COBIT 5 Framework Released 5. CIO Summit 2013 Flyer 10. Tech-Talk-Session detailed flyer 12. ISACA International News & Alerts 13 o o o

Transcription

1

2 Table of Content Editor Absar Khan The President s Message 3 COBIT 5 Framework Released 5 AGM & 2013 Elections of ISACA Karachi Chapter Board 6 CIO Summit 2013 Flyer 10 ISACA Karachi & DGDK Tech-Talk-Session hosted by IBA 11 Tech-Talk-Session detailed flyer 12 ISACA International News & Alerts 13 o o o CISA & CISM Exam Registration Opens Webinar on Architecting Network Security for advance malware Webinar on Effective Time Management ISACA International News & Alerts 14 o Double Century ISACA 200 Chapters o June Exam Admission tickets o June Deferral Deadline o ISACA & Deloitte Course on June 2013 ISACA International News & Alerts 15 o o CRISC Won Best Certification Award form SC Magazine ISACA Journal App is available for iphone & ipad For Suggestions & Feedback Absar Khan Chair Communication & Publications, ISACA Karachi publications@isacakarachi.org ISACA s World Congress: INSIGHTS 2013 Flyer 16 ISACA Book Store Update 17 Country Highlights 18 o o o UBL Pakistan implements SAS Risk Management System Freelancer.pk Launched their Pakistan specific site VISA to launch Mobile Financial Service in Pakistan ISACA Conference / Training Week Calendar [Mar-Apr] 19 Contacts of ISACA Karachi Chapter Board Members 20 This bimonthly newsletter focuses on ISACA Karachi Chapter s activities, achievements & announcements. It also highlights major news events happening in the IT/IS/Telecom/eBusiness/GRC & related sectors of Pakistan.

3 President s Message Dear Members, It is indeed a great privilege for me be given the opportunity to serve and lead the chapter for the term I thank the members for their trust, and shall strive to live up to their expectations. I also thank the previous outgoing board. There have been many achievements to their credit and I have been very fortunate to work with the previous board as well. While the vision and objective of this Board continue to promote ISACA as the leading institution in the information technology governance, security, risk and control community and serve its practitioners by providing the elements needed by IT professionals in an ever-changing worldwide environment, the mission and objective would be to: Increase the number of members including Professional, Student, Academic Advocates. Create opportunity for chapter members to earn & maintain CPE along with effective and timely professional development and networking by holding seminars and workshops on topics of current interest etc Improve awareness of ISACA, brand, the value from frameworks (like COBIT), certifications ( CISA, CISM, CGEIT & CRISC), etc in the local community. Introduce Partnership & Alliances programs with regulators (e.g. SBP, SECP, ICAP, etc) and other potential organizations. Effective & regular contact & communications with Members & Guests and develop & Maintain Social Media profile. Continue... ISACA Karachi Newsletter Mar Apr 2013 Edition Page 3 of 20

4 President s Message In order to achieve the above I look forward to working with the new Board as well as the membership community for their participation in voluntary activities. I would also encourage you to take time to explore the ISACA International website ( as well as the local chapter website ( Many new features, services and informational sources have been added over the past months. Last but not the least, I again assure you that the new Board of your chapter is willing to serve and facilitate you. And if required please do not hesitate to contact me directly, as every single member of our Chapter is an asset for us and we feel proud to serve the members & resolve their issues and provide you the best service, support, education and information.. We are committed to make ISACA Karachi Chapter as one of leading chapters of Asia. Thank you. Zain Ansari President, ISACA Karachi Chapter. Earn Over 70 FREE CPE ISACA Certified Members Can Earn Over 70 FREE CPE Credits Certified members have numerous options in order to obtain their FREE continuing professional education credits through: Journal quizzes Monthly esymposia quizzes Local Chapter volunteer activities Mentoring Learn more about FREE CPE T0xNjA0NjY3JnA9MSZ1PTEwMj AwOTA1OTgmbGk9NzE2ODg3M g/index.html ISACA Karachi Newsletter Mar Apr 2013 Edition Page 4 of 20

5

6 ISACA Karachi Chapter AGM & Elections 2013 ISACA Karachi Chapter held its Annual General Meeting on Thursday March 28, 2013 at ICAP Hall at ICAP House Clifton, Karachi. The meeting begun at 6:00 pm. Agenda of AGM was per as following detail: 1. Approval of minutes of previous AGM held on March 29, Update by the Chapter President on Chapter activities and progress at the completion of tenure. In a comprehensive presentation, Mr.Waqar A.Khan highlighted major efforts and achievements during the tenure of This includes: Endorsement & Discounts offered by the chapter for almost 16 Courses Held official CISA/CISM/CGEIT review courses. During the board tenure the initial two courses were conducted at the state of the art training center of E&Y FRSH Karachi, while the remaining two courses were held at the SKANS School of Accountancy Karachi. The chapter itself, held almost 10 Workshops/Presentations solely; each event offered 2-CPE Hours. The chapter participated in two (third-party) seminars, i.e. InfoSec and EuroNet. The chapter won three prestigious awards from ISACA International; i.e. : 2012-Chapter-Incentive-Program Best Newsletter of the Year Award Best Chapter Website Award. The chapter regularly designed & published its own publications which includes: Bi-monthly Chapter Newsletter. Chapter Events Brochures. Seasonal Greeting cards. 3. Approval of audited accounts for the year ended December 31, These were finalized & presented by Mr.Kashif Alam Khan. 4. Chapter Elections. To conduct a free & fair chapter election process, a Nomination Committee was formed under the chairpersonship of Ms.Huma Pasha, who later injected Mr.Muhammad Faheem from ICAP and Mr.Nazish Alim from SBP into the committee. Later on nomination forms for new board member were distributed to all chapter members. After a through scrutiny process, following board members were elected for new board term Mr.Zain Ansari President Mr.Kashif Alam Khan Vice President Mr.M Asif Riaz Secretary Mr.Muhammad Maad Treasurer Mr.Aamir Jamil Chair IT Governance/COBIT/ CGEIT Coordinator Mr.Abdul Rasool Hoodbhoy Chair Special Projects Mr.Absar Khan Chair Communications Mr.Faisal Abdullah Akhawala CISA Coordinator Mr.Muhammad Kamran Chair of Academic Relations Mr.Muhammad Sami ul Hassan Chair Membership Ms.Zainab Hameed Chair Marketing Mr.Zahir Ali Quettawal CISM/CRISC Coordinator Mr.Waqar A. Khan Immediate Past President ISACA Karachi Newsletter Mar Apr 2013 Edition Page 6 of 20

7 ISACA Karachi Chapter AGM & Elections 2013

8

9

10

11 ISACA Karachi Chapter & GDG Karachi jointly conducted a Tech-Talk Session On Securing large scale Internet services against hackers & threats Hosted by IBA A Tech Talk organized by Google Developer's Group (GDG) in collaboration with ISACA Karachi Chapter and hosted by IBA Karachi th The event held at IBA Main Campus, Karachi on 15 April Key speaker was Mr.Maarten Van Horenbeeck, Security Program Manager, Google, Inc. The event was free for members of ISACA Karachi Chapter & offered 2 CPE Hrs. ISACA Karachi Newsletter Mar Apr 2013 Edition Page 11 of 20

12 ISACA Karachi Newsletter Mar Apr 2013 Edition Page 12 of 20

13 ISACA International News & Alerts CISA and CISM Exam Registration Opens Registration Opens Soon for New September CISA and CISM Exam Administration In 2013, ISACA will offer an additional Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) exam administration on Saturday, 7 September This September exam administration will be in addition to the June and December administrations; it will include only the CISA and CISM exams and will be offered only in select locations around the globe. To view a list of exam locations visit the September Exam Sites page of the ISACA web site. Seating for the September CISA and CISM exams is limited and guaranteed only through the final registration deadline date. The September CISA and CISM exams will be available in all languages in which the respective exam is currently offered. Registration for the September 2013 exam opens on Wednesday, 24 April The key dates for the September CISA and CISM exams are: Early registration deadline: 28 May Final registration deadline: 22 July ingcampaign.aspx?mktgsrccode= Webinar on Effective Time Management Please note down an upcoming webinar for young professionals on Effective Time Management: How to Make Every Second Count Speaker: Alexander Josephite, CISA, Senior Manager at Morgan Stanley ISACA Members Earn Free CPE Date: Tuesday, 4 June 2013 Time: 12PM (EDT) / 11:00AM (CDT) / 9:00AM (PDT) 16:00 (UTC) To Register for this webinar: Click Attend (in the box below) and create a BrightTALK ISACA Channel account (please do not use your ISACA login credentials). If you already have a BrightTALK account, log in with your BrightTALK credentials and click Confirm Attendance. Please note: There is an option to add to this event to your Outlook calendar once you have registered. A BrightTALK Channel Webinar on Architecting Network Security for Advance Malware Please note down an upcoming webinar on Architecting Network Security for Advanced Malware Presented by: Nat Smith, Senior Manager Network Security, McAfee ISACA Members Earn Free CPE Date: Thursday, 9 May 2013 Time: 12PM (EDT) / 11:00AM (CDT) / 9:00AM (PDT) 16:00 (UTC) To Register for this webinar: Click Attend (in the box below) and create a BrightTALK ISACA Channel account (please do not use your ISACA login credentials). If you already have a BrightTALK account, log in with your BrightTALK credentials and click Confirm Attendance. Please note: There is an option to add to this event to your Outlook calendar once you have registered. A BrightTALK Channel ISACA Karachi Newsletter Mar Apr 2013 Edition Page 13 of 20

14 ISACA International News & Alerts Double Century! ISACA 200 Chapters ISACA is happy to announce that we are now 200 chapters strong! With the formation of ISACA's newest chapter the Lusaka (Zambia) Chapter ISACA now has 200 chapters in 82 countries! We would not be the incredibly successful global organization we are without all of you. Check out these tips for chapters, a list that will eventually boast 200 helpful items for our chapters. Many thanks and congratulations to all of you for helping ISACA reach this important milestone. June Exam Admission Tickets Admission tickets for the June 2013 exams will be sent via and postal mail in early May. Admission tickets can also be downloaded from the MyISACA page of the web site. Exam candidates who have not received their exam admission ticket by 1 st June 2013 should contact exam@isaca.org June Deferral Deadline The deadline to defer the June 2013 exams is 24 May There is a US $100 fee for deferral. Deferrals can be made on the June 2013 Exam Deferral and Cancellation Request page of the ISACA web site. ISACA & Deloitte Course on Network Security Auditing June 2013 Parsippany, NJ, USA This ISACA and Deloitte unique course teaches the experienced auditor to recognize and address information security issues in the enterprise. Learn to identify and analyze the risk associated with security threats across network, operational and physical systems. Course description: With a proliferation of high profile network security attacks over recent years, this course looks to equip the IT auditor with the necessary skills to scope, plan and perform a network security assessment. Learn how to view and help protect the network perimeter of the organization through a range of hands on presentations and demonstrations. Learning objectives: Evaluate risk from an external perspective Describe the purposes of a tiered network perimeter architecture Analyze how a hacker views a target Acquire baseline knowledge of the purpose and functionality of firewalls Explain features and functionality of the major firewall brands (Cisco, Check Point, etc.) Receive hands-on experience reviewing configuration files for firewall rule sets Prepare to evaluate digital risk and various approaches for managing vulnerabilities Target audience: IT auditors and integrated auditors. Audit managers. IT managers responsible for information security. Please Contact ISACA's Education/Conference Department Tel: Fax: conference@isaca.org ISACA Karachi Newsletter Mar Apr 2013 Edition Page 14 of 20

15 ISACA International News & Alerts CRISC Won Best Certification Award from SC Magazine ISACA s CRISC Certification Wins Best Professional Certification Award from SC Magazine Rolling Meadows, IL, USA (27 February 2013) ISACA, a global association of more than 100,000 IT security, assurance and governance professionals, has won the Best Professional Certification Program Award from SC Magazine for the Certified in Risk and Information Systems Control (CRISC) credential. The 2013 SC Awards were presented in conjunction with the RSA Conference. SC Magazine is proud to recognize ISACA as a leader in the information security industry, said Illena Armstrong, vice president of editorial, SC Magazine. ISACA s certification program is a great model for the entire information security industry. The 2013 SC Awards winners are chosen by a panel of security professionals from the private and public sector, selected by SC Magazine s editorial team for their information security leadership and knowledge. The panel conducted indepth analysis and considered many factors such as applicable research, analyst reports and reviews to narrow down the field of hundreds of submissions to the top finalists. Through this comprehensive analysis, ISACA s CRISC certification was chosen as this year s winner in the Best Professional Certification Program category. The annual SC Awards, now in its 16th year, showcase the leading solutions, services, certifications & professionals. SC Magazine distinguishes the achievements of the security professionals in the field, the innovations happening in the vendor and service provider communities, and the important work of government, commercial and nonprofit organizations. A list of winners is available at: This award is an honor and a testament to the big impact CRISC has made in its first three years, said Allan Boardman, CISA, CISM, CGEIT, CRISC, CA (SA), ACA, CISSP, chair of ISACA s Credentialing and Career Management Board. Employers are looking for candidates with the CRISC credential as proof of a strong background in risk and control, and employees are seeking the credential to differentiate themselves and boost their value to their organizations. All of ISACA s certifications are globally recognized in many industries, and independent studies consistently rate ISACA s designations among the highest paying certifications that an IT professional can earn. These factors all contribute to the high demand for CRISC certification. CRISC, established in 2010, has already been earned by nearly 17,000 professionals. To earn the certification, candidates must prove at least three years of relevant experience and pass the CRISC exam. The next exam will be administered worldwide on 8 June ISACA Journal App is available for your (iphone & ipod) Enjoy the ISACA Journal in a format that s as mobile as you are! The ISACA Journal App is packed with the latest complete ISACA Journal print magazine issues, plus the latest ISACA Journal Author Blog and ISACA Now blog postings. You'll now be able to access the Journal s managerial and technical articles and other ISACA information for professionals involved in IT audit, governance, security and assurance on the go. This app includes issues beginning with volume 2, New issues will be available for download bimonthly. You'll also receive real-time updates from ISACA.org, including: - Journal Author Blog postings - ISACA Now blog postings ISACA Karachi Newsletter Mar Apr 2013 Edition Page 15 of 20

16

17 ISACA Book Store Update The ISACA Bookstore offers new tools for preparing for ISACA s 2012 certification exams: CISA Review Manual 2012 CISM Review Manual 2012 CGEIT Review Manual 2012 CRISC Review Manual Candidates Guide to the CISA Exam & Certification 2012 Candidates Guide to the CISM Exam & Certification 2012 Candidates Guide to the CGEIT Exam & Certification 2012 Candidates Guide to the CRISC Exam & Certification CISA Practice Question Database, CD-ROM or download CISM Practice Question Database, CD-ROM or download CISA Review Questions, Answers & Explanations Manual 2012 CISM Review Questions, Answers & Explanations Manual 2012 CGEIT Review Questions, Answers & Explanations Manual 2012 CRISC Review Questions, Answers & Explanations Manual 2012 COBIT 4.1 by IT Governance Institute COBIT Assessor Guide: Using COBIT 4.1 by ISACA COBIT Process Assessment Model: Using COBIT 4.1 by ISACA COBIT Self-assessment Guide: Using COBIT 4.1 by ISACA COBIT Self-assessment Guide: Using COBIT 4.1 (e-book) by ISACA Search the Bookstore online For the complete descriptions by product title or category. Online: Mail: Fax: Ways to Order these books Order online at Mail your completed order form with payment to: ISACA 1055 Paysphere Circle Chicago, IL USA Fax completed order form with credit card # & Expiration date to Contact ISACA Bookstore bookstore@isaca.org or ISACA e-library Center/Pages/eLibrary.aspx Phone: Call Monday Friday: 8:00 a.m. 5:00 p.m. Central Time (Chicago, Illinois, USA) ISACA Karachi Newsletter Mar Apr 2013 Edition Page 17 of 20

18 Country Highlights IT, IS, Telecom & related sectors UBL Pakistan implements SAS Risk Management System The Software and Services (SAS) announced on Friday the signing of a new strategic partnership with United Bank Limited (UBL) of Pakistan, as part of the bank's move to implement a more effective and improved enterprise risk management system, said a press release. It said the alliance complements the ongoing positive changes being witnessed across Pakistan's banking industry, like the introduction of internet, mobile banking and ATMs. UBL will utilize SAS Credit Risk Management for Banking, Market Risk & Operational Risk to establish a high performance risk framework that can help to adapt best banking friendly practices. The partnership also improves banking operation to enhance ratings, reduce finance costs and create a faster way to generate feedback from loan applications. UBL bank is planning to equip with SAS' cutting edge analytics, sophisticated data management and reporting capabilities that have been deemed essential for daily banking operations. The release said despite from maintaining a compliance with BASEL II regulations, UBL has strived for key ways to achieve business benefits within a comprehensive risk management strategy. Use of SAS can enhance UBL's application scoring, customer behavior analytics while also effectively managing data for better decision making. Freelancer.com, the world s largest outsourcing website, with more than 7 million users, recently launched freelancer.pk at an event in Karachi, Pakistan. The launch is welcoming news for self-employed Pakistani professionals. There are 5 million broadband users in Pakistan already and there is a noticeable increase in the number of self-employed young people. Pakistan ranks third highest in terms of membership on Freelancer.com, with more than 240,000 users where membership comprises of both freelancers and employers whose combined earnings are approximately $13.5 million. Pakistan internet users showed double digit growth in the last five years, observes Evan Tan, Freelancer.com s Regional Director for Asia. And with the rapid growth of self-employment in Pakistan, this is a great time for members of the site to take advantage of the ongoing digitization trend that has been changing the landscape of the global marketplace. Freelancer.pk will open avenues for Pakistanis to discover jobs and projects from around the world. Freelancers will explore possibilities of finding jobs in the international job market that Freelancer.com provides. It will be much easier for the skilled freelancers to find jobs in countries like United Kingdom, North America, Australia and Canada now, while the employers can outsource jobs to countries such as Kenya, Romania, India, Philippines and United States. A local Urdu version of Freelancer.pk is expected to be launched in the next few months. VISA to launch Mobile Financial Service in Pakistan Bullish about the mobile banking scene in Pakistan, Visa Inc a global payments technology company is soon going to launch its own mobile financial services (MFS) platform in Pakistan. The product will use VisaNet technology and function on interoperability model a first in Pakistan s mobile banking market. VisaNet is the world s largest retail electronic payments processing network, handling an average of 150 million transactions every day, according to the company s website. The platform is supposed to be similar to Link1 Pakistan s largest interbank payment network service provider. With such a service, customers will not have to get their cards swapped or to be available at POS physically, instead they will be able to make their transactions through mobile phones with the same visa card that will be lent to them by the banks. These visa card will use the same VisaNet technology a retail electronic payments processing network which is already handling an average of 150 million transactions every day. Service is not going to be bank or cellular operator specific, instead customers simply with a Visa Card will be offered all these mobile financial services by default on top of conventional banking services. The product will be launched after banks and telecom operators integrate their infrastructure to support the platform. ISACA Karachi Newsletter Mar Apr 2013 Edition Page 18 of 20

19 ISACA International Up Coming International Conference / Training Week Calendar May June 2013 Webinar Webinar on World Congress Webinar Training Week Webinar Effective Time Management Insights 2013 Conference Network Security Auditing Date 23 rd May th Jun Jun th Jun th Jun th Jun 2013 Location Online Online Berlin, Germany Online New Jersey, USA Online New 2013 ISACA conference and educational event dates have been released. For the latest information, please visit ISACA Karachi Newsletter Mar Apr 2013 Edition Page 19 of 20

20 List of Board Members, ISACA Karachi Chapter Zain A. Ansari President Kashif Alam Khan Vice President M Asif Riaz Secretary Muhammad Maad Treasurer Aamir Jamil Chair IT Governance/COBIT/CGEIT Coordinator Abdul Rasool Hoodbhoy Chair Special Projects Absar Khan Chair Communications Faisal Abdullah Akhawala CISA Coordinator Muhammad Kamran Chair of Academic Relations Muhammad Sami ul Hassan Chair Membership Zainab Hameed Chair Marketing Zahir Ali Quettawala CISM/CRISC Coordinator Waqar Ahmed Khan Immediate Past President PastPresident@isacakarachi.org