Athens, 2 December 2011 Hellenic American Union Conference Center
|
|
- Jack Bates
- 8 years ago
- Views:
Transcription
1 Athens, 2 December 2011 Hellenic American Union Conference Center ISACA Athens Chapter and the Hellenic American Union are organizing the 1 st ISACA Athens Chapter Conference on December 2 nd, The theme of the conference is: IT Audit, Security & Governance Challenges in Financial Crisis. Renowned experts from the IT industry will share their experience and best practices In deploying successful strategies and implementation approaches around key issues facing IT assurance, security and governance professionals today, dealing with challenges raised from the financial crisis and the overall business & economic environment. The conference will also provide a platform for discussion on key issues faced today, such as: How does the current business & economic landscape change the IT related risk environment? What should the target areas and priorities of a successful security program be? How can IT governance initiatives facilitate business objectives, drive IT and business alignment and demonstrate the value of IT investments? What are the main risks and challenges in IT projects today? Earn a minimum of 6 CPEs and 6 PDUs KEYNOTES Are we receiving value from our investment in IT risk management? with John Mitchell, PhD, CEng, CITP, MBA, FBCS, CISA, CGEIT, CFIIA, QiCA, CFE, Managing Director, LHS Business Control, UK Dr. Mitchell is an international authority on corporate governance, risk management, cyber crime and the impact of regulatory and compliance issues on the delivery of IT services. He is a Fellow of both the Institute of Internal Auditors and the British Computer Society, where he is a member of its governing Council. He is also chair of the Audit Committee of ISACA s London Chapter and holds ISACA s prestigious John Kuyers award for best conference contributor. He has over 30 years practical governance experience and an international reputation for advising organizations on their governance strategies and associated methodologies. This is coupled with a strong academic background, which includes research, extensive publications and teaching at the post graduate level. John has been an expert adviser in a number of UK commercial and criminal cases and has been featured in a major British computing publication as the IT Detective. The 'R' in GRC Risk Management in Times of Crisis with Rolf von Roessing, CISA, CISM, CGEIT, CISSP, FBCI, President of Forfa AG Rolf is the president of Forfa AG, a Swiss consulting network, and a retired partner at KPMG Germany. Rolf has served as Head of IT for the EMEA region in a leading global security firm. He is a former member of the Board of Directors at the Business Continuity Institute (BCI). He joined ISACA s Security Management Committee in He chaired the working group for ITGI s IT Control Objectives for Basel II publication and is currently a member of ISACA s Framework Committee and Professional Influence and Advocacy Committee. He has published extensively on business continuity management, disaster recovery, crisis management and security matters. Most recently, he authored the Business Model for Information Security published by ISACA.
2 SPEAKING SLOTS Aligning Emergency and Crisis with Information Security, with Vasilis Katos, Assistant Professor of Information and Communications Systems Security, Democritus University of Thrace Project Management, Risk Management and IT, with Stavroula Minasidou, PMP, Senior Manager, IT Advisory, KPMG Advisors AE Global trends in Information Security, Risk Management and the Greek Perspective, with Gregorios Themistocleous, CISA, CRISC, ITIL, Senior Manager, Ernst & Young Advisory Services Human Firewalls: Making your people an effective line of defence, with Asterios Voulanas, CISA, CIA, CA, Partner, Technology Assurance, PwC Greece Dr. Rodica Tirtea, Technical Competence Department, European Network and Information Security Agency ENISA Topic: TBA Nasos Kladakis, Solutions Specialist, MCT CTT+, Microsoft Hellas Topic: TBA Stay in touch at and for updates on the conference program. INFORMATION Official language: English Venue: Hellenic American Union Conference Center (Massalias 22 Athens) Hours: 9:00 to 17:00 Registration fee: 50 for ISACA members 70 for non ISACA members 50 for more than 2 registration from the same company Fees are subject to 23% VAT You can register with the Hellenic American Union. For further information, please contact: Eleni Tsirigoti, PMP Vocational Training Section, Hellenic American Union Tel: , etsirigoti@hau.gr ISACA Athens Chapter education@isaca.gr
3 Find out more about our speakers and the program KEYNOTE PRESENTATIONS The 'R' in GRC Risk Management in Times of Crisis with Rolf von Roessing, CISA, CISM, CGEIT, CISSP, FBCI, President of Forfa AG Abstract: In the context of financial and economic crises, traditional risk management has shown some limitations. Much of today s risk landscape has reverted to categories of risk, and to threats, that are intrinsic to the use of critical information infrastructures. The presentation will highlight developments in European risk management as well as new (or old?) risks that must be addressed by senior management. BIO: Rolf is the president of Forfa AG, a Swiss consulting network, and a retired partner at KPMG Germany. Rolf has served as Head of IT for the EMEA region in a leading global security firm. He is a former member of the Board of Directors at the Business Continuity Institute (BCI). He joined ISACA s Security Management Committee in He chaired the working group for ITGI s IT Control Objectives for Basel II publication and is currently a member of ISACA s Framework Committee and Professional Influence and Advocacy Committee. He has published extensively on business continuity management, disaster recovery, crisis management and security matters. Most recently, he authored the Business Model for Information Security published by ISACA. Are we receiving value from our investment in IT risk management? with John Mitchell, PhD, CEng, CITP, MBA, FBCS, CISA, CGEIT, CFIIA, QiCA, CFE, Managing Director, LHS Business Control, UK Abstract: This presentation will discuss the value of IT risk management processes and policies when money is tight. In particular this presentation will answer a few critical questions about controls and risk management such as: Can we explain what a control is? Does it slow down our systems and what is really providing us with? How our controls work? The working of a control is a mystery to most people, including auditors, but if we don t know how they work how we can assess their effectiveness and whether they are worth the investment. Do our controls really manage our IT risks? Many risk registers indicate a move from inherent red risk to residual green risk as the result of controls being in place. However, is the red to green really justified? Is the control suitably designed and implemented to justify the move? Does it reduce likelihood, or consequence, because a single control cannot do both things? Can we measure our control effectiveness? Are we able to state that a control is good or bad and do we have monitors and early warning indicators in place to alert us of a potential failure? What is the impact of poor control in business terms? Because many IT controls are invisible, security staff find it difficult to describe the impact of a control failure in business terms. Audit reports should also alert business management to the consequences associated with the findings. Finally, when money is tight, any increment in security management should be justified in business terms, followed by a total cost benefit analysis. And how much should we spend on security during a financial crisis? This can only be answered by looking outside the security arena and considering all the investments on which the enterprise should spend its limited money. BIO: Dr. Mitchell is an international authority on corporate governance, risk management, cyber crime and the impact of regulatory and compliance issues on the delivery of IT services. He is a Fellow of both the Institute of Internal Auditors and the British Computer Society, where he is a member of its governing Council. He is also chair of the Audit Committee of ISACA s London Chapter and holds ISACA s prestigious John Kuyers award for best conference contributor. He has over 30 years practical governance experience and an international reputation for advising organisations on their governance strategies and associated methodologies. This is coupled with a strong academic background, which includes research, extensive publications and teaching at the post graduate level. John has been an expert adviser in a number of UK commercial and criminal cases and has been featured in a major British computing publication as the IT Detective.
4 SPEAKING SLOTS Aligning emergency and crisis with Information Security Vasilis Katos, Assistant Professor, Information and Communications Systems Security, Democritus University of Thrace Abstract: In this talk Dr. Katos will attempt to identify the challenges and ripples the late financial crisis may cause to the information security landscape. By highlighting the differences between being placed in a state of crisis rather in a state of emergency, we ought to challenge best practices, security trade offs and roles relating to, or adjunct to information security within an organization. We are experiencing a need for re organizing information security functions and reprioritizing requirements, as the ever increasing complexity of systems and, in many cases, critical infrastructures, is taking place in not so friendly socio economic environments. BIO: Vasilis Katos is Assistant Professor of Information and Communications Systems Security at Democritus University of Thrace. Prior to this post he was Principal Lecturer and course tutor for the MSc in Forensic IT at the University of Portsmouth in the UK. He is a certified Computer Hacking Forensic Investigator (CHFI). His research is in information security and privacy, computer forensics and incident response, with his work being funded by national and European bodies. He has over 50 publications in journals, book chapters and conference proceedings and serves as a referee on several reputable conferences and journals. In terms of research recognition, he has received keynote speech invitations for international conferences and his research has been addressed by reputable magazines such as the New Scientist. He is Academic Advocate ISACA and served as a member of the Institute of Information Security Professionals. In terms of industrial experience, he was security consultant for Cambridge Technology Partners (Novell, Inc) for two years and a defense expert for a criminal court in the UK. Project Management, Risk Management and IT Stavroula Minasidou, PMP, Senior Manager, IT Advisory, KPMG Advisors AE Abstract: It is a fact that all projects carry risk. Timely risk planning and mitigation means less demand on leadership s time to address fire. Regardless of conditions, improving an organization s performance in project risk management and incorporating this critical activity in a consistent, disciplined and integrated project management framework can increase the success and value of its initiatives. The presentation will give an overview of a successfully applied project management framework, focusing in project risk management activity in IT projects. BIO: Stavroula Minasidou is a Senior Manager in KPMG, responsible for the IT Project Management service line which includes Portfolio, Program and Project Management services and process framework design, as well as PMO set up, staffing and running. With over of 15 years of experience, she has implemented a wide range of projects in the area of project management, business processes reengineering and ERP systems implementation. She has also significant experience in training professionals, having designed and executed Project/ Program Management seminars for large companies of private sector. Global trends in Information Security Risk Management and the Greek perspective Gregorios Themistocleous, CISA, CRISC, ITIL, Senior Manager, Ernst & Young Advisory Services Abstract: An increasing number of businesses are moving into the virtual world. Physical boundaries are disappearing as more data is transmitted over the internet. Further, software is having more of an impact on business models as cloud computing, social networking and mobile devices become more prevalent. Based on thousands of interviews with C level executives and information security experts, and research amongst 1,700 participants in 52 countries, this year's survey found that although globally many information security budgets are increasing, there is a growing gap between current needs and what information security is achieving. There is still much more that can be done to protect information and manage information risk. Both globally and particularly in Greece we believe that it is time to get back to basics and define a clear information security strategy and improvement agenda to help information security out of the fog. BIO: Greg is a Senior Manager at Ernst & Young Advisory Services. He has been involved with information systems, internal audit, risk and control assessments services since In the course of his professional career he has served a number of clients in the manufacturing, petrochemicals, telecommunications, media, health, banking and insurance industry sectors.
5 Greg has gained extensive experience in IT audit and security, especially in the areas of internal & financial audit, SOX and Enterprise Resource Planning applications (ERP), namely SAP, through a number of engagements in different countries across South East Europe. Greg is Information Technology Infrastructure Library (ITIL Foundation v3) certified, a Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) and a member of the Information Systems Audit and Control Association (ISACA). He holds an M.Sc. in Analysis, Design and Management of Information Systems from the London Schools of Economics (UK) and a B.A. degree in Business Economics and Organizational Studies from the University of Reading (UK). Human Firewalls: Making your people an effective line of defense Αsterios Voulanas, CISA, CIA, CA, Partner, Technology Assurance, PwC Greece Abstract: Over the years, many organizations have heavily invested in technology solutions to protect information assets, yet financial losses due to cyber crime continue to grow despite major steps forward in technical defenses. More recently, public attention has been repeatedly drawn to the threats posed by mishandling of personal information by employees. Although technical defenses are vital, such point solutions can also create a false sense of security. We tend to forget that there is always a human element; negligence, ignorance, anger or even curiosity that can give rise to incidents. Accordingly, what is required is a new approach, in which an investment in understanding and influencing the behaviours of all those concerned is better balanced against the continued investment in technology solutions. BIO: Asterios Voulanas is PwC partner with 20 years of experience in the fields of technology governance, risk and compliance that helps clients gain value from their investments in IT and security. He is responsible for the IT Assurance, Technology Governance, Security and Forensics practice in Greece. Asterios has authored a number of articles on information security on behalf of the firm for local Greek IT publications and newspapers. Asterios has led and managed a large number of PwC Greece s IT governance, risk and security projects for a large portfolio of multinational and Greek clients. He has strong expertise in assessing and developing security and governance frameworks that address emerging and changing business and technology risks including those driven by industry or regulatory frameworks such as CoBiT, ISO27001, PCI DSS, Privacy, Telecommunication and Banking specific regulations. His experience spans various industries and client segments including financial services, telecommunications, manufacturing, retail, shipping and logistics. Asterios has a BA Latrobe University and Post Graduate Diploma Monash University Melbourne, Australia (Majors Legal Studies, Accounting & IT). He is a Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA) and Australian Chartered Accountant (CA) This is a preliminary list of speakers and presentations. Stay in touch at and for updates.
SECURING PAYMENTS IN THE CYBER WORLD
The Central Bank of Kuwait Presents An Information Security Forum on SECURING PAYMENTS IN THE CYBER WORLD 16th NOVEMBER 2014 JUMEIRAH MESSILAH BEACH HOTEL, KUWAIT WELCOME In the last few years, the usages
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationCareer Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88
Career Survey 1. In which country are you based? 88 answered question 88 skipped question 0 2. What is your job title? 88 answered question 88 skipped question 0 3. Travel budget not at all 21.0% 17 somewhat
More information"Integrating ITIL and COBIT 5 to Optimize IT Process and Service Delivery"
"Integrating ITIL and COBIT 5 to Optimize IT Process and Service Delivery" 6th itsmf South East Europe Conference Michalis Samiotakis, ISACA Athens Chapter Athens, Greece, April 19, 2013 2 Agenda Who we
More informationIT risk management discussion 2013 PIAA Leadership Camp May 15, 2013
IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013 Debbie Lew Agenda Review what is IT governance Review what is IT risk management A discussion of key IT risks to be aware of Page 2
More informationCybercrime & Cybersecurity: the Ongoing Battle International Hellenic University
Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Andreas Athanasoulias, CISM, CISSP Information Security Officer & Security Consultant Brief introduction My career path
More informationAuditors Need to Know June 13th, 2012. ISACA COBIT 5 for Assurance
COBIT 5 What s New, What Auditors Need to Know June 13th, 2012 Anthony Noble Viacom Inc. ISACA COBIT 5 for Assurance Task Force Chair Special thanks to Derek Oliver & ISACA for supplying material for this
More informationDatabase Security and Auditing
Database Security and Auditing COURSE DESCRIPTION: This seminar aims to provide the Database Administrators, System Administrators, Auditors and IT Security Officers an overview on how to secure and audit
More informationInformation Security Governance:
Information Security Governance: Designing and Implementing Security Effectively 2 nd Athens International Forum on Security 15 16 Jan 2009 Anestis Demopoulos, CISA, CISSP, CIA President of ISACA Athens
More informationThe enemies ashore Vulnerabilities & hackers: A relationship that works
The enemies ashore Vulnerabilities & hackers: A relationship that works Alexandros Charvalias, Manager CISSP, CISA, ACDA Assurance & Enterprise Risk Services Cyber security maturity model How effectively
More informationCitation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit 2020. Abstract from Nordic ISACA Conference 2014, Oslo, Norway.
Aalborg Universitet Vision for IT Audit 2020 Berthing, Hans Henrik Aabenhus Publication date: 2014 Document Version Early version, also known as pre-print Link to publication from Aalborg University Citation
More informationBig 4 Information Security Forum
San Francisco ISACA Chapter Proudly Presents: Big 4 Information Security Forum A Day-Long, Multi-Session Event, being held in San Francisco @ the Sir Francis Drake Hotel! *** PLEASE NOTE THIS EVENT WILL
More informationPlease feel free to call on our organizations if we can be of assistance in any way on further deliberations, task forces or committees.
17 May 2012 International Internal Audit Standards Board Via e-mail: Lily.Bi@theiia.org Re: Definition of Internal Auditing Ms. Lily Bi, CIA, CISA, CGEIT Director, Standards and Guidance The Institute
More informationG13 USE OF RISK ASSESSMENT IN AUDIT PLANNING
IS AUDITING GUIDELINE G13 USE OF RISK ASSESSMENT IN AUDIT PLANNING The specialised nature of information systems (IS) auditing and the skills necessary to perform such audits require standards that apply
More informationOver 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit.
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 BILL S BIO Over 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit. Vice President Controls
More informationOur Services. Unlocking IT Value - Transforming IT Enabled Investments into Business Value
Our Services Unlocking IT Value - Transforming IT Enabled Investments into Business Value Our core services IT Auditing IT Governance Consulting IT Projects Advisory Training Enterprise Risk Management
More informationCYBER LIABILITY RISKS SEMINAR Programme overview. THURSDAY 1 OCTOBER 2015 8.30am 1.00pm Green Park Conference Centre, Reading
CYBER LIABILITY RISKS SEMINAR Programme overview THURSDAY 1 OCTOBER 2015 8.30am 1.00pm Green Park Conference Centre, Reading JLT Specialty (JLT) would like to invite you to a highly informative technical
More informationAchieving Governance, Risk and Compliance Requirements with HISP Certification Course
Achieving Governance, Risk and Compliance Requirements with HISP Certification Course in corporation with A unique information security and regulatory compliance certification course that provides IT security
More informationSecurity Risk Management Strategy in a Mobile and Consumerised World
Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key
More informationISACA Tools Help Develop Cybersecurity Expertise
Volume 21, 8 October 2014 ISACA Tools Help Develop Cybersecurity Expertise Nominate Qualified Candidates for the ISACA Board of Directors Tips for Solving Data Classification Challenges Earn CPE at Professional
More informationHans Henrik Berthing, CPA, CISA, CGEIT, CRISC, CIA
Hans Henrik Berthing, CPA, CISA, CGEIT, CRISC, CIA HANS HENRIK BERTHING Married with Louise and dad for Dagmar and Johannes CPA, CRISC, CGEIT, CISA and CIA ISO 9000 Lead Auditor Partner and owner for Verifica
More informationAll about CPEs. David Gittens CISA CISM CISSP CRISC HISP
All about CPEs David Gittens CISA CISM CISSP CRISC HISP The Designer David Gittens ISSA Barbados Past President Certified in ethical hacking and computer forensics Certified in security management and
More informationTable of Contents EXECUTIVE SUMMARY ACKNOWLEDGEMENT AND DISCLAIMERS ENGAGEMENT SCOPE AND OBJECTIVES EXECUTIVE SUMMARY OF ASSESSMENT RESULTS
Table of Contents EXECUTIVE SUMMARY ACKNOWLEDGEMENT AND DISCLAIMERS ENGAGEMENT SCOPE AND OBJECTIVES EXECUTIVE SUMMARY OF ASSESSMENT RESULTS Jefferson Wells has prepared this report for Corporate Creations.
More informationCybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015
Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key
More informationProfil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.
Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.com DA! (by Global knowledge & TechRepublic) Top certifications by salary:
More informationSERVICES OVERVIEW. Integrating Risk, Technology, People and Process for a sustainable Future CONTACT US. About Us. Our Business Philosophy
About Us Vestinex Pty Ltd is a boutique professional business services provider based in Sydney, Australia. We offer a range of services across two broad categories of Ethics and Investigations and Information
More informationNorth Texas ISSA CISO Roundtable
North Texas ISSA CISO Roundtable Roundtable Topic Threat Against Our Well Being The Most Effective Methods in Combating and Responding to the Cyber Attack Event Sponsor Moderator and Panelists David Stanton
More informationIntroduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors
Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors Importance of Effective Internal Controls and COSO COSO
More informationTerms of Reference for an IT Audit of
National Maritime Safety Authority (NMSA) TASK DESCRIPTION PROJECT/TASK TITLE: EXECUTING AGENT: IMPLEMENTING AGENT: PROJECT SPONSOR: PROJECT LOCATION: To engage a professional and qualified IT Auditor
More informationVal-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning
Val-EdTM Valiant Technologies Education & Training Services 2-day Workshop on Business Continuity & Disaster Recovery Planning All Trademarks and Copyrights recognized Page 1 of 8 Welcome to Valiant Technologies.
More informationAssessing & Managing IT Risks: Using ISACA's CobiT & Risk IT Frameworks
Assessing & Managing IT Risks: Using ISACA's CobiT & Risk IT Frameworks 2ο InfoCom Security Conference Anestis Demopoulos, Vice President ISACA Athens Chapter, & Senior Manager, Advisory Services, Ernst
More informationEnsight Management Consulting Company presentation
Ensight Management Consulting Company presentation. 2 Agenda About us Business philosophy Ensight values Our business transformation capabilities Our business transformation solutions Our team Certifications
More informationCASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link
CASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link Peter Milla CASRO Technical Consultant/CIRQ Technical Advisor peter@petermilla.com Background CASRO and Standards CASRO takes
More informationAalborg Universitet. Cyber Assurance - what should the IT auditor focus on? Berthing, Hans Henrik Aabenhus. Publication date: 2014
Aalborg Universitet Cyber Assurance - what should the IT auditor focus on? Berthing, Hans Henrik Aabenhus Publication date: 2014 Document Version Early version, also known as pre-print Link to publication
More informationStrategic IT audit. Develop an IT Strategic IT Assurance Plan
Strategic IT audit Develop an IT Strategic IT Assurance Plan Speaker Biography Hans Henrik Berthing is Partner at Verifica and Senior Advisor & Associated Professor at Aalborg University. He is specialized
More informationMSc Cyber Security UKPASS P052286. Course 1 Year Full-Time, 2-3 Years Part-Time
MSc Cyber Security International Students Can Apply UKPASS P052286 Code: Course 1 Year Full-Time, 2-3 Years Part-Time Length: Start Dates: September 2015, January 2016, September 2016, January 2017 Department:Department
More informationKey Considerations of Regulatory Compliance in the Public Cloud
Key Considerations of Regulatory Compliance in the Public Cloud W. Noel Haskins-Hafer CRMA, CISA, CISM, CFE, CGEIT, CRISC 10 April, 2013 w_haskins-hafer@intuit.com Disclaimer Unless otherwise specified,
More informationHOW SECURE IS YOUR PAYMENT CARD DATA?
HOW SECURE IS YOUR PAYMENT CARD DATA? October 27, 2011 MOSS ADAMS LLP 1 TODAY S PRESENTERS Francis Tam, CPA, CISA, CISM, CITP, CRISC, PCI QSA Managing Director PCI Practice Leader Kevin Villanueva,, CISSP,
More informationKEY TRENDS AND DRIVERS OF SECURITY
CYBERSECURITY: ISSUES AND ISACA S RESPONSE Speaker: Renato Burazer, CISA,CISM,CRISC,CGEIT,CISSP KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures
More informationA New Security Publication About Risk and Security for Business Leaders. Sponsorship & Advertising Media Pack
A New Security Publication About Risk and Security for Business Leaders Sponsorship & Advertising Media Pack Introduction from the Team All organisations need to manage and protect their information effectively,
More informationMETANET and Interoute Zurich Data Centre Corporate Security & Risk Group Version 1.0 ; 4 April
Data Centre Quality and Security Enterprise Security Management METANET and Interoute Zurich Data Centre Corporate Security & Risk Group Version 1.0 ; 4 April Corporate Security & Risk Group (CSRG) Interoute
More informationSecure in the knowledge
Secure in the knowledge Who should attend? Information Security Challenges & Solutions An MIAA Event The Horseshoe Suite, Haydock Park Racecourse 9 th December 2011 As we become ever more reliant on information
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationAUDIT LOGGING/LOG MANAGEMENT
1 AUDIT LOGGING/LOG MANAGEMENT KATHLEEN A MULLIN, MBA, CIA, CISA, CISSP, ISA, CISM, CRISC, CGEIT DIRECTOR OF IT SECURITY/CISO HEALTHPLAN SERVICES (HPS) AHIA 31 st Annual Conference August 26-29, 2012 Philadelphia
More informationBig Data: Impact, Benefits, Risk and Governance
Big Data: Impact, Benefits, Risk and Governance Urs Fischer, CPA (Swiss), CRISC, CISA, CIA Fischer IT GRC Consulting & Training Urs Fischer Agenda 1. Introduction 2. Impact on the Enterprise 3. Business
More informationExperienced professionals may apply for the Certified Risk Management Professional (CRMP) certification under the grandfathering provision.
Application for CRMP Certification (part 1) GRCSI is now offering the Certified Risk Management Professional (CRMP) certification to support and recognize professionals who have skills and experience in
More informationRe: Experience with the Framework for Improving Critical Infrastructure Cybersecurity ( Framework )
10 October 2014 Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 Re: Experience with the Framework for Improving Critical Infrastructure
More informationHOSTING. Managed Security Solutions. Managed Security. ECSC Solutions
Managed Security Managed Security MANAGED SECURITY SOLUTIONS I would highly recommend for your company s network review... were by far the best company IT Manager, Credit Management Agency Presenting IT
More informationOffice Hours: By Appointment COURSE DESCRIPTION AND LEARNING GOALS
NYU Stern School of Business Summer 2012 ACCT- GB.6215 - IT Auditing Professor: Joel Lanz Tel: 516-933-3662 Office Hours: By Appointment email: TBD Course Website: Blackboard COURSE DESCRIPTION AND LEARNING
More informationMANAGEMENT DEVELOPMENT COURSES
(FULL VIEW) MANAGEMENT DEVELOPMENT COURSES MANAGEMENT DEVELOPMENT COURSES LEADERSHIP DEVELOPMENT Developing Leadership Competencies 4 4 days 230,000 1-4 13-16 26-29 6-9 Critical Thinking: Tools for Problem
More informationG11 EFFECT OF PERVASIVE IS CONTROLS
IS AUDITING GUIDELINE G11 EFFECT OF PERVASIVE IS CONTROLS The specialised nature of information systems (IS) auditing and the skills necessary to perform such audits require standards that apply specifically
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationAuditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement
Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Copyright Elevate Consult LLC. All Rights Reserved 1 Presenter Ray Guzman MBA, CISSP, CGEIT, CRISC, CISA Over 25
More informationRisky Business. Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015
Risky Business Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015 What We ll Cover About Me Background The threat Risks to your organization What your organization can/should
More informationPROVING YOUR GRC KNOWLEDGE WITH CERTIFICATIONS
PROVING YOUR GRC KNOWLEDGE WITH CERTIFICATIONS PRESENTER: JASON MEFFORD, MEFFORD ASSOCIATES October 9, 2014 OCEG WEBINAR SERIES Housekeeping Download slides at http://www.oceg.org/event/ proving-your-grc-knowledge-with-certifications/
More informationHow To Be A Successful Business Leader
ROGER W. BRUIST Professional Profile Experience Brought numerous Boston area small and medium businesses and non-profits into compliance and security alignment Achieved positive results for small and medium
More informationCyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13
Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationDeveloping National Frameworks & Engaging the Private Sector
www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012
More informationHOW TO ADDRESS THE CURRENT IT SECURITY SKILLS SHORTAGE
HOW TO ADDRESS THE CURRENT IT SECURITY SKILLS SHORTAGE ISACA S CYBER SECURITY NEXUS Ivan Sanchez-Lopez Senior Manager Information Security, IT Risk & Continuity, DHL Global Forwarding ISACA Luxembourg
More informationSmart Security. Smart Compliance.
Smart Security. Smart Compliance. SRM are dedicated to helping our clients stay safe in the information environment. With a wide range of knowledge and practical experience, our consultants are ready to
More informationIS Audit and Assurance Guideline 2202 Risk Assessment in Planning
IS Audit and Assurance Guideline 2202 Risk Assessment in Planning The specialised nature of information systems (IS) audit and assurance and the skills necessary to perform such engagements require standards
More informationINTELLIGENCE. RISK MITIGATION. RESPONSE. CONSULTANCY.
INTELLIGENCE. RISK MITIGATION. RESPONSE. CONSULTANCY. 23 Grafton Street London W1S 4EY UK Main Tel: +44 (0) 207 887 2699 ABOUT PGI PGI is a privately owned UK business offering integrated, intelligence-led
More informationPCI DSS READINESS AND RESPONSE
PCI DSS READINESS AND RESPONSE EMC Consulting Services offers a lifecycle approach to holistic, proactive PCI program management ESSENTIALS Partner with EMC Consulting for your PCI program management and
More informationIntroduction to ISACA and ITGI By Georges Ataya, International Vice President, ISACA
Quality and security in application development Round Table Meeting/Discussion Group Wednesday 23rd May 2007 Introduction to ISACA and ITGI By Georges Ataya, International Vice President, ISACA 1 The International
More informationDIGITAL FORENSICS AND CYBER INCIDENT RESPONSE SERVICES
G Cloud IV Framework Lot 4 DIGITAL FORENSICS AND CYBER INCIDENT RESPONSE SERVICES Service Description - ANSEC IA Limited CONTENTS 1 Company Profile. 2 The ANSEC Effect 3 Qualifications 4 Service Description..
More informationCyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013
Cyber Security and Information Assurance Controls Prevention and Reaction 1 About Enterprise Risk Management Capabilities Cyber Security Risk Management Information Assurance Strategic Governance Regulatory
More informationIS Audit and Assurance Guideline 2402 Follow-up Activities
IS Audit and Assurance Guideline 2402 Activities The specialised nature of information systems (IS) audit and assurance and the skills necessary to perform such engagements require standards that apply
More informationRISK ADVISORY SERVICES CONSTRUCTION AUDIT SERVICES
RISK ADVISORY SERVICES CONSTRUCTION AUDIT SERVICES AS ECONOMIC AND FINANCIAL CHALLENGES WEIGH ON, ORGANIZATIONS FIND IT INCREASINGLY DIFFICULT TO LOCATE ENOUGH MONETARY SUPPORT TO HELP FACILITATE THE CONSTRUCTION
More informationISACA Privacy Principles and Program Management Guide Preview Yves LE ROUX Principal consultant Yves.leroux@ca.com
ISACA Privacy Principles and Program Management Guide Preview Yves LE ROUX Principal consultant Yves.leroux@ca.com 1 2014 CA. ALL RIGHTS RESERVED. ISACA 2 2014 CA. ALL RIGHTS RESERVED. Privacy Guidance
More informationCyber Security - What Would a Breach Really Mean for your Business?
Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber
More informationA NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
More informationKevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor
IT Audit/Security Certifications Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor Certs Anyone? There are many certifications out there
More informationCybersecurity Audit Why are we still Vulnerable? November 30, 2015
Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event
More informationCYBERSECURITY: ISSUES AND ISACA S RESPONSE
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures Mobile devices Social media Cloud services
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationExecutive Cyber Security Training. One Day Training Course
Executive Cyber Security Training One Day Training Course INTRODUCING EXECUTIVE CYBER SECURITY TRAINING So what is all this we hear in the media about cyber threats? How can an organization understand
More informationCCSK Prep Course 2015
CCSK Prep Course 2015 25 May 2015 Early registration 27 April 2015 Final registration 11 May 2015 Offered by ISACA Athens Chapter has been awarded four times as Best Large Chapter in Europe/Africa (2009,
More informationHP Cyber Security Control Cyber Insight & Defence
HP Cyber Security Control Cyber Insight & Defence Security awareness at board level Security leadership is under immense pressure Cyber threat Extended supply chain Financial loss Reputation damage Cost
More informationSECURITY CONSIDERATIONS FOR LAW FIRMS
SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,
More informationExecutive Management of Information Security
WHITE PAPER Executive Management of Information Security _experience the commitment Entire contents 2004, 2010 by CGI Group Inc. All rights reserved. Reproduction of this publication in any form without
More informationPCI Policy Compliance Using Information Security Policies Made Easy. PCI Policy Compliance Information Shield Page 1
PCI Policy Compliance Using Information Security Policies Made Easy PCI Policy Compliance Information Shield Page 1 PCI Policy Compliance Using Information Security Policies Made Easy By David J Lineman
More informationIT consulting Advice into action
www.pwc.lu/it-consulting IT consulting Advice into action Using technology to bring value to your business BEST ICT STRATEGY COMPANY LUXEMBOURG ICT AWARDS 2010 Our services PwC helps private and public
More informationGovernance Custodian to changing business trends and IT landscape
Governance Custodian to changing business trends and IT landscape SURESH GP Trend on Governance Companies with effective IT Governance have profits that are 20 % higher than other companies pursuing similar
More informationWelcome to Modulo Risk Manager Next Generation. Solutions for GRC
Welcome to Modulo Risk Manager Next Generation Solutions for GRC THE COMPLETE SOLUTION FOR GRC MANAGEMENT GRC MANAGEMENT AUTOMATION EASILY IDENTIFY AND ADDRESS RISK AND COMPLIANCE GAPS INTEGRATED GRC SOLUTIONS
More informationIBM Hosted Application Scanning
IBM Hosted Application Scanning Service Definition IBM Hosted Application Scanning 1 1. Summary 1.1 Service Description IBM Hosted Application Security Services Production Application Scanning Service
More informationAalborg Universitet. Cloud Governance Berthing, Hans Henrik Aabenhus. Publication date: 2013. Document Version Preprint (usually an early version)
Aalborg Universitet Cloud Governance Berthing, Hans Henrik Aabenhus Publication date: 2013 Document Version Preprint (usually an early version) Link to publication from Aalborg University Citation for
More informationCompliance, Security and Risk Management Relationship Advice. Andrew Hicks, Director Coalfire
Compliance, Security and Risk Management Relationship Advice Andrew Hicks, Director Coalfire Housekeeping You may submit questions throughout the webinar using the question area in the control panel on
More informationCyber/ Network Security. FINEX Global
Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over
More informationBenchmark of controls over IT activities. 2011 Report. ABC Ltd
www.pwc.com/cy Benchmark of controls over IT activities 2011 Report ABC Ltd... 2012 Scope and approach We wish to provide you with our IT Benchmarking report over IT activities at ABC Ltd (the Company)
More informationBusiness Continuity Management Emerging Trends
Business Continuity Management Emerging Trends Presentation Title Goes Here Samir Shah CA, CISA, DISA, CIA, CISSP, CFE, ISO 22301 LI Associate Director Axis Risk Consulting March 2013 Outline 2 1. Business
More informationSTREAM Cyber Security
STREAM Cyber Security Management Software Governance, Risk Management & Compliance (GRC) Security Operations, Analytics & Reporting (SOAR) Fast, flexible, scalable, easy to use and affordable software
More informationBusiness Continuity for the New Professional. Britt Corra Enterprise BCM Erika Voss Senior BCM
Business Continuity for the New Professional Britt Corra Enterprise BCM Erika Voss Senior BCM New to Business Continuity? Agenda & Experience 3-5 years experience? Seasoned veteran? What is BCM Tool Kit?
More informationMASTERS IN BUSINESS ADMINISTRATION MBA PLUS
MASTERS IN BUSINESS ADMINISTRATION MBA PLUS INTRODUCING THE NORTHAMPTON BUSINESS SCHOOL MBA PLUS The Northampton Business School MBA Plus is an internationally recognised postgraduate qualification in
More informationRisk & Control Considerations for Outsourced IT Operations
Risk & Control Considerations for Outsourced IT Operations Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. Core Competencies C32 CRISC CGEIT CISM CISA Introductions & Poll Organization has outsourced
More informationIT Vendor Due Diligence. Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014
IT Vendor Due Diligence Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014 Carolinas HealthCare System (CHS) Second largest not-for-profit healthcare system
More informationIT Service Management ITIL, COBIT
IT Service Management ITIL, COBIT Bülent Ekuklu Business Development Executive IBM Global Services Global Conditions are Changing 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% Agriculture Manufacturing Service
More informationMoving Forward with IT Governance and COBIT
Moving Forward with IT Governance and COBIT Los Angeles ISACA COBIT User Group Tuesday 27, March 2007 IT GRC Questions from the CIO Today s discussion focuses on the typical challenges facing the CIO around
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationVal-EdTM. Valiant Technologies Education & Training Services. Workshop on Change Management. All Trademarks and Copyrights recognized.
Val-EdTM Valiant Technologies Education & Training Services Workshop on Change Management All Trademarks and Copyrights recognized Page 1 of 8 Welcome to Valiant Technologies. We are a specialty consulting
More information