The IIA’s New Cybersecurity Topical Requirement

The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this episode, Logan Wamsley talks with George Barham about The IIA’s Cybersecurity Topical Requirement. They discuss how internal audit functions should prepare for its 2026 effective date, and why CAEs should take action now. The conversation also highlights the requirement's companion user guide, outsourcing considerations, framework references, and IIA resources available to help internal audit functions conform with confidence. HOST:Logan WamsleyAssociate Manager, Content Development, The IIA GUEST:George Barham, CIA, CRMA, CISA,Director, Standards & Guidance, The IIA  KEY POINTS: Introduction [00:00-00:00:21] Background on the Cybersecurity Topical Requirement [00:00:21-00:01:31] Key Feedback and Early Implementation Advice [00:01:31-00:03:09] Tips from CAEs on Getting Started [00:03:09-00:04:37] How to Use the Companion User Guide [00:04:37-00:05:57] Outsourcing Considerations [00:05:57-00:07:30] Framework References and Mapping [00:07:30-00:09:37] Keeping Up with the Evolving Cyber Landscape [00:09:37-00:11:30] Annual Review and Updates [00:11:30-00:12:24] Advice as the Effective Date Approaches [00:12:24-00:14:26] Additional IIA Resources and Support [00:14:26-00:16:38] Final Thoughts [00:16:38-00:18:23] THE IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources: Cybersecurity Topical Requirement Executive Knowledge Brief: The Cybersecurity Topical Requirement in Practice GTAG: Assessing Cybersecurity Risk 2025 Cybersecurity Virtual Conference Cyber Resource Center A New Tool to Monitor Established Risks Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

All Things Internal Audit: Fraud Podcast"The Out of Control Controller" Listen to The IIA’s new Fraud Podcast brought to you by All Things Internal Audit. This series provides fictionalized accounts of real-world frauds featured in Internal Auditor magazine’s Fraud department. In this episode, Bruce Kraus investigates a shocking embezzlement case at Allied Engineering involving longtime controller Jane Simmons. With lax oversight and too much unchecked authority, Simmons executes 11 different schemes over five years. From gift card grifts, to a ghost payroll, and a company car gone rogue, this case shows how even trusted employees can exploit internal control gaps. IIA members can access the full article here. Interested in more fraud-related topics? Earn CPEs by registering for The IIA's Fraud Analytics for Internal Auditors Certificate, online and in-person. Chapters: Part 1: A Swipe Too Far (00:00:23) Part 2: A Wiped Drive and a Widening Scope (00:01:54) Part 3: A Pattern of Deception (00:03:14) Part 4: Aftermath and Lessons (00:05:49) Resources Mentioned: Association of Certified Fraud Examiners (ACFE) Internal Auditor magazine (June Issue) Follow All Things Internal Audit: Apple PodcastsSpotify Youtube LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit  In this episode, Christina Brune talks to Rick Walke and André Vertamatti about the major updates to the Certified Internal Auditor (CIA) exam and the Internal Audit Practitioner (IAP) program. They discuss the motivations behind the changes, how the updated Global Internal Audit Standards influenced the new exam, and what candidates can expect. The conversation also highlights the importance of aligning certification with real-world internal audit practices and the future of the profession. Visit the Certifications page on theiia.org for additional information. HOST:Christina Brune  Director, Exam Development, The IIA GUEST: Rick Walke, CIA, CPA, CRMA, QIALVice President, Internal Audit and Risk Management, FORUM Credit UnionCommittee Chair, IIA Exam Development Committee André Vertamatti, CIA, CPA, CRMAHead of Internal Audit, Volkswagen Financial Services Brazil and LM Soluções de MobilidadeVice Chair, IIA Exam Development Committee Key Points Introduction [00:00-00:37] Overview of CIA Exam Changes [00:38-01:42] Why Now? Motivation Behind the Updates [01:43-02:39] Incorporating the Global Internal Audit Standards [02:40-04:25] Testing Topical Requirements [04:26-06:01] What Candidates Need to Know [06:02-07:30] Study Options and Preparation Tips [07:31-08:33] Why the New Exam is Better [08:34-10:52] Impact on the Profession [10:53-12:20] Internal Audit Practitioner (IAP) Program Changes [12:21-15:38] Why IAP Updates Matter [15:39-17:38] Final Thoughts [17:39-18:38] The IIA Related Content  Interested in this topic? Visit the links below for more resources: 2025 International Conference CIA 2025 IAP 2025 CIA Exam: Why and How it is Changing Global Internal Audit Standards Certification Candidate Handbook Certificate Programs Cybersecurity Topical Requirement Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this episode, Charles King talks with Debbie Lew about the transformative role of artificial intelligence in internal auditing. They discuss the integration of AI tools like Copilot, the importance of prompt writing, and how AI is enhancing audit processes. The conversation also covers training strategies, real-world applications, and the impact of AI on stakeholder engagement.   HOST:  Charles King, CIA, CPA, CFE, CIPP Partner, AI in Internal Controls Leader, KPMG US GUEST: Debbie Lew, CISA, CRISC, CHIAP Senior Vice President and Chief Audit Executive, Kaiser Permanente Key Points: Introduction [00:00-00:38] Inside Kaiser Permanente’s Internal Audit Team [00:39-02:14] AI Adoption at Kaiser Permanente [02:15-03:21] Prompt Writing as a Core Skill [03:22-04:10] Guidance Manuals and Prompt Libraries [04:11-05:02] Building AI Agents to Support Audits [05:03-05:51] Training, Communication, and Driving Adoption [05:52-07:23] Innovative Applications of GenAI in Audit [07:24-08:28] Inspiring a Tech-Forward Culture [08:29-10:06] Final Thoughts [10:07-10:31]   IIA Related Content:  Interested in this topic? Visit the links below for more resources. 2025 International Conference Knowledge Centers: Artificial Intelligence Auditing the Cybersecurity Program Certificate Cybersecurity Topical Requirement “Undercover AI,” Internal Auditor Magazine  The IIA’s Updated AI Auditing Framework   Visit The IIA’s website or YouTube channel for related topics and more.   Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer  

The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this episode, George Barham talks with Mike Callino about how agile methodologies and artificial intelligence are transforming internal audit functions. Mike shares practical insights on implementing agile auditing, the challenges and benefits of this approach, and how AI is being used throughout the audit lifecycle. HOST:George Barham, CIA, CISA, CRMA Director, Standards & Professional Guidance, The IIA GUEST:Mike Callino, CIA, CISA Senior Director, Internal Audit, Braze Key Points Introduction [00:00-00:00:27] Defining Agile Auditing [00:00:28-00:01:12] Applying Agile in Practice [00:01:13-00:03:03] Metrics for Agile Success [00:03:04-00:04:15] How Agile Auditing Has Evolved [00:04:16-00:06:06] Getting Started with Agile [00:06:07-00:07:28] Roles and Responsibilities in Agile [00:07:29-00:09:12] Measuring Agile Success [00:09:13-00:10:04] Training for Agile Adoption [00:10:05-00:11:20] AI Use Cases in the Audit Lifecycle [00:11:21-00:14:51] Common Misconceptions About Agile [00:14:52-00:16:12] The Future of Agile and AI in Auditing [00:16:13-00:18:48] IIA Related Content:  Interested in this topic? Visit the links below for more resources: 2025 International Conference Agile Auditing Course Building a Better Auditor: Embracing Agile Audit Agile Auditing: Transforming the Internal Audit Process. Debunking Agile Myths Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit  In this episode, The IIA’s Lindsay Patterson talks with Anna Davis of Qualcomm about the crucial aspects of internal audit team formation and dynamics. They discuss hiring strategies in the current market, the importance of soft and hard skills, the challenges and benefits of remote and in-office work, and methods for fostering a strong team culture.  HOST:Lindsay Patterson, CIA, CPAExecutive Vice President , Membership, Marketing and Communications, The IIA GUEST:Anna Davis, CPAVice President, CAE, Qualcomm Key Points Introduction [00:00-00:22] Team Formation: Starting with Hiring [00:23-01:34] In-Office Work and Recruitment Challenges [01:35-04:13] Hard and Soft Skills and Business Acumen [04:14-06:00] Retention and Career Growth Opportunities [06:01-07:05] Team Size and Responsibilities [07:06-07:44] Building a Team Culture [07:45-10:32] The Value of Authentic Leadership [10:33-12:03] Advice for Aspiring Audit Leaders [12:04-13:44] Final Thoughts [13:45-14:44] The IIA Related Content  Interested in this topic? Visit the links below for more resources: 2025 AuditSphere Virtual Conference Tools for Audit Managers Course IIA Group Membership Group Training Solutions All Things Internal Audit Podcast: 'Mastering Soft Skills in Internal Auditing,' Building a Better Auditor: Optimizing Team Communication Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this episode, Andrew Guasp talks with Alex Gacheche about the importance of emotional intelligence (EQ) in the internal audit profession, especially in the context of AI advancements. They discuss how EQ can enhance internal audit effectiveness, the role of empathy and communication, and the impact of cultural differences on EQ. From active listening to handling difficult conversations, this episode unpacks the human side of internal auditing. HOST:Andrew Guasp, CIA Senior Manager, Standards & Professional Guidance, The IIA GUEST:Alex Gacheche, CISAHead of Internal Audit, Information Security, Technology Infrastructure, Emerging Technology, and AI, Meta   Key Points Introduction [00:00–00:01:16] What Is Emotional Intelligence? [00:01:17–00:03:34] Human Judgment with AI [00:03:35–00:05:01] Balancing Hard and Soft Skills [00:05:02–00:06:27] Developing EQ in Auditing [00:08:42–00:11:51] EQ in Communication and Reporting [00:11:52–00:13:16] Training for EQ Skills [00:13:17–00:14:31] Blending AI and EQ [00:14:32–00:15:49] Resources to Grow EQ [00:15:50–00:18:24] Using EQ in Remediation [00:18:25–00:21:42] EQ in Planning and Information Gathering [00:21:43–00:24:01] Cultural Sensitivity and Word Choice [00:24:02–00:26:32] Leading Multigenerational Teams [00:26:33–00:30:17] EQ’s Role in the AI Era [00:30:18–00:32:25] Leadership, Retention, and EQ [00:32:26–00:35:02] EQ in Walkthroughs and Meetings [00:35:03–00:40:47] Final Thoughts [00:40:48–00:41:53] The IIA Related Content Interested in this topic? Visit the links below for more resources:  2025 AuditSphere Virtual Conference Building a Better Auditor: The Powerful Synergy of EQ and AI Knowledge Centers: Artificial Intelligence 'Mastering Soft Skills in Internal Auditing,' All Things Internal Audit Podcast The IIA’s Updated AI Auditing Framework Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this episode, Charles King talks with Imraan Mulla about the transformative potential of AI in internal auditing. They discuss AI’s evolution from basic automation to advanced applications, the challenges of adoption, and the future of AI in internal auditing. The conversation also covers continuous monitoring, risk assessment, and the role of human judgment in an AI-driven world. HOST:Charles King, CIA, CPA, CFE, CIPP, Partner, AI in Internal Controls Leader, KPMG LLP GUEST: Imrankhan (Imraan) Mulla, Vice president, Analytics and Innovation, Capital One Key Points Introduction [00:00-00:00:21] AI's Evolution in Internal Auditing [00:21-01:08] Challenges of AI Adoption [01:08-02:16] Driving AI Adoption and ROI [02:16-04:31] The Future of Internal Audit with AI [04:31-05:57] Prioritizing Investments in AI [05:57-08:10] Continuous Monitoring and Targeted Audits [08:10-11:05] Flexible Audit Plans and Risk-based Auditing [11:05-12:29] Analyzing Unstructured Data [12:29-14:14] Human Judgment and AI [14:14-16:06] Building a Culture of Innovation [16:06-18:11] Internal Audit as a Beacon for Innovation [18:11-20:48] Agentic AI and Its Applications [20:48-22:49] Final Thoughts [22:49-23:19] The IIA Related Content Interested in this topic? Visit the links below for more resources:  2025 AuditSphere Virtual Conference Knowledge Centers: Artificial Intelligence Auditing the Cybersecurity Program Certificate Implementing The IIA’s New Cybersecurity Topical Requirement Cybersecurity Topical Requirement "Undercover AI," Internal Auditor magazine  The IIA’s Updated AI Auditing Framework Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit In this episode, Mike Jacka talks with Anne Millage about his decision to end the “Mind of Jacka” blog after 900 posts. Mike shares some favorite posts, the origins of his ideas, and the role humor plays in his writing. He looks back at his internal audit career and offers his thoughts on the evolution of the profession. Read Mike's 900th blog post:  Mind of Jacka: 900 Posts: Now What? Host:Anne Millage  Director of content, The IIA Guests: Mike Jacka, CIA, CPA, CPCU, CLU Chief creative pilot at Flying Pig Audit, Consulting and Training Solutions Key Points:  Introduction [00:00-00:33] Overview of Mike's contributions to the internal audit community through his writing. Mike's Journey [00:34-02:19] Discussion on Mike's career in internal auditing and his decision to start the blog. Insights into Mike's unique approach to writing and humor in the internal audit profession. Decision to End the Blog [02:20-04:07] Mike explains why he decided to end the blog after 900 posts. Reflection on the milestones and reasons behind his retirement. Challenges and Causes [04:08-05:36] The challenges Mike faced while writing the blog. Discussion on the evolving nature of internal auditing and the profession's biggest challenges. Popular Posts and Audience Engagement [05:37-07:54] Anne and Mike discuss some of the most popular and commented-on blog posts. Insights into why certain posts resonated with the audience and sparked discussions. Humor in Internal Auditing [07:55-09:35] Mike shares his experiences with incorporating humor into his writing. The importance of not taking the profession too seriously and the impact of humor. Remote Auditing and Modern Challenges [09:36-11:08] Discussion on the topic of remote auditing and its effectiveness. Mike's views on the current trends and challenges in the internal audit profession. Future Plans [11:09-13:08] Mike talks about his future plans post-retirement. His continued involvement in training, writing, and other passions. Final Thoughts [13:09-15:57] Mike's advice for other internal auditors on writing and following their passions. The IIA Related Content: Interested in this topic? Visit the links below for more resources: Mind of Jacka: 900 Posts: Now What? Jacka, Mika."Alice In Auditland" Internal Auditor, Dec. 2009, pp. 56 - 61.  Jacka, Mike. Auditing Humor and Other Oxymorons. FPACTS, 2016. Find more blogs and articles on Internal Auditor Magazine's website   Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit In this episode, Mike Levy speaks with Adam Neifach about the challenges of late audit responses — what they call the “dreaded 5:00 p.m. response.” They discuss why audit clients delay engagement, how to foster collaboration, and practical strategies for improving responsiveness.  Host:Mike Levy, CIA, CRMA, CISA, CEO and managing principal, Cherry Hill Advisory   Guests: Adam Neifach, CIA, CPA, CISA, senior manager of Internal Audit, Frontier Airlines Key Points:  Introduction [00:00-00:43] The 5:00 PM Response [00:44-02:28] Explanation of the "5:00 PM response" and its impact on audit processes. Discussion on why audit clients delay engagement. Challenges and Causes [02:29-03:36] Adam Neifach shares his experiences with late responses and the challenges they pose. Exploration of potential reasons behind delayed responses, including inefficiencies and reluctance. Building Relationships [03:37-05:32] Importance of building relationships with audit clients to improve responsiveness. Strategies for fostering collaboration and understanding client perspectives. Proactive Communication [05:33-07:03] The role of proactive communication in preventing late responses. Techniques for maintaining open and constant communication throughout the audit process. Real-world Tactics [07:04-09:35] Adam Neifach shares real-world tactics from his own experience. Practical strategies for encouraging earlier engagement and ensuring smoother audits. Cultural and Generational Differences [09:36-11:08] How cultural and generational differences impact audit responses. Adapting communication styles to different stakeholders. Tactical Solutions [11:09-13:08] Specific tactics for dealing with delayed responses, including setting up pre-deadline meetings. Importance of addressing resource constraints and understanding client workloads. Escalation and Management [13:09-15:11] When and how to escalate issues to management without damaging relationships. Balancing the need for timely responses with maintaining positive client relationships. Final Thoughts [15:12-17:57] Final advice for auditors on improving audit response times and fostering collaboration. The IIA Related Content: Interested in this topic? Visit the links below for more resources: 2025 AuditSphere Conference 'Mastering Soft Skills in Internal Auditing,' All Things Internal Audit Podcast The IIA's On-demand Communication Basics Course The IIA's Effective Communication and Conflict Resolution for Internal Auditors Course Visit The IIA's website or YouTube channel for related topics and more. Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer