critical thinking 2013_4 hours.pptx - the institute of internal auditors
TRANSCRIPT
2 © 2013 Sunera LLC. All rights reserved
3 © 2013 Sunera LLC. All rights reserved
Danny M. Goldberg
n Partner, Professional Development (www.sunera.com)
n Lead Professional Development and Executive Recruiting Practices Nationally for Sunera
n Founding Partner, SOFT GRC (www.thesoftaudit.com)
– Sold to Sunera January 2011
n Former Director of Corporate Audit/SOX at Dr Pepper Snapple Group
n Former CAE - Tyler Technologies
n Published Author (Book/Articles)
n Texas A&M University – 97/98
n CPA – Since 2000 n CIA – Since 2008
n CISA – Since 2008 n CGEIT (Certification in the
Governance of Enterprise IT) – Since 2009
n CRISC (Certification in Risk and Information Systems Control) – Since 2011
n CRMA (Certification in Risk Management Assurance) – Since 2011
n CCSA (Certification in Control Self-Assessment) – Since 2007
n CGMA (Chartered Global Management Accountant) – Since 2012
4 © 2013 Sunera LLC. All rights reserved
n Chairman of the Leadership Council of the American Lung Association - North Texas – 2012 CY
n Served on the Audit Committee of the Dallas Independent School District (CY 2008)
n Current Dallas IIA Programs Co-Chair (2011-2012 and 2012-2013)
n Former IIA Volunteer Instructor n Published Author
– Bureau of National Affairs - Internal Audit: Fundamental Principles and Best Practices
– ISACA Journal (May 2012, August 2012) – Internal Auditor Articles (August 2007, December 2007, October 2010) – ISACA Online Article (December 2009)
– Audit Report Articles (June 2010 Cover, March 2011, March 2012) – New Perspectives (December 2010)
– Dallas Business Journal (January 2011) – The Yes Man Phenomenon
Danny M. Goldberg (cont.)
5 © 2013 Sunera LLC. All rights reserved
Danny M. Goldberg (cont.) n Speaking publicly for 5 years n Relationships with over 75 IIA/ISACA Chapters throughout the WORLD. n Ratings/Evaluations:
– #8 out of 120 speakers – 2012 IIA International Conference
– “Top Rated” (Excellent/Outstanding) Speaker – 20th Annual American Society for Quality (ASQ) Audit Division Conference (out of 44 presenters)
– Top 10 Presentation – 2011 IIA Midwest Regional (36 total concurrent sessions, 3.75 overall rating out of 4.0)
– Top 3 Ranked Speaker – Michigan CPA’s Healthcare Conference 2011 (29 total speakers)
– Top 3 Ranked Speaker – ArkSarBen IIA 2011 District Conference (24 total sessions)
– 3.58/4.00 Rating – 2011 ACFE Annual North American Conference – 1 of 100 Presenters invited to present at the 2012 IIA International
Conference
7 © 2013 Sunera LLC. All rights reserved
Sample Professional Development Association Clients
!
!
!
!
!
!
!
!
9 © 2013 Sunera LLC. All rights reserved
Regional/National Conferences – Since 2011
!
10 © 2013 Sunera LLC. All rights reserved
Sunera Snapshot
ü Professional consultancy focused on regulatory compliance, internal audit, information technology & accounting advisory services
ü Founded by former public accounting partners and professionals
ü Delivered more than 1500 projects to over 300 clients across a broad spectrum of industries
ü Employ full-time professionals in twelve offices across the United States and Canada
ü PCI Qualified Security Assessor (QSA) & Approved Scanning Vendor (ASV)
ü Registered with NASBA to offer CPE’s for our ACL & Internal Audit training courses
ü Certified integration partner for leading continuous controls monitoring solutions, including ACL, Approva & SAP
11 © 2013 Sunera LLC. All rights reserved
Contact Information
Dallas Office Address 1400 Preston Road Suite 400 Plano, Texas 75093
© 2012 Sunera LLC. All rights reserved.
Please contact any of the following Sunera Texas Leadership Team members:
You can also visit us at www.sunera.com
Brian Amend Managing Partner Texas Practice (972) 955-5652 [email protected]
Danny M. Goldberg Partner, Professional Development (214) 514-8883 [email protected]
Houston Office Address 5100 Westheimer Road Suite 200 Houston, Texas 77056
12 © 2013 Sunera LLC. All rights reserved
13 © 2013 Sunera LLC. All rights reserved
(On September 17, 1994, Alabama's Heather Whitestone was selected as Miss America 1995.) Question: If you could live forever, would you and why? Answer: "I would not live forever, because we should not live forever, because if we were supposed to live forever, then we would live forever, but we cannot live forever, which is why I would not live forever," --Miss Alabama in the 1994 Miss USA contest.
"Whenever I watch TV and see those poor starving kids all over the world, I can't help but cry... I mean I'd love to be skinny like that, but not with all those flies and death and stuff." --Mariah Carey
14 © 2013 Sunera LLC. All rights reserved
"Smoking kills. If you're killed, you've lost a very important part of your life," -- Brooke Shields, during an interview to become spokesperson for federal anti-smoking campaign
"Outside of the killings, Washington has one of the lowest crime rates in the country." --Mayor Marion Barry, Washington, DC .
"The word "genius" isn't applicable in football. A genius is a guy like Norman Einstein." --Joe Theisman, NFL football quarterback & sports analyst.
15 © 2013 Sunera LLC. All rights reserved
17 © 2013 Sunera LLC. All rights reserved
What is Critical Thinking? n Art of analyzing and evaluating thinking with an insight to improving it.
n Using our command of the elements of thinking to dynamically adjust our thinking to the demands and elements of each unique situation.
n Entails effective communication and problem solving abilities.
– A survey corporate executives revealed that the top three characteristics they were looking for in college graduates were “teamwork skills,” “critical thinking and analytic reasoning skills,” and “oral/written communication” skills.
– As the U.S. economy begins to show signs of improvement, executives say they need a workforce fully equipped with skills beyond the basics of reading, writing and arithmetic (the three Rs) in order to grow their businesses. Skills such as critical thinking, communication, collaboration, and creativity (the four Cs) will become even more important to organizations in the future, according to a new survey conducted by American Management Association (AMA).
19 © 2013 Sunera LLC. All rights reserved
n It is the ability to constantly question the norm and ask “So What?”
n Why is this audit finding relevant to the auditee or IS IT relevant? Why do they care?
n How can we test a control more efficiently/effectively from prior year?
n Critical Thinking is a Two-Way Street: – Staff/Seniors must be
confident
– Manager/Directors must have an open mind and be open to upward feedback/new ideas • Do not always spoon-‐feed your team
What is Critical Thinking?
20 © 2013 Sunera LLC. All rights reserved
n Critical Thinking
– Identifying and understanding issues, problems, and opportunities; using data analysis to draw conclusions; using judgment in choosing a course of action; taking action that is consistent with available facts, constraints, and probable consequences.
n Behaviors: – Makes effective decisions with limited information and takes the initiative when
situations are not clear.
– Makes timely, tough decisions; doesn’t get bogged down in unreasonably detailed analysis.
– Establishes appropriate criteria before making a recommendation or decision.
– Evaluates difficult decisions, considering implications and their long-term impact on the organization.
Generic Audit Definition of Critical Thinking
21 © 2013 Sunera LLC. All rights reserved
What Does Critical Thinking Look Like? n Contextual sensitivity-being sensitive to stereotypes about
people from a particular group and trying to accept others at face value unconditionally.
n Perspective thinking-trying to get into the other person's head, or walking in the other person's shoes so as to see the world the way that person sees and perceives the world.
n Tolerance for ambiguity-ability to accept multiple interpretations of the same situation.
n Alert to premature ultimatums-invoking a powerful idea or concept which inspires such reverence that any further debate is forestalled (e.g., a politician invokes "democracy”).
22 © 2013 Sunera LLC. All rights reserved
Characteristics of Optimized Critical Thinkers
23 © 2013 Sunera LLC. All rights reserved
Characteristics of People who Excel at Critical Thinking
n Truth seeking: A courageous desire for the best knowledge, even if such knowledge fails to support or undermines one's preconceptions, beliefs or self-interests.
n Open-mindedness: Tolerance to divergent views, self-monitoring for possible bias.
n Analyticity: Demanding the application of reason and evidence, alert to problematic situations, inclined to anticipate consequences.
n Systematicity: Valuing organization, focus and diligence to approach problems of all levels of complexity.
24 © 2013 Sunera LLC. All rights reserved
Characteristics of People who Excel at Critical Thinking (cont.)
n Critical Thinking Self-Confidence: Trusting of one's own reasoning skills and seeing oneself as a good thinker.
n Inquisitiveness: Curious and eager to acquire knowledge and learn explanations even when the applications of the knowledge are not immediately apparent.
n Cognitive Maturity: Prudence in making, suspending or revising judgment. An awareness that multiple solutions can be acceptable. An appreciation of the need to reach closure even in the absence of complete knowledge.
25 © 2013 Sunera LLC. All rights reserved
26 © 2013 Sunera LLC. All rights reserved
n ���Perception is one’s ability to see, hear, or become aware of something through our senses.
n A way of understanding or interpreting something.
n Sometimes the way we perceive the actions or statements of those around us may or may not reflect what is actually intended. This is generally due to our previous life experiences and/or what we believe.
Perception vs. Reality
27 © 2013 Sunera LLC. All rights reserved
n ���FINISHED FILES ARE THE RESULT OF YEARS OF SCIENTIFIC STUDY COMBINEDWITH THE EXPERIENCE OF YEARS.
Count the # of F’s in this Sentence
28 © 2013 Sunera LLC. All rights reserved
Logical Ability in Auditing n Problem Solving
n Collecting and Analyzing Evidence
n Drawing Conclusions
n Determining Sound Criteria
n Defining risks and effects of conditions noted
29 © 2013 Sunera LLC. All rights reserved
31 © 2013 Sunera LLC. All rights reserved
1. Identify Existence of Assumptions – What is fact versus fiction?
– What is assumed versus known?
2. Assessing their Accuracy and Validity of Assumptions – Do these assumptions make sense?
– Do these assumptions fit reality as we understand and live it?
– Under what conditions do these assumptions seem to hold true? Under what conditions do they seem false?
3. Consider all Alternatives/Varying Perspectives
4. Informed Action
Steps to Critical Thinking
32 © 2013 Sunera LLC. All rights reserved
33 © 2013 Sunera LLC. All rights reserved
What do the IIA & Yellow Book Standards Say on Critical Thinking?
34 © 2013 Sunera LLC. All rights reserved
Critical Thinking & The IIA Standards n 1210 – Proficiency
– Internal auditors must possess the knowledge, skills, and other competencies needed to perform their individual responsibilities. The internal audit activity collectively must possess or obtain the knowledge, skills, and other competencies needed to perform its responsibilities.
n Interpretation: – Knowledge, skills, and other competencies is a collective term that refers
to the professional proficiency required of internal auditors to effectively carry out their professional responsibilities. Internal auditors are encouraged to demonstrate their proficiency by obtaining appropriate professional certifications and qualifications, such as the Certified Internal Auditor designation and other designations offered by The Institute of Internal Auditors and other appropriate professional organizations.
35 © 2013 Sunera LLC. All rights reserved
Critical Thinking & The IIA Standards n 1220 – Due Professional Care
– Internal auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor. Due professional care does not imply infallibility.
n 1220.A1 – Internal auditors must exercise due professional care by considering the:
– Extent of work needed to achieve the engagement’s objectives;
– Relative complexity, materiality, or significance of matters to which assurance procedures are applied;
– Adequacy and effectiveness of governance, risk management, and control processes;
– Probability of significant errors, fraud, or noncompliance; and
– Cost of assurance in relation to potential benefits.
36 © 2013 Sunera LLC. All rights reserved
Critical Thinking & The IIA Standards n 1220.A2 – In exercising due professional care internal auditors must consider
the use of technology-based audit and other data analysis techniques.
n 1220.A3 – Internal auditors must be alert to the significant risks that might affect objectives, operations, or resources. However, assurance procedures alone, even when performed with due professional care, do not guarantee that all significant risks will be identified.
37 © 2013 Sunera LLC. All rights reserved
Why Brainstorming? n When a group of people meet to generate new ideas around a specific
area of interest:
– Using rules which remove inhibitions, people are able to think more freely and move into new areas of thought and so create numerous new ideas and solutions
– The participants shout out ideas as they occur to them and then build on the ideas raised by others
– All the ideas are noted down and are not criticized
– Only when the brainstorming session is over are the ideas evaluated
n Brainstorming is a process for generating new ideas
n Builds interpersonal expertise because all members participate
n Quiets the loudest talker and prevents quick solutions
n Develops a skill that is useful in project management
38 © 2013 Sunera LLC. All rights reserved
QUESTION? n Have you ever thought about raising an issue or question in a
group meeting, but then refrained because you did not want to destroy the consensus view the team had spent considerable time forming, or because you did not want to appear to be the only unsupportive member of the team?
n Conversely, have you ever been a manager who has had to force a team through change when clearly the team was reluctant and not expressing their true opinions? – If you answered yes to either of these questions then it may be
because of groupthink.
39 © 2013 Sunera LLC. All rights reserved
Avoiding Groupthink n Explore different scenarios.
n Encourage each member of the team to be a critical evaluator, allowing them to openly question ideas and propose alternatives.
n Leaders should deliberately not express their opinion when asking a group to find a solution to a problem.
n Invite outside experts into the meeting and take their opinions seriously. Allow the group members to speak with the experts individually and privately if they desire.
n If the decision is major enough, instruct several different groups to solve the same problem simultaneously but independently of each other.
n Assign at least one group member to deliberately play the role of devil’s advocate.
40 © 2013 Sunera LLC. All rights reserved
41 © 2013 Sunera LLC. All rights reserved
Critical Thinking Quiz Critical thinking involves suspending your beliefs to explore and question topics from a "blank page" point of view. It also involves the ability to know fact from opinion when exploring a topic.
The following short quiz was developed by Anderson Consulting Worldwide to test critical thinking. Answer each question in order..
n 1. How do you put a giraffe into your refrigerator?
n 2. How do you put an elephant into your refrigerator?
n 3. The Lion King is hosting an animal conference. All the animals attend - except one. Which animal does not attend?
n 4. There is a river you must cross but it is used by crocodiles and you do not have a boat. How do you manage it?
42 © 2013 Sunera LLC. All rights reserved
1. How do you put a giraffe into your refrigerator? – The correct answer to question number 1 is: Open the refrigerator, put in the
giraffe, and close the door. This question tests whether you tend to do simple things in an overly complicated way.
2. How do you put an elephant into your refrigerator? – Did you say, Open the refrigerator, put in the elephant, and close the
refrigerator? Wrong answer. Correct answer: Open the refrigerator, take out the giraffe, put in the elephant and close the door. This tests your ability to think through the repercussions of your previous actions.
Critical Thinking Quiz Answers
43 © 2013 Sunera LLC. All rights reserved
3. The Lion King is hosting an animal conference. All the animals attend - except one. Which animal does not attend?
– Correct Answer: The elephant. The elephant is in the refrigerator. You just put him in there. This tests your memory. Okay, even if you did not answer the first three questions correctly, you still have one more chance to show your true abilities.
4. There is a river you must cross but it is used by crocodiles, and you do not have a boat. How do you manage it?
– Correct Answer: You jump into the river and swim across. Have you not been listening? All the crocodiles are attending the animal conference. This tests whether you learn quickly from your mistakes.
According to Anderson Consulting Worldwide, around 90% of the professionals tested got all questions wrong
Critical Thinking Quiz Answers
44 © 2013 Sunera LLC. All rights reserved
45 © 2013 Sunera LLC. All rights reserved
EXERCISE – What is the Hypothesized Cause/Risk?
n The following condition exists: – During year-end acknowledgement testing of the IT security policy (full-
scope, all employees were asked to respond), the following deficiencies were noted:
• 22% of the population was not aware of the policy or its existence. • 15% were found in non-‐compliance with current standards (based on self-‐reporting).
n IA has been asked to perform an audit of the awareness and compliance with IT security policies.
n What could be the hypothesized cause of this problem and what is the risk of a lack of an effective IT security policy?
46 © 2013 Sunera LLC. All rights reserved
Cause - Solution Con$guous Cause Employees were not aware of the policy as it was not
given to new employees when hired nor was discussed when viola$ons occurred.
Transi$onal Cause Human Resources did not have a procedure in place to give the policy to new employees and IT was not aware of the lack of knowledge of the policy when viola$ons occurred.
Root/Core Cause Communica$on is limited between Human Resources and IT and thus a lack of communica$ons to employees.
47 © 2013 Sunera LLC. All rights reserved
Risk/Effect - Solution Direct, one-‐$me effect on the process 12 Employees were not aware of the
policy thus violate the policy rou$nely due to the lack of knowledge.
Cumula$ve effect on the process The organiza$on does not have an effec$ve IT policy in place due to lack of communica$on of the policy to employees.
Cumula$ve effect on the organiza$on There is a risk that the integrity of the IT control environment is compromised.
High-‐level, systema$c effect There is a risk that the organiza$on has data integrity issues due to the lack of policy communica$on.
48 © 2013 Sunera LLC. All rights reserved
49 © 2013 Sunera LLC. All rights reserved
Audit Evidence n Audit evidence is an integral part of every internal auditing engagement.
There are six types of internal auditing evidence.
– Physical Evidence – observing people, property, and events
– Testimonial Evidence – letters or statements with support or documentation
– Documentary Evidence – External letters, papers, documents, invoices, contracts, confirmations from outside sources: contractors, vendors, customers, etc.
– Internal Evidence – Originating within the client organization: job tickets, payroll records, invoices, etc.
– External Evidence – Originating outside of the client organization: vendor invoices, bank statements, etc.
– Analytical Evidence – Computations resulting from analysis and verification
50 © 2013 Sunera LLC. All rights reserved
Audit Evidence n There are also qualitative standards of internal auditing evidence
– Sufficiency – So factual, adequate and convincing that it would lead a prudent person to the same conclusion as the auditor.
– Competence/Reliable – the best obtainable reasonably.
– Relevance – a close relationship to its use. The facts and opinions have a logical sensible relationship to the issue.
51 © 2013 Sunera LLC. All rights reserved
52 © 2013 Sunera LLC. All rights reserved
n We are performing preliminary work on an operational audit and during one of our interviews, the A/P Clerk states that one of her team members has been taking money for the last few months. When we asked how widespread it is, she states “That woman has walked around this office like she owns it! She spends money like it is going out of style; she is a real witch!” – How should we handle this comment?
– What are our next steps?
Group Exercise – Scenario A
53 © 2013 Sunera LLC. All rights reserved
Group Exercise – Scenario B n During the audit, out of a total sample of 27 A/P voucher
packages, the receiving documents given to us are all original documents, with the exception of 3, which appear to be hastily copied.
n Can we utilize these as part of our sample?
54 © 2013 Sunera LLC. All rights reserved
Answers – Sufficiency of Audit Evidence Exercise A
n This is not sufficient evidence to move forward with a “fraud” investigation but should be looked into
n Must be proven rather than gossiped about
n Professional Skepticism
Exercise B
n We need to determine the reasons for the copies and why they are necessitated – There could be a very valid reason for the copies
– Most likely, it should be noted as an issue since original documentation could not be viewed
– Why is viewing original documentation important?
55 © 2013 Sunera LLC. All rights reserved
56 © 2013 Sunera LLC. All rights reserved
n Study of what is good and evil, right and wrong (based on societal norms), just and unjust (1)
n Ethical dilemmas can be obvious to some and oblivious to others
n Ethics are viewed differently by age, background and value system
Ethics: Generally Speaking
57 © 2013 Sunera LLC. All rights reserved
Us Versus Them n A customer asked for a product from us today. After telling
him our price, he said he could not afford it. I know he could get it cheaper from a competitor. Should I tell him about the competitor -- or let him go without getting what he needs? What should I do?"
58 © 2013 Sunera LLC. All rights reserved
n My boss told me that one of my employees is among several others to be laid off soon, and that I'm not to tell my employee yet or he might tell the whole organization which would soon be in an uproar. Meanwhile, I heard from my employee that he plans to buy a new house. What should I do?
To RIF or not to RIF
59 © 2013 Sunera LLC. All rights reserved
Summary – Critical Thinking n Always attempt to question the obvious, do not assume and
never stop attempting to improve
n If not, you might end up like this:
"It isn't pollution that's harming the environment. It's the impurities in our air and water that are doing it..." --Al Gore, Vice President