ISACA Malaysia Chapter INSIDE THIS ISSUE: President Message 1 Events Calendar 2 IT Governance, Assurance & Security Conference Talk on PDPA 3 External Talk Telekom 3 Cloud Security & Threats 4 Virtualization & Cloud Computing Exam Passers Celebration 4 Auditing PDPA 5 CISA Review Class 5 Movie Night 5 AGM 6 Chapter Award 6 ISACA Open Badges 6 Message From The Editor 6 Issue # 29 May 2014 2 4 President Message Our 29 th Annual General Meeting (AGM) is scheduled to be held on 20 th May 2014 at Pullman Hotel, Bangsar and it marks the end of year for the 2013/14 Board members to serve the Chapter. On behalf of the Board, I would like to say thank you to all for the privilege to serve the Chapter and members for the past 12 months. The Chapter s Directors have been busy since January 2014 and we have successfully conducted 2 training events as follows: 15 th 17 th April 2014 Audit, Control & Security of Virtualization & Cloud Computing Workshop 23 rd April 2014 Auditing PDPA Workshop In addition to the above, we organized 2 evening talks Talk on PDPA-Enforcement, Implementation and Assurance held on 18 th February 2014 and Cloud Security & Threats held on 18 th March 2014. We had full-house turnout for both the evening talks and the Chapter will continue to organize more evening talks in the coming months and will continue to be free for members. As for social events, the must have Movie Night Captain America was held on 27 th March 2014 and we also organized a special event for the Certification Exam Passers and New Members on 22 nd April 2014. We have planned for more social events in the 2 nd half of the year and stay tune for further announcements. Also, our 13 th annual ISACA/MNCC IT Governance, Assurance and Security Conference is scheduled on 24 th & 25 th June 2014. Please register early to attend the only premier IT Governance Conference in Malaysia. This year s conference will cover the latest trends and topics such as project governance for large technology projects, emerging security concerns, the enforcement of the Personal Data Protection Act 2010 (PDPA) and readiness to implement the Goods and Services Tax (GST). After the recent membership purging, our membership stands at 683 and the renewal percentage was 80.2%. I hope all of you will continue to maintain your membership and also encourage your colleagues, friends and staff to join ISACA. On the International front, our current Vice President, Mr. Eddie Leng and Treasurer, Mr. Lee Chin Hon attended the Global Leadership Conference held on 26 th & 27 th April 2014 at Las Vegas, USA and I am sure both of them will be sharing new ideas with the Board. Lastly, I bid farewell to everyone as this is my last newsletter as 2013/14 Chapter President. I will be handing over the Chapter leadership to the new President at the AGM. It has been great honor to lead for the past 2 years and serve the Board for the past 9 years. I would like to take this opportunity to say thank you to all my past and present Board members and everyone whom I have had the pleasure to work with during my tenure as a Director with the Chapter. S. Retnendran President, ISACA Malaysia Chapter 2013/14
Page 2 EVENTS CALENDAR, Jan Jun 2014 ISACA Malaysia Chapter has organized interesting workshops and social events with CPE points offered. Events for knowledge gaining and social events Event Dates CPE Talk on PDPA: Enforcement, Implementation & Assurance 18 Feb 2014 3 Telekom Certification & Membership Talk 28 Feb 2014 - Evening Talk - Cloud Security and Threats 18 Mar 2014 3 Movie Night: Captain America - The Winter Soldier 27 Mar 2014 - Audit, Control & Security of Virtualization and Cloud Computing workshop Exam Passers Celebration and New Members Get Together 15-17 Apr 2014 21 22 Apr 2014 - Auditing PDPA 23 Apr 2014 3 CISA Review Class 27 Apr - 31 May 2014 Annual General Meeting 20 May 2014 - IT Governance, Assurance & Security Conference 24-25 Jun 2014 14 - IT Governance, Assurance & Security Conference, 24-25 Jun 2014 Upcoming annual event on IT Governance, Assurance and Security Conference The usage of IT technology in all its manifestations has been all pervasive, often blurring the line dividing public and personal lives of all concerned. It also gives rise to immense and grave issues in governance, security and assurance to public and private entities, as well as the society as a whole. The IT Governance Conference has been keeping up with these diverse challenges for the past 12 years. This 13 th edition of the Conference will deliberate on the latest trends and topics from project governance for large technology projects, the enforcement of the Personal Data Protection Act 2010 (PDPA) and being ready for the implementation of the Goods and Service Tax (GST) to the emerging fears of Cyber Threats and organizations assurance in compliance with the PDPA. Besides plenary sessions by our esteemed speakers, who will share their broad knowledge and experiences, we have organized a panel discussion that will present various perspective on the PDPA and a talk show on the stimulating topic of the GST.
Page 3 TALK ON PDPA: Enforcement, Implementation & Assurance, 18 th Feb 2014 The Personal Data Protection Act (PDPA) has been passed as a law in 2010 and the Act has come into effect on 15 th Nov 2013. Over 160 members (and some guests) attended our Members Event: Talk on Personal Data Protection Act 2010 ( PDPA ). The event featured 2 esteemed speakers Dr. Sonny Zulhuda and Mr. Chelvakumar G. Krishnan; and they were joined by Jason Yuen for the panel session moderated by Anthony Tai. Dr. Sonny Zulhuda provided the highlights of the PDPA and its subsidiary rules on registration requirements for data users, role and functions of data user forum, compliance and enforcement. Mr. Chelvakumar G. Krishnan shared an implementation case study on development of internal PDP policy/procedures, assessment of the 7 principles, impact to processes and systems/security, quick wins and gaps remediation, short/long term strategy. PDPA has come into effect and it is in hot demand for Compliance, IT and Audit This event received very good feedback and the Board will be looking towards organizing more of these members events and on this very interesting topic PDPA. Stay tuned for more news and announcements. (Left to Right) Dr. Sonny addressing the key notes. Mr. Chelvakumar shared a case study. Panelists of discussion: Moderator: Anthony Tai Panelists: Chelvakumar, Dr. Sonny and Jason Yuen Full house participants at the auditorium for PDPA Talk (Left to Right) Presentation of Tokens Appreciation: Eddie Leng, ISACA Vice President presented to Dr. Sonny. Bryan Wong, ISACA Secretary presented to Mr. Chelva. Eddie Leng, ISACA Vice President presented to Anthony Tai, Moderator. Anthony Tai, Moderator and Jason Yuen, Panelist. TELEKOM CERTIFICATION & MEMBERSHIP TALK, 28 Feb 2014 ISACA MY Chapter has been invited by Telekom Malaysia to give a talk on Certification and Membership. The Talk was well received by 30 Telekom Malaysia team members from Internal Audit, Network and IT Departments. Two ISACA Directors, Kenneth Ho & Kumaran have provided the talk to fellow members of Telekom Malaysia. Telekom specially invited ISACA for Certification & Membership Talk Telekom personnel are actively participating at Q&A session.
Page 4 Cloud Contact poor on security EVENING TALK CLOUD SECURITY AND THREATS, 18 Mar 2014 There were more than 60 interested members (and some guests) came to find out what the Gartner Says Cloud Contract poor on security means to the organization and how to protect it. Saurabh Sarawat has addressed it and shared on the busting myths, challenges and auditing controls. Law Chee Wan has addressed the evolving threats for complete user environment on consumerization, cloud and cyber threat, self-defending security, resolving management cloud complexity, etc. ISACA Directors, Kenneth Ho presented tokens appreciation to the speakers Saurabh Sarawat and Law Chee Wan. Virtualization and Cloud Computing Workshop. AUDIT, CONTROL AND SECURITY OF VIRTUALIZATION AND CLOUD COMPUTING WORKSHOP, 15 17 April 2014 Due to popular demand, ISACA Malaysia Chapter Special Interest Group (SIG) in Virtualization has designed the Audit, Control and Security of Virtualization and Cloud Computing Workshop especially for IT Auditors and IT Security Professionals to gain knowledge in setting up a virtual computing environment and auditing/securing virtualized servers deployed in their company s infrastructure. It was a hands-on workshop, participants had the chance to experience on how a virtual infrastructure would look like besides using some of the available tools used for auditing. In addition, participants have also learned how Cloud Computing is deployed, secured and audited. Trainer, Jason Yuen presented. Congratulations to Exam Passers! Social networking session for our members get together. EXAM PASSERS CELEBRATION & NEW MEMBERS GET TOGETHER, 22 Apr 2014 Congratulations! A great warm cheers to those who have passed the ISACA examination. The next step is to apply for the ISACA certification. Once approved, they are a certified professional and recognized internationally. New members have joined the annual celebration with great wishes to those exam passes in their career advancement besides networking with professionals. There were 30 ISACA members attended the celebration. Exam passers, new members and members have come and enjoyed the social networking session.
Page 5 AUDITING PDPA, 23 Apr 2014 After the Personal Data Protection Act 2010 ( PDPA ) has come into effect from 15th November 2013, personal data collected before this date will have a 3 months grace period for compliance and any personal data collected since this date will have to be in compliance with the PDPA. ISACA Malaysia Chapter has formed a Working Group (WG) on PDPA for the benefit of our members and the industry. The half-day workshop was the WG s first initiative, to focus on the audit and compliance of PDPA. The workshop has provided an overall understanding of PDPA, core control objectives as well as an audit approach. The participants have gained the understanding of the key aspects of a PDPA compliance program, how to provide assurance on the implementation of PDPA and examine key issues surrounding PDPA. There were total 45 participants. Prof. Abu Bakar Munir has shared the core principles and requirements, Implementation and Compliance requirements. Jason Yuen has provided the control objectives for PDPA and audit approach, also on the personal data lifecycle and inventory, compliance gaps, PDP office and infrastructure and walk through some case studies. PDPA Audit - A follow up session due to high demand after the PDPA Talk. Participants concentrating on the Auditing PDPA. Prof. Abu Bakar Munir (left) and Jason Yuen (right) have shared on PDPA Auditing. CISA REVIEW CLASS, 27 Apr - 31 May 2014 CISA Review Class is conducted for Jun 2014 exam candidates. The CISA Review Class is conducted across 5 weekends in the month of April and May 2014 with a mock exam. The classes focus exclusively on the essential areas covered in the CISA exams to assist and enhance the candidates study process. These classes cover the core sections and series of sample exam questions. Participants will receive handout materials provided by ISACA. The trainers have the relevant qualified certifications and are experience with technical skills and knowledge of the specific domain(s). MOVIE NIGHT: CAPTAIN AMERICA - The Winter Soldier, 27 Mar 2014 Apart from serious workshops and studying, a social event for ISACA members to wind down from their busy schedule and networking with other members. There were over 100 members joined the movie on 27 Mar 2014 night. Preparing for CISA examination. Movie Night Social Event for members get together
Page 6 ANNUAL GENERAL MEETING, 20 May 2014 Our Annual General Meeting (AGM) shall be held at Pullman Hotel, Bangsar, Kuala Lumpur with the outgoing BOD for 2013/14 and installation of new BOD for 2014/15. Do come and join us, show your support towards the Association, BODs and members. ISACA MY Chapter Honorable Mention - K. Wayne Snipes Best Chapter Award 2013 ISACA Malaysia Chapter has been awarded the Snipes Honorable Mention Seal with recognition as top contenders for K. Wayne Snipes Best Chapter Award 2013, being one of ISACA s outstanding chapter. Honorable mentions are given to chapters who excelled as a top chapter throughout the year. ISACA Open Badges On February 2014, ISACA introduces Open Badges for Certification Holders to demonstrate their accomplishments. Open badges are online representations of an achievement. The open badges are secure digital representations of the ISACA credential the certified individual s achievement, enhanced with a standardized set of metadata that, when clicked, lead to verification of the certification, qualifications and the process required to earn it. The badge can be embedded on a resume, emails, personal web sites, and social and professional networking web sites, including Facebook and LinkedIn. With your ISACA open badge, professionals can share their ISACA certifications on popular social and professional networking sites, emails or personal web sites. The visual representation of the ISACA certification will also allow contacts to verify the credentials that the professionals have achieved. It is a quick and easy way to share the achievements with their contacts. Message From The Editor This 2014 has been an exciting year for ISACA Malaysia Chapter. In this edition of newsletter, I am sharing the events and activities organized by the Chapter since beginning of 2014. As shown in some of the pictures attached, we have received fabulous demands, feedback and support from our members and associates to allow ISACA to organize more events and activities in the future. As an Editor for this, I am glad to release this Issue # 29. I would like to take this opportunity to thank all of you for the contribution to this newsletter and whom I have the pleasure to work with. It is time for the next Annual General Meeting to be held on 20 May 2014. I am glad to serve the Chapter and members for the past 4 years and it is my passion to continue to grow and build a strong and healthy Chapter relationship in the coming years. Elissa Cher Geik Theng, GRA & Communication Director 2013/14 ISACA Malaysia Chapter Unit 916, 9 th Floor, Block A, Damansara Intan, No.1, Jalan SS 20/27, 47400 Petaling Jaya, Selangor. www.isaca.org/malaysia Chapter Admin: Seelan Tel/Fax: +603 7726 1257 Mobile: +6017 219 6225 Email : officeadmin@isaca.org.my