As stated in the Institute of Internal Auditors IPPF, “The internal audit activity must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk (2120.A2)”.
How is your auditing function meeting this professional expectation? The time to test fraud controls is before you have a fraud. Testing fraud controls is more commonly referred to as an “anti-fraud” assessment and is typically conducted by auditors as a consulting service. How long has it been since a comprehensive review was conducted at your organization? Once completed, as the company changes over time, sections of the first review should be updated.
This webinar will cover:
· How strong are your controls?
· Are you looking for fraud or is fraud looking for you?
· The time to detect directly impacts the chances of recovery
· Shell Vendors uncovered made the headlines in 2016
· Looking for signs of complacency in the workplace
· A robust organizational COSO based framework that organizes your work from cradle to grave
· Working paper and check list recommendations
· Actual audit report sample (with author identification removed)
Detecting Credit Card Fraud: A Machine Learning Approach
How to prepare for your first anti fraud review
1. 12/20/2017
1
How to Prepare for your
First Anti-Fraud Review
About Jim Kaplan, CIA, CFE
President and Founder of AuditNet®, the global
resource for auditors (now available on iOS, Android
and Windows devices)
Auditor, Web Site Guru,
Internet for Auditors Pioneer
Recipient of the IIA’s 2007 Bradford Cadmus
Memorial Award.
Author of “The Auditor’s Guide to Internet
Resources” 2nd Edition
Page 2
2. 12/20/2017
2
About AuditNet® LLC
• AuditNet®, the global resource for auditors, serves the global audit community as the primary resource
for Web-based auditing content. As the first online audit portal, AuditNet® has been at the forefront of websites
dedicated to promoting the use of audit technology.
• Available on the Web, iPad, iPhone, Windows and Android devices and features:
• Over 2,800 Reusable Templates, Audit Programs, Questionnaires, and Control Matrices
• Webinars focusing on fraud, data analytics, IT audit, and internal audit with free CPE for subscribers
and site license users.
• Audit guides, manuals, and books on audit basics and using audit technology
• LinkedIn Networking Groups
• Monthly Newsletters with Expert Guest Columnists
• Surveys on timely topics for internal auditors
Introductions
Page 3
HOUSEKEEPING
This webinar and its material are the property of AuditNet® and its Webinar partners. Unauthorized usage or
recording of this webinar or any of its material is strictly forbidden.
• If you logged in with another individual’s confirmation email you will not receive CPE as the confirmation
login is linked to a specific individual
• This Webinar is not eligible for viewing in a group setting. You must be logged in with your unique join link.
• We are recording the webinar and you will be provided access to that recording after the webinar.
Downloading or otherwise duplicating the webinar recording is expressly prohibited.
• If you have indicated you would like CPE you must answer the polling questions (all or minimum required)
to receive CPE.
• If you meet the criteria for earning CPE you will receive a link via email to download your certificate. The
official email for CPE will be issued via NoReply@gensend.io and it is important to white list this address. It
is from this email that your CPE credit will be sent. There is a processing fee to have your CPE credit
regenerated post event.
• Submit questions via the chat box on your screen and we will answer them either during or at the
conclusion.
• Please complete the evaluation questionnaire to help us continuously improve our Webinars.
3. 12/20/2017
3
IMPORTANT INFORMATION REGARDING
CPE!
• SUBSCRIBERS/SITE LICENSE USERS - If you attend the Webinar and answer the polling questions (all or minimum required) you will receive
an email with the link to download your CPE certificate. The official email for CPE will be issued via NoReply@gensend.io and it is
important to white list this address. It is from this email that your CPE credit will be sent. There is a processing fee to have your CPE credit
regenerated post event.
• NON-SUBSCRIBERS/NON-SITE LICENSE USERS - If you attend the Webinar and answer the polling questions (all or minimum required) and
requested CPE you must pay a fee to receive your CPE. No exceptions!
• We cannot manually generate a CPE certificate as these are handled by our 3rd party provider. We highly recommend that you work with
your IT department to identify and correct any email delivery issues prior to attending the Webinar. Issues would include blocks or spam
filters in your email system or a firewall that will redirect or not allow delivery of this email from Gensend.io
• Anyone may register, attend and view the Webinar without fees if they opted out of receiving CPE.
• We are not responsible for any connection, audio or other computer related issues. You must have pop-ups enabled on you computer
otherwise you will not be able to answer the polling questions which occur approximately every 20 minutes. We suggest that if you have
any pressing issues to see to that you do so immediately after a polling question.
The views expressed by the presenters do not necessarily represent the views, positions, or opinions of AuditNet® LLC. These
materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or
legal advice or create an accountant-client relationship.
While AuditNet® makes every effort to ensure information is accurate and complete, AuditNet® makes no representations,
guarantees, or warranties as to the accuracy or completeness of the information provided via this presentation. AuditNet®
specifically disclaims all liability for any claims or damages that may result from the information contained in this presentation,
including any websites maintained by third parties and linked to the AuditNet® website.
Any mention of commercial products is for information only; it does not imply recommendation or endorsement by AuditNet®
LLC
4. 12/20/2017
4
How to Prepare for your
First Anti-Fraud Review
Don Sparks
SmartCAATTs, LLC
407-756-0375
don@smartcaatts.com
Ongoing
Monitoring
Governance
“Tone at the
Top”
Event & Risk
Assessment
“Think like a
Fraudster”
Controls
Testing
“Looking
for Fraud”
Incident
Response
“Suspected
Fraud”
POLLING QUESTION #1
5. 12/20/2017
5
Schedule
• Executive Summary & Looking For Shell Vendors
• International Professional Practices Framework (The IIA Red Book)
• Committee of Sponsoring Organizations (COSO)
• Association of Certified Fraud Examiners (ACFE)
• Anti-Fraud Life Cycle Detail
• Q&A
Executive Summary
• Test internal controls before you have a fraud [anti-fraud assessment]
• Are you looking for fraud? Be sure your organization has a Fraud Policy!
• Time to detect negatively impacts recovery and investigation dollars
• An anti-fraud assessment is not a one time and forget exercise!
• Fraud is an Adaptive Crime and you do need to LOOK for it:
• Business units have finite and predictable list of schemes, typically 5 to 7
• Each scheme permutation creates a finite and predictable scenario
• The key to finding is to “proactively” look where it typically occurs
• You need to know what fraud looks like, particularly “in the data”
• Internal Auditors need to be “approachable”, are you?
6. 12/20/2017
6
Resources - Great Take Aways if you do not already have:
• Credit Balances on Cancelled Accounts
• Fraud Risk Assessment Audit Report
• Corporate Policy on Fraud
• Fraud Auditing - GTAG 13
• Red Flags Squirrel File
• ACFE Report to the Nations
• Fraud Investigation Report
Is Fraud a Problem?
Our company does not
have a fraud problem
Our employees
are honest &
would not
commit fraud
We only
hire honest
employees
We follow all government
regulations so we are
protected against fraud
Small frauds are
not important to
bother with
7. 12/20/2017
7
Do You Have a Robust Ethics Committee Process?
Secure Leadership buy-in
Choose Committee Members
Train Members and Staff
Write Committee Charter/Guiding Principles
Establish Committee Process – when to meet
Initiate Process and Deliberate
Anti-Fraud is a Journey not a Destination
• Fraudsters – Learn how to create the fraud and have the time and patience
to get good at it. Start out slow, easy to explain and then increase the
activity. May be creative at disguising fraud.
• Auditors – Must learn what fraud looks like in the work place. Per the
PCAOB, auditors are often too predictable, polite, and easily sidetracked
with heavy workloads.
• Anti-Fraud - The purpose is to bring awareness to all employees about the
potential for fraud, what constitutes fraud, how to prevent fraud, how to
report suspected fraud and how to handle any allegations of fraud. The
ultimate goal is to eliminate all fraudulent activity.
8. 12/20/2017
8
POLLING QUESTION #2
Role of Internal Auditing in Fraud
• What does your Charter say?
• Reference to GTAG 13 – Questions for CAE to ask
senior management and Audit committee.
• Audit Committee Event Matrix.
9. 12/20/2017
9
Fraud Detection Sources
Internal Auditing continues to stay in
the top spots according to the ACFE
RTTN. In the 2016 report Internal
Auditing was second behind tip.
This report contains an analysis of 2,410 cases
of occupational fraud that were investigated
between January 2014 and October 2015. The
frauds in this study took place in 114 different
countries throughout the world.
TIP 39.1
INTERNAL AUDIT 16.5
MANAGEMENT REVIEW 13.4
BY ACCIDENT 5.6
OTHER 5.5
DOCUMENT EXAM. 3.8
EXTERNAL AUDIT 3.8
BY LAW ENFORCEMENT 2.4
SURVELIANCE MONITOR 1.9
IT CONTROLS 1.3
CONFESSION 1.3
2016 %
POLLING QUESTION #3
10. 12/20/2017
10
The Institute of Internal Auditors’ IPPF defines fraud as:
Fraud encompasses a wide range of irregularities and illegal acts
characterized by intentional deception or misrepresentation.
“Any illegal act characterized by deceit, concealment, or violation of
trust. These acts are not dependent upon the threat of violence or
physical force. Frauds are perpetrated by parties and organizations to
obtain money, property, or services; to avoid payment or loss of
services; or to secure personal or business advantage.”
ACFE Categories of Fraud
• Asset Misappropriation
• Financial Statement
• Corruption
Asset misappropriation was by far the most
common form of occupational fraud,
occurring in more than 83% of cases, but
causing the smallest median loss of
$125,000. Financial statement fraud was on
the other end of the spectrum, occurring in
less than 10% of cases but causing a
median loss of $975,000. Corruption
cases fell in the middle, with 35.4% of cases
and a median loss of $200,000.
11. 12/20/2017
11
Examples of Fraud
Fraud is perpetrated by a person knowing that it could
result in some unauthorized benefit to him or her, to the
organization, or to another person, and can be perpetrated
by persons outside or inside the organization. Some
common fraud schemes include:
Fraud Schemes
Asset misappropriation is stealing cash or assets (supplies, inventory,
equipment, and information) from the organization. In many cases, the
perpetrator tries to conceal the theft, usually by adjusting the records.
Skimming occurs when cash is stolen from an organization before it is
recorded on the organization’s books and records. For example, an
employee accepts payment from a customer, but does not record the
sale.
Payroll fraud occurs when the fraudster causes the organization to
issue a payment by making false claims for compensation. For example,
an employee claims overtime for hours not worked or an employee
adds ghost employees to the payroll and receives the paycheck.
12. 12/20/2017
12
Fraud Schemes (continued)
Disbursement fraud occurs when a person causes the organization to
issue a payment for fictitious goods or services, inflated invoices, or
invoices for personal purchases. For example, an employee can create a
shell company and then bill the employer for nonexistent services.
Other examples include fraudulent health care claims (billings for
services not performed, unbundled billings instead of bundled billings),
unemployment insurance claims by people who are working, or
pension or social security claims for people who have died.
Fraud Schemes (continued)
Financial statement fraud involves misrepresenting the financial
statements, often by overstating assets or revenue or understating
liabilities and expenses. Financial statement fraud is typically
perpetrated by organization managers who seek to enhance the
economic appearance of the organization. Members of management
may benefit directly from the fraud by selling stock, receiving
performance bonuses, or using the false report to conceal another
fraud.
13. 12/20/2017
13
Fraud Schemes (continued)
Expense reimbursement fraud occurs when an employee is paid for fictitious
or inflated expenses. For example, an employee submits a fraudulent
expense report claiming reimbursement for personal travel, nonexistent
meals, extra mileage, etc.
Information misrepresentation involves providing false information, usually
to those outside the organization. Most often this involves fraudulent
financial statements, although falsifying information used as performance
measures can also occur.
Conflict of interest occurs where an employee, manager, or executive of an
organization has an undisclosed personal economic interest in a transaction
that adversely affects the organization or the shareholders’ interests.
Fraud Schemes (continued)
Corruption is the misuse of entrusted power for private gain.
Corruption includes bribery and other improper uses of power.
Corruption is often an off-book fraud, meaning that there is little
financial statement evidence available to prove that the crime
occurred. Corrupt employees do not have to fraudulently change
financial statements to cover up their crimes; they simply receive cash
payments under the table. In most cases, these crimes are uncovered
through tips or complaints from third parties, often via a fraud hotline.
Corruption often involves the purchasing function. Any employee
authorized to spend an organization’s money is a possible candidate for
corruption.
14. 12/20/2017
14
Fraud Schemes (continued)
Bribery Is the offering, giving, receiving, or soliciting of anything of
value to influence an outcome. Bribes may be offered to key employees
or managers such as purchasing agents who have discretion in
awarding business to vendors. In the typical case, a purchasing agent
accepts kickbacks to favor an outside vendor in buying goods or
services. The flip side of offering or receiving anything of value is
demanding it as a condition of awarding business, termed economic
extortion. Another example is a corrupt lending officer who demands a
kickback in exchange for approving a loan. Those paying bribes tend to
be commissioned salespeople or intermediaries for outside vendors.
Other Fraud Schemes:
A diversion is an act to divert a potentially profitable transaction to
an employee or outsider that would normally generate profits for the
organization.
Unauthorized or illegal use or theft of confidential or proprietary
information to wrongly benefit someone.
Related-party activity is a situation where one party receives some
benefit not obtainable in a normal arm’s length transaction.
Tax evasion is intentional reporting of false information on a tax
return to reduce taxes owed.
15. 12/20/2017
15
POLLING QUESTION #4
Be Alert For the “Red Flags” of Fraud
Create a record of business rules to use your favorite data mining tool.
Your staff should be able to add and adjust items on the list on a
regular basis. See a portion of Don’s “Squirrel File”.
16. 12/20/2017
16
2015 “The Year of Shell Vendor Frauds”
Industry A Large Hospital A Large City
Detection Tip to CAE Tip by employee
Duration 14 years 7 years
Amount $10 million/ 200 payments $7 million/175 payments
Scheme Account Payables Account Payables
Scenario Payments sent to PO Box
belonging to an employee
who created, reviewed and
approved invoices
Payments sent to former employee
in a relationship with city manager
– 3 additional shell companies
identified
Data Mining Tool ??? IDEA
How to Identify Fictitious (Shell) Vendors
• Approved to be paid through a P.O. Box (for several years)
• Not an approved vendor for goods or services
• Above average amounts (payouts) in relation to other vendors
• Cross check with employee address, zip code, bank account, or phone
• No taxpayer identification number or an invalid one
• Names consisting of initials cross checked with employee initials
• Invoice numbers are consecutive numbers with little or no gap
• Invoices with even dollar amounts and/or no taxes
• Cross check with Secretary of State records on principals or agents
17. 12/20/2017
17
Common Information in Master Files
• Most auditors and fraud examiners recommend cross-matching data.
For example, the customer master file and the employee master file
looking for unusual circumstances and possible fraud.
• Prior to IDEA version 9.2 when the @SimilarPhrase function was
introduced, there basically were two best practices: Cross Matching
Using the First 8 Characters; or, Using @JustNumbers.
• Now, using the @SimilarPhrase brings in the levenshtein matching
logic and in addition to returning 100 % matches, returns a distance
percentage to identify close matches.
• A short demonstration follows:
Cross Match with @SimilarPhrase
The Levenshtein distance between two strings is defined as the
minimum number of edits needed to transform one string into the
other, with the allowable edit operations being insertion, deletion, or
substitution of a single character.
20. 12/20/2017
20
Analytics Journey
Data Information Insight
Data Analysis Process
Source: Aberdeen Group May 2012
How Can The IIA Help? The Standards
• 2120.A1 – The IA activity must evaluate risk exposures relating to the
organization’s governance, operations, and information systems
regarding the:
• Achievement of the organization’s strategic objectives.
• Reliability and integrity of financial and operational information.
• Effectiveness and efficiency of operations and programs.
• Safeguarding of assets.
• Compliance with laws, regulations, policies, procedures, and contracts.
• 2120.A2 – The IA activity must evaluate the potential for the occurrence
of fraud and how the organization manages fraud risk.
[Changed from “should “ to MUST in 2012]
21. 12/20/2017
21
How Can COSO help?
Ongoing
Monitoring
Governance
“Tone at the
Top”
Event & Risk
Assessment
“Think like a
Fraudster”
Controls
Testing
“Looking for
Fraud”
Incident
Response
“Suspected
Fraud”
It Should Be a CRIME to Not Know COSO
• THE CONTROL ENVIRONMENT - foundation for the IC system with discipline
and structure. [Control testing]
• RISK ASSESSMENT - identification/analysis by management—not IA — risks
relevant to achieve predetermined objectives. [think like a fraudster]
• CONTROL ACTIVITIES - policies, procedures, and practices to be sure
management objectives are achieved and risk mitigation strategies are
carried out. [Tone at the Top]
• INFORMATION AND COMMUNICATION - support all IC components by
communicating IC responsibilities to employees and provides information
that allows people to carry out their duties. [current fraud review]
• MONITORING - oversight of IC by management or others outside the
process; manual or automated; evidence objectives are met. [Ongoing
monitoring]
22. 12/20/2017
22
The 2013 COSO Internal Control Framework
Added 17 Principles, including:
•Principle 8: “The organization considers the potential for fraud in
assessing risks to the achievement of objectives”
Monitoring Activities
• Principle 16. The organization selects, develops, and performs ongoing
and/or separate evaluations to ascertain whether the components of
internal control are present and functioning
• Principle 17: The organization evaluates and communicates internal
control deficiencies in a timely manner …..
How can ACFE help? “Proactive” vs. “Reactive”
23. 12/20/2017
23
End Result: Anti-Fraud Life Cycle
Step 5
Ongoing
Monitoring
Step 1
Governance
“Tone at the
Top”
Step 3
Event & Risk
Assessment
“Think like a
Fraudster”
Step 5
Controls
Testing
“Looking for
Fraud”
Step 2
Incident
Response
“Suspected
Fraud”
Use the framework as the
Audit program, working
papers and audit report
outline.
The permanent file is
repeated at regular but
varying intervals to
Identify the organization’s
readiness to fight fraud.
Step 1: Governance – Tone at the Top
1 External Audit of Financial
Statements
11 Hotline
2 Code of Conduct 12 Fraud Training for employees
3 Management Certification of
Financial Statements
13 Surprise Audits
4 Manage Review/approvals/line of
authority
14 Job rotation/mandatory vacation
5 Internal Auditing Function 15 Rewards for Whistleblowers
6 External Audit of ICOFR 16 Key performance measuring/monitoring
7 Independent Audit Committee 17 Hiring - background and reference
checks
8 Employee Support Programs 18 Termination - exit interview process
9 Fraud Training for
Managers/executives
19 Crime coverage - list of employees
covered
10 Fraud Investigation Policy 20 Appoint A Chief of Company Anti-Fraud
Policy
24. 12/20/2017
24
Auditing Tone at the Top
• Review Board Minutes
• Did management attend Code of Conduct Training
• Audit Expense Reports
• Hotline “reports” Follow-up
• Handling Code of Conduct “exceptions”
• Review Board of Directors duty training
• Did BoD conduct a self-assessment?
• Benchmark against peer organizations
25. 12/20/2017
25
Step 2: Fraud Investigation Policy
1 How and when to start an
investigation
8 How & when to elevate the
investigation
2 Who can approve 9 Consistency & uniformity, similar
offenses treated alike
3 Documentation
Requirements
10 Guidance - how far to pursue
investigation
4 Data Analysis Needs 11 Communications - before, during
& after investigation
5 Designate the members of
the team
12 Extent of recovery efforts to be
conducted
6 Process for adding experts to
the team
13 Issue final written report
7 Access, evaluate & mitigate
internal controls
14 Records retention
Source GTAG 13
26. 12/20/2017
26
Internal Audit May Not Be Aware of Fraud
• Adding experts skilled in
data analysis can get the
complete picture.
• Why not use internal
auditing staff?
• Impact changes if the
company has a crime or
fidelity insurance policy.
A theme park employee admitted to
defrauding the park of $209,000 in
park tickets over an 18 month period.
She agreed to repay the to avoid
prosecution.
Internal audit was not involved but
noticed the employee worked 4 years.
Using the scheme already determined
they calculated the employee actually
stole over $1 million in tickets.
Sequence of Fraud Activities
Preventative
Controls
Detection &
Monitoring
Investigation &
Prosecution
Lessons Learned influence future use of
prevention and control processes.
27. 12/20/2017
27
Step 3: Fraud Risk Assessment – The CSA
• Understand where fraud is likely to occur – use ACFE RTTN report
• Invite representatives to discuss each process under review
• Some employees will have difficulty in envisioning fraud happening
• Use anonymous polling tools to open discussions in sensitive areas
• Consider everyone’s opinion (outlier concerns)
• Be sure the person documenting the discussion catches key
information
ACFE Report to the Nations – Fraud Schemes
Financial
ReportingCorruption
29. 12/20/2017
29
Fraud Risk Assessment Heat Map
Quantification
Risks identified in the assessment process must now be prioritized. The methodology for prioritization will be to assess the impact and likelihood of each risk. Impact is the result or effect of an event. Likelihood is the possibilit
POLLING QUESTION #6
30. 12/20/2017
30
Example “CSA Brainstorming Session”
1. Cashiers handle the same number of sales
2. Cashiers should receive about the same number of refunds or returns
3. Employees should not receive “refunds”
4. All invoices should be sequential without gaps
5. Refunds are computed amounts, distribution should follow Benford’s law
6. An automated system should not allow duplicate refunds
7. Customer can not be refunded more than what they paid originally
8. Supervisor overrides should all be within normal business hours
9. Correlation between sales and refunds should follow the sales (trending)
Step 4: Controls Testing - Look for Fraud
• Just because you have completed the fraud risk assessment does not
mean you are done.
• Many companies do not proactively test their fraud readiness until
after a fraud occurs.
• By taking advantage of the rich knowledge embedded in the fraud
risk assessment template, internal auditing can incorporate detail
audit tests into their audit universe.
• As future audit schedules are developed, the more important risks to
the organization should float to the top of the priority scale.
31. 12/20/2017
31
Step 4. Testing Entity & Process Controls
Are fraud risk flags imbedded into audit programs? Is the staff fully
trained in technology? If you do not look, then who will….
Data Analysis is not the same as Data Mining
Data analysis is the science of examining raw data. The purpose is to
determine if this data contains information (good or bad). Sampling
can be a perfectly acceptable feature.
Data Mining is using the results of data analysis to search through
100% of the data to find matching patterns. Matches may be false
positives but the exercise is looking for true positives. A false positive is
a record that meets the pattern but is not a correct record that fits the
desired result.
32. 12/20/2017
32
Step 5: Monitoring Activities
Monitoring = Compliance?
• Insurance Companies & banks in some states are required to do an
anti-fraud report
• COSO principles 16 & 17
• USA Sentencing guidelines
• OECD Good Practice
• UK Bribery Act
• OECD Good Practice
• UK Bribery Act
Organization for Economic Co-operation & Development
33. 12/20/2017
33
POLLING QUESTION #7
Data Analysis Tips To Keep In Mind
• Work on a COPY of Client’s data – never make changes to client data
• Document all actions taken with data
• Audit tests repeatable with same results
• Maintain custody & security of data
• Properly store and destroy data
34. 12/20/2017
34
Six Tips for Successful Data Analytics Integration:
1. Start with a high-priority, high-return project
2. Focus on efficiency and effectiveness
3. Communicate
4. Be brief; be thorough; be gone
5. Exercise patience
6. Use the Tool Provider Help Desk
Lessons Learned
• Good Data
• Correct Analysis
• Data Readily Available
• Data Speaks For Itself
• Offender Terminated
• One Perpetrator
• Best Practice For All
• Only “One” Tool
• “Bad” Can’t Happen
• Know Tools, Competencies, Company, Industry!
35. 12/20/2017
35
POLLING QUESTION #8
Conclusion:
• Develop and implement a Fraud Policy for your organization
• Implement a fraud reporting hotline
• Be aware of red flag behaviors
• Don’t depend solely on external audits
• Small business owner? Be vigilant
• Focus on prevention, not recovery
36. 12/20/2017
36
Questions?
• Any Questions?
Don’t be Shy!
Page 71
AuditNet® and cRisk Academy
• If you would like forever access
to this webinar recording
• If you are watching the
recording, and would like to
obtain CPE credit for this
webinar
• Previous AuditNet® webinars are
also available on-demand for
CPE credit
http://criskacademy.com
http://ondemand.criskacademy.com
Use coupon code: 50OFF for a discount on this
webinar for one week
37. 12/20/2017
37
Thank You!
Page 73
Jim Kaplan
AuditNet® LLC
1-800-385-1625
info@auditnet.org
www.auditnet.org
Don Sparks - CIA, CISA, CRMA
SmartCAATTs LLC
407-756-0375
don@SmartCAATTs.com
www.smartcatts.com
(IDEA Training)
Questions?
Don Sparks, CIA, CISA, CRMA, ARM
don@smartcaatts.com
Thank You For Attending & Happy Holidays!