Leadership · Insight · Knowledge

Welcome to the Institute of Internal Auditors New Zealand, the professional body for internal auditing

About UsJoin Us

What is internal audit?

Internal audit is a dynamic profession that provides independent assurance that an organisation's risk management, governance and internal control processes are operating effectively Essentially, Internal Auditors help organisations to succeed.

Read More

Membership benefits

Join our professional community and access a range of local and international benefits to expand your thinking, knowledge and networks.

Learn MoreJoin Now

Events & training

Connect with other internal audit, risk and assurance professionals and grow your knowledge and skills with a range of online and local events.

Find out more

Subscribe to newsletters

Subscribe to monthly IIA NZ Newsletters here

Subscribe

home | events

Event Details

 

Institute of Internal Auditors Education Day Christchurch 2023

Date 
18 May 2023
Time
9:00 am - 3:00 pm
Venue
PwC Experience Centre,
60 Cashel Street, Christchurch
Or Online
Hybrid

Education Day 2023 (Christchurch)

Navigating the Internal Auditors New Frontier: CyberRisk and Assurance in the Digital Age

A Hybrid face-to-face and online event

Seize the opportunity, let us come together, and let us connect


Theme

Navigating the Internal Auditors New Frontier: CyberRisk and Assurance in the Digital Age

Our theme conveys the increasing reliance on digital technology and the rise of cyber threats, organisations must adapt and evolve their risk management and assurance practices to stay ahead of the curve. The phrase “new frontier” suggests that this is a constantly evolving and dynamic area and as Internal Auditors will need to be flexible and adaptable in our approach. The Education Day will highlight the importance of balancing risk and opportunity in the digital landscape, and the need for internal auditors to play a key role in ensuring their organisations are equipped to manage both.


Our Hosts

Sonja Healy

IIA NZ Board member

Sonja is a Senior Manager with PwC, based in Christchurch. Sonja has been an IIA NZ member since 2012 and has been working in risk management and internal audit for the past 14 years. She is enthusiastic about working with the IIA NZ Board and members to provide further support to continuously develop and improve as Internal Auditors and professionals.

Shaun Dowers

IIA NZ Board member

Shaun is the Manager Assurance at Te Runanga o Ngai Tahu. Shaun has been an IIA NZ member for 11 years and is also a CIA. Shaun is a firm believer that education is the foundation of quality internal audit.


Our Speakers



Adam Boileau

CyberCX (Cyber Security Experts)

Adam Boileau is an executive director at CyberCX, with 25 years experience in the infoSec industry. Outside of that, Adam is known as the cohost of weekly infosec news podcast Risky Business, and the frontman of Kiwicon, the NZ hacker conference.

Topic: “From the Early Days of Computing to the Digital Age: The Evolution of Cyber Risk and Assurance, How We Got Here, and What the Future holds?”

Cyber risk refers to the potential loss or damage that can arise from a failure in the security of an organisation’s digital systems and networks. This can include data breaches, cyber attacks, and other incidents that can compromise the confidentiality, integrity, and availability of critical information. 

Assurance, on the other hand, refers to the processes and controls that organisations put in place to mitigate cyber risk and ensure the security of their digital assets. This can include security audits, risk assessments, and other measures that are designed to identify vulnerabilities and ensure that appropriate controls are in place to mitigate them.

The evolution of technology and the increasing reliance on digital systems and networks have led to a corresponding increase in cyber risk. This has been driven by a range of factors, including the growing sophistication of cyber criminals, the proliferation of new attack vectors, and the increasing interconnectedness of digital systems. 

To address these challenges, organisations have turned to a range of cyber assurance practices and technologies, including threat intelligence, vulnerability assessments, and advanced security controls. These measures are designed to help organisations stay ahead of evolving cyber threats and ensure the security and resilience of their digital assets.

Internal auditors attending the speaker session on “From the Early Days of Computing to the Digital Age: The Evolution of Cyber Risk and Assurance, How We Got Here, and What the Future holds?” will gain insights into the historical development of cyber risk and assurance practices, as well as a forward-looking perspective on emerging cyber threats and technologies.

They will learn about the increasing complexity and sophistication of cyber risks, as well as the various assurance practices and technologies that organisations use to mitigate these risks. By understanding the evolution of cyber risk and assurance practices, internal auditors can help organisations stay ahead of emerging cyber threats and ensure the security and resilience of their digital assets in the future.


Melissa Cross

Financial & Professional Risks Manager (Crombie Lockwood)

Melissa is the Southern Region Manager of Crombie Lockwood’s Financial & Professional Risks team, and has 25 years’ experience advising corporate clients and professional services firms on all aspects of liability risk and insurance, including Cyber risk and insurance. The cyber risk landscape is in a constant state of change and Melissa will discuss the current insurance market position.

Crombie Lockwood Is part of Gallagher, a global leader in insurance and risk management services. In New Zealand, Crombie Lockwood arranges insurance on behalf of over 100,000 clients throughout New Zealand, placing insurance premiums of more than $1 billion, and were the first broker in New Zealand to have developed their own Cyber insurance product backed by underwriters at Lloyd’s of London.



Matthew Evetts

Director of Connectivity and Security (Datacom)

As Director, I am privileged to own cybersecurity for our customers. Adopting Datacom’s existing focus of helping not only to secure our customers’ organisations, but to enhance and fortify their cybersecurity maturity. This is backed by a team of some of the most highly qualified cybersecurity professionals in the country. 

Beyond the technology, my passion lies in the value and necessity cybersecurity poses for organisations: Why is it so critical to their overall business strategy? How can it help organisations? What roles and responsibilities do cybersecurity present for all employees? And importantly, what difference will a highly qualified, dedicated and security-first team make to their organisation?

My goal (and subsequently, success) in this role is to establish Datacom as the de facto choice for cybersecurity, especially for those organisations who have adopted cybersecurity as part of their overall strategy. With the help and expertise of my team, I want to grow our already significant footprint to leverage that scale in a way which benefits all our existing and future customers.

I bring 19 years of experience in business and IT domains, where I honed a set of skills targeted towards bridging the worlds of business and technology and making people the centre of progress. Over the years I have also worked with a range of public sector agencies, affording me with the necessary insight to tailor our approach to the needs of government.


Jennie Vickers

IT Specialist (Risk NZ)

Announced late in 2021 as the inaugural supreme IFSEC Global Security Influencer of the year 2021-22, Jennie is currently consulting on health and safety innovation and strategy and also keynote speaking on security, safety and the sweet spot where good contract management meets the two. 

Jennie made New Zealand her home over 25 years ago having forged a successful career in the UK as a commercial/business/ IT lawyer with organisations like Slaughter & May, EMI Music, Pace Microtechnology, Comshare and Synthomer. In New Zealand, a long spell in the utility sector covering electricity, gas and telecommunications, gave Jennie a deep understanding of OT and IT enterprise risk management and related Board responsibilities.

The last 8 years saw Jennie in the association space, as a CEO and an ANZ Business Development Director for WorldCC. The common thread was thought leadership and connecting people in the Defence, Security and Infrastructure Sectors in both New Zealand and Australia and further afield.

As a result of the IFSEC win, initially as the top Influencer in the Category- “Associations and Thought Leaders” and then as the Inaugural overall winner, Jennie has been using her position of influence to connect people and businesses and governments to secure better security and business outcomes for others.

A lifetime and constant learner, Jennie recently achieved a QEHS Lead Auditor Certification and is now studying towards a Masters in Digital Transformation, Cyber Security Professional quals and Art Appreciation. Already in the bag, Jennie has a Masters of Management, a Degree in Law and is admitted to practice law in the UK, Australia and New Zealand.

Furter Awards in 2021/2022 included being a Finalist in the Inaugural 2022 New Zealand OSPAs Outstanding Female Security Professional Category and Co-winner of the 2021 New Zealand Security Sector Network (NZSSN) Women in Security Awards Aotearoa (WiSAA) ‘Thought Leader’ category.

Jennie loves being involved in the CyberRisk world because of the speed with which the landscape constantly evolves. Keeping one step ahead has never been harder.



Registration

Education day registration fees

Members: $499.00
Non-members: $659.00

Exclusive of GST.

For those attending an event face to face, the ticket price includesmorning tea, a light luncheon, renowned speakers, AV and event management. 

If you are attending the event online, the ticket price includes renowned speakers, AV, online video conference connectivity and event management.

*Further information relating to CPE and the IIA NZ Event and  Attendance Policy 

In person event: Register

Online event: Register 



Christchurch Programme

Thursday 18 May 2023

Venue: PwC Experience Centre, 60 Cashel Street, Christchurch (or online)

9:00am

Introduction

9.15am

Adam Boileau

CyberCX (Cyber Security Experts) 

Topic: “From the Early Days of Computing to the Digital Age: The Evolution of Cyber Risk and Assurance, How We Got Here, and What the Future holds?”

10.00am

Melissa Cross

Financial & Professional Risks Manager (Crombie Lockwood)

Topic: Insurance perspective - what insurance can help with (and not help with) 

Tips for what organisations should be asking themselves about their protection (insurance and non-insurance)

10.30am

Morning Tea & Networking

11.00am

Matthew Evetts

Director of Connectivity and Security (Datacom)

Topic: “taking a zero trust approach to organisational security”

11.30am

Jennie Vickers

IT Specialist (Risk NZ)

Topic: Post loss - what to do to recover. How an event affects customers and reputation.

12.00pm

Lunch & Networking

12.45pm

*Interactive Round Robin Workshops and Case Study Discussion

Melissa Cross

IIA NZ Facilitator

1.15pm

*Interactive Round Robin Workshops and Case Study Discussion

Matthew Evetts
Adam Boileau

IIA NZ Facilitator

1.45pm

*Interactive Round Robin Workshops and Case Study Discussion

Jennie Vickers

IIA NZ Facilitator

2.15pm

Panel Discussion/ Q&A 

Adam Boileau
IIA Board Member
Matthew Evett
Jennie Vickers
Melissa Cross

Topic: How can we help protect organisations in New Zealand (private and public sector) from cyber risk in the future?
 

2.45pm

Concluding remarks

3.00pm

Event Ends


Download Programme


* See below for  further information relating to the interactive Round Robin Workshops and CaseStudy discussion



Additional Event Information


Interactive Round Robin Workshops and Cast Study Discussion

A round-robin 30-minute education workshop is a format that allowsfor engaging and interactive learning. In this format, the audience is divided into three groups, and each group rotates between three different workshops, each lasting 30 minutes. The workshops are facilitated by an Internal Auditor and a speaker, who will present a case study topic relevant to the industry. 

The case study topic will be designed to provide a practical exampleof how the industry can effectively manage cyber risk and ensure the effectiveness of its assurance practices. The facilitator and speaker will encourage active participation from the audience and engage them in hands-on activities that reinforce the learning outcomes of each workshop.

The round-robin format allows participants to engage in focusedlearning sessions and interact with multiple facilitators and speakers. This format provides a dynamic and interactive learning experience, where participants can learn from each other, share insights, and gain practical knowledge that can be applied in their role as internal auditors.

Overall, the round-robin 30-minute education workshop is an effectiveformat for internal auditors to gain practical knowledge and skills in managing cyber risk and ensuring the effectiveness of assurance practices. It provides a practical and engaging learning experience that can help participants stay ahead of emerging cyber threats and ensure the security and resilience of their organisation’s digital assets.


IIA NZ event refund and attendance policy for the event

  • Christchurch hybrid event tickets close on the 15 May at 8am.Maximum of 40 Attendees face-to-face.
  • Wellington hybrid event tickets close on the 22 May at 5pm.Maximum of 100 Attendees face-to-face.
  • Full refund: You can receive a full refund before ticket sales close asnoted above or until sold out, whichever comes first.
  • No refund after the event closing date, or when tickets are sold out,we cannot provide a refund due to confirmed catering numbers and other related event matters.
  • We highly encourage you to register early for this event. In the unlikelyevent of cancellation, rest assured that all registered participants will receive a full refund.
  • Postponement due to COVID: If there are any constraints causeddue to COVID, we will notify you of a postponement. In such a case, your funds will be held with IIA NZ until we can confirm a new date for the event.
  • Upon registration, you understand that this is a hybrid event thatcombines both in-person and virtual attendance options, allowing attendees to participate in the conference from anywhere in the world. In this case, the IIA NZ education day may be recorded for promotional purposes, meaning that portions of the event could be used for promotional purposes later.
  • Please note that by purchasing a ticket to the event, you agree to theterms and conditions outlined in this refund and attendance policy.


CPE

Attendance for either session will provide 1 CPE per hour.

A CPE certificate will be emailed to those registered following the sessions attended.


In person event: Register

Online event: Register 

MoST Content Management V3.0.8753