“Risk: What is it? Prove it, show me” by Larry Litke
At this point I may be a glutton for sessions about risk. While I am fascinated by how people are poking at this beast, and sometimes dismayed by how far back our thinking is on the subject, there may just be an element that at an audit conference I find a lot of the other topics not really aligned to my interests.
Started by covering high level definition of risk and then moved into the IS (001:2015’s risk based thinking at a high level, mostly by reading from the standard.
It is good that succession planning is specifically discussed as part of risk-based thinking.
“Above all it is communication” is good advice for every change.
It is an important point that the evidence of risk-based thinking is the actual results and not a separate thing.
This presentation’s strengths was when it focused on business continuity as a form of risk-based thinking.
“Auditing the Quality System for Data Integrity” by Jeremiah Genest
My second presentation of the conference is here.
This year’s Audit Division conference was pretty small. I was in sessions with 10 people and we didn’t fill a medium size ballroom. I’m told this was smaller than in past years and I sincerely hope this will be a bigger conference next year, which is back in Orlando. My daughter will be thrilled, and I may be back just to meet that set of user requirements.
I think this conference could benefit from the rigor the LSS Conference and WCQI apply for presentation development. I was certainly guilty here. But way too many presentations were wall-to-wall text.