The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this episode, Mike Levy and Shontelle Mixon discuss the growing risks tied to fourth-party relationships. They discuss how internal auditors can leverage technology, enhanced contracts, and cross-functional collaboration to pinpoint, track, and reduce those downstream risks. They break down how internal audit's role is evolving in a world shaped by cybersecurity, AI, and shifting regulations.

HOST:Mike Levy, CIA, CRMA, CISSPCEO, Cherry Hill Advisory

GUEST:Shontelle Mixon, CPADivisional SVP, Internal Audit and Special Investigations, Healthcare Service Corporation

KEY POINTS:

• Introduction [00:00–00:00:38]
• What Is Fourth-Party Risk? [00:00:38–00:01:52]
• Evolution of Risk and Offshoring Trends [00:01:52–00:02:32]
• Mitigating Fourth-Party Risks [00:02:32–00:03:47]
• Steps for Maturing a Vendor Risk Program [00:03:47–00:04:50]
• The Challenge of Shadow IT [00:04:50–00:05:54]
• Data Mining and Continuous Monitoring [00:05:54–00:06:59]
• Beyond the SOC Report [00:06:59–00:08:27]
• Getting Started Without Tech [00:08:27–00:09:32]
• Cybersecurity as a Starting Point [00:09:32–00:10:44]
• Educating the Audit Committee [00:10:44–00:12:00]
• Real-Time Monitoring and Vendor Audits [00:12:00–00:13:09]
• Misconceptions About Outsourcing Risk [00:13:09–00:13:56]
• Preparing for the Future [00:13:56–00:15:32]
• Pitfalls in Contracting [00:15:32–00:16:38]
• First Step for New Audit Functions [00:16:38–00:17:12]
• Aligning with Organizational Risk Priorities [00:17:12–00:18:36]
• Getting Executive Buy-In [00:18:36–00:20:06]
• Supporting Smaller Audit Shops [00:20:06–00:21:14]
• Final Advice [00:21:14–00:21:58]

THE IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources:

• 2025 International Conference
• Learning Solutions: Navigating Third and Fourth Party Risks
• Learning Solutions: Auditing Third-Party Risks

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit Tech

In this episode, Logan Wamsley talks with George Barham about The IIA’s Cybersecurity Topical Requirement. They discuss how internal audit functions should prepare for its 2026 effective date, and why CAEs should take action now. The conversation also highlights the requirement's companion user guide, outsourcing considerations, framework references, and IIA resources available to help internal audit functions conform with confidence.

HOST:Logan WamsleyAssociate Manager, Content Development, The IIA

GUEST:George Barham, CIA, CRMA, CISA,Director, Standards & Guidance, The IIA 

KEY POINTS:

• Introduction [00:00-00:00:21]
• Background on the Cybersecurity Topical Requirement [00:00:21-00:01:31]
• Key Feedback and Early Implementation Advice [00:01:31-00:03:09]
• Tips from CAEs on Getting Started [00:03:09-00:04:37]
• How to Use the Companion User Guide [00:04:37-00:05:57]
• Outsourcing Considerations [00:05:57-00:07:30]
• Framework References and Mapping [00:07:30-00:09:37]
• Keeping Up with the Evolving Cyber Landscape [00:09:37-00:11:30]
• Annual Review and Updates [00:11:30-00:12:24]
• Advice as the Effective Date Approaches [00:12:24-00:14:26]
• Additional IIA Resources and Support [00:14:26-00:16:38]
• Final Thoughts [00:16:38-00:18:23]

THE IIA RELATED CONTENT:  Interested in this topic? Visit the links below for more resources:

• Cybersecurity Topical Requirement
• Executive Knowledge Brief: The Cybersecurity Topical Requirement in Practice
• GTAG: Assessing Cybersecurity Risk
• 2025 Cybersecurity Virtual Conference
• Cyber Resource Center
• A New Tool to Monitor Established Risks

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit 

In this episode, Mike Levy sits down with Rania Bejjani to discuss what it takes for internal auditors to become strategic business partners. From mindset shifts and organizational alignment to building trust and influencing change, Bejjani shares insights grounded in global experience. The conversation covers the evolving role of internal auditors, essential competencies, and how to earn a seat at the table by becoming a catalyst for strategic value.

HOST:Mike Levy, CIA, CRMA, CISACEO and managing principal, Cherry Hill Advisory   GUEST:Rania Bejjani, CIA, CGMA, Founder and CEO, RB Advisory & Consultancy  Former CAE at VEON, FirstGroup and Colt Technology Services

Key Points

• Introduction [00:00–00:00:37]
• Defining Strategic Business Partnering [00:00:37–00:03:15]
• Trusted Advisor vs. Strategic Partner [00:03:15–00:06:05]
• Earning a Seat at the Table [00:06:05–00:07:45]
• Shifting from Problem Identifier to Problem Solver [00:07:45–00:09:40]
• Transformation Starts with Self-Assessment [00:09:40–00:12:21]
• Hiring for Mindset Over Skillset [00:12:21–00:15:33]
• Why Emotional Intelligence Matters [00:15:33–00:17:56]
• The Multifaceted Auditor [00:17:56–00:20:43]
• Transformation in Action [00:20:43–00:25:34]
• Overcoming Resistance and Changing Perceptions [00:25:34–00:29:28]
• Closing Thoughts [00:29:28–00:29:59]

The IIA Related Content  Interested in this topic? Visit the links below for more resources:

• 2025 International Conference
• Global Internal Audit Standards
• Global Best Practice: Small Audit Functions, Large Audit Abilities

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit 

In this episode, George Barham talks with Skip Langlois about the unique challenges and opportunities of small internal audit functions. They discuss definitions of a small function, advice for starting one, managing expectations, building relationships and developing future leaders in a small audit environment. Langlois also shares insights on leveraging AI and why emotional intelligence matters as as much as technical skill in a small audit environment.

HOST:George Barham, CIA, CRMA, CISA,Director, Standards & Guidance, The IIA GUEST:Martin “Skip” Langlois, CIA, CPA, CISA, CFE, CRMA Senior Vice President and Chief Audit Executive, Encova Insurance

Key Points

• Introduction [00:00-00:00:38]
• Defining a Small Audit Function [00:00:56-00:01:22]
• Advice for Starting a Small Audit Function [00:02:03-00:03:48]
• Building Relationships and Credibility [00:04:12-00:06:06]
• Identifying Stakeholders and Internal Relationships [00:06:13-00:08:03]
• Scope and Focus of Small Functions [00:08:13-00:10:22]
• Networking and External Relationships [00:10:22-00:11:50]
• Making the Case to Expand a Small Team [00:12:15-00:13:48]
• Recruiting and Retaining Top Talent [00:13:59-00:15:24]
• Leveraging AI in Small Functions [00:15:35-00:17:15]
• Leadership Lessons from the Military [00:17:15-00:19:42]
• Final Thoughts [00:19:44-00:19:56]

The IIA Related Content  Interested in this topic? Visit the links below for more resources:

• 2025 AuditSphere Virtual Conference
• Resources: Small Audit Function Resources Exchange
•  Global Best Practice: Small Audit Functions, Large Audit Abilities

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

All Things Internal Audit: Fraud Podcast"The Out of Control Controller" Listen to The IIA’s new Fraud Podcast brought to you by All Things Internal Audit. This series provides fictionalized accounts of real-world frauds featured in Internal Auditor magazine’s Fraud department. In this episode, Bruce Kraus investigates a shocking embezzlement case at Allied Engineering involving longtime controller Jane Simmons. With lax oversight and too much unchecked authority, Simmons executes 11 different schemes over five years. From gift card grifts, to a ghost payroll, and a company car gone rogue, this case shows how even trusted employees can exploit internal control gaps. IIA members can access the full article here.

Interested in more fraud-related topics? Earn CPEs by registering for The IIA's Fraud Analytics for Internal Auditors Certificate, online and in-person. Chapters:

• Part 1: A Swipe Too Far (00:00:23)
• Part 2: A Wiped Drive and a Widening Scope (00:01:54)
• Part 3: A Pattern of Deception (00:03:14)
• Part 4: Aftermath and Lessons (00:05:49)

• Association of Certified Fraud Examiners (ACFE)
• Internal Auditor magazine (June Issue)

Follow All Things Internal Audit:

Apple PodcastsSpotify Youtube LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit 

In this episode, Christina Brune talks to Rick Walke and André Vertamatti about the major updates to the Certified Internal Auditor (CIA) exam and the Internal Audit Practitioner (IAP) program. They discuss the motivations behind the changes, how the updated Global Internal Audit Standards influenced the new exam, and what candidates can expect. The conversation also highlights the importance of aligning certification with real-world internal audit practices and the future of the profession.

Visit the Certifications page on theiia.org for additional information.

HOST:Christina Brune  Director, Exam Development, The IIA

GUEST:

Rick Walke, CIA, CPA, CRMA, QIALVice President, Internal Audit and Risk Management, FORUM Credit UnionCommittee Chair, IIA Exam Development Committee

André Vertamatti, CIA, CPA, CRMAHead of Internal Audit, Volkswagen Financial Services Brazil and LM Soluções de MobilidadeVice Chair, IIA Exam Development Committee

Key Points

• Introduction [00:00-00:37]
• Overview of CIA Exam Changes [00:38-01:42]
• Why Now? Motivation Behind the Updates [01:43-02:39]
• Incorporating the Global Internal Audit Standards [02:40-04:25]
• Testing Topical Requirements [04:26-06:01]
• What Candidates Need to Know [06:02-07:30]
• Study Options and Preparation Tips [07:31-08:33]
• Why the New Exam is Better [08:34-10:52]
• Impact on the Profession [10:53-12:20]
• Internal Audit Practitioner (IAP) Program Changes [12:21-15:38]
• Why IAP Updates Matter [15:39-17:38]
• Final Thoughts [17:39-18:38]

The IIA Related Content  Interested in this topic? Visit the links below for more resources:

• 2025 International Conference
• CIA 2025
• IAP 2025
• CIA Exam: Why and How it is Changing
• Global Internal Audit Standards
• Certification Candidate Handbook
• Certificate Programs
• Cybersecurity Topical Requirement

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit Tech

In this episode, Charles King talks with Debbie Lew about the transformative role of artificial intelligence in internal auditing. They discuss the integration of AI tools like Copilot, the importance of prompt writing, and how AI is enhancing audit processes. The conversation also covers training strategies, real-world applications, and the impact of AI on stakeholder engagement.

HOST:  Charles King, CIA, CPA, CFE, CIPP Partner, AI in Internal Controls Leader, KPMG US

GUEST: Debbie Lew, CISA, CRISC, CHIAP Senior Vice President and Chief Audit Executive, Kaiser Permanente

Key Points:

• Introduction [00:00-00:38]
• Inside Kaiser Permanente’s Internal Audit Team [00:39-02:14]
• AI Adoption at Kaiser Permanente [02:15-03:21]
• Prompt Writing as a Core Skill [03:22-04:10]
• Guidance Manuals and Prompt Libraries [04:11-05:02]
• Building AI Agents to Support Audits [05:03-05:51]
• Training, Communication, and Driving Adoption [05:52-07:23]
• Innovative Applications of GenAI in Audit [07:24-08:28]
• Inspiring a Tech-Forward Culture [08:29-10:06]
• Final Thoughts [10:07-10:31]

IIA Related Content:  Interested in this topic? Visit the links below for more resources.

• 2025 International Conference
• Knowledge Centers: Artificial Intelligence
• Auditing the Cybersecurity Program Certificate
• Cybersecurity Topical Requirement
• “Undercover AI,” Internal Auditor Magazine 
• The IIA’s Updated AI Auditing Framework

Visit The IIA’s website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple Podcasts Spotify Libsyn Deezer

The Institute of Internal Auditors Presents: All Things Internal Audit Tech

In this episode, George Barham talks with Mike Callino about how agile methodologies and artificial intelligence are transforming internal audit functions. Mike shares practical insights on implementing agile auditing, the challenges and benefits of this approach, and how AI is being used throughout the audit lifecycle.

HOST:George Barham, CIA, CISA, CRMA Director, Standards & Professional Guidance, The IIA

GUEST:Mike Callino, CIA, CISA Senior Director, Internal Audit, Braze

Key Points

• Introduction [00:00-00:00:27]
• Defining Agile Auditing [00:00:28-00:01:12]
• Applying Agile in Practice [00:01:13-00:03:03]
• Metrics for Agile Success [00:03:04-00:04:15]
• How Agile Auditing Has Evolved [00:04:16-00:06:06]
• Getting Started with Agile [00:06:07-00:07:28]
• Roles and Responsibilities in Agile [00:07:29-00:09:12]
• Measuring Agile Success [00:09:13-00:10:04]
• Training for Agile Adoption [00:10:05-00:11:20]
• AI Use Cases in the Audit Lifecycle [00:11:21-00:14:51]
• Common Misconceptions About Agile [00:14:52-00:16:12]
• The Future of Agile and AI in Auditing [00:16:13-00:18:48]

IIA Related Content:  Interested in this topic? Visit the links below for more resources:

• 2025 International Conference
• Agile Auditing Course
• Building a Better Auditor: Embracing Agile Audit
• Agile Auditing: Transforming the Internal Audit Process.
• Debunking Agile Myths

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit 

In this episode, The IIA’s Lindsay Patterson talks with Anna Davis of Qualcomm about the crucial aspects of internal audit team formation and dynamics. They discuss hiring strategies in the current market, the importance of soft and hard skills, the challenges and benefits of remote and in-office work, and methods for fostering a strong team culture. 

HOST:Lindsay Patterson, CIA, CPAExecutive Vice President , Membership, Marketing and Communications, The IIA

GUEST:Anna Davis, CPAVice President, CAE, Qualcomm

Key Points

• Introduction [00:00-00:22]
• Team Formation: Starting with Hiring [00:23-01:34]
• In-Office Work and Recruitment Challenges [01:35-04:13]
• Hard and Soft Skills and Business Acumen [04:14-06:00]
• Retention and Career Growth Opportunities [06:01-07:05]
• Team Size and Responsibilities [07:06-07:44]
• Building a Team Culture [07:45-10:32]
• The Value of Authentic Leadership [10:33-12:03]
• Advice for Aspiring Audit Leaders [12:04-13:44]
• Final Thoughts [13:45-14:44]

The IIA Related Content  Interested in this topic? Visit the links below for more resources:

• 2025 AuditSphere Virtual Conference
• Tools for Audit Managers Course
• IIA Group Membership
• Group Training Solutions
• All Things Internal Audit Podcast: 'Mastering Soft Skills in Internal Auditing,'
• Building a Better Auditor: Optimizing Team Communication

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

The Institute of Internal Auditors Presents: All Things Internal Audit Tech

In this episode, Andrew Guasp talks with Alex Gacheche about the importance of emotional intelligence (EQ) in the internal audit profession, especially in the context of AI advancements. They discuss how EQ can enhance internal audit effectiveness, the role of empathy and communication, and the impact of cultural differences on EQ. From active listening to handling difficult conversations, this episode unpacks the human side of internal auditing.

HOST:Andrew Guasp, CIA Senior Manager, Standards & Professional Guidance, The IIA

GUEST:Alex Gacheche, CISAHead of Internal Audit, Information Security, Technology Infrastructure, Emerging Technology, and AI, Meta

Key Points

• Introduction [00:00–00:01:16]
• What Is Emotional Intelligence? [00:01:17–00:03:34]
• Human Judgment with AI [00:03:35–00:05:01]
• Balancing Hard and Soft Skills [00:05:02–00:06:27]
• Developing EQ in Auditing [00:08:42–00:11:51]
• EQ in Communication and Reporting [00:11:52–00:13:16]
• Training for EQ Skills [00:13:17–00:14:31]
• Blending AI and EQ [00:14:32–00:15:49]
• Resources to Grow EQ [00:15:50–00:18:24]
• Using EQ in Remediation [00:18:25–00:21:42]
• EQ in Planning and Information Gathering [00:21:43–00:24:01]
• Cultural Sensitivity and Word Choice [00:24:02–00:26:32]
• Leading Multigenerational Teams [00:26:33–00:30:17]
• EQ’s Role in the AI Era [00:30:18–00:32:25]
• Leadership, Retention, and EQ [00:32:26–00:35:02]
• EQ in Walkthroughs and Meetings [00:35:03–00:40:47]
• Final Thoughts [00:40:48–00:41:53]

The IIA Related Content Interested in this topic? Visit the links below for more resources:

•  2025 AuditSphere Virtual Conference
• Building a Better Auditor: The Powerful Synergy of EQ and AI
• Knowledge Centers: Artificial Intelligence
• 'Mastering Soft Skills in Internal Auditing,' All Things Internal Audit Podcast
• The IIA’s Updated AI Auditing Framework

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer