emerging Leaders Mentoring Program Building a Better Auditor: Why Join the Emerging Leaders Mentoring Program? Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit In this episode, Carey Blakeman talks with Doris Myles about why influence can be more powerful than authority in internal auditing. Doris shares lessons from more than 20 years leading audits across global organizations and mission-driven institutions, emphasizing relationship mapping, knowing your audience, storytelling, and building trust well before an audit begins. HOST:Carey Blakeman, CIA, CPADirector of Corporate Governance Engagement, The IIA GUEST:Doris Myles, CIA, CPA, CITPDirector of Internal Audit, St. Jude Children’s Research Hospital KEY POINTS: Introduction [00:00–00:00:22] Evolving Leadership Styles [00:00:32–00:02:05] Influence vs. Authority in Internal Audit [00:02:08–00:03:53] Relationship Mapping and Building Trust [00:04:11–00:06:11] Communication Mistakes Auditors Make [00:07:21–00:08:29] Essential Soft Skills for Auditors [00:08:46–00:11:14] Storytelling to Build Confidence and Influence [00:10:45–00:11:14] Leading Through Transformation [00:11:55–00:15:33] Building Influence Across Departments [00:15:41–00:17:55] Final Advice: Mastering the Art of Storytelling [00:18:31–00:19:32] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: 2025 Enterprise Risk Management Virtual Conference 'Mastering Soft Skills In Internal Audit,' All Things Internal Audit Podcast Communication Skills for Auditors: Interviewing and Negotiating Course Talent Management: Recruiting, Developing, Motivating, and Retaining Great Team Members Practice Guide IIA's Internal Audit Competency Framework Volunteer with your local IIA Chapter and Affiliates Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit TechSponsored by KPMG and Workiva In this companion episode to the Transforming Audit Through AI Global Best Practices, Charles King talks with Kelsey Murphy about what it takes to drive meaningful AI adoption in internal audit. They discuss the role of education, trust, leadership buy-in, and everyday experimentation. From training tips to real-world wins, this episode is a guide for teams looking to integrate AI into audit workflows with strategy, not just buzzwords. HOST: Charles King, CIA, CPA, CFE, CIPPPartner, AI in Internal Controls Leader, KPMG  GUESTS:Kelsey MurphySenior Solution Engineer, Workiva KEY POINTS: Introduction [00:00–00:00:36] Focusing AI Education on the “Why” [00:02:00–00:03:52] Defining Goals Before Use Cases [00:04:02–00:05:24] Ongoing AI Training Beyond Workshops [00:05:48–00:08:07] Tone at the Top and Champions Networks [00:08:07–00:09:57] Learning Through Personal and Professional Use [00:10:10–00:12:15] Overcoming Trust Challenges and Building Skill [00:13:25–00:15:39] AI as an Editor vs. Creator [00:15:42–00:17:36] Creating a Culture of Innovation [00:19:21–00:20:59] Real-World Risk Assessment Time Savings [00:21:06–00:22:58] Measuring AI’s Impact: Quantitative and Qualitative [00:23:06–00:24:38] Quality as a Race to the Top [00:24:53–00:27:00] The Future of Audit Work with Integrated AI [00:27:50–00:29:56] Encouraging Adoption and Establishing Norms [00:32:16–00:34:54] IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: 2025 Governance, Risk & Controls Conference Global Best Practices: Transforming Audit Through AI Getting Started With: Generative AI Knowledge Centers: Artificial Intelligence Course: Leveraging Artificial Intelligence in Internal Audit Tools: Artificial Intelligence 101 for Internal Auditors Online Exclusive: Auditing Artificial Intelligence Webinar: Demystifying Artificial Intelligence Internal Auditor Magazine: A Guide to GenAI Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal AuditBusiness leaders weigh in on what good governance really means. In this special episode, Christine Janesko shares additional insight from her interviews for Internal Auditor magazine’s “Fortune Favors the Wise” article. Hear expert takes on balancing governance, avoiding regulatory pitfalls, and internal audit’s role in keeping organizations on track. HOST:Catie Brown Associate Manager Producer, Content Development, The IIA GUESTS:Christine JaneskoSenior Editor, Internal Auditor magazine, The IIA Don Sinko, CPARetired Chief Integrity Officer, Cleveland Clinic Tom Sanglier, CIA, CPA, CRMAChief Audit Executive, Leidos  Carolynn Chalmers,CEO, Good Governance Academy  Lawrence Leung, CIA, CPA, CRMASenior Director, Legal Entity Controlling, Adidas KEY POINTS: Introduction [00:00–00:00:43] The Power of Structure and Independence [00:00:56–00:03:10] From Reporting to Results [00:03:16–00:05:05] CAE as the Board’s Secret Weapon [00:05:14–00:08:03] Measuring Maturity with ISO 37004 [00:08:13–00:10:12] Avoiding Governance Fatigue [00:10:27–00:12:29] Governance vs. Innovation: A Goldilocks Problem [00:12:32–00:16:17] Closing Thoughts [00:16:20–00:17:02] THE IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: 2025 Governance, Risk & Controls Conference “Fortune Favors the Wise,” Internal Auditor Governance Resource Center Toolkit: Governance   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer