Key Dates

Thursday 3 July 2025
Rydges World Square Hotel, Sydney


Thursday 17 July 2025
Brisbane Marriott Hotel, Brisbane

Register

Principal Sponsor

Major Sponsor

8:50 - 9:00 AM

Welcome Address and Opening Remarks 

9:00 - 9:45 AM 

Session 1

Managing the use of AI – Balancing the risks and opportunities

Evaluating the scope and impact of AI on business operations

  • Developing and testing the AI strategy, models and framework
  • Addressing bias and fairness risk in AI models and data 
  • Protecting proprietary data, algorithms and models
  • Balancing innovation with ethical responsibility
  • Establishing a framework to monitor the safe and effective use of AI

(NSW & QLD) Gayan Benedict, 
MIT CISR Industry Research Fellow 

9:45 - 10:30 AM 

Session 2

Applying the GIAS Topical Requirements on Cybersecurity 

  • Overview of the GIAS framework and its focus on cybersecurity risks
  • Aligning cybersecurity internal audit practices with the GIAS Cybersecurity Topical Requirement to ensure organizational resilience
  • Understanding key controls and assessments required under the Cybersecurity Topical Requirement
  • The interrelationships between the Cybersecurity Topical Requirement and other IT frameworks

(NSW) Aamir Husain PMIIA CIA, International, Risk Group Leader, DLA Piper & VIC Chapter Chair, IIA-Australia
(QLD) Steve Coates PFIIA CGAP CIA CRMA, Past Member, International Internal Audit Standards Board 

10:30 - 11:00 AM

Morning Tea Networking

11.00 - 11:45 AM 

Session 3

Going to the Cloud – Addressing Third Party Risk 

  • Evaluating the security, compliance and operational risks when using cloud services
  • Assessing the shared risk responsibilities between your organisation and third-party providers
  • Addressing data sovereignty, privacy and legal / compliance obligations in cloud environments
  • Implementing security controls, monitoring tools, and incident response plans for third-party cloud environments
  • Establishing audit procedures and SLAs to provide effective assurance over outsourced cloud services

(NSW & QLD) Rakitha Wickramaratne AMIIA, Head of Audit – Group Technology and Data Risk & 
Analytics, Group Audit, Westpac 

11.45 - 12.30 PM

Session 4

Managing risk in technology transformation projects– The role of assurance in keeping projects on track

  • Evaluating the organisation’s technology maturity and its impact on successful project execution
  • Key lessons from past technology transformation failures – Misaligned expectations, inadequate change management, budget overruns, resistance to new technologies
  • Understanding the critical role that internal audit can play in overseeing and advising on the execution of technology transformation projects 
  • Applying effective auditing techniques for assessing the progress and health of transformation projects
  • Driving a collaborative approach to build effective controls, governance and risk management throughout the project lifecycle

(NSW) Andrew McKay AMIIA, Head of Internal Audit, Hollard Insurance
(NSW) Mustafa Ghulam, Senior NSW Public Service Professional
(QLD) Tony Irvine, Principal Internal Audit and Technology, Brisbane City Council
(QLD) Hung Doan, Audit Portfolio Manager Technology & Transformation, Suncorp

12.30 - 1.15 PM

Session 5

Rethinking assurance over technology governance

The session will challenge the status quo of technology governance and delve into the changing 
technology landscape and how the assurance function can provide maximum value. Key areas to be discussed include:

  • Governance over IT investment decisions
  • The importance of building operational resilience in technology
  • Capability and resource optimisation 

(NSW & QLD) Paras Shah, Practice Lead, Strategic Advisory, Vital Advisory

1:15 - 2:00 PM

Lunch Networking Break

2.00 - 2.45 PM

Session 6

Hacked – Lesson learned from cyber breaches

  • Overview of the evolving cyber threat landscapes and emerging attack methods
  • Finding the data breach source – Is it a technology or people problem?
  • Navigating the legal and regulatory challenges  
  • Challenges in implementing data breach / disaster recovery plans – Real-world examples of recovery successes and failures
  • Defining the role of internal audit, IT, assurance and management in addressing vulnerabilities to protect the organisation from cyber threats

(NSW & QLD) Tony Abraham, Managing Director, Island Bell
(NSW & QLD) Charlie O’Connell, Managing Director, Island Bell
(NSW) Clint Arizmendi, Advisor, Island Bell 

2.45 - 3.30 PM

Session 7

Data governance – Protecting your most valuable asset 

  • Understanding what data you have, whether your data has been classified and where sensitive data is located
  • Determining how data can be used – Data access controls and risks
  • Data governance – Defining who is responsible and accountable for data across your organisation
  • Protecting data – Complying with data privacy and other data security and control requirements
  • Identifying the warning signs of a potential leak and what do if you have a data breach
  • Engaging the organisation through effective reporting on steps to take to prevent data leakage

(NSW & QLD) Ritika Maheshwari, Data Governance Lead – Woolies X, Woolworths Group

3.30 - 4.00 PM

Afternoon Tea Networking

4.00 - 4.45 PM

Session 8

The digital audit shop – Getting smart with analytics and visualisation 

  • How analytics can be used to improve audit efficiency and effectiveness.
  • Utilising advanced techniques such as process mining to visualise your operational data.
  • Creating dynamic visualizations and dashboards to highlight key risks, controls, and performance metrics
  • Improving stakeholder engagement with visually compelling and easy-to-understand audit results
  • Building a digital audit culture – Getting started, best practices and lessons learned

(NSW) Tariq Islam PMIIA, Managing Director, RapidLynx
(QLD) Robert Kilbride, Senior Director – Audit Analytics, Queensland Audit Office

4.45 - 5.30 PM

Session 9

The practicalities of putting AI into IA – Advancing your audit shop

Through a selection of show and tell case studies, this session will explore:

  • Understanding large language models (LLMs) and how they can be used for internal auditing
  • Addressing ethical, legal and regulatory requirements in using AI for internal audit
  • Insights on practical uses cases on applying AI in audit, e.g. scoping, planning, reporting and 
    automated controls testing

(NSW & QLD) Dr Peter McLeod PMIIA GradCertIA, Associate Director (Internal Audit), The University 
of Queensland
(NSW) Vincent Verlinde PMIIA, GradCertIA, Head of Risk and Assurance, Daikin Group Australia & 
New Zealand
(QLD) Sean Hounslow PFIIA CIA, Senior Quality Auditor, Risk & Compliance, OzCare 

5.30 - 5.35 PM

Close