Lynn Fountain

LynnFountain_web.pngLynn Fountain has over 38 years of experience spanning public accounting, corporate accounting and consulting. 20 years of her experience has been working in the areas of internal and external auditing and risk management. She is a subject matter expert in multiple fields including internal audit, ethics, fraud evaluations, Sarbanes-Oxley, enterprise risk management, governance, financial management and compliance. Lynn has held two Chief Audit Executive (CAE) positions for international companies. In one of her roles as CAE, she assisted in the investigation of a multi-million-dollar fraud scheme perpetrated by a vendor that spanned 7 years and implicated 20 employees. The fraud was formally investigation by the FBI and resulted in 5 indictments estimating a $13M fraud loss. 

Ms. Fountain is currently engaged in her own consulting and training practice. She is a highly sought-after trainer and international speaker. In addition, Ms. Fountain has assisted numerous companies with enterprise risk management frameworks, internal audit processes and financial accounting. She also serves as a discussion leader for the AICPA for numerous classes finance, accounting and risk management topics.

Course Descriptions

Cyber Risk Management Program Essentials


CPE Credit:
     2 hours for CPAs, ABAs


Advancements in technology have raised the level of acknowledgement of threats in the cyber age. These threats touch both the business world and personal lives. Information technology is no longer a back-office function. Once considered a process area that was solely part of the Chief Information Officers domain, companies must now acknowledge that whether the threats are internal or external, they are very real and can and will cause harm to many organizations in many ways. As a result, it is imperative that professionals across the company understand and be prepared to deal with the multitude of ever-growing cyber threats. Outside of being aware, organizations must begin to implement cyber risk management programs. However, first it is essential that organizations understand components of cyber issues and the threats and risks that are prevalent in todays business. This includes strategic risk assessments that evaluate aspects of your organizations cyber presence. This session focuses on important components to include in your cyber risk management program.

 

Learning Objectives

  • Describe the internet history and understand the basis for cyber threats
  • Identify the critical elements within an effective cyber program
  • Explore the categories of critical cyber security and understand the concepts of confidentiality, integrity and availability
  • Identify the top 10 vulnerabilities per the Open Web Application Security Project (OWASP)
  • Recognize and apply a high level overview of the NIST Framework

Level:
Basic   Instructional Method: In Person  NASBA Field of Study: Information Technology (2 hours)  Program Prerequisites: None  Advance Preparation: None




Cyber Risk Management Roles and Responsibilities


CPE Credit:
     2 hours for CPAs, ABAs

Google cyber risk management jobs. In todays world of the robots are coming for our jobs you will see an abundance of titles and descriptions. The titles are not the focus. The concept of the need for technical experts beyond our traditional IT personnel is critical. An essential element of any cyber risk management program is properly establishing roles and responsibilities within the organization. Absent this identification, your program is at risk for failure. The NIST cyber risk management framework outlines five activities that comprise a strong cyber program. Those activities include: Identify your assets Protect your assets Detect threats Respond to threats Recover from threats Within each activity, the framework highlights the importance of properly identifying and assigning roles and responsibilities to ensure the activities are executed. With technology such an important aspect of how business is conducted, the players that should be actively involved in a cyber program have expended. When it comes to cyber issues, many may relinquish the responsibilities to the office of the CIO. However, as outlined in various elements of the NIST Cyber Risk Management Framework, organizations must consider the need for assignments and roles beyond the office of the CIO. This session will cover various components of roles and responsibilities within a strong cyber risk management program.


Learning Objectives

  • Identify the various threats that must be managed by individuals responsible for cyber risk management roles
  • Recognize and explore actions professionals and organizations can take towards prevention of cyber incidents
  • Identify types of cyber risk management roles and critical responsibilities to be executed within various cyber risk management roles
  • Describe elements of the information technology infrastructure that are critical for the various roles to manage
  • Differentiate relevant policies, procedures and standards that are critical for professionals executing cyber risk management roles

Level: Basic   Instructional Method: In Person  NASBA Field of Study: Information Technology (2 hours)  Program Prerequisites: None  Advance Preparation: None




Cyber Risk Management Frameworks and Implementation

CPE Credit:      2 hours for CPAs, ABAs

In todays tech environment it is critical that organizations be pro-active and prepared when considering cyber risk management. Because of the size, complexity, and constant evolution of attack vectors there is no one-size-fits-all way to respond. It is essential to begin somewhere to establish a baseline for identifying the critical components that must be incorporated into any cybersecurity risk management approach. Multiple risk management frameworks exist including: NIST: National Institute of Standards and Technology (NIST) established by executive order in February 2013. ISO/IEC Security Control Standard: developed by the International Organization for Standardization and the International Electrotechnical Commission FFIEC Cybersecurity Assessment developed for Financial institutions by the Federal Financial Institutions Examination Council SEC/OCIE Cybersecurity Initiative developed for brokers by the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations FCC Cyber Security Planning Guide developed by the Federal Communications Commission for small businesses Although their organization and structures vary, all frameworks attempt to address the same basic functions designed by the NIST Cybersecurity Framework: Identify Protect Detect Respond Recover In this course we evaluate several attributes critical to the proper establishment of a cyber risk management program. We delve into the concepts and apply thoughts as to how each component should be evaluated for your organization. The course utilizes the NIST framework as a guide for application.

Learning Objectives

  • Recognize and apply effective cyber frameworks
  • Identify the National Institute of Standards and Technology (NIST) cyber framework
  • Describe components of the NIST cyber framework and their applicability to any framework
  • Recognize the concept of framework tiers and profiles
  • Identify steps to implement a framework


Level: Basic   Instructional Method: In Person  NASBA Field of Study: Information Technology (2 hours)  Program Prerequisites: None  Advance Preparation: None 

Thursday CPE Sessions

9:15 am - 11:15 am  Charlotte TBD

Cyber Risk Management Program Essentials
2 hours CPE for CPAs, ABAs

1:00 pm - 2:50 pm Charlotte TBD

Cyber Risk Management: Roles and Responsibilities
2 hours CPE for CPAs, ABAs

3:10 pm - 5:00 pm Charlotte TBD

Cyber Risk Management Frameworks and Implementation
2 hours CPE for CPAs, ABAs


Friday CPE Sessions

8:00 am - 9:50 am Charlotte TBD

Cyber Risk Management: Roles and Responsibilities
2 hours CPE for CPAs, ABAs

 

10:10 am - 12:00 pm Charlotte TBD

Cyber Risk Management Frameworks and Implementation
2 hours CPE for CPAs, ABAs


1:30 pm - 3:20 pm Charlotte TBD

Cyber Risk Management Program Essentials
2 hours CPE for CPAs, ABAs