Ed Danter

 

Forty-two years with IBM as:

  • systems designer and developer

  • IBM internal auditor

  • audit client

  • instructor in IBM's new auditor school 

  • application controls instructor 

  • senior business controls analyst

  • audit consultant for outsourced contracts to IBM 

Key lessons learned through 12 years developing and programming application systems at IBM:

  • controls cannot be an after-thought  - the cost of applying corrective actions and retrofitting controls at a later date can grow exponentially  

  • the only thing worse than no control is the illusion of control - if you believe, without verification, that controls within your business processes and applications are installed and effectively being executed, you will not correct problems -  you will not be aware of any exposures, believieng that there are none

  • there is a valuable lesson in being assigned to maintain the applications and systems you designed and installed  - there is significant value in living with control problems that you were responsible for since the primary objective was in meeting deadlines of installing systems on time    

Benefits of putting my experience and passion for auditing to work: 

  • experience as a developer and programmer and my realization of the consequences of not having adequate controls, placed me in a position to become a valued auditor and effective teacher

  • my enthusiasm was the foundation of a book I published in 2007 on auditing Information Technology, titled "IT Governance: The Only Thing Worse than No Control is the Illusion of Control." 

  • both my experience and book are unique attributes of the IAE program

Adjunct Professor at Kean University in New Jersey:

  • serving as adjunct professor for the last eight years following IBM retirement 

  • teaching auditing to both undergraduate and graduate students

  • instructing accounting students and business managers on audit processes and techniques

  • addressing Auditing Financial Statements and Auditing Information Systems 

Key elements of Kean classes: Interactive mock audits that take students beyond theory:

  • enable students to participate in interactive experiences, role playing both audit client and auditor

  • provide practice in all steps ranging from generating initial audit announcement letters, conducting interviews, evaluating exposures and non-compliance to requirements through final audit reports and presentation to executives

  • offer a real-life, hands-on experience that is valuable, essential and unique

  • help students achieve sound audit knowledge and gain an insight into audit challenges 

 

Internal Audit Education (IAE)

 

Audit Client Education

Internal Audit Education (IAE) provides essential education to current and future corporate executives who have, or will have, responsibility for ensuring that adequate controls are in place within their companies.  If they become audit clients and are audited by either internal or external audit staffs,  they should be positioned for successful audit results. They will be responsible for the controls that help establish and maintain both integrity and accuracy in financial reporting.

Management needs to be well versed in internal control theory and practice to meet acceptable audit standards. They must step up and enhance their knowledge of controls, understand their company’s overall compliance plans and ensure that the two are effectively integrated.

 

The education offered covers a wide scope, from the “why’s” and “what’s” of Sarbanes Oxley to the establishment of the infrastructure for audit survival, including an understanding of the audit process used by internal and external auditors.  

 

Take a few minutes to answer the following questions about your management and key personnel:

1) What education do your current and future management teams have in being audited?

2) Will they be intimidated?

3) Will they know how to prepare and present responses to audit requests?

4) Will they know what, when and how to challenge audit findings?

5) Will they know what to do during an audit interview?

6) Do they understand the differences among processes, procedures and controls?

7) How familiar are they with government regulations (e.g. Sarbanes Oxley, HIPPA)?

8) Do they know what pro-active measures they can take prior to being audited?

9) Do they know how to respond to auditors request for documentation?

10) Do they know how to respond to audit findings?

11) Do they know what issues need to be escalated during an audit and to whom they need to be escalated to?

12) Do they know how to establish and track corrective actions until closure?

13) Do they know what controls need to be in place if processes are outsourced?

14) Do they understand their audit responsibilities?

15) Do they understand the difference between responsibility and accountability?

 

 .