How to Manage Mega-SOX Programs

Yulia Gurman
Yulia Gurman Packaging Corporation of America
Kenneth Garofalo
Kenneth Garofalo Lydall
Luis Padilla
Luis Padilla Encore Capital Group
Michelle Wahlen
Michelle Wahlen Post Holdings

On-Demand Webinars

Webinar Speakers

Yulia Gurman currently serves as Executive Director of Internal Audit and Corporate Security at Packaging Corporation of America (PCA). Yulia is responsible for Internal Audit, Internal Controls and Corporate Security. Prior to joining PCA, Yulia served as Vice President, Internal Audit at Retail Properties of America, Inc. (RPAI) where she established the Internal Audit function soon after RPAI went public. She had responsibilities over Internal Audit, Internal Controls and ERM. Yulia also served as Director of Internal Audit at OfficeMax where she managed a team responsible for operational, financial and compliance audits throughout the organization. Yulia began her career as an external auditor at a public accounting firm where she performed financial audits. Yulia attended DePaul University and hold a BS in Accounting/Information Systems. She is a Certified Public Accountant and Certified Internal Auditor and a member of the Institute of Internal Auditors. She currently serves on the Board of Governors for the IIA’s Chicago Chapter and serves on the Committee of Research and Education Advisors for the IIA. She has previously spoken at multiple IIA International Conferences, IIA General Audit Management, All Stars Conference and the Chicago Chapter Annual Seminar.

Ken Garofalo leads the Internal Audit function at Lydall, Inc., a global manufacturer of specialty filtration and advanced materials. His experience covers a wide range of activities, including Internal Audit planning, SOX compliance, enterprise risk management, investigations and advisory projects. His SOX compliance experience covers all the phases from planning through execution and deficiency assessment. Prior to Lydall, he was Director of Internal Audit for Baldwin Technology where he gained significant international experience and transitioned the IA function inhouse from an outsourced provider. Before that, he served as a Director in the Internal Audit Services practice at PwC and led client engagement teams focused on the initial implementation and ongoing maintenance of SOX programs. Prior to his role in Internal Audit Services, he also gained external audit experience at PwC. Ken is a Certified Internal Auditor.

Luis Padilla is a Senior Director and Head of Internal Audit & SOX at Encore Capital Group, a specialty finance company that provides debt recovery solutions and other related services for consumers across a broad range of financial assets. In his role, he leads the global Internal Audit activities for the company, including SOX compliance (scoping, testing, and reporting). Luis is a Certified Public Accountant and a Certified Internal Auditor. Prior to this role, Luis was a Vice President of Internal Audit at LPL Financial (a broker dealer), and prior to that, he was a Senior Manager of Advisory Services at Deloitte. Luis also serves as a volunteer facilitator for The Institute of Internal Auditors.

Michelle Wahlen is the Vice President of Internal Audit for Post Holdings, Inc. and is responsible for the implementation and operations of audit procedures across Post Holdings, Inc. She previously led internal audit for another Fortune 500 company and worked 15 years for Ernst & Young, where her main client was a Fortune 100 insurance company. Michelle has over twenty-five years of experience in audit, internal audit and compliance, and risk management at global companies. She has been responsible for re-creating internal audit departments and establishing an efficient and compliant SOX framework. The scope of work of Internal Audit includes, but is not limited to, the examination and evaluation of the adequacy and effectiveness of the Company’s governance, risk management and internal controls as well as the quality of performance in carrying out assigned responsibilities to achieve the Company’s goals and objectives. Internal Audit maintains an independent and objective approach, with the freedom and ability to report significant issues to management and the Audit Committee.


As the number of in-scope entities in a SOX program grows, so does its complexity. These “Mega-SOX” programs — many of which have 10 or more in-scope entities — can create a number of organizational and logistical challenges for internal audit teams, making it more difficult to ensure compliance across the business. This session will explore the Mega-SOX phenomenon and how teams can successfully manage it.

View Webinar Now