Spring Education Conference. Securing the Organization (Ensuring Trustworthy Systems)
|
|
- Hortense French
- 5 years ago
- Views:
Transcription
1 Spring Education Conference Securing the Organization (Ensuring Trustworthy Systems) Ken Vander Wal, CISA, CPA Past President, ISACA 1
2 Board of Directors International President Greg Grocholski Member at Large Past International President Kenneth Vander Wal Chicago Chapter Past International President Emil D Angelo NY Metropolitan Chapter Vice Presidents Allan Boardman London Chapter Juan Luis Carselle Mexico City Chapter Christos Dimitriadis Athens Chapter Ramses Gallego Barcelona Chapter Tony Hayes Brisbane Chapter Jeff Spivey Charlotte Chapter Marc Vael Belgium Chapter Appointed directors: John Ho Chi, Singapore Chapter; Krysten McCabe, Atlanta Chapter; Jo Stewart-Rattray, Adelaide
3 Agenda IT Changing Landscape IT Value, Trust and Assurance Impact on Assurance Profession Questions and Discussion 3
4 Pace of Change of Digital Infrastructure Digital power = Computing x Communication x Storage x Content Moore s law Fiber law Disk law Community law Doubles every 18 months Doubles every 9 months Doubles every 12 months x x x 2 n, where n is number of people Source: John Seely Brown 4
5 Worldwide IT Spending Forecast (Billions of US Dollars) 5
6 Other Gartner Predictions Technology spend outside IT will become almost 90% by end of the decade 4.4M IT jobs globally will be created to support Big Data, 1.9 M in the US $34B of IT spending in 2013 In 2016 > 1.6B smart mobile devices purchases globally Security investments to increase by 56% in five years Driver: Regulatory compliance 6
7 Trends Sure to Impact CIOs in The increasing importance of smartphones 2. Tablets will make inroads 3. The Cloud is here to stay 4. BYOD (or is it IBMOD) 5. Big Data 6. The increasing role of Windows 8 7. Social networking security 8. Small, lighter hardware 9. Increasing employee knowledge 10. Apple love Source: CIO Insight 7
8 Speaking of Big Data We no longer speak using terms like bytes or kilobyte (KB) or gigabytes (GB) How many bytes in a Terabyte (TB)? (or 2 40 ) Equivalent to roughly 1,610 CDs worth of data Anyone heard of a Petabyte? Or an Exabyte? 1 Petabyte (PB) is 1,024TB 1 Exabyte (EB) is 1,024PB 1 Zettabyte (ZB) is 1,024EB 1 Yottabyte (YB) is 1,024ZB 8
9 2012 ISACA. Used by permission. 9
10 What Does It mean? Information systems environments are continuing to increase in complexity and impact, bringing unprecedented value opportunities along with significant risk. This requires: active governance and management of information advanced auditing practices 10
11 What is the Impact on the Audit Profession? Need to provide more value to the stakeholders of an organization by focusing more on business and information. Silos being removed: business, IT internal audit, finance internal audit, fraud investigators, security, governance, external audit, SLA managers. Era of diverse framework integration and central management. New technologies introduce new skill requirements for auditors not solely technical ones. 11
12 Example Securing and Auditing the Cloud requires good understanding of: Technologies (web services, virtualization) Related control frameworks Business requirements (linking IT with the business) Legal requirements (data transfer, retention, protection) Contractual agreements (e.g. impeding factors from moving to other providers) ISACA Cloud Computing Management Audit/Assurance Program 12
13 IT Value Factors Alignment IT and business processes Organization structure Organization strategy which responds to Business Requirements drive the investment in Integration Enterprise architecture Business architecture Process design Organization design Performance metrics Enterprise Information to deliver IT Processes IT Resources that are used by 13
14 Value Defined (Val IT) IT is not an end to itself but a means of enabling business outcomes. IT is not about implementing technology. It is about unlocking value through IT-enabled organizational change. Value is the total life-cycle benefits net of related costs, adjusted for risk and (in the case of financial value) for the time value of money. The concept of value relies on the relationship between meeting the expectations of stakeholders and the resources used to do so. 14
15 Trust Defined Definition 1: Trust is the ability to predict what a system will do in various situations. Definition 2: Trust is using an information system without having full knowledge about it. Definition 3: Trust is giving something now (credit card) with an expectation of some future return or benefit (on line purchase). Trust that: Private and sensitive information will remain confidential Process integrity is maintained Essential business processes are available or recoverable Definition 4: Trust is being vulnerable (entering private and sensitive information) while expecting that the vulnerabilities will not be exploited (identity theft). 15
16 Trust in an Information Society Systems should give minimum and, as much as possible, measurable guarantees and information on related risks concerning quality of service, security and resilience, transparency of actions and the protection of users data and users privacy, in accordance with predefined, acknowledged policies. Systems should provide tools and mechanisms (or allow third-party service providers to do so) that enable the user to assess the risks and audit the qualities it is claimed to possess. A bona fide trustworthy system must also entail quantifiable and auditable technical and organizational aspects of delivery (policies, architectures, service level agreements, etc.), as well as the user s perceptions on its operation. 16
17 Trustworthy Computing Security Privacy Reliability Integrity Investment in expertise & technology Responsible leadership and partnering Guidance and engagement through best practices & education Design, development and testing Standards and policies User sense of control over personal information Resilient continues in the face of internal or external disruption Recoverable restorable to a previously known state Controlled accurate and timely service Undisruptable changes and upgrades do not disrupt service Production ready minimal bugs or fixes Predictable - works as expected or promised Acceptance or responsibility for problems and takes action to correct them 17
18 Trust and Value Relationship T R U S T ASSURANCE V A L U E Trust creates the opportunity for Value Value is based on an expectation of Trust Assurance binds Trust and Value together 18
19 Governance Information systems are integral enablers that: Achieve an organization s strategy and business objectives Provide the confidentiality, integrity, availability and reliability of information assets Ensure compliance with applicable laws and regulations Info Security Their criticality brings to the enterprise unprecedented potential for both value creation and risk (creating the need for trust). Audit/Assurance Risk Management 19
20 What does all this mean for ISACA and IIA members? Learn Faster Share Knowledge Engage 20
21 LEARN FASTER White papers IT audit/assurance programs Survey results Other research Journal articles 21
22 Examples of Resources ISACA Information Technology Assurance Framework Audit programs (downloadable) IT Risk/Reward Barometer Survey elibrary White papers COBIT IIA International Professional Practices Framework Global Technology Audit Guides GAIN annual benchmarking study Chief audit executive resources 22
23 COBIT 5 Principles 2012 ISACA. Used by permission. 23
24 COBIT 5 Enablers 2012 ISACA. Used by permission. 24
25 COBIT 5 Enabling Processes 2012 ISACA. Used by permission. 25
26 SHARE KNOWLEDGE Networking at chapter, regional and international levels Use of knowledge centers and collaboration Communicate 26
27 ENGAGE Volunteer Share knowledge Attend Get a certification Comment on exposure drafts 27
28 Certifications ISACA IIA CISA CISM CGEIT CRISC CIA CGAP CFSA CCSA CRMA 28
29 THANK YOU 29
Report of the Nominating Committee
Volume 7, 31 March 2011 In This Issue: Report of the Nominating Committee Slate of 2011-2012 Board of Directors New COBIT Case Study: Grupo Bancolombia New COBIT Process Assessment Model: The Market Need
More informationISACA International Perspective
ISACA International Perspective 11 th October 2013 Allan Boardman ISACA International Vice President and Board Director Member of ISACA s Strategic Advisory Council Member of the IT Governance Institute
More informationA Global Look at IT Audit Best Practices
A Global Look at IT Audit Best Practices 2015 IT Audit Benchmarking Survey March 2015 Speakers Kevin McCreary is a Senior Manager in Protiviti s IT Risk practice. He has extensive IT audit and regulatory
More informationReport of the Nominating Committee
Volume 8, 9 April 2014 Report of the Nominating Committee Slate of 2014-15 Board of Directors New NIST Cybersecurity Framework Features COBIT 5 in Its Core Parameters to Consider When Acquiring Software
More informationBRING EXPERT TRAINING TO YOUR WORKPLACE.
BRING EXPERT TRAINING TO YOUR WORKPLACE. ISACA s globally respected training and certification programs inspire confidence that enables innovation in the workplace. ISACA s On-Site Training brings a unique
More informationWe would like to announce to you a number of upcoming changes to the Certified Internal Auditor Exam:
Dear Institute Leaders, We would like to announce to you a number of upcoming changes to the Certified Internal Auditor Exam: 1. As the result of findings from a Job Analysis Study (JAS) for the Certified
More informationBECOME TOMORROW S LEADER, TODAY. SEE WHAT S NEXT, NOW
BECOME TOMORROW S LEADER, TODAY. SEE WHAT S NEXT, NOW BECOME AN ISACA MEMBER TODAY. Nearing its 50th year, ISACA is a global association helping individuals and enterprises achieve the positive potential
More informationMY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE.
MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE. TIMO HEIKKINEN, CISA, CGEIT SENIOR AUDIT SPECIALIST, NORDEA HELSINKI, FINLAND ISACA MEMBER SINCE 1999 ABOUT US BE MORE INFORMED, VALUED
More informationThe Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation. ISACA All Rights Reserved.
The Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation Tichaona Zororo CIA, CISA, CISM, CRISC, CRMA, CGEIT, COBIT 5 Certified Assessor B.Sc. Honours Information Systems,
More informationCitation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit Abstract from Nordic ISACA Conference 2014, Oslo, Norway.
Aalborg Universitet Vision for IT Audit 2020 Berthing, Hans Henrik Aabenhus Publication date: 2014 Document Version Early version, also known as pre-print Link to publication from Aalborg University Citation
More informationTable of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING
Table of Contents Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING Chapter 1: Significance of Internal Auditing in Enterprises Today: An Update 3 1.1 Internal Auditing History and Background
More informationCybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016
Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco
More information2017 PORT SECURITY SEMINAR & EXPO. ISACA/CISM Information Security Management Training for Security Directors/Managers
2017 PORT SECURITY SEMINAR & EXPO ISACA/CISM Information Security Management Training for Security Directors/Managers Agenda Introduction ISACA Information security vs. cybersecurity CISM certification
More informationThe Experience of Generali Group in Implementing COBIT 5. Marco Salvato, CISA, CISM, CGEIT, CRISC Andrea Pontoni, CISA
The Experience of Generali Group in Implementing COBIT 5 Marco Salvato, CISA, CISM, CGEIT, CRISC Andrea Pontoni, CISA Generali Group at a glance Let me introduce myself Marco Salvato CISA, CISM, CGEIT,
More informationIS Audit and Assurance Guideline 2002 Organisational Independence
IS Audit and Assurance Guideline 2002 Organisational Independence The specialised nature of information systems (IS) audit and assurance and the skills necessary to perform such engagements require standards
More informationROI for Your Enterprise Through ISACA A global IS association helping members achieve organisational success.
ROI for Your Enterprise Through ISACA A global IS association helping members achieve organisational success. ROI for Your Enterprise Through ISACA With the growing complexities of global business and
More informationGain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services
Solution Overview Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services OPTIMIZE YOUR CLOUD SERVICES TO DRIVE BETTER BUSINESS OUTCOMES Reduce Cloud Business Risks and Costs
More informationISACA. Certification Details for Certified in the Governance of Enterprise IT (CGEIT )
ISACA Pasitikėjimas informacinėmis sistemomis ir jų nauda Certification Details for Certified in the Governance of Enterprise IT (CGEIT ) Dainius Jakimavičius, CGEIT ISACA Lietuva tyrimų ir metodikos koordinatorius
More informationWELCOME TO ISACA Claudio CILLI, CISA, CISM, CRISC, CGEIT
WELCOME TO ISACA 2015 Claudio CILLI, CISA, CISM, CRISC, CGEIT cilli@di.uniroma1.it http://dsi.uniroma1.it/~cilli WHO IS ISACA? ABOUT ISACA The trusted source of guidance, networking and career development
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationCOURSE BROCHURE. COBIT5 FOUNDATION Training & Certification
COURSE BROCHURE COBIT5 FOUNDATION Training & Certification What is COBIT5? COBIT 5 (Control Objectives for Information and Related Technology) is an international open standard that defines requirements
More informationAdministrative Directive No. 4: 2011 Continuing Professional Education Requirements for All Certification Programs
Administrative Directive No. 4: 2011 Continuing Professional Education Requirements for All Certification Programs Purpose This document contains the mandatory Continuing Professional Education (CPE) requirements
More informationbuilding for my Future 2013 Certification
I am building for my Future 2013 Certification Let ISACA help you open new doors of opportunity With more complex IT challenges arising, enterprises demand qualified professionals with proven knowledge
More informationIS Audit and Assurance Guideline 2001 Audit Charter
IS Audit and Assurance Guideline 2001 Audit Charter The specialised nature of information systems (IS) audit and assurance and the skills necessary to perform such engagements require standards that apply
More informationIT Strategic Planning: Making Your IT Organization Efficient and Effective
IT Strategic Planning: Making Your IT Organization Efficient and Effective Jeffrey Locketz, CPA, CGMA, CITP, CISA, CISM, CGEIT, CRISC, CBCP, CRMA, CCISO ICMA Conference Presenter How can an IT Strategic
More informationCybersecurity and the Board of Directors
Cybersecurity and the Board of Directors Key Findings from BITS/FSR Meetings OVERVIEW Board directors are increasingly required to engage in cybersecurity risk management yet some may need better education
More informationCOPYRIGHTED MATERIAL. Index
Index 2014 revised COSO framework. See COSO internal control framework Association of Certified Fraud Examiners (ACFE), 666 Administrative files workpaper document organization, 402 AICPA fraud standards
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationCSF to Support SOC 2 Repor(ng
CSF to Support SOC 2 Repor(ng Ken Vander Wal, CPA, CISA, HCISPP Chief Compliance Officer, HITRUST * ken.vanderwal@hitrustalliance.net Agenda Introduction to SOC Reporting SOC 2 and HITRUST CSF AICPA and
More information2018 CALENDAR OF ACTIVITIES
2018 CALENDAR OF ACTIVITIES WHO WE ARE AND WHAT WE OFFER Ý Public Trainings Technical Sessions Reviews GMM Other Chapter Activities Conferences Professionals Night ISACA was incorporated by individuals
More informationStrategies for Deriving Maximum Benefit From Audit. Allan Boardman CyberAdvisor.London
Strategies for Deriving Maximum Benefit From Audit Allan Boardman CyberAdvisor.London Agenda Setting the scene Why Audit often struggle working with Security and Risk Spotlight on Audit Spotlight on Security
More informationCOURSE BROCHURE CISA TRAINING
COURSE BROCHURE CISA TRAINING What is CISA? The CISA, Certified Information Systems Auditor, is a professional designation which provides great benefits and increased influence for an individual within
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationInvest in. ISACA-certified professionals, see the. rewards.
Invest in ISACA-certified professionals, see the rewards. Invest in ISACA-certified professionals, see the rewards. As a global IT association that has been around for more than 40 years, ISACA provides
More informationITU CBS. Digital Security Capacity Building: Role of the University GLOBAL ICT CAPACITY BUILDING SYMPOSIUM SANTO DOMINGO 2018
GLOBAL ICT CAPACITY BUILDING SYMPOSIUM ITU CBS SANTO DOMINGO 2018 Digital Capacity Building: Role of the University 18 20 June 2018 Santo Domingo, Dominican Republic Dr. Nizar Ben Neji Faculty of Sciences
More informationPerforming a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH
Performing a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH 1 Speaker Bio Katie McIntosh, CISM, CRISC, CISA, CIA, CRMA, is the Cyber Security Specialist for Central Hudson Gas &
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationMemphis Chapter. President s Message. This annual event is designed to provide students with a
Memphis Chapter F E B R U A R Y 2 0 1 5 Remember: Update your IIA profile for the most up-to-date news. RSVP for the Annual Student Day February 24, 2015 This annual event is designed to provide students
More informationExploring Emerging Cyber Attest Requirements
Exploring Emerging Cyber Attest Requirements With a focus on SOC for Cybersecurity ( Cyber Attest ) Introductions and Overview Audrey Katcher Partner, RubinBrown LLP AICPA volunteer: AICPA SOC2 Guide Working
More informationISACA MADRID DECEMBER Robert E Stroud CEGIT CRISC International President December 2014
ISACA MADRID DECEMBER 2014 Robert E Stroud CEGIT CRISC International President December 2014 CHANGING DYNAMICS OF BUSINESS Source: http://www.securedgenetworks.com/secure-edge-networks-blog/bid/84023/10-ways-mobile-device-management-can-help-your-school
More informationISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard
Certification Exam Outline Effective Date: April 2013 About CISSP-ISSMP The Information Systems Security Management Professional (ISSMP) is a CISSP who specializes in establishing, presenting, and governing
More informationRisk Advisory Academy Training Brochure
Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty
More informationRisk Based IT Auditing Master Class. Unlocking your World to a Sea of Opportunities
Risk Based IT Auditing Master Class Unlocking your World to a Sea of Opportunities The Digital World Information Technology has developed into a nerve center of every organisation. It has become an intrinsic
More informationPrivacy hacking & Data Theft
Privacy hacking & Data Theft Cloud Computing risks & the Patricia A RoweSeale CIA, CISA, CISSP, CRISC, CRMA The IIA (Barbados Chapter) Internal Audit Portfolio Director CIBC FirstCaribbean Objectives Cloud
More informationInstitute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationArticle II - Standards Section V - Continuing Education Requirements
Article II - Standards Section V - Continuing Education Requirements 2.5.1 CONTINUING PROFESSIONAL EDUCATION Internal auditors are responsible for maintaining their knowledge and skills. They should update
More informationDrive Your Career Forward IIA Certifications and Qualifications
CCSA CRMA CFSA CGAP Don t miss out on the CIA Application Fee Waiver in August! More information is available on the back cover. Drive Your Career Forward IIA Certifications and Qualifications Mapping
More informationDrive Your Career Forward IIA Certifications and Qualifications
Drive Your Career Forward IIA Certifications and Qualifications Mapping Your Path for Growth Professional development is a journey. Demonstrating your knowledge, acumen, and leadership ability are key
More informationCOBIT 5 With COSO 2013
Integrating COBIT 5 With COSO 2013 Stephen Head Senior Manager, IT Risk Advisory Services 1 Our Time This Evening Importance of Governance COBIT 5 Overview COSO Overview Mapping These Frameworks Stakeholder
More informationInformation Governance: What s all the Hype? Raymond K. Cunningham, Jr. CRM, CA, CDIA+, CIP, CIPM University of Illinois Foundation
Information Governance: What s all the Hype? Raymond K. Cunningham, Jr. CRM, CA, CDIA+, CIP, CIPM University of Illinois Foundation 1 Questions What is Information Governance? Why should we care? What
More informationBREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE
BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE 31st Annual SoCal ISSA Security Symposium Wendy T. Wu Vice President Agenda + CISO: Then and Now + Who are the Stakeholders and What Do They Care About?
More informationApplication for Certification
Application for Certification Requirements to Become a Certified Information Security Manager To become a Certified Information Security Manager (CISM), an applicant must: 1. Score a passing grade on the
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationCYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD
CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD December 2014 KEVIN GROOM ISACA Involvement (Middle Tennessee Chapter) Treasurer (2009 2011) Vice President (2011 2013) President (2013 present)
More informationNext Generation Policy & Compliance
Next Generation Policy & Compliance Mason Karrer, CISSP, CISA GRC Strategist - Policy and Compliance, RSA Core Competencies C33 2013 Fall Conference Sail to Success CRISC CGEIT CISM CISA Introductions...
More informationMobile Security / Mobile Payments
Mobile Security / Mobile Payments Leslie K. Lambert CISSP, CISM, CISA, CRISC, CIPP/US, CIPP/G VP, Chief Information Security Officer Juniper Networks Professional Techniques - Session T23 MOBILE SECURITY
More informationData Management and Security in the GDPR Era
Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini
More informationCybersecurity & Privacy Enhancements
Business, Industry and Government Cybersecurity & Privacy Enhancements John Lainhart, Director, Grant Thornton The National Institute of Standards and Technology (NIST) is in the process of updating their
More informationSELLING YOUR ORGANIZATION ON APPLICATION SECURITY. Navigating a new era of cyberthreats
SELLING YOUR ORGANIZATION ON APPLICATION SECURITY Navigating a new era of cyberthreats Selling Your Organization on Application Security 01 It's no secret that cyberattacks place organizations large and
More informationLes joies et les peines de la transformation numérique
Les joies et les peines de la transformation numérique Georges Ataya CISA, CGEIT, CISA, CISSP, MSCS, PBA Professor, Solvay Brussels School of Economics and Management Academic Director, IT Management Education
More informationWhat is ISO ISMS? Business Beam
1 Business Beam Contents 2 Your Information is your Asset! The need for Information Security? About ISO 27001 ISMS Benefits of ISO 27001 ISMS 3 Your information is your asset! Information is an Asset 4
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationThe Black Box Institute
The Black Box Institute Enterprise Mobility Management Nov 15, 2016 The Black Box Institute 2016 Our speakers today Maneesh Mehta Malcolm Campbell Co-founder, The Black Box Institute Clients include: Nortel,
More informationGovernment IT Modernization and the Adoption of Hybrid Cloud
Government IT Modernization and the Adoption of Hybrid Cloud An IDC InfoBrief, Sponsored by VMware June 2018 Federal and National Governments Are at an Inflection Point Federal and national governments
More informationIMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES
IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationI D C T E C H N O L O G Y S P O T L I G H T
I D C T E C H N O L O G Y S P O T L I G H T P ow e ring Digital Transfor m a t i o n T h r ough the C l o u d - R e a d y E n t e r p rise September 2016 Adapted from Developing a Cloud Strategy for Digital
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationMoving to computing are auditors ready for the security challenges? Albert Otete CPA CISA ISACA Uganda Workshop
Moving to computing are auditors ready for the security challenges? Albert Otete CPA CISA ISACA Uganda Workshop 10.08.2011 What is computing? Examples of service providers Computing preface Cloud computing
More informationISACA Enterprise. Solutions and Resources
ISACA Enterprise Solutions and Resources About ISACA Global association serving 140,000 members and certification holders Members in 180+ countries; 210+ chapters worldwide Developed and maintains the
More informationTop Business/Technology Issues Survey 2011
Volume 9, 27 April 2011 In This Issue: Top Business/Technology Issues Survey 2011 Results Released 5 Considerations When Evaluating ISRM Programs and Capabilities Now Available in the Apple App Store:
More informationOpportunities to Integrate Technology Into the Classroom. Presented by:
Opportunities to Integrate Technology Into the Classroom Presented by: Mark Salamasick, CIA, CISA, CRMA, CSP Executive Director of Audit University of Texas System Discussion Topics Internal Audit Textbook
More informationIT Audit Process. Prof. Mike Romeu. January 30, IT Audit Process. Prof. Mike Romeu
January 30, 2017 1 Corporate Structures Shareholders Governance Level: Board of Directors External Director CFO CEO Legal Counsel External Director Responsible for: Evaluate Direct Monitor Internal Directors
More informationAngela McKay Director, Government Security Policy and Strategy Microsoft
Angela McKay Director, Government Security Policy and Strategy Microsoft Demographic Trends: Internet Users in 2005.ru.ca.is.uk.nl.be.no.de.pl.ua.us.fr.es.ch.it.eg.il.sa.jo.tr.qa.ae.kz.cn.tw.kr.jp.mx.co.br.pk.th.ph.ng.in.sg.my.ar.id.au
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Officer Senior Vice President, General Counsel and Corporate
More informationBusiness Context: Key for Successful Risk Management
Business Context: Key for Successful Risk Management Philip Aldrich, CISSP, CISM, CISA, CRISC, CIPP Program Director, Risk Management EMC Event Alert Finding Incident Law Vulnerability Regulation Audit
More informationSurvey Report Industry Survey. Data Governance, Technology & Analytics Trends Q1 2014
2018 Industry Survey Survey Report Q1 2014 Data Governance, Technology & Analytics Trends September 2018 About IDMA What we do The IDMA provides a forum for professionals engaged in enterprise data governance
More informationDATA PRIVACY & PROTECTION POLICY POLICY INFORMATION WE COLLECT AND RECEIVE. Quality Management System
DATA PRIVACY & PROTECTION POLICY POLICY This Data Privacy & Protection Policy applies to ELMO Software Limited s Cloud HR & Payroll applications and platform (collectively, the Services ), elmosoftware.com.au
More informationImplementation PREVIEW VERSION
Implementation These following pages provide a preview of the information contained in COBIT 5 Implementation. The publication provides a good-practice approach for implementation governance of enterprise
More informationThe CIA Challenge Exam. August 2018
The CIA Challenge Exam August 2018 The IIA is committed to providing a clearly defined, professionally relevant suite of global certifications to support internal auditors as they progress through their
More informationROLE DESCRIPTION IT SPECIALIST
ROLE DESCRIPTION IT SPECIALIST JOB IDENTIFICATION Job Title: Job Grade: Department: Location Reporting Line (This structure reports to?) Full-time/Part-time/Contract: IT Specialist D1 Finance INSETA Head
More information13.f Toronto Catholic District School Board's IT Strategic Review - Draft Executive Summary (Refer 8b)
AGENDA ADDENDU TE REGULAR EETING OF TE AUDIT COITTEE COITTEE PUBLIC SESSION Tuesday, June 6, 2017 6:30 P.. Pages 13. Staff Reports 13.f Toronto Catholic District School Board's IT Strategic Review - Draft
More informationRethinking Information Security Risk Management CRM002
Rethinking Information Security Risk Management CRM002 Speakers: Tanya Scott, Senior Manager, Information Risk Management, Lending Club Learning Objectives At the end of this session, you will: Design
More informationPrivate sector s engagement in the implementation of the Sendai Framework
Private sector s engagement in the implementation of the Sendai Framework Palais des Nations, Geneva, 2 May 2017 Oz Ozturk, PricewaterhouseCoopers Content: Introduction Key messages Sendai Framework and
More informationGOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES
GOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES INSIGHTS FROM PUBLIC SECTOR IT LEADERS DISCOVER NEW POSSIBILITIES. New network technology is breaking down barriers in government offices, allowing for
More informationDell helps you simplify IT
Dell helps you simplify IT Workshops the first step. Reduce desktop and data center complexity. Improve productivity. Innovate. Dell IT Consulting Services New Edition 2011 Introduction Are you spending
More informationWHITE PAPER. Title. Managed Services for SAS Technology
WHITE PAPER Hosted Title Managed Services for SAS Technology ii Contents Performance... 1 Optimal storage and sizing...1 Secure, no-hassle access...2 Dedicated computing infrastructure...2 Early and pre-emptive
More informationNo IT Audit Staff? How to Hack an IT Audit. Presenters. Mark Bednarz, Partner-In-Charge, Risk Advisory PKF O Connor Davies, LLP
No IT Audit Staff? How to Hack an IT Audit Presenters Mark Bednarz, Partner-In-Charge, Risk Advisory PKF O Connor Davies, LLP Learning Objectives After this session, participants will be able to: Devise
More informationISACA Certifications Overview
ISACA Certifications Overview CISA, CISM, CRISC, CGEIT Instructor Jay Ranade CISA,, CISSP, CISM, CBCP, ISSAP Risk Management Professionals Intl. jayranade@aol.com jayranade@nyu.edu ranadej@stjohns.edu
More informationSTRATEGIC PLAN
STRATEGIC PLAN 2013-2018 In an era of growing demand for IT services, it is imperative that strong guiding principles are followed that will allow for the fulfillment of the Division of Information Technology
More informationVolume 2014, Number 4. Volunteers Needed!
Volume 2014, Number 4 Volunteers Needed! Volunteering for NJ ISACA is a great opportunity to expand your professional contacts and your IT knowledge base. NJ ISACA needs talented professionals like you
More informationAs an IIA certified professional, the member is responsible for ensuring that the CPD information reported is accurate.
CPD ACTIVITY REQUIREMENTS Introduction The Professional Certifications Board requires that after initial certification, CIAs, CCSAs, CGAPs, CRMA s and CFSAs must maintain their knowledge and skills and
More information2017 RIMS CYBER SURVEY
2017 RIMS CYBER SURVEY This report marks the third year that RIMS has surveyed its membership about cyber risks and transfer practices. This is, of course, a topic that only continues to captivate the
More informationBPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.
BPS Suite and the OCEG Capability Model Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Contents Introduction... 2 GRC activities... 2 BPS and the Capability Model for GRC...
More informationCertified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
More informationTHE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS
SESSION ID: AST3-R02 THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS Jon Oltsik Senior Principal Analyst Enterprise Strategy Group @joltsik Candy Alexander, CISSP CISM International Board Director ISSA
More informationNortheast Ohio Chapter Annual General Meeting
Northeast Ohio Chapter Annual General Meeting May 21, 2015 For professionals and organizations be the leading global provider of knowledge, certifications, community, advocacy and education on information
More informationIT risks and controls
Università degli Studi di Roma "Tor Vergata" Master of Science in Business Administration Business Auditing Course IT risks and controls October 2018 Agenda I IT GOVERNANCE IT evolution, objectives, roles
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More information