Mist I Catalogue 2016

Published
September
2015
2016
CATALOGUE
OF EVENTS
INTERNAL AUDIT & RISK MANAGEMENT
INFORMATION SECURITY
FRAUD / IT AUDIT
The Global Leader in Audit and Information Security Training

TAKE CONTROL OF
YOUR CAREER
Study with industry-leading trainers
and experienced audit, risk, fraud and
security experts
Achieve an immediate return from your

training experience by developing new skills
Boost your knowledge by using case studies,

real life examples and role-play scenarios
Share experiences through interactive

discussion with peers and deepen your
industry knowledge
Advance your career with CPE and CPD

accredited courses to gain the points you need
1 WWW.MISTI.COM
+44 (0)20 3819 0800
CONTENTS
06 Training Weeks
9 Internal Audit and Risk Management
49 Fraud
59 IT Audit
73 Information Security
77 Conferences and Bespoke Events
83 Our Course Directors
92 Index of all Courses
We are delighted to introduce the newest feature of our website the MISTI blog. Here
you will gain an insight into not just MISTI but also, compelling, valuable resources
and information for Internal Auditing, Risk Management, Fraud and Corruption and
Information Security.
We are thrilled to have the ability to share our knowledge and experience through this
portal. If you have any suggestions on topics and subject matter, or questions for our
trainers or speakers, then we want you to let us know. Get in touch, either by twitter,
linkedin or email misti@misti.com
Visit misti.com to find out more about our blog and latest developments from MISTI!
For more information on our courses, contact us on:
Web www.misti.com Tel +44 (0) 20 3819 0800

Email misti@misti.com Twitter @mistieurope
i How to Register
You can find out more information about
all of our events and register online.
Please visit www.misti.com
to find out more information about all our events.
MISTI@MISTI.COM
@mistieurope 2
WHY CHOOSE MIS TRAINING INSTITUTE?
Our Experience & Reputation Our Courses
Having trained over 200,000 professionals MIS Training Institute have over 80 training
worldwide, we are the global leader in Audit, courses to choose from. This means that
Risk, Fraud and Security Training. you can find a course to suit your needs and
interests whatever level youre at within your
With over 35 years experience, we are career.
the choice for companies who want their
employees to gain skills to really help All our courses have a very practical focus
improve their organisation and deliver a real and contain real life case studies, exercises
Return of Investment from training. and knowledge based learning. This enables
you to implement your new skills as you
We have worked with some of the most return to your office.
prestigious companies in the world
including: All courses are updated regularly to meet the
latest legislative and market challenges. You
European Central Bank Barclays Bank will leave all of our training courses with both
Euroclear NYSE Euronext current and emerging best practice guidance.
Kuwait Petroleum International Criminal
Maersk Group Court Upon completion of the training course
Riyad Bank BAE Systems you will be awarded with your Continual
NATO Central Bank of Professional Education (CPE) points and
DVB Bank Nigeria Continuing Professional Development (CPD)
BP KCB Bank Group Certification. You will also be given an MIS
Gulf International Bank NMBS Holding
Training Institute Certificate which will have
Ghana Civil Aviation AXA International
the details of the course that you attended.
Saudi Aramco Deutsche Bundesbank
BDO GlaxoSmithKline
In-house Training
We also offer in-house training for companies

that are looking to train multiple members
of staff and avoid the costs of travel and
accommodation. We can offer tailored
The course is really good for training courses and can focus on specific
issues within your organisation with expert
beginners as well as those that
guidance from our course directors. We have
are more experienced as it is very an extensive catalogue of in-house training
comprehensive. The course director options that goes beyond even our public
made the course very interesting schedule, so even if you dont see the course
and interactive. I would recommend that you desire then please dont hesitate
this course to a colleague to call customer services to discuss your
training requirements
Audit & Security of SAP Training Week:
Senior IT Auditor, Landis+Gyr misti@misti.com / +44 (0) 20 3819 0800
3 WWW.MISTI.COM
+44 (0)20 3819 0800
Our Conferences Our Faculty of Course Directors
MISTI typically delivers 6-10 international All our course directors have at least 15
conferences a year specialising in the areas years of practical business experience.
of information security, corporate security; Having reached the top of their profession
fraud and anti-corruption; internal audit as Heads of Departments for some of
and technology audit - reaching to the wider the biggest companies in the world, they
spheres of risk, assurance, governance combine academic knowledge with years of
compliance, integrity and protection. The business and industry experience.
well-established MISTI conference portfolio
includes new events that are added annually Many are published authors and sit on
to complement its flagship events across boards of associations such as the IIA and
Europe, Africa, the Middle East and Asia- ISACA. You are guaranteed personal face-
Pacific. All Conferences are CPE accredited. to-face time with your course director as we
always limit the amount of people attending
shook@misti.com / +44 (0) 20 3819 0809
a course.
MISTI is an accredited member of CPD UK

Our Facilities
specialising in helping Internal Auditors build
new skills, enhance existing knowledge and
All our courses take place in 4 or 5 star develop careers. CPD accredited courses will
hotels in the centre of major cities across enable you to learn from the best trainers,
Europe, the Middle East, Africa and Asia, gain access to industry expertise and share
which means you will enjoy your course in ideas with other professionals. Find out
complete comfort. more at: www.cpduk.co.uk
A complimentary three course lunch and MISTI is registered with the National
refreshments will be provided throughout Association of State Boards of Accountancy
each day of training. (NASBA) as a sponsor of continuing
professional education on the National
Registry of CPE Sponsors, State boards of
Accountancy have final authority on the
acceptance of individual courses for CPE
credit. Complaints regarding registered
My reasons for attending this course sponsors may be submitted to the National
were to gain more knowledge in IT Audit. Registry of CPE Sponsors through its
The course gave me the global view I website: www.learningmarket.org
was looking for and I will now be able to
communicate with all IT Auditors. The
course director was excellent! He was
enthusiastic, and was able to keep my
attention. He used some great slides and
delivered everything in a clear voice
IT Audit School (IT Auditing for Non IT
Auditors): Manager of Operational Audit,
NV Nederlandse Gasunie
MISTI@MISTI.COM
@mistieurope 4
INHOUSE TRAINING
SAVE UP TO 50% WITH

IN-HOUSE TRAINING
Choose from over 150 existing training courses to
meet the needs and challenges of your individual
organization or if you prefer we can create a new
agenda. You will have complete control over the
course content
Save by paying per day, not per delegate. This

means that you can train six or sixteen people for
the same price
Maximise your return on investment from training

and minimise the costs of travel and accommodation
Focus on potentially confidential issues with expert

guidance from the course director
Minimise disruption and arrange the course dates

and locations to fit in with your teams schedule
5 WWW.MISTI.COM
+44 (0)20 3819 0800
TRAINING WEEKS TW
What are Training Week Programmes? Why attend a Training Week

Programme?
Our training week programmes are intensive
courses that take place over five days. Five days of comprehensive and
Each Training Week programme features intensive training
two course parts that have been especially Each programme has been designed to
designed to complement each other. ensure you leave with both current and
emerging best practice, mastering two
They are ideal for those wanting to get the disciplines in just one week. You will also be
most out of their learning development given an MIS Training Institute Certificate
by reinforcing existing knowledge and which will have the details of the course that
learning practical new skills. You will leave you attended.
a programme having mastered two areas
of your profession and will be able to make
Cost savings
a real difference to your organisation and
Rather than attending these courses
progress your career.
individually at different times of the year,
attend a training week programme and save
10% on the course fees. You will also be
saving on travel and accommodation costs.
Save on time out of the office

Each programme is five days so you only
need to take one trip out of the office.

CPE points
You will earn 39 CPE points in five days.
SAVE 10%
Book + Book
Part 1 Part 2
i Training week
courses are marked
inside the catalogue TW
with this symbol
MISTI@MISTI.COM
@mistieurope 6
01 INTERNAL AUDIT TRAINING WEEKS
The Fundamentals of Internal Audit Training Week
Part 1: Fundamentals of Internal Auditing Lin Bartlett
14-18 March, Amsterdam
Part 2: Audit Report Writing 9-13 October, Dubai
5-9 December, London
Integrating Continuous Auditing

and Data Analytics
Part 1: Continuous Auditing Andy Robertson & Jim Tarantino
14-18 November, London
Part 2: Successful Data Analytics for Internal Auditors
Raising the Bar of Internal Audit Training Week

Part 1: Internal Audit Quality Assurance Lin Bartlett
27 June - 1 July, London
Part 2: Consultancy Skills for Auditors 12-16, December, London
Risk-based Internal Auditing Training Week

Part 1: Risk Based Internal Auditing Liz Sandwith & James Paterson
25-29 July, London
Part 2: Developing the Annual Audit Plan 5-9 December, Amsterdam
The Audit Directors and Managers Masterclass

Part 1: Auditing, Governance, Strategy and Risk Management Jenny Rayner
4-8 April, London
Part 2: Auditing Ethics, Culture, Conduct and 17-21 October, London
Reputational Risk 31 November - 4 December, Cape Town
The Risk Management Masterclass

Part 1: Enterprise Risk Management Jenny Rayner
18-22 April, London
Part 2: Managing Strategic and Reputational Risk 15-19 August, London
26-30 September, Singapore
12-16 December, Paris
Lean Six Sigma for Internal Audit Efficiency and
Effectiveness
Part 1: Six Sigma Skills for Internal Auditors Hernan Murdock &
Part 2: Audit Efficiency and Effectiveness James Paterson
31 October - 4 November, London
7 WWW.MISTI.COM
+44 (0)20 3819 0800
02 FRAUD TRAINING WEEKS
Fraud Testing and Integration Training Week
Part 1: Fraud Testing: Integrating Fraud Detection Len Vona
into your Audit Programme 9-13 May, London
Part 2: Fraud Data Mining
Fraud Investigations Masterclass

Part 1: Fraud Testing: Integrating Fraud Detection Len Vona
into your Audit Programme 19-23 September, London
Part 2: Conducting an Internal Fraud Investigation
03 IT AUDIT TRAINING WEEKS

Auditing and Securing Oracle Training Week
Part 1: Auditing and Controlling Oracle Databases Steve Rimell
4-8 April, London
Part 2: Audit and Security of Oracle E-business Suite 21-25 November, London
Auditing and Securing SAP Training Week

Part 1: Auditing and Securing SAP ERP Central Component Steve Biskie
(ECC) and SAP R/3 8-12 May, Dubai
10-14 September, London
Part 2: Advanced Technical SAP Audit
MISTI@MISTI.COM
@mistieurope 8
01
I N T E R N A L A U D I T
& R I S K M A N A G E M E N T
Does your organisation have all the tools to drive

productivity and value-add in Internal Audit operations? Can
you discover techniques to better develop and manage audit
frameworks? Are you focusing your audit efforts
on the most significant business risks? How can you
become a truly effective Audit Leader?
10
EFFECTIVE INTERNAL AUDIT
TW 24CPE
FUNDAMENTALS OF INTERNAL AUDITING

The tools and techniques needed to become todays modern internal auditor
COURSE FOCUS DATES

9-11 September, Dubai
Perfect for new internal auditors, this course introduces you to the role 5-7 December, London
and responsibilities of the audit department. The role of the department is
discussed within the wider assurance context and the professions current DIRECTOR
challenges. Lin Bartlett
Senior Internal Audit
Professional and former
This course teaches the basic tools and techniques to carry out audit
integrated Audit Manager with
assignments and allows attendees to practice specifically designed exercises Shell, as part of a vast career
and case studies. spanning over 30 years.
WHY ATTEND THIS COURSE
Understand the role of the internal audit department

Learn the standards required for the professional practice of Internal Audit
Improve your interpersonal skills and interview strategies
Explore risk assessment strategies and risk based internal auditing
Develop the tools and techniques required to perform a successful
audit programme
AGENDA AT A GLANCE
Day One: Introducing Day Two: Developing the audit Day Three: Exploring audit finding
internal auditing programme and evaluating and developing the audit report
internal controls
The role of the internal audit Fieldwork techniques and
department and characteristics of An introduction to the COSO applications
an effective department Control model The five attributes of an
The internal audit governance Audit communications and audit finding
framework interview strategies The Audit Report: Understanding
Understanding the role of the Evaluating and documenting your audience and user friendly
internal auditor internal controls report structures
The audit model performance Reviewing audit programmes and Issuing timely reports and closing
of audit work testing: case study the audit assignment
Free book with this course:

International Professional
Practices Framework (IPPF)
11 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
15CPE
AUDIT REPORT WRITING

A guide to writing effective audit reports which meet the needs of the readers and inspire action
COURSE FOCUS DATES

12-13 October, Dubai
Satisfying the differing needs of various readers of an audit report can prove 8-9 December, London
to be a challenge. Report writing is a key skill for auditors and is often one
which doesnt come naturally to them. Auditors often collect and analyse DIRECTOR
detailed information and are more comfortable at a detailed level, rather than Lin Bartlett
that required to deliver the key message to senior managers. Senior Internal Audit
This two day course will review and improve your audit reports to meet the Shell, as part of a vast career
needs of stakeholders and get results. The exercise-filled agenda will help spanning over 30 years.
you highlight the most significant issues and concentrate on what needs
to be completed.
Gain expertise and confidence in developing well-structured reports

with clear information
Learn to deliver the key messages that focus on risk and get results
Discuss and understand the differing needs and expectations of
audit report readers
Practice each step of the report writing process, including thinking about your
audience, organising your ideas to meet their needs, choosing the appropriate
format and tone and crafting your writing
Bring your own reports to work on and review in the context of the course
AGENDA AT A GLANCE
Day One: Thinking about Day One: Structuring and

the Report from Day One Writing the Report
Setting the scene Key strategies for successful
reporting
Discussing challenges of
report writing Making your report User-Friendly
Understanding the background Structuring Audit findings to aid
and agreeing KPIs consistency
Influencing your client Improving your writing skills
to take action
Top tips for effective Audit
Keeping focus on key issues Report Writing
and risks
MISTI@MISTI.COM
@mistieurope 12
TW 24CPE
39CPE
INTERNAL AUDIT SCHOOL

Understand the fundamentals of operational auditing and
how to evaluate operational performance
COURSE FOCUS DATES

16-20 May, London
15-19 August, London
This five-day course provides practical guidance on operational auditing of 7-11 November, Cape Town
core business processes, the internal auditors role in compliance activities
and risk based internal auditing. DIRECTOR
Lin Bartlett
Participants will learn to identify and prioritise risk and practice new skills Senior Internal Audit
with practical exercises and develop their communication skills.
Shell, as part of a vast career
spanning over 30 years.
Learn tools and techniques and put them into practice with practical exercises
Appreciate the benefits of risk based auditing to audit different
business functions
Explore why communication sometimes seems difficult and discover
improvements you can make to your communication with clients
Identifying internal audits role in detecting fraud
Discuss current best practice audit techniques and gain confidence in
undertaking risk based audits
AGENDA AT A GLANCE
Day One: Where is internal audit Day Two: Communicating with Day Three: Auditing Procurement
positioned in your company? your stakeholders and Major Contracts
Internal auditing today: Understanding the key stakeholder Identifying core purchasing
leading trends needs and expectations activities and control objectives
Understanding the overall Developing listening skills Assessing governance, policies
assurance framework Conducting effective interviews and procedures
What is risk based auditing? The importance of both verbal and Understanding the contracts and
The 6 Es of auditing non-verbal communication audits required
Reviewing contract management
risks
Day Four: Auditing different Day Five: Corporate Culture and
business functions preventing fraud
Why sales and marketing is often Understanding the importance of
hard to audit the corporate culture
Reviewing risks in the sales to Identifying ethics and governance
receivables process and key risks
Auditing the human resources Techniques for preventing fraud
(HR) function Using the computer to detect fraud
Case Study: develop audit terms of
reference for a risk based audit of
recruitment
13 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
AUDITING TECHNIQUES FOR LEAD AUDITORS

Develop your skills in leading an audit with tested techniques for planning
and developing audit programmes and managing fieldwork
COURSE FOCUS DATES

4-6 April, London
This three day seminar focusses on challenges facing the lead auditor. It 20-22 November, Dubai
sets out what is expected from the lead auditor and enables those who have
recently moved into the role or are soon to do so. You will learn all the DIRECTOR
necessary tools and techniques to conduct an audit and valuable insight into Lin Bartlett
the wider context of auditing and assurance. Senior Internal Audit
You will learn how to manage an audit from initial planning through to Shell, as part of a vast career
audit closure using case studies and practical exercises. Add even further spanning over 30 years.
value to your organisation with the key project management skills to deliver
assignments on time and within budget.
Understand the role of corporate scandals and governance legislation

on Internal Audit
Explore IIA guidance and best practice auditing techniques with a Senior
Internal Audit Professional
Learn how to successfully manage an audit from start to finish
Appreciate the value of persuasive evidence and how to effectively influence
successful outcomes
Master applying project management tools and techniques to internal audit
AGENDA AT A GLANCE
Day One: The Lead Auditors Role Day Two: Planning, Development Day Three: Project Management
and Managing Fieldwork and Internal Audit
Defining the role and
responsibilities of the lead auditor Understanding the role of risk in Applying project management to
Selecting and leading the team the Internal Audit function internal audit
Assuring the quality of the audit What is risk-based auditing? Using project management to plan
your audits
Discussing the different types of Areas to consider for a more
internal audits and their emphasis productive audit Managing the audit team and
client responsibilities
Understanding the differences Managing Fieldwork
between diverse assurance Dos and donts of effective meeting
Top Tips for effective
providers and managing the management and communications
report writing
relationships Identifying internal audits role in
fraud awareness
MISTI@MISTI.COM
@mistieurope 14
TW 24CPE
SIX SIGMA SKILLS

FOR INTERNAL AUDITORS
Acquiring the essential Six Sigma Skills for process improvement
COURSE FOCUS DATES

31 Oct - 2 Nov, London
Six Sigma provides auditors with an invaluable tool to improve processes DIRECTOR
and measure the effectiveness of internal controls. Initially designed as a Hernan Murdoch
set of practices to improve manufacturing process, Six Sigma focuses on Dr Murdock is a Senior
consistency, quality and constant improvement. This ties perfectly with Consultant for MIS Training
the same goals that internal auditors promote during their audits and Institute and has led audit
and consulting projects for
consulting projects. clients in the manufacturing,
transportation, high tech,
Through this three-day course you will learn to improve operational education, insurance and power
efficiency with this data drive, quality improvement initiative. generation industries.
Learn what Six Sigma is about and how to leverage the principles for better
internal controls
Identify critical operational issues, develop better recommendations and
improve efficiency
Understand the phases of Six Sigma, project scope and goals
Master the application of metrics to determine effectiveness and efficiency
Discover how Six Sigma can enhance your ERM and GRC processes, while
reducing costs and wasted time
AGENDA AT A GLANCE
Day One: Terminology, Key Day Two: Six Sigma Soft Skills Day Three: The 14 Principles
Concepts and Phases and Training of the Toyota Way
The Define Phase: The Control Phase: Verifying Understanding Operational
Defining the problem process performance Auditing and Consulting
The Measure Phase: Identifying, Implementing team building The importance of Collaboration
collecting information and and techniques for conflict in the development of solutions
mapping the data management
Applying the 14 Principles to
The Analyse Phase: Employing Outlining types of statistical your organisation
data and metrics to determine the analysis and variables
root cause of defects Leveraging the Principles to
Identifying training needs and develop the human capital
The Improve Phase: the effectiveness of training
15 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
15CPE
AUDIT EFFICIENCY AND EFFECTIVENESS

Key tools to drive productivity and value-add in Internal Audit operations
COURSE FOCUS DATES

3 Nov - 4 Nov, London
In this interactive masterclass you will practice the first steps in developing DIRECTOR
efficiency and learn how to establish an effective and efficient audit process. James Paterson
Departments in all organisations are being expected to do more with Over 20 years experience
less. For internal auditors, this is even harder as the increasing number of across a range of finance and
assurance scandals demonstrates. audit roles and a former Chief
Internal Auditor at AstraZeneca.
This course is designed for internal auditors and heads of internal audit, to
assist you in working efficiently, maintaining a high-level of departmental
performance and increasing the effectiveness of your audit team.
Benchmark your audit function in terms of efficiency and effectiveness

Gain fresh insights into tackling challenges without excessive bureaucracy
Develop an audit plan with new tools and techniques
Establish a culture of efficiency and effectiveness inside
your organisations audit team
Utilise data analytics and key sources of information to drive efficiency
AGENDA AT A GLANCE
Day One: Developing the first Day Two: Establishing an

steps to efficiency efficient audit process
Key Terminology: What do we Deep dive into key
mean by efficiency? What do we efficiency pitfalls
mean by effectiveness?
Searching for opportunities
Balancing between IIA with practical
requirements and the needs of
stakeholders How to develop a culture
of efficiency
Developing an audit plan
efficiently to maximise audit Driving efficiency and
value add effectiveness with key sources
of intelligence
Tools that can drive efficiency in
audit assignments
MISTI@MISTI.COM
@mistieurope 16
TW 24CPE
PROJECT MANAGEMENT
Improving Audit productivity with project management
COURSE FOCUS DATES

An audit is simply a project. Yet few auditors take advantage of the techniques DIRECTOR
used by project managers to bring their projects in on time and within Kathleen Crawford
budget. In three intensive days, attendees will learn techniques to significantly Experienced Internal Auditor
improve productivity in planning and managing all audit projects. with Bank of New England,
Eastern Bank, State Street
Bank and Vinfen Corporation,
a private, non-profit human
WHY ATTEND THIS COURSE services organisation.
Kathleen is a Past-President
Learn the basics of project management of the Greater Boston
Chapter of the IIA.
Achieve improved cost-control and resource utilisation techniques
Discover tools for project-planning, scheduling, control and
decision support
Improve productivity in the audit process
Take-away techniques to immediately implement in your organisation
AGENDA AT A GLANCE
Day One: Defining and Exploring Day Two: Techniques to improve Day Three: Understanding the
Project Audits the outcome of a project scope and requirements
Defining project management and Outlining successful audit / Defining project scope
the project management process project management key factors and requirements
Exploring project managements Using project management Producing a project plan
relevance to audit to plan audits
Conducting meetings
Expanding audit project Improving time management and interviews
leaders core competencies
Developing early warning systems Focusing on communication
Outlining 9 knowledge areas motivation and problem-solving
of project management Minimising your
investment in fieldwork Meeting todays audit challenges
Identifying problems with project management
early in the process techniques
17 WWW.MISTI.COM
+44 (0)20 3819 0800
TOOLS AND TECHNIQUES
TW 24CPE
COMMUNICATION AND INFLUENCING

SKILLS FOR INTERNAL AUDITORS
Practical techniques to gain more information during audit interviews
and to improve acceptance of audit results
COURSE FOCUS DATES

This course will focus auditors on the critical soft skills that, if not DIRECTOR
mastered, can undermine the success of an audit. Through presentation, Kelly Hogan
discussion, practical exercises and coaching, this course ensures you develop Internal Auditor, Manager,
communication and negotiation skills to conduct more effective audits. Consultant and Trainer
Practice interviews for gaining information, status meetings for reviewing with over 20years of
experience in identifying and
audit findings and discussing the final audit outcome. Following the communicating key messages
course guidance, you will develop a Personal Action Plan for dealing with and audit results.
challenging audit clients.
Identify your own style of communication using DiSC and proactively adapt
to your audit clients style
Develop the ability to obtain more information in interviews with your
audit clients
Learn to sell your audit findings even when faced with resistant management
Practice diffusing conflicts and tense situations in audit status and
closing meetings
Influence change through improved acceptance of audit results
AGENDA AT A GLANCE
Day One: Communication Styles Day Two: Interview and Meeting Day Three: Influencing
and Introducing Interview and Techniques (continued) and Outcomes Communicating
Meeting Techniques Managing Conflicts about the audit report
Using DiSC, identify your own Follow-up: Information Positions Identification of your
communication style, how it affects confirmation, action items audit clients and establishment of
your approach and identifying your own
others communication styles Practicalities: Note-taking,
logistical considerations Setting (and resetting) the tone
The impact of physical and visual
characteristics on your message Checklists for before and after Agreeing on an outcome for the
meetings, example meeting audit report
Essential steps for preparing outlines, list of suggested
for and running meetings and interview questions Managing your audience
interviews Dealing with different styles of
Establishing a baseline what communication at the same time
Preparation: Background work parts of your audit finding are
and outline, anticipated deviations, factual, what parts are not Exercises and Personal Action
auditor participant roles Plan development
Reason(s) for objection to the audit
Execution: Stage-setting finding: Facts, tone, responsibility
and rapport, Hearing versus
Listening, questioning techniques,
restatements and wrap-up MISTI@MISTI.COM
@mistieurope 18
TW 24CPE
RISK-BASED INTERNAL AUDITING

Transform the way Internal Audit operates within your organisation
COURSE FOCUS DATES

13-15 March, Dubai
25-27 July, London
Internal audit provides a prime source of assurance for organisations to 5-7 December, Amsterdam
consider the effectiveness of risk management frameworks, processes, and
controls. Discover how audit functions can implement a risk-based approach DIRECTOR
that is truly business oriented. Liz Sandwith
Experienced professional and
trainer with over 30 years
This course will enable you to gain an understanding of what is necessary to
of internal audit and risk
make your audit function totally risk-based. You will learn tools, techniques management in central and
and methodology to produce bullet proof audit plans and boost auditor local government, housing
productivity. associations, regional
development agencies and
broadcasting with Channel 5.
Examine how your organisation can adopt a risk-based approach to

internal auditing
Explore your companys risk profile and how risk management arrangements
can keep up-to-date with changes to the profile
Review the readiness of your organisation to adopt a risk-based approach
Develop a plan to implement risk-based auditing within your organisation
Learn how to write top quality risk-based audit reports
AGENDA AT A GLANCE
Day One: Introducing Risk-Based Day Two: Creating a Risk-Based Day Three: Delivering the
Internal Auditing Internal Audit plan for your Risk-Based Internal Audit Report
organisation
Understanding risk based internal Reporting and internal control
auditing Developing a risk-based audit plan Delivering a risk-based internal
Risk management within the How to guide terms of audit report
business reference, documentation, testing, Considering the format of a risk-
Corporate Governance and evidence based audit report
Exercise: Creating a corporate risk Case study in creating a risk-based Is your organisation ready for
register for an organisation internal audit plan risk-based internal auditing?
Consider evidence and
challenges for internal audit
related to evidence
19 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
15CPE
DEVELOPING THE ANNUAL AUDIT PLAN

Best practice, tools and techniques to position Internal Audit as a value-added business partner
COURSE FOCUS DATES

28-29 July, London
8-9 December, Amsterdam
In this highly intensive, interactive two-day seminar we will review best
practices in internal audit planning. Developing a business-focussed, DIRECTOR
objective-based audit plan will concentrate on key issues and maximise James Paterson
audit resources. Over 20 years experience
across a range of finance and
audit roles and a former Chief
Throughout the course best practice will be shared alongside useful tools
Internal Auditor at AstraZeneca.
and techniques to help ensure the IA plan is focused on the right areas. This
course will enable you to focus on adding real value to the organisation by
creating a concrete annual audit plan which is totally business-focused.
Learn who should be consulted and whether you are consulting too widely
Discover best practice ways of linking IA plan to key risk areas, while delivering
core assurance areas
Discuss how to factor in value and value-add into the planning process
Identify ways to use the planning process to deepen the relationship between
audit and senior stakeholders
Uncover best practices around longer term planning horizons, the annual plan
and ad hoc audit work
AGENDA AT A GLANCE
Day One: Outlining the purpose of Day Two: Overcoming potential

planning and its added value tension and challenges
How to use value add principles in How to address differences
the planning process between Senior management and
the Audit Committee
Who should be engaged and what
are best practice questions that Recognising the opportunity
should be asked? presented by planning to
understand the needs and
How to balance multiple sources
concerns of key stakeholders
of information that could inform
a plan How much of the plan should be
presented as fixed versus flexible?
Killer questions to ensure you dont
get weak audits on the plan Developing a tailored plan of
action to suit your organisation
MISTI@MISTI.COM
@mistieurope 20
TW 24CPE
15CPE
CONTINUOUS AUDITING -
MAKING THE CHANGE
A how to guide on implementing continuous auditing in your organisation
COURSE FOCUS DATES

This intensive two-day training will show how you and your organisation can DIRECTOR
benefit from the more frequent and timely assurance given by Continuous Andy Robertson
Auditing. This interactive seminar will take participants with any IT 35 years experience in Auditing
background through the conceptual frameworks and the various areas that and Risk Management, covering
need to be assessed when implementing the techniques. Manufacturing, Retail, Financial
Services, and the Not-for-Profit
sectors.
Develop a Continuous Auditing programme and process

Secure management buy-in and integrate Continuous Auditing into
your organisations culture
Understand the impact on group internal audit functions
Examine existing examples of Continuous Auditing strategy and
best practice
Review and asses the available IT software options
AGENDA AT A GLANCE
Day One: Understanding the theory Day Two: Implementing Continuous

Auditing into practice
Understanding the history and
concept of Continuous Auditing Two case studies a scenario desk
Analysing recent developments in top study and a project
governance and risk management Working through the audit cycle
Continuous Auditing vs. planning, changes and delivery
Continuous Monitoring a Reviewing the most popular
clarification of confusion causing software offerings
terms
A practical demonstration of the
Reviewing existing examples of use of IT software
best practices
Workshop sessions followed by
Overcoming technical issues course conclusions
and challenges
21 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
SUCCESSFUL DATA ANALYTICS

Getting the most out of your CAATS program including ACL, IDEA, SQL, and SAS
COURSE FOCUS DATES

In this intensive three-day training you will learn everything you need to DIRECTOR
know about effectively integrating data analytics or CAATs (Computer Jim Tarantino
Assisted Audit Techniques) into your audit processes. Discover how Jim has over 15 years of
technology can be used to more efficiently and effectively achieve your information technology,
desired audit results while brainstorming analytics across most major analytics, audit and GRC
experience with a recognized
business cycles. expertise in developing
solutions to enable data-driven
auditing, risk assessment and
WHY ATTEND THIS COURSE investigations.
Effectively integrate data analytics and CAATs into your audit processes
Plan for data access
Use technology to achieve desired audit results more efficiently and effectively
Progress from basic analysis into a fully automated mode
Design effective strategies and programmes to ensure sustainable results
AGENDA AT A GLANCE
Day One: The business case for Day Two: Common analyses in Day Three: Moving towards
audit analytics major business processes Continuous Auditing
Integrating data analytics across Discovering advanced analytic Overcoming common
the audit process design techniques implementation hurdles
Outlining the pros and cons of Verifying standard data Organising your audit team while
common data analysis tools developing and maintaining skills
Leveraging external data sources
Understanding the analytic Reporting and interpreting results
development cycle Developing appropriate standards
Implementing dashboarding and
Planning for data access Making analytics repetitive
visual analytics
Exploring data access options Discovering spacial relationships
and file types and mapping
MISTI@MISTI.COM
@mistieurope 22
TW 24CPE
VALUE FOR MONEY &

PERFORMANCE AUDITING
How auditors can add value by assessing value for money
COURSE FOCUS DATES

TBC, May, Cape Town
The three Es Economy, Efficiency and Effectiveness are cornerstones DIRECTOR
of assessing Value for Money. Through Performance Auditing there is a Jane Needham
unique opportunity for auditors to conduct work that is relevant, important Specialising in corporate
and adds value to their organisations. The course aims to equip candidates governance, risk
to understand a range of techniques for assessing economy, efficiency and management and business
process improvement.
effectiveness of their business areas and functions.
This course will ensure that you leave with knowledge not only of theory,
but also how to put the theory into practice. Participants will receive sample
documents, diagrams and checklists to support them in applying this new
learning into their day jobs.
Understand the purpose of Value for Money (VFM), performance reviews

and the applicability to your business
Make use of best practice developed in the public sector to drive real
benefit for your organisation
Know how to plan, deliver and report on VFM / performance audits
Learn how to apply VFM auditing techniques to the three Es
Deliver reports that maximise impact, drive improvement and add real
value to your business
AGENDA AT A GLANCE
Day One: The Background Day Two: Audit Planning Day Three: Audit Delivery
and Basics and Delivery and Reporting
Setting the VFM scene VFM Techniques The three Es Case Studies
Context and Definitions Defining the audit questions Audit Completion
The three Es of VFM Planning the VFM Audit VFM Audit Reporting
Developing a VFM Audit Overview of the VFM Process Exercise: Demonstrating the
Programme Value Added
23 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
FINANCIAL ANALYSIS
Understanding accounting statements and their relation to financial audits
COURSE FOCUS DATES

This three-day course enables internal auditors to read financial accounting DIRECTOR
information effectively in order to assess business and control risk within a Peter Herbert
business. This is an opportunity for internal auditors gain an insight in the Specialist in the fields of
accounting process, learn what drives financial statements and understand financial reporting and auditing,
how to analyse them. with experience at KPMG and
FTC (now Kaplan Finance).
Use financial statements to understand and assess business performance and

identify risk
Calculate and interpret key financial ratios
Understand what is meant by creative accounting, how it is carried out and its
implication for businesses
Identify early warning signs within a business using financial statements
Analyse cash flow forecasts and business plans to assess future strategies and
plans and associated risks
AGENDA AT A GLANCE
Day One: Rules, Regulations and Day Two: Financial Analysis Day Three: Cash Flow, Budgets and
Financial Statements and Risk Forecasts
Outlining rules and regulation Uncovering key items in accounts Understanding the statement of
for risk analysis cash flows
Analysing accounting statements
and understanding terminology Commencing elementary financial Exercise: Calculating and analysing
analysis operating cash flow and related
Discovering how accounting
ratios
statements fit together the dual Conducting ratio and
effect trend analysis Analysing budgets, forecasts and
business plans
Applying the dual effect Analysing the notes to the financial
statements Camouflaging the numbers
Exercise: Identifying accounting
how its done and how to spot it
entries for different transactions Exercise: Considering the
to produce a simple income significance of notes from Pulling it all together final
statement and balance sheet a business and control risk case study
perspective
MISTI@MISTI.COM
@mistieurope 24
TW 24CPE
INTERNAL AUDIT QUALITY ASSURANCE

Assessing the value added by IA and implementing an improvement
programme for your audit team
COURSE FOCUS DATES

27-29 June, London
The IIA Professional Practices Framework requires that to state that their
departments activities are in conformance with IIA standards, auditors DIRECTOR
should develop and maintain a Quality Assurance and Improvement Lin Bartlett
Programme. Senior Internal Audit
The course will cover the requirements of the IIAs QA&IP and practical ways
to satisfy these requirements in a cost effective and value-added manner. spanning over 30 years.
The sessions will encourage discussion and debate, and be interspersed with
relevant exercises and case studies.
Appreciate the benefits of implementing a cost effective and value

adding QA & IP
Learn to conduct an internal quality assessment as benchmark and as
preparation for an External Quality Assessment (EQA)
Gain the expertise and confidence to commission an EQA and manage the
outcome successfully
Building stakeholder and audit committee involvement
Develop a road map to conformance for your organisation
AGENDA AT A GLANCE
Day One: Introducing the standards Day Two: The external assessment Day Three: Creating a cost-
and principles of Quality Assurance process and reporting results effective quality assurance and
improvement process
The quality assurance and Surveys and questionnaires: Issues
improvement programme and analysing the results The requirement for periodic
Exploring the external quality Understanding the compliance internal assessments
assessment options requirements Learning from the outcomes
Determining the optimal focus Management response and of other external and internal
and scope and obtaining senior developing an action plan assessments
management buy-in Building ongoing improvement
Determining audit committee
Securing the right team involvement Reviewing a sample quality
assurance and improvement
programme

International Professional
Practices Framework (IPPF)
25 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
15CPE
CONSULTANCY SKILLS FOR AUDITORS

Becoming an agent of change while discovering proven communication techniques
for building and maintaining strong client relationships
COURSE FOCUS DATES

30 June - 1 July August, London
There are core skills that are applicable to both an auditor and a consultant
such as being good communicators and having good interpersonal skills. DIRECTOR
Internal Auditors are often expected to provide consultancy services. This Lin Bartlett
provides opportunities for Internal Audit to add value, but can also provide Senior Internal Audit
considerable challenges for staff in terms of skills and competencies. Professional and former
This two-day seminar covers the important skills required to become an spanning over 30 years.
effective consultant within your organisation. A focus on live exercises will
enable you to practice and gain confidence using these skills.
Understand how to fulfil consultant responsibilities in line with IIA guidance

while retaining independence and objectivity
Assess your own skill set and consulting capabilities in order to identify where
you might specialise
Discover how to add greater value to your organisation and use core skills in
Governance, Risk and Compliance (GRC)
Learn and practice consultancy tools and techniques to help plan and execute
your work and better present ideas
Refresh and update your communication and interpersonal skills
AGENDA AT A GLANCE
Day One: The Role of Internal Day Two: Executing a

Audit as Consultant Consultancy Project: Tools &
Techniques and Communication &
Marketing the service and building
credibility and trust Interpersonal Skills
Understand client aims and set out The key phases of a consultancy
objectives and terms of reference engagement or project
for the assignment Using project planning tools to aid
Evaluating fraud awareness and the 3 Es
identification of red flags Persuasion and writing skills and
Implementing continuous auditing effectively communicating your
results
Identifying business improvement
opportunities Developing and managing the
client relationship
Recognising and managing the
politics
MISTI@MISTI.COM
@mistieurope 26
MANAGING AND LEADING THE INTERNAL AUDIT DEPARTMENT
TW 24CPE
39CPE
CHIEF INTERNAL AUDITORS SYMPOSIUM

Advanced benchmarking and networking for Audit Directors and Senior Managers
COURSE FOCUS DATES

7-11 March 2016, Cape Town
2-6 May 2016, Hong Kong
In this highly interactive fiveday seminar you will be introduced to leading 1-5 August 2016, London
edge practice across a range of Internal Audit activities. Through numerous 2024 November, Dubai
case studies and practical exercises you will explore the challenges and
opportunities facing the internal audit profession today whilst networking with DIRECTOR
your peers and developing a roadmap for improvement within your business. Jenny Rayner
A former chief internal auditor
and audit committee chair with
20 years experience of internal
WHY ATTEND THIS COURSE audit and risk management as
part of a wide-ranging 35-year
business career.
Find solutions to the challenges and exploit the opportunities facing internal audit
Become an inspiring leader not just a manager
Develop an internal audit vision to meet changing stakeholder expectations,
business and regulatory needs
Learn how to manage those crucial internal and external relationships on which
your future success depends
Market your internal audit department and communicate how you add value
AGENDA AT A GLANCE
Day One: Internal Audit in evolution - Day Two: Managing audits role, Day Three: Managing key
Exploring the challenges remit and skill base - Achieving relationships - Making them work
the right balance through your for you, not against you
The changing role and status of
internal audit future vision
Engaging with the board and audit
What makes an effective Head of Developing a compelling strategic committee
Internal Audit? vision Working with external audit:
The drivers for change Benchmarking against current good resolving issues
practice: where do you stand? Getting it right with management:
Lessons from recent business
disasters Building audit team capability: co- achieving buy in
sourcing, recruitment and retention Leveraging the contribution of other
assurance providers: assurance
mapping and integrated assurance
Day Four: Managing risk - Day Five: Improving audit
Optimising audits contribution effectiveness, productivity and
communication
Internal audits role in enterprise Networking Opportunities:
risk management: establishing the Demonstrating added value:
boundaries Internal Audit Key Performance London Networking Dinner at the
Defining and communicating risk Indicators (KPIs) exclusive Institute of Directors (IoD)
appetite Benchmarking against best Dubai An evening on a Dhow cruise
Embedding risk management and practice: Over 200 strategies for
Dhow cruise and networking dinner?
developing KRIs maximizing value
Developing a marketing strategy South Africa A networking dinner
for internal audit on the Waterfront
27 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
30CPE
AUDIT LEADERSHIP SCHOOL

Become a truly effective audit leader
COURSE FOCUS DATES

9-12 May, London
8-11 August, Amsterdam
The MISTI Audit Leadership School focuses exclusively on the needs of audit 30 Nov - 2 Dec, Dubai
executives. This means we have eliminated everything but the topics critical
to helping you improve and sustain your performance as a leader and that of DIRECTOR
the audit department. This interactive four-day training course is designed James Paterson
exclusively for audit leaders and comprises case studies, team exercises and Over 20 years experience
across a range of finance
peer brainstorming. Attendees will be able to discuss strategies, concerns, and audit roles and a former
technical trends, and other important issues. Chief Internal Auditor at
AstraZeneca.
Discover how changing times demand changing roles of todays audit leaders
Gain insights into your leadership style and determine whether it is helping
or hurting your efforts
Ensure that your department is able to add real value and address key
issues effectively
Learn negotiation, communication and influencing techniques that will enhance
your impact and working with senior management and within your audit team
Examine the role of the audit leader in proactively making and taking
difficult decisions
AGENDA AT A GLANCE
Day One: Leading a world-class audit department Day Two: Core competencies of internal
audit leadership
The evolving role and status of the audit department
The theory of effective GRC, ERM, etc. but is Examining the different roles of audit leaders
it realistic? Considering your leadership style
What are the best organisations doing to manage risk Paying Attention to the formal and the
and ensure compliance? informal dimensions
The Chief Audit Executive role, position and managing Considering the Audit Committee and the
stakeholder relationships Executive Team
Day Three: Removing obstacles to high performance Day Four: Final best practice review
Improving Outputs from the Audit Function to enhance Understanding lean audit techniques to supplement
IA Credibility and Impact your learning
Exploring key performance indicators that really work Leveraging the work of other assurance providers
How lean auditing techniques can help maximise the Implementing IA Metrics and Milestones to
value add and effectiveness of IA ensure future support
Preparing for an External Quality Review (EQA) / QAR Creating a practical and realistic final action plan
MISTI@MISTI.COM
@mistieurope 28
TW 24CPE
AUDITING GOVERNANCE,
STRATEGY AND RISK MANAGEMENT
A practical guide to auditing critical boardroom processes to comply with the latest IIA standards
COURSE FOCUS DATES

4 -6 April, London
17-19 October, London
Strategy, governance, risk management and other boardroom processes have 31 Oct - 2 November, Cape Town
historically been no go areas for internal audit. Today, this is no longer the
case and objective, independent assurance on governance is now seen as DIRECTOR
crucial. The latest IIA Standards are explicit in making these areas integral to Jenny Rayner
the scope of Internal Audit. A former chief internal auditor
audit and risk management as
WHY ATTEND THIS COURSE part of a wide-ranging 35-year
business career.
Learn how to provide assurance on risks and controls to
strategic objectives
Establish which governance areas to audit and how to do it
Develop the business case for internal audit involvement
Become a catalyst for improvement without compromising
your independence
Take away practical checklists and sample audit programmes
AGENDA AT A GLANCE
Day One: Risk Assurance Day Two: Internal Audits Day Three: Understanding Risk
role in strategy Management
Learn how to provide assurance
on risks and controls to strategic Auditing governance processes: Assessing risk management
objectives delegations, reporting and maturity
Establish which governance areas disclosure
Auditing risk management
to audit and how to do it IT and project governance: some processes and key risks
Develop the business case for considerations
Assurance mapping and integrated
internal audit involvement Performance management and the assurance
Become a catalyst for improvement links to strategy
Gaining buy-in from the board
without compromising your Auditing strategy: possible and audit/risk committee
independence approaches
Managing risks to internal audit
Take away practical checklists and Internal audits potential role
sample audit programmes at each stage of the strategy
development and execution
process
Internal audits focus: the 3Ps
29 WWW.MISTI.COM
+44 (0)20 3819 0800
RISK MANAGEMENT, GOVERNANCE AND COMPLIANCE NEW TW 24CPE
15CPE
AUDITING ETHICS, CULTURE,

CONDUCT AND REPUTATIONAL RISK
The essential guide to auditing these challenging hot topic areas
COURSE FOCUS DATES

7-8 April, London
Recent corporate disasters have highlighted the importance of establishing 3-4 November, Cape Town
and maintaining a strong ethical culture. In the wake of the financial crisis,
banks and other businesses are now focussing specifically on conduct DIRECTOR
and reputational risks. The Boards oversight role increasingly extends to Jenny Rayner
organisational culture and ethics - and internal audit faces the challenge of A former chief internal auditor
providing assurance in these hard to audit areas. 20 years experience of internal
WHY ATTEND THIS COURSE business career.
Understand the core components of corporate culture and an effective ethical

framework
Identify the key sources of conduct and reputational risks for your organisation
Learn how to provide assurance to satisfy your Board
Explore how internal audit can act as a catalyst for improvement
Discover how to present your findings to achieve buy-in and action
AGENDA AT A GLANCE
Day Two: Ethical Frameworks Day Three: Understanding Risk

Defining ethics and organisational Defining conduct and
culture reputational risk
Effective frameworks Exploring key risk sources
Ethical dilemmas Providing assurance on major risks
Supply chain challenges Reporting findings and outcomes:
maturity models
Practical audit options:
combining forces
Jenny delivers courses in

a way which makes it easily
understandable!
SIDF
MISTI@MISTI.COM
@mistieurope 30
RISK MANAGEMENT, GOVERNANCE AND COMPLIANCE
TW 24CPE
ENTERPRISE RISK MANAGEMENT

Implementing, embedding and enhancing Enterprise Risk Management:
A practical guide to optimising the role of Directors, Internal Auditors and Risk Managers
COURSE FOCUS DATES

18-20 April, London
This highly interactive three-day course explores how Directors, 26-28 September, Singapore
Managers,Internal Auditors, Risk Managers and others can act as a catalyst 12-14 December, Paris
for good risk management. Whether you have been charged with establishing
an ERM framework, want to increase the effectiveness of your current risk DIRECTOR
management arrangement or to benchmark them, this course will help you Jenny Rayner
address these challenges. and audit committee chair with
WHY ATTEND THIS COURSE part of a wide-ranging 35-year
business career.
Assess your organisations risk management capability and maturity

Stimulate improvement at each stage of the risk management process
Explore risk appetite and how to determine and communicate it
Raise risk awareness and embed risk management thinking and practice
Gain insights into best practice on managing and reporting risks
AGENDA AT A GLANCE
Day One: Building a Day Two: Promoting and Day Three: Maintaining
solid foundation enhancing enterprise risk momentum and embedding ERM
management
Defining ERM and the core Dealing with new and emerging
components of an ERM framework Identifying business risks risk challenges including cyber and
extended enterprise risks
Establishing and communicating Assessing, prioritising and
risk appetite responding to risks: Winning hearts and minds:
Making the business case for ERM
Roles and responsibilities: the Black swans, risk resilience and
boards critical role reverse stress testing Embedding risk management:
CRSA and KRIs
Clarifying internal audits and Monitoring and delivering
risk managements respective assurance Adapting your approach as risk
responsibilities management evolves
Reporting risk internally and to
Assessing risk maturity and external stakeholders (disclosure Getting started: Targeting quick
developing your ERM strategy statement examples) wins
Hints and hazards
Well versed with tons of knowledge

and experience. Someone you always
want to have on speed-dial!
DBSA
31 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
15CPE
MANAGING STRATEGIC
AND REPUTATIONAL RISK
The essential guide for Directors, Internal Auditors and Risk Managers
COURSE FOCUS DATES

21-22 April, London
This intensive and interactive two-day seminar provides a practical approach 29-30 September, Singapore
to identifying, assessing, managing, monitoring and reporting strategic 15-16 December, Paris
and reputational risks. Using case studies and practical examples, attendees
will learn how to manage the strategic and reputational risks facing their DIRECTOR
organisation. Jenny Rayner
WHY ATTEND THIS COURSE audit and risk management as
business career.
Learning from crises caused by unmanaged strategic and reputational risks
Identifying and mitigating risks in the development, communication,
implementation, monitoring and reporting of strategy
Integrating strategic and reputational risks into the ERM framework
Examining the impact of leadership style and organisational culture
Exploring the influence of social media
AGENDA AT A GLANCE
Day One: Managing Strategic Risk Day Two: Managing Reputational Risk
Demystifying strategic risk Unravelling reputational risk
Developing and executing strategy Stakeholder mapping and identifying reputational
hotspots
Environmental scanning options and selecting strategic
direction Exploring strategies for managing risks to reputation
Communicating and implementing strategy and Monitoring and providing assurance: KRIs and the
monitoring execution reputation risk barometer
Assessing, responding to and providing assurance on Communicating to stakeholders: reputation risk
strategic risks reporting
External reporting of strategic risks (sample Towards a sustainable reputation
disclosure statements)
Excellent Communication skills. Good

time management, well conversant with the
topic and very good trainer
Kenya Power
MISTI@MISTI.COM
@mistieurope 32
RISK MANAGEMENT, GOVERNANCE AND COMPLIANCE
TW 24CPE
COSO: HOW TO IMPLEMENT THE REVISED

INTERNAL CONTROL FRAMEWORK
Understanding the framework, implementation and applying it across your organisation
COURSE FOCUS DATES

11-13 April, London
3-5 October, London
This course is designed to bring you up to date with the 2013 revision of
COSO 2013 and enable you to practice evaluating COSOs 17 principles. DIRECTOR
Jim Roth
In this course you will learn whats new in COSO 2013 from a recognised One of the worlds leading
COSO expert. It will give you a clear understanding of the Framework and experts on internal audit
best practices, implementing
how to apply it within your organisation as a whole and for compliance with
COSO and evaluating
financial reporting regulations. soft controls, Jim wrote
all the IIAs initial COSO
implementation materials.
Develop a clear understanding of the framework; what is essential and where

there have been changes
Improve your knowledge of scoping compliance with SOX and financial
reporting regulations
Practice applying the new framework to a case study company
Assess your own organisation and put learnings into practice with
case study examples
Examine how to apply the new framework to your organisation
AGENDA AT A GLANCE
Day One: Understanding the Day Two: Risk assessments Day Three: Evaluation and
revised framework and controls communication skills
Whats new, whats changed Applying SOX and similar Communicating the principles and
and what has stayed the same: financial reporting regulations changes across your organisation
summary of the framework
Risk Assessment: analysis of risk Evaluation Techniques: For audit
Discussing the 17 principles and assessment principles projects and entity-wide
related points of focus
Identifying risk assessment Reporting Cultural Issues
Applying the framework in strengths and deficiencies: Case
practice Study Summary of key points and game
plan for applying the framework
Probing the principles of Control Activity: Analysis and to your organisation
control environment discussion of principles and
focus points
Very well organised, easy to

follow and understand
WIPO
33 WWW.MISTI.COM
+44 (0)20 3819 0800
FUNCTIONAL AND PROCESS AUDITING
TW 24CPE
AUDITING HUMAN RESOURCES

Providing assurance on key HR processes recruitment, salaries & bonuses,
payroll, training, performance appraisal and more
COURSE FOCUS DATES

1-3 May, Dubai
Human Resources continually finds itself in areas of potential risk; DIRECTOR
employment law issues, compensation, benefits, and record keeping, as well Liz Sandwith
as fraud issues. Internal Auditors need to be aware of emerging issues, key Internal Audit and Risk
business risks and control best practice. Management expert with
over 25 years of experience
in social care, central and
The course is built around a case study for an organisation with a HR
local government, housing
function that has a number of challenges. In this course you will learn to associations, regional
provide assurance on the key HR processes- recruitment, salaries & bonuses, development agencies and a
payroll, training, performance appraisals and more! UK broadcaster Channel 5.
E
nsure that your HR Function complies with legislation, procedures
and policies
Discover techniques to identify, mitigate and manage risks associated with HR
Assist HR in supporting corporate governance frameworks with regard
to key sub-committees of the board
Overcome the various challenges facing organisations and their people
such as downsizing and rapid growth
Learn how to spot fictitious employees on the payroll or past employees
still being paid
AGENDA AT A GLANCE
Day One: Introducing HR and its Day Two: Preparing your HR Audit Day Three: Undertaking your
specific legislation HR Audit
Exploring an internal and external
Defining Human Resources risk factors for HR Focus on payroll audit- terms of
Analysing possible fraud risks reference, fieldwork, testing and
Reviewing theoretical, historical
in HR emerging findings
and legislative influences upon HR
Preparing risk assessments and Reporting for an HR Audit
Exploring the lifecycle of an
employee your audit strategy Global challenges for HR Audit
Examining the key Corporate Considering best practice and the Understanding and discussing
Governance influences significance of benchmarking the challenges facing the internal
Defining the scope for an audit, audit team while undertaking the
Discussing the role of HR in
including payrolls, recruitment, HR audit
integrity and ethical value
performance appraisal and training Implementation of course
and development learnings back in your office
MISTI@MISTI.COM
@mistieurope 34
TW 24CPE
AUDITING AND PREVENTING

FRAUD IN PROCUREMENT
Equipping Internal Auditors to review all aspects of the procurement process and its governance
COURSE FOCUS DATES

TBC April, Cape Town
TBC September, Dubai
Purchasing is the second largest spend for the majority of organisations, and
with purchasing processes and methods becoming increasingly complex, and DIRECTOR
sometimes risky it is vital that audit focuses on this vital area. This highly Jane Needham
practical course will give auditors working in all types of organisation the Specialising in corporate
necessary understanding of procurement while providing robust assurance governance, risk
management and business
on these processes. process improvement.
Deepen your knowledge of purchasing strategy, objectives and management

Understand best practice and expected controls
Approach auditing procurement from a risk-based perspective
Examine developments in purchasing processes and technology and
the risks these embody
Develop skills in auditing performance (Value for Money) of
procurement processes
AGENDA AT A GLANCE
Day One: Introducing the Day Two: Using the COSO Internal Day Three: Putting course
purchasing function and the Control model as a basis for learnings into practice
role of Internal Audit considering the different aspects
Conducting a financial audit of
of assurance purchasing
Understanding the objectives of
purchasing Providing assurance over the Testing compliance with internal
Outlining the role and scope purchasing process control processes
of internal audit in relation to Assessing the control environment Conducting audit exercises on
purchasing activity standard purchase areas and
Auditing the identification,
Discovering different audit assessment and management of controls
approaches purchasing risks Assessing the extent to which
Applying the risk-based audit Identifying standard controls, purchasing is achieving economy,
approach to the purchasing process policies and procedures for the efficiency, effectiveness, ethics,
components of purchasing equity and ecology
Adding value by expanding the
purchasing audit coverage into Auditing monitoring and oversight Providing consultancy for the
value for money considerations mechanisms to support robust purchasing process
purchasing controls
35 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
AUDITING THE SUPPLY CHAIN,

SUPPLIERS AND OUTSOURCED FUNCTIONS
Gaining all the tools and techniques you need to audit all forms of third
parties throughout your organisation
COURSE FOCUS DATES

TBC March, London
TBC September, London
This practical training course is a how-to guide taking you step by step
through the best practice of auditing all aspects of third parties and supply DIRECTOR
chains for your organisation. An intensive 3-days of training, you will cover Sarah Blackburn
all the skills you need for auditing throughout the supply chain, start-ups, An experienced Audit
contracts and service level agreements. Committee Chairman and Non-
Executive Director with over 25
years of practical internal audit
experience.
Understand the supply chain and the relationships with your suppliers
Build best-practice processes for planning your supply chain audit from
start to finish
Manage all forms of supply chain risk political, legal, environment,
financial and reputational
Tackle minor, growing, global and more complex supply chains
Audit anywhere in the supply chain cycle set up, due diligence, the
tendering process and service level agreements
AGENDA AT A GLANCE
Day One: Auditing the Supply Day Two: Auditing the Supply Day Three: Auditing Start-ups,
Chain Part One Chain Part Two Contracts and Service Level
Agreements
Reviewing the big picture Implementing data collection,
overview of a supply chain, third controls evaluation and testing The start-up phase of a supply
parties and outsourcing chain project initiation, process
Reporting for improvement:
Discovering the varieties and types gaining management buy-in to design, invitations to tender,
of supply chain configurations you findings and commitment to evaluation process and contract
will encounter action negotiations
Understanding the core concepts Understanding complexities in the The implementation phase of
of the nature, objectives Supply Chain and relationships a supply chain project getting
and benefits of supply chain with suppliers things working, ensuring adequate
management monitoring and management
Discovering how supply chains information
Including Supply Chain audits in grow and become more complex
the Internal Audit strategy and Working with regulators and
annual plans Practicing successful processes managing the media
for crisis, contingency and
Planning the audit assignment: disaster recovery planning in Auditing the hard issues in supply
as assurance and as a project to the supply chain chain management
be managed Consolidating different learnings
and providing assurance on
effectiveness
MISTI@MISTI.COM
@mistieurope 36
TW 24CPE
AUDITING MAJOR PROJECTS

AND CHANGE PROGRAMMES
Adding value through the Internal Audit and Risk Management
of Project Management, Review and Change Programmes
COURSE FOCUS DATES

6-9 June, Amsterdam
For auditors major projects and change programmes present some special
challenges; many high profile project disasters turn out to have had risk DIRECTOR
management and governance procedures in place that typify accepted David Hancock
practice. This course looks at why those controls sometimes fail, including Dr David Hancock leads the
in depth coverage of the human behaviour that is so often the cause of our Government Construction
Team for the Cabinet Office
difficulties. It goes on to examine the early clues that should alert auditors to and the Major Projects
problems ahead and gives suggestions on how to test objectively things that Authority. Prior to that he
often seem to be matters of conflicting opinion. was Head of Risk for Transport
for London with responsibility
for the risk and project
services across their 15
WHY ATTEND THIS COURSE billion capital portfolio).
Ensure the audit function compliments project management and risk

management
Identify, mitigate and control project risks effectively
Sell the benefits of proactive risk based audit of key projects
Use techniques to make sure projects meet their agreed objectives, including
earned value analysis (EVA)
Learn lessons from major projects such as Heathrow Terminal 5, Wembley
Stadium, Copenhagen Metro and transportation for the Olympics
AGENDA AT A GLANCE
Day One: The Three Lines of Day Two: Moving on to more Day Three: Learning lessons
Defence model advanced techniques from the successes and failures
of other projects
Understanding the fundamentals Introducing Tame, Messy and
of risk management Wicked problems Communicating the level of
What do we mean by risk and Investigating the limitations project risk and mitigation to
uncertainty and how do we of quantative techniques: stakeholders
measure it? Net Present Value, Sensitivity Overcoming the challenges of
Analysis and Monte Carlo controls development
Explaining the difference between
simulation for Major Projects
opportunity (as the counter to Analysing the risk behind supply
risk) and value and how they are Understanding behavioural and chains and procurement
important for audit cognitive biases
Outlining an audit vision of
Reviewing the key reasons for Utilising ratio and trend analysis the future
failure in Major Projects
Undertaking scenario planning Reviewing the course learnings
Outlining the difference between
projects, programmes and
portfolios
37 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
30CPE
BUSINESS PROCESS AUDITING

Gain new tools and techniques for operational risk analysis
COURSE FOCUS DATES

25-28 April, London
ORCA - Outcome Risk Centric Auditing - is a new approach created and
implemented by the course trainers and developed into a training course DIRECTOR
exclusively for MISTI. Attend this course to learn tools and techniques to Greg Duckert
make your engagements effective, productive and really add value. Internationally recognised
expert in ERM and specialises
in risk assessment models,
This course will show you how to identify, assess risk and rank critical
operational analysis and audit
business processes to dramatically shorten the audit time commitment. You process methodologies
will also be introduced to a highly effective reporting format that minimises
time spent, whilst maximises impact with Board and Senior Management.
Discover ORCA - a business audit approach set to revolutionise the

auditing landscape
Understand the basics of business structure analysis
Learn to apply process auditing to the key operational areas of
your organisation
Effectively identify, assess risk and rank critical business processes
Develop an integrated approach for operational auditing and IT Auditing
AGENDA AT A GLANCE
Day One: Introducing a new way of business Day Two: Tools and techniques for Risk Analysis
process auditing - ORCA
Identifying key risks to achievement of business
Understanding the basics of business structure analysis objectives
Identifying emerging risks- ERM, internal and Applying traditional tools and techniques to process-
external risks based auditing
Assessing critical processes for your organisation by Analysing processes and examples and identifying key
performing a core structure analysis using COSO ERM outcomes, risks and control risks
principles
Day Three: Applying Process Auditing to Day Four: A Comprehensive Process Audit Case Study
operational areas
Developing an entire risk assessment and process
Brainstorming key risk indicators to identify business analysis in line with course learnings
risks Consider the exposure that business risks bought to
Determining audit objectives and real process owners your organisation and the root causes of each risk
Asking critical questions to process owners to evaluate Complete a visual based audit report of the audit event
effectiveness of risk oversight
MISTI@MISTI.COM
@mistieurope 38
TW 24CPE
39CPE
AUDITING EMERGING CYBER THREATS

Tackling the full-range of threats arising from the Internet domain
COURSE FOCUS DATES

1-5 August, London
Discover how cyber and online reputational risks can harm your organisation
at this intensive and highly interactive five day course. Learn to assess cyber DIRECTOR
security controls and practical techniques for auditing online vulnerabilities. Mark Johnson
An expert on data analytics for
This course provides the opportunity to learn more about how the internet high-tech crime intelligence
and emerging cybercrime.
is changing risk, through hands-on investigative and online audit tasks.
The course culminates in a full practical online audit exercise, ensuring that
delegates take away the key skills to add value to their organisation
Learn to recognise the key categories of cyber attack

Gain skills to investigate and detect modern cybercrimes
Understand the risk and controls framework
Discover key strategies to mitigate social media risks in your organisation
Develop the expertise to assess the cyber-security posture
AGENDA AT A GLANCE
Day One: Emerging Risks Day Two: Understanding Day Three: Understanding
Cybercrime (Part 1) Cybercrime (Part 2)
Web 2.0 & Social Media risks
The impact of emerging risks on The cybercrime landscape From DDoS to Stuxnet
the audit process cybercrime techniques
Threat actors & their motives
explained (Part 2)
Online searching (Part 1) From hacking to malware
Online searching (Part 2)
cybercrime techniques
explained (Part 1) Social media searches
and anonymity
Day Four: Assessments Day Five: Controls and Audit

Vulnerability, Threat and Cyber security controls and
Risk assessments audit check points
Business impact assessments (BIA) Online reputational risks
audit methodology
Understanding your
online footprint Final online audit exercise
39 WWW.MISTI.COM
+44 (0)20 3819 0800
FUNCTIONAL AND PROCESS AUDITING NEW TW 24CPE
AUDITING THE MANUFACTURING PROCESS

Explore audit areas of the manufacturing process and focus on critical business factors
COURSE FOCUS DATES

In this intensive three-day seminar, attendees will explore the critical audit DIRECTOR
areas of the core manufacturing processes, targeting such risk-intensive Greg Duckert
activities as materials control, labour-hour capture, bills of material, routing, Internationally recognised
inventory valuation and variance analysis. You will learn how to identify key expert in ERM and specialises
manufacturing data to help you objectively perform a risk assessment of all in risk assessment models,
operational analysis and audit
phases of the shop floor. process methodologies
You will discover how to identify the key aspects of every audit engagement
by focusing on the most critical business factors, which in turn will maximize
audit value in all areas of the conversion cycle. The modular seminar
materials you receive and the know-how you gain in this high-impact
seminar will prepare you to conduct value-added shop floor audits.
Learn to identify key manufacturing data to objectively perform a risk

assessment of all phases of the shop floor
Maximise Audit Returns using proven tools and methodologies
Discuss Case Studies and gain the know-how to conduct shop floor audits
Consider regulatory issues that could be significant
Identify key manufacturing data to perform a risk assessment of all
shop-floor phases
AGENDA AT A GLANCE
Day One: Potential Audit Day Two: Auditing Key Aspects of Day Three: Regulatory Issues
Review Areas the Manufacturing Process and Auditing R&D
Key areas that yield maximum Auditing Labour and Overhead Auditing Fixed Assets/Equipment
benefit to the company and the Application and Technological Change
audit department
Auditing Inventory Valuation/ Auditing Regulatory Issues of
Maximizing Audit Returns: Proven Control and Product Costing Significance
Tools and Methodologies
Auditing Order Fulfilment, Auditing R&D
Auditing Production Planning and Shipping, and Warehousing
Control
Auditing Materials Management
and Control
MISTI@MISTI.COM
@mistieurope 40
FINANCIAL INSTITUTION INTERNAL AUDITING
TW 24CPE
30CPE
INTRODUCTION TO BANK
Providing the key skills for internal auditors to commence
assignments within financial service institutions
COURSE FOCUS DATES

23-May, London
6-9 November, Dubai
This course is designed to provide internal auditors with the key skills that
they need to commence internal audit assignments within financial service DIRECTOR
institutions. John Porter
Chartered accountant,
The course considers the internal audit approaches that would be appropriate bankerand financial services
consultant specialising in
and assists delegates in designing suitable internal audit programmes for such
internal audit with more than
assignments. 20 years practical experience.
Gain a general appreciation of the banking industry

Understand the different audit approaches that are suitable
Consider the different approaches that could be used within retail,
corporate and private banking
Prepare an audit planning memorandum
Discuss the fraud and money laundering deterrence responsibilities
AGENDA AT A GLANCE
Day One: How to Audit a Bank Day Two: Bank, Private and Investment Banking
Fraud and money laundering deterrence Credit scoring
Introduction to Basel Accord Develop an audit programme for personal lending
Deposits and Deposit Taking Reporting corporate lending
Day Three: Financial Instruments Day Four: Financial Instruments

Reviewing branch records Foreign Exchange and Forward Contracts
Key risks in personal banking Futures and the Futures Market
Develop an audit programme for investment banking Options and the Options Market
41 WWW.MISTI.COM
+44 (0)20 3819 0800
FINANCIAL INSTITUTION INTERNAL AUDITING NEW TW 24CPE
39CPE
BANK RISK MANAGEMENT AUDIT SCHOOL

Understanding banking, the associated risks and how to control them
COURSE FOCUS DATES

6-10 June, London
The financial services industry represents a challenge to internal auditors.
Banks have created risk functions with ever increasing responsibilities DIRECTOR
Jonathan Ledwidge
This course looks at the risk function and considers the approach that internal International investment
auditors should adopt when auditing this function. banking audit and risk
specialist. Jonathan has
worked for a number of
major institutions including
WHY ATTEND THIS COURSE Manufacturers Hanover Trust,
Continental Bank, CIBC and
ABN AMRO.
Appreciate the key issues relating to control within the risk function and
understand its role with the business
Develop an audit programme for the audit of the governance of risk
management
Understand techniques and key approaches to this developing subject
Learn key approaches and lessons to be applied within your own organisation
Develop audit programmes for the audit of internal loss data, control and risk
assessment and key risk indicators
AGENDA AT A GLANCE
Day One: Auditing Enterprise Day Two: Auditing Operational Risk Day Three: Auditing Credit Risk and
Risk Management and the Credit Models
What is Operational Risk?
Risk Department
Operational risk, money Credit Risk
Enterprise Risk Management laundering deterrence and Credit Modelling
Corporate Governance financial fraud
Credit Risk Management
Stress testing and scenario The Building Blocks of Operational
Risk Developing an audit programme
modelling for credit modelling: case study
Key Risk Management Tools Reporting and monitoring of
operational risk
Day Four: Auditing Liquidity Risk, Day Five: Auditing Market Risk,
the IIA and Contingency Funding the ICAAP and the Recovery and
Resolution Plan
Liquidity Risk
The ILAA Market Risk
Contingency Funding Market Risk Models
Basel 3 and Liquidity Risk Market Risk Management Issues

Develop audit programmes for
market risk models
MISTI@MISTI.COM
@mistieurope 42
30CPE
AUDITING THE TREASURY AND ALCO

Consider techniques for managing risk while effectively managing funds
COURSE FOCUS DATES

8-11 August, London
This intensive training course is designed to offer treasury auditors, DIRECTOR
whether in corporations or financial institutions, a thorough coverage of the Jonathan Ledwidge
techniques available of the modern treasury management and its audit. The International investment
complexity of cash management in modern financial markets has placed banking audit and risk
much more emphasis on the treasury function. specialist. Jonathan has
worked for a number of
major institutions including
This not only involves keeping control over increasingly complex interest rate Manufacturers Hanover Trust,
and currency exposures, but also keeping abreast of the latest techniques for Continental Bank, CIBC and
managing those risks whilst effectively managing the funds of the institution. ABN AMRO.
Understand the role and structure of treasury in the corporation/bank

Learn the audit approach for sophisticated instruments
Consider auditing the measurement of interest rate and currency exposure
Discuss the audit and analysing different kinds of risk
Understanding and auditing different risk management instruments
AGENDA AT A GLANCE
Day One: Auditing the Treasury Department Day Two: Auditing the Dealing Room and Back Office
Types of risk within a treasury area Develop an audit programme to address controls in a
dealing room environment
What should be in the audit planning memorandum for
the treasury audit? Auditing the Middle and Back Office
Auditing Asset and Liability Management Auditing Foreign Exchange and Foreign Exchange
Risk Management
Day Three: Auditing Interest Rate Risk Management Day Four: Rules, Regulations and Stress
and the Money Market
Auditing the use of Swaps and Associated Products
The risk and controls in modelling interest rate risk Sensitivity analysis, stress testing and scenario
Auditing the use of Money Market and Other Asset modelling
Classes What can go wrong in practice
Auditing the use of Derivatives and Forwar Transactions
43 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
30CPE
AUDITING RISK MANAGEMENT

AND BASEL II AND III
Understanding the key banking risks, the management and governance
requirements under Basel III and how they might be audited
COURSE FOCUS DATES

TBC August, London
TBC December, London
This four-day course presents a clear exposition of the critical risk areas in
banks and focuses on the risk management and governance requirements DIRECTOR
under Basel rules, the latest modifications and how they may be audited. David Bobker
Head of Risk at the Asian
Institute of Finance in Kuala
Lumpur and ex Group Head
WHY ATTEND THIS COURSE of Internal Audit for two
FTSE100 financial institutions
Discover how the 2008/09 financial crisis continues to impact your auditing role Alliance and Leicester and
Norwich Union.
Understand the roles of key risk management functions and how they relate to
internal audit
Learn the fundamentals of credit, market and operational risk models
Combine key elements of a Basel regulatory and risk management audit
programme
Adopt a more strategic, boards eye view audit approach
AGENDA AT A GLANCE
Day One: Understanding Basel II and III Day Two: Considering Risk Management
Introducing the context of the financial crisis Discovering the fundamentals of quantitative analysis
Reviewing the Basel II and Basel III changes Analysing credit risk and credit risk management
Understanding the main banking risks and their Investigating operational risk management (I)
management
Auditing liquidity risk management
Exploring the basics of finance
Understanding structural interest rate risk
Investigating a case study of Barclays Bank
Day Three: Market and Trading Risk Day Four: Capital Risk Management
Discovering the fundamentals of market risk Commencing a capital assessment process
Analysing different types of market OTC, pit, Understanding Basel II principles for capital assessment
electronic
Discovering the principles of corporate governance
Trading and hedging
Outlining the role of internal audit
Understanding the difference between pricing models
and risk management models Discussing the roles of risk management and
internal audit
Auditing market risk management
MISTI@MISTI.COM
@mistieurope 44
TW 24CPE
30CPE
ASSET MANAGEMENT
Learn and understand the risks and management techniques
that are used within asset management
COURSE FOCUS DATES

This course looks systemically at the application of control to risks within DIRECTOR
asset management and considers the approach that internal auditors should John Porter
adopt when conducting assignments in this area. Chartered accountant,
bankerand financial services
This practical training programme will enable delegates to learn and consultant specialising in
internal audit with more than
understand the risks and management techniques that are used within asset
20 years practical experience.
management and how to audit them.
Understand the key issues related to risk, control and the internal audit
of asset management
Discuss risks within the asset management industry and the nature of
the controls that are applied in practice
Develop practical internal audit approached to the management of
the business
Design a series of internal audit programmes to meet the demands of
this complex audit area
Learn how to audit outsourced and third party service providers
AGENDA AT A GLANCE
Day One: The Asset Management Control Environment Day Two: Equity and Fixed Income Investments
Introduction to asset allocation, portfolio selection and Risks associated with international equity markets
performance evaluation
Risks of acquiring, managing and disposing of fixed
Risk appetite and its calculation income securities
The risk control environment and key audit focus areas Develop an audit programme for audit of fixed income
investment
Day Three: The Money Market and Day Four: Asset Allocation and Portfolio Management
Alternative Investment
Asset allocation strategies and risk management
Money Market Funds and role in asset management Service level agreements and third party contracts
The use of derivatives in asset management Key risk areas and common deficiencies/audit findings
Develop an audit programme for the audit of alternative in the world of asset management
investments
45 WWW.MISTI.COM
+44 (0)20 3819 0800
TW 24CPE
FINANCIAL AUDITING USING IFRS

Conducting an effective and efficient audit of IFRS-compliant financial statements
COURSE FOCUS DATES

This foundation level three-day course will provide participants with a DIRECTOR
detailed insight into the conduct of financial audits. Participants will gain Peter Herbert
crucial skills that will ensure they can conduct an end-to-end financial audit Specialist in the fields of
of a set of IFRS financial statements to a competent standard with financial reporting and auditing,
minimum fuss. with experience at KPMG and
FTC (now Kaplan Finance).
Conduct financial test efficiently, effectively and in accordance with

International Standards on Auditing (ISAs)
Carry out effective risk assessments when planning financial audits
Document audit fieldwork clearly, concisely and as required by auditing
standards
Understand the important attributes of financial accounting and internal
control systems and how they might be assessed and used when performing
a financial audit
Perform appropriate completion procedures when carrying out financial audits
and communicate effectively with those charged with governance
AGENDA AT A GLANCE
Day One: Understanding IFRS Day Two: Auditing IFRS Accounting Day Three: Auditing and
Internal Control
Recapping IFRS financial Auditing the IFRS balance sheets
statements assets Auditing the IFRS income
Understanding the principles of Auditing the IFRS balance sheets statement
financial auditing liabilities Understanding transaction cycles
Planning an audit of IFRS accounts Auditing IFRS accounting and internal controls
the risk-based approach estimates (ISA 540) Analysing internal control the
Outlining other considerations for Auditing IFRS accounts related link to fraud
planning the audit party transactions (ISA 550) Gaining reporting best practice
Exercise: Calculating materiality Exercise: Considering accounting Exercise: Analysing audit errors
and performance materiality estimates, identifying appropriate and assessing their potential
thresholds accounting treatment and impact
suggesting relevant audit
procedures
MISTI@MISTI.COM
@mistieurope 46
BANK CREDIT INTERNAL AUDIT SCHOOL

Understand the key issues related to auditing the credit function
COURSE FOCUS DATES

Credit Departments within banks have become increasingly complex driven DIRECTOR
by the demands of regulation and the business. Since the internal audit Dennis Cox
function needs to address all areas of a financial institution, including the Experienced Financial Internal
credit department, this provides auditors with additional challenges. Auditor and former Director of
Risk Management at HSBC &
Prudential Portfolio Managers.
This course looks at the credit function and considers the approach that
internal auditors should adopt when conducting an audit. This course will
enable attendees to appreciate the key issues relating to control within the
credit function.
Understand the key issues relating to control within the credit function and
its role in the business
Develop practical approaches and planning materials to auditing credit risk
that can be directly applied within your institution
Appreciate best practice techniques for the management of credit risk
Ensure you understand the main techniques currently employed and key
approaches to this developing subject
Develop a comprehensive audit programme for the credit risk
management function
AGENDA AT A GLANCE
Day One: Lending and Credit Day Two: Regulatory Requirements Day Three: Analytical Review and
Analysis and Audit Techniques Model Risk
Understanding the risks of Develop an audit plan to address Key challenges for credit risk
lending decisions personal credit and the Board
Difference in approach between Latest tools and techniques to How should the credit function
personal and corporate lending measure, manage and monitor consider complex transactions?
credit risk
Planning the audit of corporate Auditing credit risk calculations
credit Auditing credit risk sensitivity and
stress testing Develop an audit approach
Develop an audit plan to address for risk modelling and
corporate credit The implications of the Basel complex transactions
Accord for credit audit
47 WWW.MISTI.COM
+44 (0)20 3819 0800
MISTI@MISTI.COM
@mistieurope 48
02 F R A U D
How can your organisation uncover serious fraud
and corruption? And what should you do at the
time of discovery? How can auditors respond to the
risk of fraud and how can you build prevention and
detection measures into your audit plan?
50
FRAUD
TW 24CPE
30CPE
FRAUD AUDIT SCHOOL

A Comprehensive Audit Guide to responding to the risk of fraud
COURSE FOCUS DATES

25-28 January, London
This course is designed to provide you with a thorough understanding of DIRECTOR
types of fraud taking place and demonstrate a clear audit methodology for Len Vona
uncovering fraud. Senior Financial Investigator
with over 30 years auditing
You will develop your skills through practical exercises, group discussions and & forensics experience, who
has conducted over 100
case studies to prepare you for fieldwork. These intensive four days will teach
financial investigations for
you to implement ideas and methodologies to respond to the risk of fraud. some of the largest high profile
corporations in the USA.
Prepare for a business process fraud risk assessment for audit programs
Learn to incorporate fraud risk assessments into the audit programme
Evaluate your organisations anti-fraud controls
Ensure that interviewing for fraud is a part of your audit process
Develop an effective fraud awareness program
AGENDA AT A GLANCE
Day One: Understanding how fraud occurs Day Two: Incorporating Fraud Risk Assessment and
Fraud Testing into your audit programme
Identifying what constitutes fraud in your organisation
Comparing approaches: internal audit, fraud audit and Techniques to assess the risk of fraud
forensic investigation How to build the fraud data profile: the step approach
Preparing a Business Process Fraud Risk Assessment for for data mining
Audit Programs Testing and evaluating the design of your anti-fraud
Establishing a score for mitigation of fraud risk by controls
internal controls Interviewing for Fraud in the Audit Process
Day Three: Internal Controls and Professional Standards Day Four: Fraud Investigations and Interviewing
Fraud control: prevention, detection, deterrence, Types of Interview and the correct approach
prosecution and approval
Appropriate collection and analysis of documentation
Developing fraud awareness programs
Initial steps to securing the admission
Misappropriation of Assets
Understanding the legal considerations
Financial Statement Fraud
51 WWW.MISTI.COM
+44 (0)20 3819 0800
FRAUD
TW 24CPE
FRAUD TESTING: INTEGRATING FRAUD

DETECTION INTO YOUR AUDIT PROGRAMME
Asset Misappropriate: Locating and Recognising Fraud Scenarios
COURSE FOCUS DATES

9-11 May, London
In this three-day course you will learn to integrate fraud detection into your
audit programme and identify key red flags of fraud scenarios. You will learn DIRECTOR
to implement and develop audit procedures to increase the likelihood of Len Vona
discovering fraud. Senior Financial Investigator
with over 30 years auditing
& forensics experience, who
Case studies and class exercises will illustrate how to integrate fraud detection
and reinforce fraud detection methodologies. financial investigations for
some of the largest high profile
corporations in the USA.
Learn to prepare a fraud risk assessment and integrate fraud audit procedures
into your audit programme
Become an expert in uncovering fraud in contracts, payroll, travel, and core
business systems
Identify steps that can be taken to prevent money laundering
Develop best practice plan to respond to whistle-blowers
Provide assurances to your board of directors that controls are in
place to prevent fraud
AGENDA AT A GLANCE
Day One: Understanding Fraud and Day Two: Fraud Testing in different Day Three: Equipment, Asset Fraud
Fraud Risk Assessments business units and Money Laundering
Understanding what constitutes Fraud Testing in disbursement, Identify specific audit areas
fraud and how it can be concealed procurement and payroll and procedures
How to assess fraud likelihood and Travel fraud audit procedures Understand how fraud occurs
exposure analysis at asset purchase and retirement
Corruption in the contract
Linking the audit programme to function Identify steps to be taken
the risk assessment against money laundering
Considering the audit implications
Building and integrating Fraud of the false claims act Fraud controls in Core
Audit Procedures Business Systems
MISTI@MISTI.COM
@mistieurope 52
FRAUD
TW 24CPE
15CPE
FRAUD DATA MINING

How to Accurately and Strategically Locate Fraudulent Activity
COURSE FOCUS DATES

12-13 May, London
The best audit program in the world will not detect fraud unless the auditor DIRECTOR
selects the appropriate transaction for examination. Data mining is the Len Vona
critical tool in locating and recognising fraudulent activity in todays core Senior Financial Investigator
business systems. with over 30 years auditing
This course will teach attendees to build data mining plans to uncover fraud
and develop solutions for perplexing real life data mining issues. This course some of the largest high profile
will enable you to build search routines to uncover fraud. corporations in the USA.
Learn techniques that have located fraud that was hidden in

company databases
Focus on proven methodologies that will provide a framework to
build your fraud data mining
Combine fraud risk assessments and data analytics to respond to the
risk of fraud
Locate data red flags within your organisation
Build data interrogation search routines into your fraud risk
assessment to uncover fraud
AGENDA AT A GLANCE
Day One: Data Mining: Introduction, Day Two: Data Mining for Fraud in
Plan, Strategies and Data Analytics Various Business Functions
Common Data Mining Mistakes Data Mining for Corruption
hidden bribe payments, suspicious
How to Build a Data Mining Plan
payments and locating conflict of
Use of technology to create reports interests
and work papers
Data Mining Company Credit
Data Mining for Shell Companies Cards and Payroll Fraud
Finding Ghost or Front Customer
Schemes
Data Mining within the Financial
Statements
53 WWW.MISTI.COM
+44 (0)20 3819 0800
FRAUD
TW 24CPE
15CPE
CONDUCTING AN INTERNAL
FRAUD INVESTIGATION
A Comprehensive Guide for Internal Auditors
COURSE FOCUS DATES

This two-day course will provide the tools necessary to conduct an internal DIRECTOR
investigation and create a report to support future legal action. You will learn Len Vona
how to perform a fraud investigation; through planning the investigation, Senior Financial Investigator
examining documents, interviewing witnesses and preparing for trial. with over 30 years auditing
Each section of this seminar will include a case study and reviewing sample
reports. Participants will respond to a whistle-blower case, prepare an some of the largest high profile
investigation plan and conduct practice interviews. corporations in the USA.
Understand the fraud risk structure of your organisation

Learn to perform the critical elements of a fraud investigation
Discuss how to respond to a whistle-blower allegation
Examine documentation, finding red flags of document alteration and
connecting evidence to fraud schemes
Discover how to write the investigation report, while avoiding the
pitfalls of legal language
AGENDA AT A GLANCE
Day One: Planning and Conducting Day Two: Interviewing, Document

Fraud Investigations Collection and Writing the Report
Fraud Risk: Primer for the Fraud Investigating and Prosecuting
Investigators Corruption and Embezzlement
Responding to Whistle-blower How to conduct fraud interviews
allegations
Writing the Investigation Report:
How to evaluate allegations of Guidelines
fraud
Preparing your report for
The investigation plan for the Courtroom
financial crimes
MISTI@MISTI.COM
@mistieurope 54
FRAUD
TW 24CPE
INTERNAL AUDITORS
ROLE IN PREVENTING FRAUD
Understanding the key techniques to preventing and uncovering fraud in your organisation
COURSE FOCUS DATES

21-23 March, London
13-15 November, Dubai
Introducing Michael Dalton; a fraudster who created one of the most
complex webs of fraud and money-laundering, with ownership of over 70 DIRECTOR
different bank accounts worldwide. Would you have been able to catch him if Allan McDonagh
he was a member of your organisation? Managing Director of
Hibis, dedicated to helping
organisations improve their
resistance to fraud, Allan
WHY ATTEND THIS COURSE has 15 years experience as a
member of the Investigations
Understand why fraud occurs and what makes fraudsters tick Branch of HM Customs and
Excise specialising in
Investigate social engineering and other common fraud strategies narcotics and organised
crime investigations.
Develop your own investigation and interviewing skills
Discover the latest strategies in uncovering fraud for auditors
Test your new skills through interactive case studies
AGENDA AT A GLANCE
Day One: Introducing fraud and Day Two Prevention, the Day Three: Fraud profiling and the
thinking like a fraudster Whistleblower and the end of the investigation
investigation commences
Introducing fraud and how fraud Conducting research and gathering
occurs Interviewing the whistleblower the evidence
Investigating how fraudsters use Is he telling the truth about Fraud risks for the auditor
social engineering Michael Dalton? Workshop
Analysing male and female Outlining the investigation skills The Interview of Michael Dalton
fraudsters available to the auditor
Interviewing and analysing body
How to think like a fraudster: Managing the investigation language
Workshop Reviewing the strategies for Course debrief and overview of
Introducing Michael Dalton preventing fraud lessons learned
The Senior Executive who is Analysing the role of policies
also a fraudster in preventing fraud
Very well prepared. Significant

Knowledge. Valuable Experience
SIGAR
55 WWW.MISTI.COM
+44 (0)20 3819 0800
FRAUD
TW 24CPE
FORENSIC AUDITING
A dynamic approach and methodology to find those elusive
frauds that others miss... and follow them through
COURSE FOCUS DATES

11-13 April, London
18-20 July, Amsterdam
Unethical business behaviour directly or indirectly accounts for major losses 24-26 October, London
between 2% and 5% turnover, and severely damages the reputation and
morale of companies. However, despite being one of largest unmanaged risks DIRECTOR
in companies today, many managers still receive virtually no formal training Nigel Iyer
in how to identify red flags, deal with them, and most importantly, how to An innovative fraud detection and
investigation practitioner and expert
become more resistant to all forms of fraud. in the integrity health check approach.
Richard Minogue
WHY ATTEND THIS COURSE A financial management, internal
audit and investigation expert with
over 35 years experience.
Use fraud auditing as a tool for fraud prevention
Allan McDonagh
Go beyond traditional internal control assessment to really pinpoint Managing Director of Hibis,
where fraud occurs dedicated to helping organisations
Find elusive frauds that others miss improve their resistance to fraud
Secure, analyse and present t he evidence Veronica Morino

An anti-fraud and corruption
Make your organisation resistant to all forms of unethical business
investigator and expert in
organisational effectiveness
AGENDA AT A GLANCE
Day One: Fraud and Corruption Day Two: The Fraud and Day Three: Fraud Identification
within your organisation Corruption Health Check and Investigation
Investigating who, what, where, Finding frauds before they find Identifying where fraud takes place
when and why? YOU the heart of forensic by learning to think like a thief
auditing
Evaluating different strategies for Developing a risk ranked fraud
dealing with anonymous reports Dealing with the red flags and corruption profile
and whistleblowers
Managing a complex investigation Uncovering specialist (forensic)
Making the decision to investigate (Investigation strategy part II) investigation techniques
(Investigation strategy part I)
Forensic accounting and the Discovering investigation strategy
Undertaking desktop research relationship to fraud detection part III
the first step in addressing red flags
Visualising the results of the Outlining and practising proven
Playing Poirot case exercise investigation interview techniques

A Short Guide to Fraud Risk
MISTI@MISTI.COM
@mistieurope 56
FRAUD
TW 24CPE
39CPE
THE MIS FRAUD AND CORRUPTION

SUMMER SCHOOL PART 1
The Flagship MIS Fraud Course - Investigating serious fraud and corruption...
how to cope at the time of discovery and how to learn from the experience
COURSE FOCUS DATES

25-29 July, London
7-11 November, Cape Town
Gain an introduction to fraud and corruption, how and why it takes place and
the tools, techniques and legal framework which form part of an investigation. DIRECTOR
This course will cover how to manage a major investigation into fraud and Allan McDonagh
corruption including new interview techniques through role-play exercises. Managing Director of Hibis, dedicated
to helping organisations improve
their resistance to fraud, Allan has 15
years experience as a member of the
WHY ATTEND THIS COURSE Investigations Branch of HM Customs
and Excise specialising in narcotics
Gain the practical tools needed to identify, investigate and remediate fraud & and organised crime investigations.
corruption from the workplace Nigel Iyer
Receive practical advice on how to pursue the perpetrators identified An innovative fraud detection and
as a result of your investigation investigation practitioner and expert
in the integrity health check approach
Focus on the importance of careful planning and research with over 20 years experience.
Adapt your thinking to that of a top-class fraud investigator
Veronica Morino
Understand how to develop a fraud strategy to prevent fraud from occurring An anti-fraud and corruption
and to recognise the red flags of fraud and corruption in your company investigator and expert in
AGENDA AT A GLANCE
Day One: Action following discovery Day Two: Your Fraud Profile
The fraud whisperer and social The investigation - phase 2
engineering
Dealing with regulatory bodies, the
Resourcing the investigation press, investors and police
Gathering the evidence Taking the practical approach
Managing the investigation - The right to audit
phase 1
The interview
57 WWW.MISTI.COM
+44 (0)20 3819 0800
FRAUD
TW 24CPE
39CPE
THE MIS FRAUD AND CORRUPTION

SUMMER SCHOOL PART 2
COURSE FOCUS DATES

25-29 July, London
7-11 November, Cape Town
Using Case Studies, realistic film scenarios, fraud detection exercises and
group brainstorming this course will ensure attendees pinpoint where fraud DIRECTOR
and corruption occurs and be highly tuned to spotting red flags. Allan McDonagh
Managing Director of Hibis, dedicated
to helping organisations improve
their resistance to fraud, Allan has 15
WHY ATTEND THIS COURSE years experience as a member of the
Investigations Branch of HM Customs
Recognise where fraud and corruption strikes at the heart of your organisation and Excise specialising in narcotics
and organised crime investigations.
Implement countermeasures such as anti-fruad and corruption programmes
Learn practical tools and techniques for identifying the earky warning Nigel Iyer
An innovative fraud detection and
signs (or red flags) of fraud and corruption
investigation practitioner and expert
Develop and roll out an effective fraud and corruption Health Check in the integrity health check approach
program in your organisation with over 20 years experience.
Increase management engagement, the effectiveness of anti-fraud and Veronica Morino
corruption training and delivering value back into your business An anti-fraud and corruption
investigator and expert in
AGENDA AT A GLANCE
Day One: Action Following Day Two: Your Fraud Profile Day Three: Anti-fraud and
Discovery Corruption Initiatives
Developing YOUR fraud and
What to do after the corruption profile Ensuring integrity: Helping
wheels fall off? Using you fraud and corruption management walk the talk
Weve just had a big fraud what profile Developing and delivering an
do we do now? Detecting red flags effective ethics and compliance
program, with anti-fraud and
Analysing the most obvious types Case exercise: Find the Frauds! corruption as a cornerstone
of fraud and corruption
Developing your own fraud and Case study: A tale of FOUR
Assessing impact on profits,
corruption health check companies
reputation, culture etc...
Measuring the effectiveness of
How does your fraud and
your anti-fraud and corruption
corruption profile link in with the
initiatives
overall risk assessment?
Dealing with management
expectations
MISTI@MISTI.COM
@mistieurope 58
I T
03 A U D I T
How can your organisation better audit
information technologies and business systems?
Can you protect your information assets?
Would your organisation benefit from tools and
techniques to audit databases, networks and
virtualised environments?
60
IT AUDIT
TW 24CPE
39CPE
IT AUDIT SCHOOL
The essential skills you need to perform an IT audit and become an integrated auditor
COURSE FOCUS DATES

25-29 April, London
11-15 July, Amsterdam
This five-day course is designed for financial, operational and business 22-26 August, London
auditors who need to update their technical and operational knowledge to 3-7 October, Cape Town
audit information technologies and automated business systems. 13-17 November, Dubai
DIRECTOR
Charles Pask
WHY ATTEND THIS COURSE Leading IT Auditor and Security
professional with over 25
Identify the business risks in automated environments and how to mitigate them years experience and former
Information Security Manager
Develop knowledge of infrastructure essentials including hardware and at Alliance & Leicester plc.
operating systems
Explore security, operational, management, application and systems software
controls
Learn about databases, distributed systems, networks, the internet and
e-commerce
Discover auditing standards including Sarbanes-Oxley and PCAOB
AGENDA AT A GLANCE
Day One: Fundamentals of Day Two: Auditing Systems Day Three: Auditing Applications
IT Auditing
Databases Internet and e-commerce
Outlining the fundamentals of IT Distributed systems General controls
Auditing
Networks Business systems applications
Reviewing auditing standards
Discovering infrastructure
essentials
Day Four: Auditing more Day Five: Planning the Audit

complex applications
Data input and processing models
Defining a transaction Application controls
General flow of an audit Beginning the audit
application
Components of a business
application
He is a perfect instructor and

he always makes every single
lesson interesting
Qatar Petroleum
61 WWW.MISTI.COM
+44 (0)20 3819 0800
IT AUDIT
TW 24CPE
30CPE
RISK BASED IT AUDITING

Using control best practices to ensure the confidentiality,
integrity and availability of your information assets
COURSE FOCUS DATES

13-16 March, Dubai
In this practical four-day seminar you will immerse yourself in a risk-based
approach to IT auditing that will ensure the confidentiality, integrity, and DIRECTOR
availability of your information assets throughout the enterprise. Charles Pask
Leading IT Auditor and Security
professional with over 25
years experience and former
WHY ATTEND THIS COURSE Information Security Manager
at Alliance & Leicester plc.
Plan your IT Audit using risk-based approach, COBIT and COSO control
framework
Determine risk in critical areas of your IT environment, including
operating systems, database management systems, business continuity
and application controls
Develop a pro-active audit approach to provide a value-added service to your
organisation
Audit outsourced IT operations
Implement audit system development projects
AGENDA AT A GLANCE
Day One: Planning the IT Audit Day Two: Guidelines and Day Three: Network and
Governance Application Controls
Planning the IT Audit
Conducting risk assessment Defining IT governance Physical and
environmental controls
Complying with international Reviewing IIA and ISACA
regulations governance audit guidelines Network perimeter security
Using COBIT System software Application controls
Applying the ISO-27002 security Logical access controls Exploring relationship between
standard general controls and application
Change management
controls
Application system audit strategy
Day Four: Executing an IT Audit
Disaster recovery and business
continuity
Auditing outsourced IT operations
Auditing system development
projects
Executing IT audits
Course overview and round-up
MISTI@MISTI.COM
@mistieurope 62
IT AUDIT
TW 24CPE
30CPE
ADVANCED IT AUDIT SCHOOL

A comprehensive deep-dive of IT Audit and Information Security Assessments
COURSE FOCUS DATES

TBC August, London
In this information-packed four-day seminar, you will cover key building DIRECTOR
blocks of IT audit and security, including identity & access management, Marty Green
access control models, web-based e-commerce application threats and Martin Green is a senior
vulnerabilities, as well as standards associated with privacy issues and instructor for MIS Training
intellectual property concerns. Institute. As a member of
theMISTI faculty for more than
20 years, his areas of expertise
You will also cover auditing database management systems within the include computer technology,
context of robust but practical enterprise architecture and governance networking, and security.
models. You will also go over safeguard concepts and best practices for
secure mobile and wireless applications.
Understand standards associated with privacy issues and

intellectual property
Discover best practice for auditing web servers and application servers
Learn how mobile applications differ from internal server based
application in terms of security and audit
Develop goals for your organisation in safeguarding applications
Gain tools to test and web and application server security
AGENDA AT A GLANCE
Day One: Identity and Access Controls Day Two: Auditing Web Servers and Applications
Making the business case for information security Web application security strategies
Access control models and architectures Goals for information security safeguards in applications
Relevant laws, directives and regulations Tools, techniques and checklists or testing Web
servers security
Day Three: Auditing Application Servers and Day Four: Databases, Web Services and Mobile
Software Development Applications
Common security vulnerabilities and attacks on Web Data access controls, authorization and audit
application software
Web services audit and security tools
Defining key sources of application server security
Checklist for securing mobile and wireless application
Tools and techniques for auditing and securing best practices
application servers
63 WWW.MISTI.COM
+44 (0)20 3819 0800
IT AUDIT
TW 24CPE
COBIT 5: GOVERNANCE OF IT
Implementing and Integrating COBIT 5.0 in your Enterprise
COURSE FOCUS DATES

In this 3-day seminar you will review the new COBIT 5.0 Framework and DIRECTOR
focus on how you can implement this globally-recognised framework to Mark Edmead
improve effectiveness and efficiency in the internal control system. Managing Director at
MTE Advisors and Senior
Case studies, group discussions and exercises will be used to emphasise the Instructor for MIS Training
Institute. Mr Edmead has
key learning points. The course is practical, rather than highly theoretical!
over 30 years experience
You will explore using COBIT 5.0 to plan and execute the implementation of of computer systems
an efficient Governance for IT programme. architecture, information
security and project
management.
Understand the differences between COBIT 4.1 and COBIT 5.0 and how to
transition your organisation to the new framework
Discuss how IT management issues affect enterprises
Enable your organisation to use COBIT 5.0 as an integrated framework for IT
Risk Management and Information Security
Assess how COBIT 5 can be used to guide the creation of the
five basic principles
Learn to implement effective and efficient governance and management
of enterprise IT to achieve stakeholder objectives
AGENDA AT A GLANCE
Day One: Key Features of COBIT 5.0 Day Two: COBIT 4.1 to COBIT 5.0 Day Three: The COBIT 5.0 Principles
Drivers for the COBIT 5.0 Enabler focus and areas of change Meeting stakeholder needs
new framework
Control objectives to management Covering the enterprise
The evolution of COBIT 5.0 processes end-to-end
Understanding the business From COBIT 4.1 Management Applying a Single Integrated
benefits Guidelines to COBIT 5.0: Enabling Framework Approach
Processes Guidelines
The COBIT 5.0 format Separating Governance from
COBIT 5.0 and Legacy ISACA Management
Frameworks
MISTI@MISTI.COM
@mistieurope 64
IT AUDIT
TW 24CPE
30CPE
AUDIT AND SECURITY OF NETWORKS,

OPERATING SYSTEMS AND DATABASES
A hands-on workshop for auditors to extend their knowledge of new techniques
COURSE FOCUS DATES

10-13 May, Amsterdam
In this workshop, you will learn, the principles of auditing communication
networks, how to audit operating systems and system software, how to audit DIRECTOR
database and client/server systems. The more technical areas of IT audit such Steve Rimell
as networks and databases have always been a problem area for auditors. An enviable reputation as the
most respected authority in the
UK with over 20 years practical
Using hands-on practical exercises based on the most common technology
experience in information
in use today, we will discuss where the main risks are, how to plan the audit systems auditing.
approach and how to ask the right questions when the audit takes place.
Learn the principles of networking and data communications

Discover practical methods for exploring and auditing networks
Gain an understanding of computer operating systems, and the most
important areas of audit interest
Explore database systems and find out how to use their built-in features to
assist your audit
Learn how client/server systems operate, where the controls are, and how
to audit them
AGENDA AT A GLANCE
Day One: Networks Day Two: Operating Systems

Network risks and countermeasures Why audit the operating system?
Principles of encryption Tools for the auditor operating systems utilities and
vulnerability scanners
Voice over IP (VoIP) networks and how to audit them
Change management and how to audit it
Day Three: Database Systems Day Four: Client/server computing

Risks of database development Audit issues in client/server developments
What controls to look for in a database audit Components and reusable software
Extracting audit data from database systems Building and evaluating a client/server application
65 WWW.MISTI.COM
+44 (0)20 3819 0800
IT AUDIT
TW 24CPE
30CPE
AUDITING AND SECURING

VIRTUALIZED ENVIRONMENTS
Practical and cost-effective techniques for auditing and securing
VMware and Hyper-V environments
COURSE FOCUS DATES

14-17 March, London
You will learn how to evaluate the security of virtualized data centers and DIRECTOR
how to ensure that suitable business continuity processes are transferred from Steve Rimell
the physical to the virtual environment. You will see how to extract security An enviable reputation as the
and control information from the virtualized environment to support your most respected authority in the
audit findings. UK with over 20 years practical
systems auditing.
You will also receive an audit program for use in planning and conducting
your own virtualization reviews. The course will concentrate mainly on
VMware, but the essential features of Microsofts Hyper-V will also be
covered.
Measure the business benefits of server virtualisation

Overcome the challenges in moving physical systems into virtual data centres
Understand the specific networking requirements of virtual data centres
Analyse the specific security and control features of VMware ESX, VSphere
and Hyper-V
Extract audit data from the virtualised environment to support your
audit recommendations
AGENDA AT A GLANCE
Day One: Virtualisation Basics Day Two: ESX and VSphere (I)
Discussing the advantages and disadvantages of Outlining different versions of VMware ESX
virtualisation
Managing ESX Security
Specific security issues of virtualisation hypervisor
attacks and other risks Business continuity and disaster recovery options for
virtualised systems
Integrating virtualisation and disaster recovery
Day Three: VSphere (II) and Hyper-V Day Four: Developing an audit program for
VSphere and Hyper-V
Components of VSphere
Securing Hyper-V systems and networks: best practices Defining and assessing the audit risks
Analysing VSphere security considerations Scanning servers for security vulnerabilities

Reviewing Microsoft Hyper-V security
MISTI@MISTI.COM
@mistieurope 66
IT AUDIT
TW 24CPE
AUDITING AND CONTROLLING

ORACLE DATABASES
Using the security and integrity features in Oracle to perform control and security assessments
COURSE FOCUS DATES

4-6 April, London
In this intensive three-day seminar you will learn Oracles database
facilities and terminology along with the commands you need to know DIRECTOR
to provide security and controls over Oracle software and to query Steve Rimell
Oracle-controlled data. An enviable reputation as the
WHY ATTEND THIS COURSE systems auditing.
Learn Oracles database facilities and terminology along with the commands you
need to know to provide security and controls over Oracle software and to query
Oracle-controlled data
Uncover the risks Oracle introduces and the exposures it reduces - learn about
not only the basic Oracle security mechanism but also about more advanced
security controls - triggers, encryption methods, security policies (functions),
database firewalls and detection mechanisms
Explore Oracle Inc.s approach to the client/server and Web processing
environments and discover the impact Oracle has on your enterprises
organisation, security profiles, and information systems standards
Learn about the extensive list special components and tools available to
supplement standard controls and to help to assess vulnerabilities
AGENDA AT A GLANCE
Day One: Understanding Oracle Day Two: Demonstrating the Day Three: High risk scenarios
Audit of Oracle
Oracle environments High-risk commands and utilities
Understanding the terminology Security features Organisational impact
Oracle objects The audit feature Audit and security approaches
The security mechanism Demonstrating the audit Writing SQL scripts
User identification and Integrity features Summary and discussion
high-risk users Triggers and constraints
67 WWW.MISTI.COM
+44 (0)20 3819 0800
IT AUDIT
TW 24CPE
15CPE
AUDIT SECURITY OF
ORACLE E-BUSINESS SUITE
Identifying the high-risk areas in Oracle applications and how to overcome them
COURSE FOCUS DATES

7-8 April, London
In this fast-paced, two-day seminar you will get a guided tour of the Oracle
applications Families: Oracle Financials and Oracle Public Sector Financials, DIRECTOR
Oracle Manufacturing, Oracle Distribution, Oracle Human Resource Steve Rimell
Management Systems, and Oracle Projects. An enviable reputation as the
WHY ATTEND THIS COURSE systems auditing.
Discover how these products interface and examine their shared

control points
Identify the high-risk areas in these systems, as well as, in any application
developed with Oracles Application Object Library
Gain an understanding of Applications terminology and facilities, identify the
components of application sign-on security, interpret user responsibilities, and
investigate customised menus
Assess the access controls provided by responsibility and role definitions
including report security groups, data groups, and flexfields
Explore application audit trail features and learn how to
assess their use
AGENDA AT A GLANCE
Day One: Components to audit Day Two: Security rules

and mechanisms
An Oracle applications primer
Database tools Security mechanisms
Application integration Flexfield security rules
User management The execution environment
Collecting evidence Audit approaches

Putting it all together
MISTI@MISTI.COM
@mistieurope 68
IT AUDIT
TW 24CPE
AUDITING AND SECURING SAP ERP

CENTRAL COMPONENT (ECC) AND SAP R/3
Implementing and Operating SAP ERP Total Solution and R/3 control sets for Internal Audit
COURSE FOCUS DATES

8-10 May, Dubai
This three-day seminar is for financial, operational and technical auditors
who have to audit key modules of the SAPTM ERP ECC solution set and/or DIRECTOR
all the SAP R/3 control sets. You will cover the major risk areas for the latest Steve Biskie
SAP release, which are based on a continuation of effective R/3 control sets, A leader in the audit and
as well as governance, risk, and controls, including S-OX, HIPAA, and compliance space for more
than 20 years, Steve Biskie has
FFIEC guidelines. become most well-known for
his work helping Fortune Global
500 organizations understand
WHY ATTEND THIS COURSE and manage the risks within
complex ERP systems such as
SAP and Oracle.
Investigate the risks inherent in the SAP application
Delve into auditing techniques supported by tools within the standard SAP
application
Examine the security and basis configuration settings necessary to support a
strong control environment
Drill down to core business processes financial close cycle, order-to-cash
cycle and purchase-to-pay cycle
Discover techniques often used to hide poor configuration and how to
uncover them quickly
AGENDA AT A GLANCE
Day One: Key SAP Concepts Day Two: Key security risks Day Three: Rules and GRC
Outlining SAP key concepts Defining ERP roles in the SAP/R/3 Business rule settings for
system maintaining transaction integrity
Discovering SAP audit
fundamentals Defining portal roles in the ERP Change control: Transport
ECC 6.0 environment management systems and content
Finding top audit risks and
management systems
controls for ERP ECC and SAP R/3 Discovering MySAP and GUI
application suites Business warehouse Online
Reviewing basic navigation
Analytical Processing (OLAP)
techniques for auditors Outlining audit and security risks
and controls for business process Governance, risk and control
Finding key users, transactions
reviews (GRC)
and roles
Getting to grips with different Discovering different tools to help
modules including procurement ACL direct, Approva, RiskWatch
to pay: MM, customer integration: and more
CRM and production planning
and management: PP
69 WWW.MISTI.COM
+44 (0)20 3819 0800
IT AUDIT
TW 24CPE
15CPE
ADVANCED TECHNICAL SAP AUDIT

Audit and control techniques for SAP R/3 & SAP ECC Technical Auditors
COURSE FOCUS DATES

11-12 May, Dubai
Take your SAP technical auditing skills to the next level by learning advanced
risks and control opportunities that should be considered in a thorough audit DIRECTOR
of the SAP basis system and security. Steve Biskie
A leader in the audit and
compliance space for more
than 20 years, Steve Biskie has
WHY ATTEND THIS COURSE become most well-known for
his work helping Fortune Global
Practice techniques discussed on a sandbox SAP system, and perform an end- 500 organizations understand
to-end security assessment and manage the risks within
complex ERP systems such as
Review additional security risks posed by the SAP Netweaver components SAP and Oracle.
Explore various table types within SAP, and practice some basic data
interrogation techniques using SAP Query tools
Review the system hardening guidelines provided by SAP
Gain a first-hand look at some largely unpublished risks within SAP
AGENDA AT A GLANCE
Day One: SAP System Settings Day Two: SAP Authentication

and Security
Reviewing the basics
Outlining SAP system settings Overcoming SAP authentication
issues
Discovering advanced SAP basis
security Enhancing Netweaver security
Controlling Non-Dialog user types Gaining techniques for advanced

auditing of SAP customizations
Understanding special
considerations Tackling advanced SAP Change &
Transport Systems (CTS)
Steve Biskie is a great trainer

and I hope to attend many more
courses with him
Saudi Airlines
MISTI@MISTI.COM
@mistieurope 70
IT AUDIT NEW TW 24CPE
15CPE
AUDIT AND SECURITY OF

CLOUD COMPUTING
Consider the risks of cloud computing and ways to mitigate them
COURSE FOCUS DATES

27-28 June, London
Cloud-based services are changing the way businesses look at their IT service DIRECTOR
capabilities. Cloud providers can deliver services to provide scalable, on- Steve Rimell
demand IT services. However, cloud computing is not without risks. An enviable reputation as the
In this two-day seminar, we will look at the development of cloud computing, UK with over 20 years practical
security and control issues and consider Security as a Service. We will
systems auditing.
examine common risks associated with cloud computing and consider
solutions to mitigate them.
Discuss cloud computing risks and issues that can turn an outsourcing
operation into an IT disaster
Consider both the business and IT risks associated with deploying a cloud
computing solution
Learn to identify risks, countermeasures and issues in using cloud-based
services, through class exercises and discussion
Ensure due diligence when choosing a provider for your organisation
Examine legal and governance issues when moving towards cloud computing
AGENDA AT A GLANCE
Day One: Risks of Cloud Computing Day Two: Data Security Concerns
Types of cloud services and Control over data and Data
examples Security in Cloud Computing
Advantages and Disadvantages of Common mistakes and errors in
the cloud data encryption
Different risks of cloud computing Security as a Service what does it
and how to address each one provide and how can we assess it?
Ensuring due diligence when IT Governance and standards
choosing a cloud services provider in cloud computing what
to look for
71 WWW.MISTI.COM
+44 (0)20 3819 0800
MISTI@MISTI.COM
@mistieurope 72
04
I N F O R M A T I O N S E C U R I T Y
Does your organisation have a Risk Analysis to understand threats,

vulnerabilities and countermeasures? Can your organisation build
upon the essential security skills to protect assets and business
reputation? Do you have the tools and techniques to establish and
manage an information security programme that works?
74
SECURITY
TW 24CPE
39CPE
IT SECURITY MANAGERS ACADEMY

A step-by-step guide to establishing and managing an information
security programme that works
COURSE FOCUS DATES

If you have inherited a program that needs to be improved/benchmarked or DIRECTOR
if you are new to information security and need a crash course, this course Charles Pask
will be your step-by-step guide to establishing and managing a workable Leading IT Auditor and Security
information security program professional with over 25
years experience and former
Information Security Manager
at Alliance & Leicester plc.
Explore the various aspects of InfoSec management in a changing ICT

environment
Get your organisation more involved in information security
Understand the various internal and external threats to success
Understand employees privacy issues, and other legal and regulatory aspects
Work with an InfoSec professional who has walked the walk
AGENDA AT A GLANCE
Day One: Defining Day Two: Developing policies Day Three: Risk Analysis
Information Security
Reviewing legislation Conducting information risks
Defining the information security and standards analysis
business case Creating a strong foundation Assessing your own
Defining the information security through policy risk processes
department charter Case study and exercise: Conducting business impact
Organising for success: roles and Developing organisational policies analysis
responsibilities
Day Four: Implementing controls Day Five: The future of

Information Security
Understanding physical, hardware
and media security Defining the BCP management
Implementing environmental process
controls in the distributed Using the business impact analysis
environment
Looking to the future of
Discovering tools that can help information security in the
create awareness oganisation
He is a very excellent instructor and he gave a

great description to explain the topics
Indonesian Financial Service Authority
75 WWW.MISTI.COM
+44 (0)20 3819 0800
SECURITY
TW 24CPE
39CPE
THE CORPORATE AND

CYBER SECURITY MASTERCLASS
Achieving excellence through security
COURSE FOCUS DATES

This course raises the bar for training in corporate security and resilience, DIRECTOR
including information and cyber security. The course will give you essential David Burrill OBE
skills and ideas to implement in your organisation straight away. Awarded an OBE (Office of
theOrder of the British Empire)
Based upon extensive experience our course facilitators will enhance for services to international
security, he is the worlds
learnings through hands-on practical experience, case studies and exercises.
leading
These five-days represent the highest level course of its kind available
anywhere in the world. John Hedley
Leading Corporate Security
professional and for Head of
Group Security at Nestle, where
WHY ATTEND THIS COURSE he designed and developed
Corporate Security.
Gain necessary know-how to develop a world-class corporate security strategy
for your organisation
Add value to the company and demonstrate this success to key stakeholders
Implement staff awareness training to create a pro-active security culture
throughout your workforce
Create and develop your own security brand
Learn to present your ideas logically an convincingly at Board level
AGENDA AT A GLANCE
Day One: Reaping Success from Day Two: Integrating Cyber and Day Three: Organising Globally for
Corporate Security Information Security Crisis Management
Getting the right person for the job Recruiting a CISO Seeing crisis as an opportunity
Preparation and hitting the ground Security Structure impact on Leveraging value from Networking
running Global Risk Management
Public presentation
Designing a roadmap to success CSO or CISO
Day Four: Organisations as Day Five: Professional and

patterns of people Corporate Development
Leaks and legalities Management review
Is the Board on-board? Cutting costs
Takeover template Breaking up is hard to do
MISTI@MISTI.COM
@mistieurope 76
05
C O N F E R E N C E S
How can your organisation more effectively

deal with the issues of today and identify the
potential obstacles facing you tomorrow?
Where can you learn from international
experts on audit, fraud, information security
and cyber risk challenges? How could you
benefit from networking and building trusted
relationships with like-minded peers?
78
UP TO
30
CPE
Conferences, Summits and Roundtables
AUDIT / FRAUD / GOVERNANCE / ANTI-CORRUPTION
Building on MIS Training Institutes longstanding reputation for successful conferences, these events cover all the relevant
updates for audit, compliance, governance, fraud, anti-corruption and investigations professionals while delivering the
insights and guidance from a truly regional-specific as well as international panel of speakers and professionals. All
carefully selected speakers have direct experience from the region where the event is hosted and programmes are guided
by expert Advisory Boards.
MISTI conferences provide attendees with a unique international platform for the private and public sectors to unite and
share best practices on how to achieve strong audit and corporate governance and accountability. Participants build solid
global peer networks and practical strategies to fight against harmful business practices more effectively.
Regular attendees include Political Appointees, Auditor Generals, Board and Committee Members, CEOs and Chief
Risk Officers in addition to senior professionals working in internal audit, investigations, inspection, IT audit, ethics,
compliance, finance and governance.
Audit & Risk World 2016 NEW

Including:
Audit Directors Summit
Corporate Investigations Summit
Bank Audit Roundtable
19 - 22 April 2016, Amsterdam
11th Conference
11th Audit, Risk & Governance Africa Conference
Including:
Africa 6th Fraud, Corruption & Investigations Africa Summit
Pre-Summit Leadership, Accountability & Ethical Investment Tracks
6 Cyber Crime Africa
th
1 - 5 August 2016, La Palm Royal Beach Hotel, Accra, Ghana
4th Fraud, Corruption & Investigations Asia Summit

4 th
Including:
Global Investigations Asia Roundtable
CXO Asia Breakfast
7 - 9 November 2016, Singapore
This is the best conference I have ever attended Great networking and a
- very informative, practical and provides wide learning opportunity
opportunity of application and meetings! Head of Fraud Management,
Senior Manager, KPMG Standard Chartered Bank
79 WWW.MISTI.COM
+44 (0)20 3819 0809
UP TO
28
CPE
Conferences, Summits and Roundtables
CHIEF INFORMATION SECURITY OFFICER / CYBER RISK / INFORMATION RISK MANAGEMENT
Connecting C-Level Minds on Cyber Security: The Investor Issue of Today! MISTIs successful global CISO Summits series
is the ultimate C-level meeting of information security and business minds. Chief Information Security Officers, CTOs,
CIOs and cyber risk directors from across the Worlds leading companies and governments unite annually in Europe,
Africa, Middle East and Asia-Pacific to discuss, find solutions and build trusted contacts with like-minded peers on
information security and cyber risk challenges. What will security look like in 3-5 years? How will we get there? How can
we change the game to protect customers, brands and intellectual property in 2016 and beyond?
You will hear keynotes, breakout workshop sessions and breakfast discussions around critical information security
concerns, led by industry pioneers to provide a truly international share of information to reflect the global risk that
information security presents today.
8th Chief Information Security Officer Middle East Summit & Roundtable
Including:
CXO Middle East Forum - Cyber Risk: A Key Part of Enterprise Risk Management
CISO Think Tank: Protecting the Digital Enterprise
1 - 3 March 2016, Habtoor Grand Hotel, Dubai, The UAE
13th CISO Summit & Roundtable

Including:
CXO Forum - Cyber Risk: A Key Part of Enterprise Risk Management
10 - 13 May 2016, Stockholm, Sweden
CISO Australia 2016 NEW

5 - 7 July 2016, Sydney, Australia
AUSTRALIA
InfoSec World Europe NEW

Including:
5 Dedicated Tracks
CISO Think Tank
Technical Workshops
Cloud & Data Analytics Security Summit
5 - 9 September 2016, Amsterdam
5th CISO Asia Summit & Roundtable

Comprehensive and eye opening Great quality of audience and

event for opportunities to promote networking opportunity
security as a business empowerment! Director, IDA Singapore
Head of Information Security, Abu Dhabi
Securities Exchange, UAE
WWW.MISTI.COM
+44 (0)20 3819 0809 80
CONFERENCES 2016
8th Chief Information Security Officer Middle East Summit & Roundtable
Including:
CXO Middle East Forum - Cyber Risk: A Key Part of Enterprise Risk Management
1 - 3 March 2016, Dubai, The UAE
www.ciso-summit.com/ciso-middle-east
Audit & Risk World 2016 NEW

Including:
Audit Directors Summit
Corporate Investigations Summit
Bank Audit Roundtable
19 - 22 April 2016, Amsterdam
13th CISO Summit & Roundtable

Including:
CXO Forum - Cyber Risk: A Key Part of Enterprise Risk Management
10 - 13 May 2016, Stockholm, Sweden
www.ciso-summit.com
CISO Australia 2016 NEW

5 - 7 July 2016, Sydney, Australia
AUSTRALIA
11th Audit, Risk & Governance Africa Conference

Including:
11th Conference
6th Fraud, Corruption & Investigations Africa Summit
Leadership, Accountability & Ethical Investment Tracks
Africa Cyber Crime Africa
Pre-Summit 1 - 5 August 2016, La Palm Royal Beach Hotel, Accra, Ghana
6
th
www.auditriskgovernanceafrica.com
www.cybercrimeafricasummit.com
4th Fraud, Corruption & Investigations Asia Summit

4
th
Including:
Global Investigations Asia Roundtable
CXO Asia Breakfast
InfoSec World Europe NEW

Including:
5 Dedicated Tracks
CISO Think Tank
Technical Workshops
Cloud & Data Analytics Security Summit
5 - 9 September 2016, Amsterdam
5th CISO Asia Summit & Roundtable

www.ciso-summit.com/ciso-asia
To input new conference topics and interest in speaking or attending please contact:
shook@misti.com / +44 (0) 20 3819 0809
BESPOKE
UP TO
CPE
24
Accredited
CPE
E V E N T S
Conferences, Dinners, Breakfast Briefings and Roundtables
MIS TRAINING INSTITUTE BESPOKE EVENT SERVICES EMEA & APAC
From the beginning, from venue selection and programme development to the final post-conference report, regional account
management and everything in-between, MISTI has the focused expertise, brand, experience and team to manage and
produce tailored high level conferences, think tanks, breakfasts, webinars and other events to fit your tailored requests.
equested / Bespoke Conferences or Symposia - MISTI will co-host and

R
develop a bespoke event to suit your exact requirements
Private Dinners - Drill down into your preferred topic

with selected prospects in your chosen cities
oundtables / Think Tanks - Co-host a content based,

R
co-facilitated interactive event with MISTI
THINK TANKS
Breakfast Briefings - Your own keynote speaker plus a MISTI
selected speaker localised, short, sharp networking focus
Receptions - Ideal for new product launches! You give the speech, MISTI will
bring a co-host speaker and your selected audience to a top notch private venue.
WHY PARTNER WITH MIS TRAINING INSTITUTE FOR YOUR BESPOKE EVENT?
Access truly global contact bases in EMEA, Asia Pacific at the U.S. across government and business sectors
Convey your message to targeted wish lists via an independent voice and in a non-sales and truly content-driven context
Collaborate with an established market leader in information security, audit, anti-fraud and corporate security
Benefit from industry expertise and hands-on professionals to provide speaking support for your event
Gain International accreditation and recognised Continued Professional Education for your audiences ongoing development
BENEFITS OF BESPOKE NETWORKING
Exclusive sponsorship of a co-branded, highly targeted event with the independent and global voice of MIS Training Institute
Positions your organisation as an equal partner around the table with key decision makers and participate in discussions that
you would not hear in meetings
Create longer term deal-flow opportunities and build new business relationships via a content-focused approach
Fully targeted towards your preferred audience, with a delegate acquisition team to ensure you meet with the right attendees
Working with MIS has helped us achieve our objectives in terms of reaching a broader set of customers in a unique,
think tank type setting. MIS consistently gathers an audience appropriate in both role and seniority to participate,
which makes it worthwhile for both the participants as well as the vendors who sponsor and help co-deliver these
events. Its been a great partnership and we look forward to continue working together for future sessions
VP, Professional Services and Support, HP Enterprise Security Products
82 WWW.MISTI.COM
+44 (0)20 3819 0797
JAMES MILLOY
JMILLOY@MISTI.COM
OUR COURSE DIRECTORS
Allan McDonagh CICA
Allan was commissioned in HM Customs and Excise in 1967, and in 1971 joined the Investigation
Branch where he specialised in narcotics and organised crime investigations. In 1974, he became the
first Customs Investigator to be seconded to the Drugs Intelligence Unit at New Scotland Yard and in
1983 was awarded a Winston Churchill scholarship to study narcotics interdiction in the USA.
Between 1985 and 1997 he was employed at Network Security Management Limited and became
Deputy Managing Director. He created the highly successful Forensic Laboratories which were
eventually acquired by Control Risks Group. Allan has conducted many successful investigations
throughout the world for both commercial and government clients.
Andy Robertson
Andy Robertson is currently with Cass Business School, managing and delivering modules on
audit and risk-related topics to MSc students. He has 35 years experience in auditing and risk
management, covering manufacturing, retail, financial services and the not-for-profit sectors. He
has been head of audit in several blue chip organisations, and head of risk in two organisations,
during which time he has been instrumental in both uncovering and resolving many organisational
problems. Andy delivers lectures and workshops in risk and audit related areas, particularly in fraud
detection and prevention and the establishment of risk management systems.
Charles V. Pask CISSP

Charles Pask is the Managing Director of ITSEC Associates Ltd, responsible for delivering global
IT security and IT audit consultancy services, including public training courses, in-house training
courses, conferences, symposiums and general Infosec consultancy. Previously, he was a Director
with MIS Training, and Director of Information Security Institute (ISI) European and Middle East
e-Security Services. Mr. Pask has over 30 years experience in IT, IT audit, and IT security, and was
the Group Information Security Manager for Alliance & Leicester plc Group including Girobank
prior to joining MIS.
Dr David Bobker MA, DPhil, ACA, FRM

David Bobker is Head of Risk at the Asian Institute of Finance in Kuala Lumpur where he carries
out research in risk management and designs and delivers training programmes on strategic risk
management, risk governance and internal audit. During 2009 and 2010 he was the lead presenter
for risk management for Bank Negara Malaysias directors education programme. This unique
programme has required all directors of Malaysian banks and insurers to attend training on
governance and risk management.
He has worked as an external auditor and consultant with KPMG and Deloitte specialising in financial
services companies and banks, he was group head of internal audit for two UK FTSE100 financial
institutions (Alliance & Leicester and Norwich Union), and he was a supervisor and policy maker at
the UK Building Societies Commission (now part of the FSA).
83 WWW.MISTI.COM
+44 (0)20 3819 0800
David Burrill OBE
David Burrill has been a professional international Intelligence and Security operator/manager for most
of his professional life. On retiring from the military in 1992, having held the appointment of Deputy
Director Intelligence Corps, and Chief of Staff Intelligence and Security Centre of the UK Armed Forces,
he joined BAT Industries, a major global insurance and tobacco conglomerate, and subsequently on de
merger, British American Tobacco (the worlds second largest quoted tobacco group with presence in
180+ countries), as Head of Security. David, who is a Freeman of the City of London, has had close and
regular contact with the private security sector for over some 26 years.
In 2003, David Burrill became the first coChairman of the UK Foreign and Commonwealth Offices
Security Information Service for Business Overseas (SISBO) a public/private sector partnership
initiative of which he was one of the key architects
Dr David Hancock
Dr David Hancock leads the Government Construction Team for the Cabinet Office and the Major
Projects Authority. Prior to that he was Head of Risk for Transport for London with responsibility
for the risk and project services across their 15 billion capital portfolio). Renowned internationally
as a leading thinker and practitioner in the field of risk, he is the author of the bestselling book
Tame, Messy and Wicked Risk Leadership in which he developed the concept of Risk Leadership.
He has worked with the public, private and voluntary sectors and has been the Director of risk and
assurance for two London Mayors and Executive Director for Halcrow (now CH2MHill). He was
responsible for creating and delivering the risk management system for the successful 4.3bn Terminal
5 Project at Heathrow, which is considered industry leading in project delivery. He champions the
case for rethinking project management as a social interaction rather than delivery solely through the
application of process and policy.
Dennis William Cox

Dennis William Cox, BSc FCSI FCA is a leading financial services risk management and internal audit
specialist. He has held senior management positions within the banking and accountancy profession
as Director, Risk Management at HSBC Insurance Brokers Limited and Director, Risk Management,
Prudential Portfolio Managers. Formerly he held a number of roles within the audit profession at
HSBC Holdings PLC. He has significant expertise in total risk management, risk-based internal audit,
treasury, credit, liquidity, operational and market risk.
Dennis specialises his advisory services and lectures on the modernisation of internal audit. He also
addresses internal audit as a driver for organisational change in banking. He is a specialist in audit for
credit, treasury, operations and the Basel Accord.
Greg Duckert, CIA, CISA, CMA, CPA

Mr. Duckert is an internationally recognized expert in the field of Enterprise Risk Management. He is the
author of the Wiley publication Practical Enterprise Risk Management: A Business Process Approach. He
is Certified in Risk Management Assurance, Certified in Risk and Information Systems Control, a Certified
Public Accountant, a Certified Information Systems Auditor, is a Certified Internal Auditor and also holds a
Certificate in Management Accounting.
Mr. Duckert was educated at the University of Wisconsin - Madison and obtained an MBA in Accounting
in 1989, a BBA in Accounting in 1978, and a BA in Economics in 1971. Mr. Duckert is also a Sr. Consultant
for MIS Training Institute for whom he conducts seminars on a global basis and is a frequent speaker at
conferences in his areas of expertise.
MISTI@MISTI.COM
@mistieurope 84
Dr Hernan Murdock CIA, CRMA
Hernan Murdock is Vice President, Audit Division for MIS Training Institute. Before joining MIS
Training Institute he was the Director of Training at Control Solutions International, where he oversaw
the companys training and employee development program. Previously he was a Senior Project Manager
leading audit and consulting projects for clients in the manufacturing, transportation, high tech,
education, insurance and power generation industries. Dr. Murdock also worked at Arthur Andersen,
Liberty Mutual and KeyCorp.
James C Paterson
James has over 19 years experience across a range of finance and audit roles and was formerly the Chief
Internal Auditor at AstraZeneca. James consults on a range of topics especially Head of Internal Audit
induction, IA planning and assurance mapping. James is also a regular keynote speaker on audit and risk
issues across the globe; speaking at the Global IIA Conference in Malaysia, the SOPAC conference in
Australia and in Canada, the US, Abu Dhabi and the Far East. He is the author of the book Lean auditing
published by J Wiley & Sons.
Jane Needham
Jane Needham is an independent consultant and trainer specialising in corporate governance, risk
management and business process improvement. Janes career started by training as a Chartered
Accountant with Ernst & Young in Manchester, and then working for a number of years at ICI plc, both
in the Group Internal Audit function and in a finance line-management role. Jane then returned to her
home island of Guernsey in the Channel Islands, where she was appointed Director of Risk & Assurance
for the islands government. As part of this role, Jane was Chief Officer of the States of Guernsey Audit
Commission, a pre-cursor to the recently established island Public Accounts Committee. During her time
with the Audit Commission, a statutory value-for-money review body, Jane carried out and commissioned
a number of VFM / performance reviews into various aspects of public expenditure.
Jenny Rayner
Jenny Rayner is an independent consultant and trainer specialising in internal audit, risk management
and corporate governance. She is an experienced non-executive director, former chief internal auditor
and audit committee chair with 35 years wide-ranging international business experience. She works with
directors, senior managers, internal auditors and risk managers to help them embrace best practice in
governance, risk management and assurance. Prior to this, Jennys career spanned over 20 years with ICI
and Zeneca in a variety of sales, marketing, purchasing, supply chain and general business management
roles, latterly as a Chief Internal Auditor with ICI. She is currently Deputy Chair on the board of a UK
housing association.
Jim Roth
Jim Roth, PhD, CIA, CCSA, is president of AuditTrends, LLC, a training firm devoted to identifying and
communicating the best of current internal audit practice. Jim has three decades of progressive internal
audit and teaching experience. His publications include seven books and seven other major works for the
IIA, as well as eight AuditTrends seminars and numerous articles.
Evaluating elements of the corporate culture, a.k.a. soft controls, has been at the core of Jims 17 years of
best practice research, culminating in his 2010 book, Best Practices: Evaluating the Corporate Culture. The
IIA recognized his expertise as early as 1998 with the Internal Auditor magazine article, Soft, Dangerous,
Essential: An Interview with Jim Roth. De Accountant in the Netherlands (2009) and Internrevisoren in
Norway (2010) have more recently published interviews with Jim on this topic.
85 WWW.MISTI.COM
+44 (0)20 3819 0800
Jim Tarantino
Jim Tarantino is the Client Solutions Director for High Water Advisors, a consulting firm specialized in
helping organizations improve governance, risk management, compliance (GRC) and audit processes.
He has over 15 years of information technology, analytics, audit and GRC experience with a recognized
expertise in developing solutions to enable data-driven auditing, risk assessment and investigations.
Prior to joining High Water Advisors, Jim was a Solution Lead/Practice Manager for ACL Services,
where he led the implementation of data analytic solutions for large public sector clients. He has also
held a number of GRC practitioner roles including Senior Auditor at RTI International and various
management positions at Nortel Networks implementing a human capital analytics program. As a
member of the IIA, ISACA and ACFE, Jim participates in local chapter activities, including serving as an
instructor for CISA certification exam preparation seminars.
John Hedley
John served for 26 years in the British Diplomatic Service, including postings to British Embassies in
Sweden, South Africa, Spain and Mexico. He has a particular expertise in political analysis and counter
terrorism. He is a fluent French and Spanish speaker. In the private sector, John worked in cargo security
with TRIMEX International, specialising in satellite tracking of highvalue, highrisk cargo across
Europe. He also built the EUROWATCH network of security companies, providing realtime cross
border response to car and truck theft.
In 2003 he was recruited by Nestl, to be their first Head of Group Security. John designed and
developed the corporate security strategy and built and directed a team of some 40+ security
professionals working across the globe on issues such as counterfeit, extortion, theft, fraud, kidnap, crisis
management, emergency evacuations, expatriate travel programmes, staff security awareness, pandemic
preparation, manned guarding efficiency, workplace violence etc.
John Porter
John Porter, BA ACA is banker and chartered accountant as well as an international financial services
consultant specialising in internal audit for more than 20 years. He has held various management
positions within the internal audit departments of the global financial institutions HSBC, ABN AMRO,
American Express and Bank of Bermuda, having gained his Chartered Accountancy qualification
(UK ICAEW) with Ernst & Young. John is an Associate of the Institute of Chartered Accountants in
England & Wales (ACA) and holds a BA Honours degree in History from Bristol University. Based in
Amsterdam, he speaks fluent English and Dutch and is proficient in French.
Kathleen Crawford
Kathleen Crawford is a Senior Consultant for MIS Training Institute and the President of Crawford
Consulting and Communications LLC, a firm specializing in assurance and advisory projects for
small firms without an internal audit function. Previously, she was an Internal Auditor for Vinfen
Corporation, a private, nonprofit human services organization. Kathleens responsibilities include
assisting management in the standardization of operations, developing policies and procedures,
and improving processes. In addition, she conducts operational and financial audits throughout the
company. Kathleen began her career as a bank auditor, first with Bank of New England, then Eastern
Bank, and State Street Bank. A member of the Institute of Internal Auditors, Ms. Crawford is a past
President of the Greater Boston Chapter of the IIA. She is also a member of the Association of Certified
Fraud Examiners and the American Society for Training and Development. Ms. Crawford serves
Treasurer and Trustee for Foxborough Regional Charter School and its foundation, Friends of FRCS.
MISTI@MISTI.COM
@mistieurope 86
Keith Muras
Beginning his career life as a professional economist in industry, after 8 years Keith moved
from the rigours of economic analysis to join the British Diplomatic Service. In a distinguished
career spanning 23 years, Keith worked in South Africa, the former Soviet Union, Jamaica (with
responsibilities extending throughout the Western Caribbean), Zimbabwe, and Uganda. His focus
was on international strategic political security and economic issues. Keith also spent time in the UK,
seconded to the Ministry of Defence, assisting and advising on domestic and international terrorist
threats. Keith then moved to Corporate Security where, over an 11 year period, he established
himself as a leading and accomplished security professional, holding senior positions with major
international corporations, focusing on extractive and related engineering and support industries
Kelly Hogan
Kelly Hogan is an independent consultant whose experience includes over 20 years providing
advice on techniques for risk management, control assessment and improvement, and written and
oral communication. After a short time as a bank examiner, her career as an auditor started with
financial and operational audits at the Federal Reserve Bank in St. Louis, Missouri, USA. She later
moved to MasterCard International where she performed application audits, then managed a team of
operational and IT auditors. After moving to Belgium for MasterCard, Ms. Hogan served as the head
of audit for its European subsidiary for five years. She now focuses on training for internal auditors,
but is also involved in co-sourced internal audits, due diligence projects, control selfassessment
workshops and external quality assurance reviews.
Leonard W. Vona, CPA, CFE

Leonard W. Vona, CEO of Fraud Auditing, Inc., is a financial investigator with more than 30 years
of diversified auditing and forensic accounting experience, including a distinguished 18-year private
industry career. His firm advises clients in areas of litigation support, financial investigations, and
fraud prevention. Mr. Vona has successfully conducted more than 100 financial investigations for
some of the largest high profile corporations in the United States. The net result of his efforts has
saved clients millions of dollars through recovery or defense strategies. His financial investigation
experience includes embezzlement, economic damage, asset theft, bribery, intellectual property, and
disbursement schemes. Leonards trial experience is extensive, including appearances in federal and
state courts. He is qualified as an expert witness, as a CPA and a CFE, and is cited in West Law for the
successful use of circumstantial evidence.
Lin Bartlett
During her career with Shell, Lin held a number of senior management roles in IT, Finance and
Audit. As Shell UKs Integrated Audit manager, she developed and gained board approval for a risk-
based integrated audit planning and management process, establishing integrated audit plans for all
key business areas. She is a trained auditor in financial, IT, health, safety, environment and quality
management and planned and managed major audits in many different parts of Shells business.
In 2003 she successfully helped establish a new company to challenge the sustainability assurance
offering in the marketplace and to raise the standard of assurance & verification of non-financial
reporting available and has subsequently provided assurance & verification services to a number
of blue chip companies. During 2005, Lin was engaged on a global Sarbanes Oxley 404 compliance
implementation project for a FTSE 100 company. Lin was responsible for both the global project
planning and management support and also the management of a team responsible for documenting
risks and controls over financial reporting for their European business. Lin has also been engaged on
External Quality Assessments (EQAs) as required by the Institute of Internal Auditors International
Standards for the Professional Practice of Internal Auditing and Code of Ethics and provides training
and helps companies prepare for an EQA.
87 WWW.MISTI.COM
+44 (0)20 3819 0800
Liz Sandwith
Liz Sandwith has been involved in the internal auditing profession since the late 1980s. She has
worked in the public sector including central and local government and also in the private sector.
In 1995 she set up her own business providing internal audit and risk management to a number of
businesses from central government and local government through housing associations, regional
development agencies and including a UK Broadcaster Channel 5.
Liz has been involved in delivering internal audit training since 1991. In order to keep up to date
with new internal audit tools and techniques and be able to add realism and practicality to her
training course Liz ensures that 75% of her time is spent delivering internal audits. Liz also speaks at
Internal Auditing conferences and was President of the IIA-UK and Ireland 2001-2002. Her training
courses receive high ratings from the delegates in terms of content, delivery and the practical
opportunity to do not simply just listen.
Mark T. Edmead, MBA, CISA, CISSP

Mark Edmead is the Managing Director at MTE Advisors and a Senior Instructor for MIS Training
Institute. Mr. Edmead is a 30-year-veteran of computer systems architecture, information security,
and project management. Mr. Edmead has extensive knowledge of IT and application audits, IT
governance, and SOX compliance auditing. He holds DevOps, Lean IT, CISA, CISSP, and COBIT 5.0
Foundation certifications, and is an Accredited COBIT 5 Trainer and Certified COBIT 5 Assessor.
Mr. Edmeads expertise in the areas of information security and protection includes access controls,
cryptography, security management practices, network and Internet security, computer security
law and investigations, and physical security. He has consulted with Fortune 500 and Fortune 1000
companies and worked with a number of international firms. Mr. Edmead has authored articles in
Compliance Advisor Magazine, IT Compliance Journal, IIA Insights, and The Auditor. In addition,
he is an adjunct professor at the Keller Graduate School of Management.
Mark Johnson
Mark Johnson acts as a consultant and trainer on cybercrime and other online risks for a number
of high profile organisations. he specialises in explaining the issues to non-technical audiences at all
levels. His recent clients include the UK Home Office, the City of London Police, the National Police
Chiefs Council (formerly ACPO), MIS Training, the International Compliance Association, the EU
Commission and the United Nations.
Mark holds an ISACA CISM (Certified Information Security Manager) qualification and he is the
author of two books on high tech risk, as well as a number of cyber security awareness training
manuals. Prior to entering the technology world, he served in an operational capacity as a drug
enforcement officer in the Caribbean and Central America.
Marty Green
Martin Green is a senior instructor for MIS Training Institute. As a member of the MISTI faculty for
more than 20 years, his areas of expertise include computer technology, networking, and security.
Mr. Green is the principal of Martin H. Green, P.C. Mr. Green concentrates his practice on the
representation of companies in matters pertaining to computer technology, trade secrets, intellectual
property, and copyright law. He also maintains an active consulting practice to lawyers and other
professional service businesses regarding office automation and related auditing and security
challenges. Mr. Green is a member of the Massachusetts Bar, the Massachusetts Academy of Trial
Attorneys, and the American Trial Lawyers Association.
MISTI@MISTI.COM
@mistieurope 88
Nigel Iyer
Nigel Iyer has worked passionately for over 20 years for the prevention, detection and investigation
of fraud and corruption. In recent years he has specialized in helping international and financial
institutions develop strategies to ensure that Ethics and Integrity are fully integrated into the strategy
from the top down. Together with Martin Samociuk and other colleagues, he has developed a unique
fraud risk assessment methodology and also developed the Integrity Health Check, which detects the
red flags of fraud and corruption and is used by many organizations to ensure ethical policies are on
track. Nigel is the author/ co-author of four books: Fraud Resistance (2003), Fraud and Corruption
Prevention and Detection, A Short Guide to Fraud Risk (2010), published in collaboration with the
Chartered Institute of Management Accountants and the Management Novel The Tightrope (2011).
Peter Herbert
Peter specialises in the development and delivery of practical training programmes and targeted
both at financial professionals and nonfinance managers. These range from lectures to audiences
of 120+ accountants, on new developments in IFRS, to workshops for small groups of 612 business
managers on practical budgeting.
Peter also regularly delivers courses on audit and internal control. He provides training on
external audit methodology for a number of midtier UK accountancy firms, including Beever
& Struthers Accountants and UHY Hacker Young. He has also worked with a number of UK
corporates on internal control implementation, notably Welcome Break Group. Since leaving FTC
in 2003, Peter has specialised in the provision of training and management development
programmes to business professionals.
Richard Minogue
A financial management, internal audit and investigation expert with over 35 years experience.
A former Head of Audit for a major telecommunications company and a forensic auditor who had
led high profile investigations into money laundering, bribery, embezzlement and fraud.
Dr Sarah Blackburn
Dr Sarah Blackburn is an experienced Non-Executive Director and Audit Committee Chairman
with over 25 years of practical internal audit experience. After external audit training at KPMG,
Sarah moved into internal audit in retail holding positions at Sainsburys and then Argos (now
Home Retail Group) where she was Head of Group Internal Audit. She was again Head of Group
Internal Audit at Kingfisher plc before moving to RAC and then becoming Head of Global Audit
and Assurance at Exel plc (now part of DHL).
Sarah is currently a Director at the Wayside Network Limited and was the President of the Chartered
Institute of Internal Auditors from 2009-2010. She has written three books about risk management
and internal audit and has a doctorate in project management. Currently an independent director of
the RICS and a global board director of IIA Inc., she has been a board member and chaired the audit
committee in two UK central government bodies and an NHS Foundation Trust.
89 WWW.MISTI.COM
+44 (0)20 3819 0800
Steve Biskie CGMA, CPA, CITP, CISA
Steve Biskie is cofounder of High Water Advisors, a consultancy that helps organizations improve
governance, risk management, compliance (GRC) and audit processes. He specializes in transforming
inefficient, outdated, and compartmentalized processes and technologies to optimize GRC and audit
performance and generate tangible value. A leader in the audit and compliance space for more than 20
years, Mr. Biskie has become most wellknown for his work helping Fortune Global 500 organizations
understand and manage the risks within complex ERP systems such as SAP and Oracle. Additionally,
he is a thought leader and strategic expert on implementing highvalue, sustainable analytics and
continuous auditing program.
Steve Rimell
Steve has over 20 years practical experience in information systems auditing. He has extensive
experience as an Audit Manager, running a commercial IS audit service, with extensive3 knowledge
of the security and control of UNIX, Oracle, Windows, and networking environments such as TCP/IP.
He is also a founding member of the Institute of Information Security Professionals (IISP).
An enviable reputation as the most respected authority in the UK with over 20 years practical
experience in information systems auditing. Specialising in the more technical aspects of information
systems audit, Steve has extensive knowledge of the security and control of UNIX, Oracle, Windows,
and networking environments such as TCP/IP.
Veronica Morino
Veronica Morino has a BA in Sociology of Work and Economics and a Masters Degree in
Organizational Science from the University of Rome. She has worked for the last 15 years with
organisational effectiveness. In the last 8 years Veronica has helped develop anti-fraud and
corruption programs for several international companies. This allowed her to combine the work she
had been doing earlier with organisational culture with her experiences as an investigator. Veronica
has lead the production of multimedia solutions for integrity awareness programs (including web-
based, drama and live trainings), helped with the development of leading indicators to predict and
prevent where fraud will strike and also specialised in models to assess corporate resistance and
resilience to fraud and corruption.
MISTI@MISTI.COM
@mistieurope 90
INDEX
JANUARY LOCATION PAGE
25-28 Jan Fraud Audit School London 51
MARCH LOCATION
1-3 Mar 8th Chief Information Security Officer Middle East Summit & Roundtable Dubai 80
7-11 Mar Chief Internal Auditors Symposium Cape Town 27
13-15 Mar Risk Based Internal Auditing Abu Dhabi 19
13-16 Mar Risk Based IT Auditing Dubai 62
14-16 Mar Fundamentals of Internal Auditing Amsterdam 11
17-18 Mar Audit Report Writing Amsterdam 12
TBC Mar Auditing the Supply Chain, Suppliers and Outsourced Functions London 36
21-23 Mar Internal Auditors Role in Preventing Fraud London 55
14-17 Mar Auditing and Securing Virtualised Environments London 66
APRIL LOCATION
4-6 Apr Auditing Techniques For Lead Auditors London 14
6-8 Apr Auditing Governance, Strategy, Ethics and Risk Management London 29
11-13 Apr COSO: How to Implement the Revised Internal Control Framework London 33
18-20 Apr Enterprise Risk Management London 31
21-22 Apr Managing Strategic and Reputational Risk London 32
TBC Apr Auditing and Preventing Fraud in Procurement Africa 35
25-28 Apr Business Process Auditing London 38
11-13 Apr Forensic Auditing London 56
25-29 Apr IT Audit School London 61
4-8 Apr Auditing and Controlling Oracle Databases London 67
19-22 Apr Audit & Risk World 2016 Amsterdam 79
MAY LOCATION
16-20 May Internal Audit School London 13
TBC May Value for Money and Performance Auditing Africa 23
2-6 May Chief Internal Auditors Symposium Asia 27
9-12 May Audit Leadership School London 28
1-3 May Auditing Human Resources Dubai 34
23-26 May Introduction to Bank Internal Audit School London 42
9-11 May Fraud Testing: Integrating Fraud Detection into your Audit Programme London 52
12-13 May Fraud Data Mining London 53
10-13 May Audit and Security of Networks, Operating Systems and Databases Amsterdam 65
8-10 May Auditing and Securing SAP ERP Central Component (ECC) and SAP R/3 Dubai 69
11-12 May Advanced Technical SAP Audit Dubai 70
11-13 May 13th CISO Summit & Roundtable Stockholm 80
91 WWW.MISTI.COM
+44 (0)20 3819 0800
JUNE LOCATION PAGE
6-9 Jun Auditing Major Projects and Change Programmes Amsterdam 37
27-29 Jun Internal Audit Quality Assurance London 25
30 Jun-1 Jul Consultancy Skills for Auditors London 26
JULY LOCATION
5-7 Jul CISO Australia 2016 Sydney 80
25-27 Jul Risk Based Internal Auditing London 19
28-29 Jul Developing the Annual Audit Plan London 20
TBC Jul Auditing Risk Management and Basel II and III London 44
25-29 Jul The MIS Fraud and Corruption Summer School London 57
18-20 Jul Forensic Auditing Amsterdam 56
11-15 Jul IT Audit School Amsterdam 61
AUGUST LOCATION
1-5 Aug InfoSec World Europe Amsterdam 80
15-19 Aug Internal Audit School London 13
1-5 Aug Chief Internal Auditors Symposium London 27
1-5 Aug Auditing Emerging Cyber Threats London 39
8-11 Aug Audit Leadership School Amsterdam 28
15-17 Aug Enterprise Risk Management London 31
18-19 Aug Managing Strategic and Reputational Risk London 32
8-11 Aug Auditing the Treasury and ALCO London 43
22-25 Aug Asset Management Internal Audit School London 45
22-26 Aug IT Audit School London 61
TBC Aug Advanced IT Audit School London 63
SEPTEMBER LOCATION
5-7 Sep Communication and Influencing Skills for Internal Auditors London 18
5-7 Sep Project Management for Internal Auditors London 17
5-7 Sep Financial Analysis for Internal Auditors London 24
26-28 Sep Enterprise Risk Management Asia 31
29-30 Sep Managing Strategic and Reputational Risk Asia 32
TBC Sep Auditing and Preventing Fraud in Procurement Dubai 35
TBC Sep Auditing the Supply Chain, Suppliers and Outsourced Functions London 36
19-21 Sep Financial Auditing using IFRS London 46
19-21 Sep Fraud Testing: Integrating Fraud Detection into your Audit Programme London 52
22-23 Sep Conducting an Internal Fraud Investigation London 54
10-14 Sep Auditing and Securing SAP ERP Central Component (ECC) and SAP R/3 London 69
OCTOBER LOCATION
3-5 Oct Auditing Techniques for Lead Auditors London 14
9-11 Oct Fundamentals of Internal Auditing Dubai 11
12-13 Oct Audit Report Writing Dubai 12
31 Oct- 2 Nov Six Sigma Skills For Internal Auditors London 15
MISTI@MISTI.COM
@mistieurope 92
2-4 Oct Audit Efficiency And Effectiveness London 16
10-12 Oct Bank Credit Internal Audit School London 47
3-7 Oct IT Audit School Africa 61
17-19 Oct COBIT 5: Governance of IT London 64
17-19 Oct Auditing, Governance, Strategy and Risk Management London 29
17-20 Oct Risk Based IT Auditing London 62
20-21 Oct Auditing Ethics, Culture, Conduct And Reputational Risk London 30
3-5 Oct COSO: How to Implement the Revised Internal Control Framework London 33
24-26 Oct Forensic Auditing London 56
24-27 Oct Business Process Auditing London 38
NOVEMBER LOCATION
3-4 Nov Auditing Ethics, Culture, Conduct and Reputational Risk Africa 30
3-5 Nov Auditing Techniques for Lead Auditors Dubai 14
6-9 Nov Introduction to Bank Internal Audit School Dubai 41
7-10 Nov Auditing Major Projects and Change Programmes London 37
7-9 Nov 5th CISO Asia Summit & Roundtable Singapore 80
7-9 Nov 4th Fraud, Corruption & Investigations Asia Summit Singapore 79
7-9 Nov Auditing the Manufacturing Process London 40
7-11 Nov Internal Audit School Africa 13
7-11 Nov The MIS Fraud and Corruption Summer School Africa 57
8-11 Nov Audit and Security of Networks, Operating Systems and Databases London 65
13-15 Nov Internal Auditors Role in Preventing Fraud Dubai 55
14-16 Nov Continuous Auditing - Making The Change London 21
13-17 Nov IT Audit School Dubai 61
17-18 Nov Successful Data Analytics for Internal Auditors London 22
20-24 Nov Chief Internal Auditors Symposium Dubai 27
21-25 Nov Auditing and Controlling Oracle Databases London 67
21-25 Nov IT Security Managers Academy London 75
30 Nov- Audit Leadership School Dubai 28
2 Dec
31 Nov - Auditing, Governance, Strategy and Risk Management Africa 29
2 Dec
TBC Nov Auditing Risk Management and Basel II and III London 44
DECEMBER LOCATION
5-7 Dec Fundamentals of Internal Auditing London 11
5-7 Dec Risk Based Internal Auditing Amsterdam 19
8-9 Dec Audit Report Writing London 12
8-9 Dec Developing the Annual Audit Plan Amsterdam 20
12-16 Dec Auditing Emerging Cyber Threats London 39
12-14 Dec Internal Audit Quality Assurance London 25
12-14 Dec Enterprise Risk Management Amsterdam 31
15-16 Dec Consultancy Skills for Auditors London 26
15-16 Dec Managing Strategic and Reputational Risk Amsterdam 32
5-9 Dec The Corporate and Cyber Security Masterclass London 76
93 WWW.MISTI.COM
+44 (0)20 3819 0800
MISTI@MISTI.COM
@mistieurope 94

Mist I Catalogue 2016

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Mist I Catalogue 2016

Uploaded by

Copyright:

Available Formats

Published

The Global Leader in Audit and Information Security Training

Achieve an immediate return from your

Boost your knowledge by using case studies,

Share experiences through interactive

Advance your career with CPE and CPD

9 Internal Audit and Risk Management

77 Conferences and Bespoke Events

83 Our Course Directors

92 Index of all Courses

For more information on our courses, contact us on:

Web www.misti.com Tel +44 (0) 20 3819 0800

We also offer in-house training for companies

MISTI is an accredited member of CPD UK

SAVE UP TO 50% WITH

Save by paying per day, not per delegate. This

Maximise your return on investment from training

Focus on potentially confidential issues with expert

Minimise disruption and arrange the course dates

What are Training Week Programmes? Why attend a Training Week

Save on time out of the office

Integrating Continuous Auditing

Raising the Bar of Internal Audit Training Week

Risk-based Internal Auditing Training Week

The Audit Directors and Managers Masterclass

The Risk Management Masterclass

Part 2: Fraud Data Mining

Fraud Investigations Masterclass

Part 2: Conducting an Internal Fraud Investigation

03 IT AUDIT TRAINING WEEKS

Auditing and Securing SAP Training Week

Does your organisation have all the tools to drive

FUNDAMENTALS OF INTERNAL AUDITING

COURSE FOCUS DATES

WHY ATTEND THIS COURSE

Understand the role of the internal audit department

Free book with this course:

AUDIT REPORT WRITING

COURSE FOCUS DATES

WHY ATTEND THIS COURSE

Gain expertise and confidence in developing well-structured reports

Day One: Thinking about Day One: Structuring and

INTERNAL AUDIT SCHOOL

COURSE FOCUS DATES

AUDITING TECHNIQUES FOR LEAD AUDITORS

COURSE FOCUS DATES

WHY ATTEND THIS COURSE

Understand the role of corporate scandals and governance legislation

SIX SIGMA SKILLS

COURSE FOCUS DATES

WHY ATTEND THIS COURSE

AUDIT EFFICIENCY AND EFFECTIVENESS

COURSE FOCUS DATES

WHY ATTEND THIS COURSE

Benchmark your audit function in terms of efficiency and effectiveness

Day One: Developing the first Day Two: Establishing an

COURSE FOCUS DATES

COMMUNICATION AND INFLUENCING

COURSE FOCUS DATES

WHY ATTEND THIS COURSE

RISK-BASED INTERNAL AUDITING

COURSE FOCUS DATES

Examine how your organisation can adopt a risk-based approach to

Gain expertise and confidence in developing well-structured reports

Understand the role of corporate scandals and governance legislation

Examine how your organisation can adopt a risk-based approach to

Understand the purpose of Value for Money (VFM), performance reviews

Use financial statements to understand and assess business performance and

Appreciate the benefits of implementing a cost effective and value

Understand how to fulfil consultant responsibilities in line with IIA guidance

Understand the core components of corporate culture and an effective ethical

Develop a clear understanding of the framework; what is essential and where

Deepen your knowledge of purchasing strategy, objectives and management

Ensure the audit function compliments project management and risk

Discover ORCA - a business audit approach set to revolutionise the