ISACA Ireland Chapter Annual Report 2016

Transcription

1 ISACA IRELAND CHAPTER ANNUAL REPORT DECEMBER 2016

2 Foreword I am pleased to report that the ISACA Ireland Chapter has largely had another successful year. During the year, your chapter board has worked hard to provide real benefit to the membership through arranging events, volunteering opportunities at EuroCACS, training and exams support culminating in the Annual Conference in November. Feedback from the membership survey conducted during the year indicates that we re getting some things right but, we are clear that there are still things we could do better. As a board we would encourage you to give us feedback, tell us what you d like us to focus on. For example, planning for the Annual Chapter Conference will commence in January and we d welcome your views on the subjects you d like to see covered. You can contact me directly or send comments and ideas to any Chapter Board member or conference@isaca.ie. A significant amount of training was provided during 2016 especially in respect of COBIT 5. My thanks goes to Mr. Everett Breakey, our Certification Director, who works tirelessly to organise training events for members. During 2017 we hope to push forward on a number of initiatives including Women in Technology, events outside Dublin & Belfast, greater collaboration with UK Chapters and other related organisations (IISF, OWASP etc.). Our aim in all of this will be to provide greater benefit to you our membership. At this point, I would like to pay tribute to the dedication of your Chapter Board, volunteers who give of their free time to ensure you / we have a thriving ISACA Chapter. It has been my privilege to work with such a talented team and to represent you during On behalf of the Chapter Board, may I wish you a Happy Christmas and a peaceful and prosperous New Year. Peter Leitch President Ireland Chapter president@isaca.ie Chapter Board members and Conference Speakers

3 Membership Membership during 2016 has continued its upward trend. As figure 1 shows, the membership in 2016 stands at around 700 which places the Ireland Chapter in the Large Chapter category. As a Chapter Board, we are keen to understand your views and to that end we conducted a survey in We received over 100 responses to our survey. 89% rated the chapter between good - excellent. We will be assigning actions to the comments. Figure 1: Membership Figures During 2016, several members of your chapter board attended leadership meetings in Portugal and London. ISACA HQ brought leaders from Chapters across the globe together in Lisbon, Portugal in April to debate key strategies for the ISACA family in the years ahead. The Chapter Board would hope to provide more information and insights at events in early EVENTS ISACA Ireland ran events throughout the year in Belfast and Dublin during the year, with a break from March through May due to EUROCACS. The events were generally well attended with on average 50 to 100 people attending. The Chapter Board would plan to run more events in 2017 and to introduce new venues including Cork and possibly the North West. We would encourage members to attend. Where possible to avail of the CPEs, information gathering and networking opportunities. ISACA EuroCACS - Dublin May

4 Academic and inter-organisational liaison During 2016, ISACA HQ made a number of acquisitions and changes, which impacted upon academia. The Advocacy scheme was formally closed, ISACA HQ acquired the CMMI Institute and a new CSX Foundations tool aimed at students was introduced. The Chapter Board hopes to continue to build connections to local universities and colleges during We have continued to build connections with other professional bodies with similar interests including IISF, OWASP, IIA, BCS etc. Information on events and speakers are shared and where possible we will try and advise members of other bodies events. UK & Ireland Chapters Working Together The UK & Ireland chapters (Central, Ireland, London, Northern England, Scottish & Winchester) have committed to working together more closely to provide additional benefits to our members. The Chapters will continue to run as separate entities, but working together wherever that proves the most effective way to achieve our goals. Much will take place behind the scenes, but some things may be more visible, including: An agreement that members can attend any UK & Ireland Chapter event on the same basis as the host Chapter's own members; A UK & Ireland newsletter, detailing upcoming events from all the Chapters; Updates to the existing UK & Ireland website to give easy access to all the individual Chapter websites; and Looking further ahead, a first UK & Ireland conference to take place early in

5 Training & Certification In the December 2015 and June 2016 examinations, a total of one hundred and ninety candidates undertook the CISA, CISM, CRISC and CISA examinations. Of these four examinations, the CISM certification examination proved the most popular over this time frame. Each year ISACA HQ notify the local Chapter of the Top Three in each examination for the December and June examinations and this forms the centrepiece of our yearly Award Ceremony. We are aware this year that one of our CISA candidates Mark McDermott was in the top three in Europe, which is a tremendous achievement. Well done to Mark. Prior to the certification examinations each year we have delivered ExamCram webinars to the prospective candidates. We would like to place on record our grateful thanks to Mr. Sean Hanna (Chapter Board Member) for imparting his wisdom and knowledge for what is a very well received last minute event. This is the last year of the fixed date traditional ISACA Certification examinations and 2017 heralds the advent of Computer Based Testing (CBT) regime. CBT for the CISA, CRISC, CISM, and CGEIT certifications will be offered during three testing windows of eight-week durations. The windows will be 1 May-30 June 2017, 1 August-30 September 2017 and 1 November-31 December The opportunity to take the exams will increase dramatically, from two times per year (for CGEIT and CRISC) or three (for CISA and CISM), to three testing windows with an eight-week duration during With CBT exams, candidates will now receive a preliminary score report at the conclusion of their exam. Official scores will be sent to candidates via within 10 working days of their exam. No more of that dreaded wait for your score. The tentative exam locations for the ISACA Ireland Chapter area in 2017 are Belfast, Bishoptown, Cork, Dublin and Killarney Co. Kerry. This year we will also be honouring our COBIT 5 Foundation examination achievers of top scores. A number of individuals have successfully completed not only the COBIT 5 Foundation examination but carried on to successfully complete the COBIT 5 Implementation and Assessment Training and accompanying examinations in November The COBIT 5 Training initiative was stated in 2015 on the back of an ISACA ambition to accredit local chapters as Accredited Training Organisations to deliver COBIT 5 training at Foundation level and beyond to Chapter members. This initiative allowed Chapters to accredit both their Chapter entity and trainers by the waiver of the commercial fees normally payable for such accreditation. The first Ireland COBIT 5 foundation course was delivered by way of a combined webinar for Belfast and Dublin exams starting in October 2015 and has been followed by three classroom and two more webinar events. The last classroom event was on 16 th & 19 th September 2016 in Dublin. A total of Seventy Eight COBIT 5 Foundation exams have been set with a combined pass mark of 97.43%. Participants were only required to cover the cost of the examination with all other expenses covered from Chapter funds. Each participant was subsidised to the tune of A pre-requisite of the more advanced COBIT 5 courses exams is the possession of a COBIT 5 Foundation Certificate. With a large number (cohort) so qualified in the 5

6 Chapter it was decided to offer COBIT 5 courses in the more advanced COBIT 5 streams and this was offered as an event tethered to this years conference. The event was held from 7 th to 10 th November with the Implementation Course and exam from 7 th to 8 th November and the Assessor Course and exam on 9 th to 10 th November. A number of brave souls completed both courses and examinations back to back. A total of twenty four examinations were completed. The most cost effective delivery method involved an external accredited trainer and I would like to place on record the Chapters sincere gratitude to Mr Peter Davis who undertook what was a most challenging and arduous engagement. Each exam participant was subsidised to the tune of 379 per person per exam. The Chapter proposes to carry on with COBIT 5 Foundation Training in 2017 (March/April, June & early September 2017 demand led) Further COBIT 5 Implementation and Assessor Training (subject to viable demand) may follow in late October As well as continuing with the COBIT 2017 Training outlined the following courses are proposed: Enterprise Architecture 101 Incorporating COBIT 5 TOGAF and CSX (Jan/Feb 2017 and later if demand merits further courses) TOFAF 9 Certified (full four day course) possibly in conjunction with other local organisations. (May/June 2017) Implementing NIST Cybersecurity Framework Using COBIT 5 (October 2017) CSX Fundamentals various dates throughout the year The feasibility of running these courses very much depends on initial interest and then the committed numbers taking part to make the courses viable and value for members. It is proposed that all courses will be run on a cost recovery basis only. Members are asked to note that, if scheduled courses do not have the necessary numbers signed on in time, they will be cancelled and refunds issued. 6

7 Annual Conference Main Auditorium The annual ISACA Ireland Chapter conference was held on the 11 th November 2016 with approximately 310 attendees including 24 speakers from across Ireland, UK, Europe and the USA. The conference took the theme Cultivating a Culture of Security with three streams: People & Culture; Technology; and Governance, Risk and Compliance. Kai Roer, author of Building a security culture and Joseph Mayo provided the keynote addresses opening the conference. Presentations throughout the day covered subjects such as: Cyber Security; Security Culture in organisations; Compliance; Impact of GDPR; Security Awareness Standards; Third Part Assurance; SCADA; and Hardening AWS. The conference finished with Security Jeopardy, a team quiz game hosted by Bruno Soares, Lisbon Chapter President. Special thanks must go to Mr. Eamonn Sheeran, Chapter Board Member who developed the concept and the supporting software. General Data Protection Regulations (GDPR), which come into effect in May 2018, became a clear talking point at the conference. The Chapter Board hopes to cover this subject again at a number of events over The Board considers the annual conference provides significant opportunities for the membership as it supports CPEs and enables discussions on topics of interest at the moment. Without the support of sponsors it would not be possible to provide this event at such a low cost. We are grateful to our sponsors for their continued support. Work has already commenced in respect of the 2017 Conference, which we hope will be held in October Call for papers will be released Q

8 Finance The following statement of accounts reflects the assets, liabilities and cash flow of the ISACA Ireland Chapter for the period 01-December-2015 to 30-November Assets & Liabilities Value Notes Total Assets 69, Including debt of 20, Total Liabilities (19,072.91) Includes liabilities carried from 2015 BALANCE SHEET 49, Adjusted for liabilities Cashflow * Value Notes Membership Income 12, Operating Income - general Conference Income 34, Includes conference sponsorship Training Income 19, Sponsorship 0.00 Excludes conference sponsorship Operating Expenses - general (7,315.17) Conference Expenses *** (41,789.44) 2015: 13, : 28, Training Expenses (30,890.55) Bank fees (137.80) Travel Expenses (3,944.65) Board members on official duties CASHFLOW TOTAL ** (17,483.45) Negative cash flow reflects clearing of liabilities CASHFLOW 2015 Excluded (4,318.19) Excludes conference 2015 liabilities incurred * Cash flow is based on detailed account statements from 10-June-2016 to 30-November For the period 01-December-2015 to 09-June-2016 the cash-flow is based on payment logs for both inbound and outbound payments. ** Outgoing payments in non-euro currencies for the period 01-December-2015 to 09- June-2916 are based on the historic daily spot rate. Those arising during the period 10- June-2016 to 30-November-2016 are based on account statement costs. *** The 2016 Cash-flow statement includes payment of expenses from both the 2015 and 2016 conferences in order to clear year on year deferral of liabilities. 8

9 Key Points on accounts: This 2016 accounts are showing a cash flow deficit of approximately ( 17,483.45) to the end of November 2016 not accounting for outstanding payments of approximately 20,175 and costs incurred from the 2015 conference of 13,165. The outstanding debt owed to the Chapter was reduced by 14% from the same period in There is 20,175 of debt owed to the ISACA Ireland Chapter, comprised of 19,000 outstanding sponsorship due to the Chapter by the end of January Due to the later than normal running of the annual conference the debt was not recoverable in the 2016 financial year to 1 December. While this represents a negative cash flow for 2016, the chapter will have assets totalling approximately 50,000 when adjusted for liabilities, of which 49,800 is cash/debt owed. Peter Leitch ISACA Ireland - Chapter President 15 December 2016 Accounts Prepared by: Hugh Roberts 12/12/2016 Accounts Approved by: Peter Leitch 15/12/2016 Accounts Audited by: TBC 9