Addressing the Challenges of Integrated Assurance

Integrated Assurance is poised to be the next level in terms of capability level for GRC.  Assurance is supposed to help see through the silos of an organisation, but what if internal Assurance providers are in silos and disjointed.

Integrated assurance helps drive a balanced focus across compliance + risk + quality (not just from the perspective of relationships between assurance providers).  In the speakers own experience, the issue most often seen is too strong an emphasis on Risk Management for example, on the assumption that Compliance will then just take care of itself if one is managing the risk controls effectively.

In the talk the audience is going to be looking at how getting everyone to align with an appropriate set of integrated controls will support compliance, risk and quality in a more balanced and pragmatic way.

Session Content Outline:

– The challenges facing business today

– Adopting an integrated approach to risk, compliance and quality

– Realising the benefits of integrated assurance


CPE Hours

1.5 hours, based on the assumption you have signed the attendance sheet when attending

Registration and Admittance

•           Due to our sponsoring partner’s facilities, access requirements and for catering purposes, we request that you register for this event to ensure you are able to attend.

•           Registration to this session is open and free of charge.

•           A registration door prize will be drawn from the list of duly registered attendees.



·         5.30pm – Registration and session sign-in – required to receive applicable CPE credits

·         6:00pm – START – Welcome, Introductions, Agenda

·         6:05pm – Monthly PD Session, Questions & Answers

·         6:50pm – The Soapbox – Chapter Updates, Announcements and Issues of interest to members

·         7.00pm – 15min Deck – drinks and finger food to be served

·         7.15pm – Networking opportunity

·         8.00pm – Event Ends



About the Speaker – Michael Nyhuis

Managing Director, Solisma

Professional background

Michael is one of Australia’s foremost experts on Integrated Assurance through the use of leading industry frameworks and standards. His extensive experience extends across a wide range of industry sectors throughout the Asia Pacific region, specialising in best practice programmes, integrated assurance and technology solutions. Over the last 10+ years, Michael has developed and commercialised Solisma’s Service Improvement Manager software service, providing risk, compliance and quality managers across the globe with the tools and capabilities needed to effectively deliver Integrated Assurance for the business.



Applied IS Risk, Control and Audit

Applied IS Risk, Control and Audit™: Foundations

Webinar #1 – The Role of Audit

What? – Overview and the Role of Audit – 1h presentation + 30 min exercices and Q&A

When? – 25/06/2018, 4:00 pm (UTC+10 hours)

This webinar will cover the follow topics:

  • The Audit Department
  • The Audit Committee
  • The IS Audit Unit
  • Stakeholders and Audit Relationships
  • Practical work-role-playing scenario

In this webinar we will go through the following scenario:

A new IS Auditor has just started working in a large organisation. They will need to identify the key people to develop relationships with; suggest ways on how to approach these tasks and discuss what setbacks they may encounter.

10 webinars in 12 weeks!

This webinar is part of the ” Applied IS Risk, Control and Audit™: Foundations” . The other webinars in the series include:

  1. Overview and the Role of Audit 
  2. Audit Planning
  3. Audit Report Writing
  4. Auditing Operating Systems
  5. Auditing Networks
  6. Auditing BCP/DR
  7. Auditing Application Controls
  8. Auditing Databases
  9. Data Analytics and CAATs
  10. New Technologies


These webinars are designed to provide an initial understanding of the IS Auditing process, how it fits within the overall environment of an organisation and to cover the most common reviews that an IS auditor will face in their work. They will also provide an overview of a series of new technologies and the risks associated with them.

The webinars are suitable for IS auditors with less than 2 years experience; or for auditors, finance or risk professionals from a business background looking to move into IS Audit or to develop their current skillset in a new direction.

The webinars contain a very strong focus on hands-on l earning. During the one and half hour, students will spend 30-40% of their time performing practical tasks or taking part in role-playing scenarios. As a result of the practical reinforcement, attendees will be able to understand the concepts they’ve learned much quicker, retain them for longer and apply them immediately in day-to-day activities.

At the end of the webinars, each student will take away:

  1. An audit planning template, including a budget worksheet
  2. An audit report writing template
  3. Four (4) methodologies to use when reviewing Operating Systems, Networks, Databases, Business Continuity/Disaster Recovery
  4. Fully functioning data analytics – three (3) Payroll tests and three (3) Accounts Payable tests
  5. Full exercise instructions

Your Instructor

Mario Bojilov – MEngSc (Research), CISA, Graduate Diploma Applied Finance and Investment, PhD Candidate

 Mario has worked in the area of Data Analytics and Business Improvement since 1994. He is a Certified Information Systems Auditor (CISA) and a Lecturer in Accounting Information Systems; IS Control and Governance; Enterprise Resource Planning; Systems Analysis and Design.

 Over the last 12 years, Mario Bojilov has taught over 1,500 university students and 300 professionals in the areas of Finance, IT, Risk and Audit. He has delivered industry training courses in Australia, UAE, Singapore and Malaysia.

 Mario founded Meta Business Systems in 2004 of which he is the current Chief Data Strategist. The company is focused on business improvement, performance monitoring and data governance. A number of Government and Higher Education organisations have used solutions designed and implemented by Meta Business Systems.

 Mario Bojilov holds a Master of Engineering Science Degree from the University of Queensland, a Graduate Diploma of Applied Finance and Investment from the Financial Services Institute of Australasia (FINSIA) and is currently a PhD Candidate with research topic in the area of Using Artificial Intelligence for Cybercrime Detection.

Mario has served as a President of ISACA Brisbane, as a Member of the External Advocacy Committee – ISACA International and is currently a member of the Media Advisory Working Group – ISACA International.

 Mario Bojilov has co-authored the following articles: Privacy and Big Data and Continuous Auditing and Continuous Monitoring in ERP Environments: Case Studies of Application Implementations.

Sample Videos for IS Auditors

  1. IS Audit – Starting
  2. IS Audit – WIIFM
  3. IS Audit – Report Writing
  4. IS Audit – Common IS Project Issues
  5. IS Audit – Common DB Vulnerabilities

2018 Certification Exams – Study Sessions

The Melbourne Chapter will be running study support sessions for members interested in, or undertaking the ISACA Certification Exams in 2018. There is no cost for attending.

CISA Study Sessions

Venue: Chartered Accountants, Level 18 Bourke Place, 600 Bourke Street, Melbourne

Time: 5:15pm to 7:00pm

The study sessions are designed to support your individual exam preparation and will be run at as follows:

  • Week 1. Thursday 10th May – Domain 1 & 2 (John O’Driscoll & Joseph Spiteri)
  • Week 2. Thursday 17th May – Domain 3 & 4 (Peter Ware & John O’Driscoll)
  • Week 3. Thursday 24th May – Domain 5 (Ronnie Islam & John O’Driscoll)
  • Week 4. Thursday 31st May  – Practice Exam (John O’Driscoll)

For further information contact John O’Driscoll (

CRISC Study Sessions

Venue: Chartered Accountants Aust & NZ, Level 18, 600 Bourke Street, Melbourne

Time: 5:15pm to 7:00pm

The study sessions are designed to support your individual exam preparation and will be run at as follows:

  • Week 1. Thursday 3rd May – Domain 1 (Zahir Ali Quettawalla)
  • Week 2. Thursday 10th May – Domain 2 (Zahir Ali Quettawalla)
  • Week 3. Thursday 17th  May – Domain 3 (Zahir Ali Quettawalla)
  • Week 4. Thursday 24th May – Domain 4 & Practice Exam (Zahir Ali Quettawalla)

For further information contact Zahir Ali Quettawalla (


CISM Study Sessions

Venue: IOOF Holdings Ltd, 161 Collins Street.

The building is currently undergoing major construction works. There is only one entry point to the building near the Max Mara store. The main entrance to 161 Collins is undergoing significant construction works and sits between the Max Mara store and the temporary entrance. The temporary entrance is a hoarded tunnel on the street. The hoarded entrance will lead you to security desks, keep walking through the tunnel and this will lead you directly to a set of lifts. The first set of lifts will take you to Level 6, where the IOOF reception is located. Once on Level 6, please come into reception area and register yourself on the iPad provided. If you are having trouble locating or entering the office please call Ashutosh on 0418990305 or Anthony on 0434 527 708

Time: 5:15pm to 7:00pm

The study sessions are designed to support your individual exam preparation and will be run at as follows:

  • Week 1. Wednesday 6th June – General Exam Guidelines and Domain 1  (Ashutosh Kapse, Anthony Rodrigues)
  • Week 2. Wednesday 13th June – Domain 2 (Ashutosh Kapse, Anthony Rodrigues)
  • Week 3. Wednesday 20rd June – Domain 3 & Practice Exam (Ashutosh Kapse, Anthony Rodrigues)
  • Week 4. Wednesday 27th June – Domain 4 & Practice Exam (Ashutosh Kapse, Anthony Rodrigues)

For further information contact Ashutosh Kapse (


CGEIT Exam Preparation Q&A Session

Only 4 registrations so do not intend running a study session in May 2018.