Proposed ISACA Board for 2012/2013



Similar documents
Athens, 2 December 2011 Hellenic American Union Conference Center

Experienced professionals may apply for the Certified Risk Management Professional (CRMP) certification under the grandfathering provision.

RISK ADVISORY SERVICES CONSTRUCTION AUDIT SERVICES

13 th Annual General Meeting

Big 4 Information Security Forum

Table of Contents EXECUTIVE SUMMARY ACKNOWLEDGEMENT AND DISCLAIMERS ENGAGEMENT SCOPE AND OBJECTIVES EXECUTIVE SUMMARY OF ASSESSMENT RESULTS

Executive Biographies

North Texas ISSA CISO Roundtable

ERIC M. WRIGHT, cpa, citp

SOX COMPLIANCE BOOT CAMP SOX 404 & NI September 11, 12, 13, 2015 Leading to Sox Compliance Certification (SCC)

SSAE 16 for Transportation & Logistics Companies. Chris Kradjan Kim Koch

So Why on Earth Would You WANT To be a CISO?

Security Transcends Technology

Database Security and Auditing

IT Privacy Certification

Infrastructure Engineer

Board of Governors Profiles

A Contrarian Risk Management Perspective. Nicole Keaton SVP Identity & Access Management CGEIT CISA CISM

CLASSIFICATION SPECIFICATION FORM

SECURITY AND EXTERNAL SERVICE PROVIDERS

REGIONAL SPOKESPERSON BIOGRAPHIES

LAnet. How Your Enterprise Can Benefit from Our IT Managed Services LA Networks: Managed Services

EVOLUTION OF THE CISO

Over 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit.

Hong Kong Computer Society Cloud Computing Special Interest Group Executive Cloud Forum 2015

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP

Risk & Control Considerations for Outsourced IT Operations

YOUR DREAMS. OUR PRIORITY. MORTGAGE BROKER SOLUTIONS

Rosemary M. Amato, CISA Deloitte Accountants B.V.

The Elephant in the Room: What s the Buzz Around Cloud Computing?

{Are you protected?} Overview of Cybersecurity Services

University of Ottawa TELFER SCHOOL OF MANAGEMENT. The Telfer BCom. Not just business as usual

Compiled by; Mark E.S. Bernard, ISO Lead Auditor, CISSP, CISM, SABSA-F2, CISA, CRISC, CGEIT

on their successful writing of the UFE this fall! Angela Prokop Celestino P. Oh would like to congratulate:

School of Management (University Degree Programmes)

Strategy, COBIT and Vision: HOW DO THEY RELATE? Ken Vander Wal, CISA, CPA, Past President, ISACA

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Microsoft Cloud Summit Atlantic Canada Roadshow TO THE CLOUD AND BEYOND

Opportunity Profile. Vice President, Information Technology

Key Considerations of Regulatory Compliance in the Public Cloud

AUDIT LOGGING/LOG MANAGEMENT

Deloitte 2010 lease administration benchmarking survey

ISACA Tools Help Develop Cybersecurity Expertise

Why CISM? Who Earns CISM Certification? CISA, CISM and CGEIT Program Accreditation Renewed Under ISO/IEC 17024:2003

Prosperous Companies and Communities:

ISACA Singapore Chapter

School of Management (University Degree Programmes)

SOC on Amazon Web Services (AWS) What You Need To Know Understanding the regulatory roadmap for SOC on AWS

CFPB Readiness Series: Compliant Vendor Management Overview

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza

S T A F F I N G P R O D U C T E V A L U A T I O N & D E V E L O P M E N T

CYBERSECURITY NEXUS ROBERT E STROUD INTERNATIONAL PRESIDENT, ISACA RAMSÉS GALLEGO INTERNATIONAL VICE PRESIDENT, ISACA

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

ACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances

Newsletter. Membership Survey Announcement

Table of Contents. Auditor's Guide to Information Systems Auditing Richard E. Cascarino Copyright 2007, John Wiley & Sons, Inc.

HASKAYNE SCHOOL OF BUSINESS. Bachelor of Commerce

JOINT EVENT WITH IIBA-LA. Trends & Best Practices in. Cybersecurity for networks, cloud computing and mobile

Financial Analyst. Financial Analyst

Advanced IT Audit Training

Whitepaper: 7 Steps to Developing a Cloud Security Plan

The Basics of Internal Auditing Tallahassee Chapter The Institute of Internal Auditors

Info-Tech Research Group. Media Kit

FEBRUARY Knowledge. Insight. Commitment.

KEY TRENDS AND DRIVERS OF SECURITY

Executive Management. Nicholas Hales, Chief Executive Officer

Strategic IT audit. Develop an IT Strategic IT Assurance Plan

A Flexible and Comprehensive Approach to a Cloud Compliance Program

JUSTICE INSTITUTE OF BRITISH COLUMBIA

Amit Garg BERKELEY RESEARCH GROUP, LLC 1800 M Street, N.W. 2 nd Floor Washington, D.C Direct: agarg@thinkbrg.

Public Sector Pension Investment Board

CYBERSECURITY: ISSUES AND ISACA S RESPONSE

Careers in Accounting

Connecting PTE to Careers in Idaho

ACTUARY OF THE FUTURE

Service Organization Controls. Managing Risks by Obtaining a Service Auditor s Report

IFIAR 2015 Member Profile - PCAOB

ISACA Privacy Principles and Program Management Guide Preview Yves LE ROUX Principal consultant

AUD105-2nd Edition. Auditor s Guide to IT - 20 hours. Objectives

Chartered Professional Accountant (CPA): Alternative Careers. A guide for newcomers to British Columbia

ISACA ON-SITE TRAINING DELIVERS EXPERT INSTRUCTION AT YOUR WORKPLACE

Transcription:

Proposed ISACA Board for 2012/2013 Name Proposed Position Previous ISACA Position Company Executive Edwin Yau President Vice President Deloitte Michael Leung Immediate Past President President Coast Capital Savings Farzin Ismail Vice President Secretary Deloitte Chester Tai Treasurer Treasurer TBD Secretary Board Members Kevin Teo TBD Programs Director Ernst & Young Karen Kwok TBD Director at Large Telus Kin Kwan TBD Membership Coast Capital Savings Edward Pereira TBD Certification & Professional Relations Director Lululemon Athletica Inc. Imad Jebara TBD Marketing Director KPMG Gaith Sarhan TBD Academic Relations Director Deloitte Mahmood Rashid TBD Director at Large Telus Wyn Wang TBD Grant Thornton Rob Behrouzian TBD PHSA Elson Kung TBD HSBC Emily Chee TBD KPMG 1

Bio s of Proposed Board Members Edwin Yau, CA, CISA, CIA, PMP Edwin Yau is a Manager in our Enterprise Risk Services practice in Vancouver. He has over six years of experience at Deloitte providing risk advisory and assurance services to clients across a range of industries, including public sector, health care, financial services, telecommunications, and consumer business. His areas of focus include information systems audit, third-party reporting, internal audit, financial statement audit and business process consulting. During his career with Deloitte, Edwin has been seconded on a four month term to South Australia primarily serving public sector clients in the region. During the 2011/12 term, Edwin served on the ISACA Vancouver Chapter board as Vice President. In past years, he has also served on the Vancouver board in the roles of Treasurer and Secretary. Edwin is a Certified Information Systems Auditor (CISA) and has been a member of the ISACA Vancouver Chapter since 2005. Michael Leung, CRISC, CGEIT, CISM, CISA, CISSP-ISSMP Michael Leung is an information security risk, governance, and management professional with over 20 years of overall IT experience. He has a diverse background and experience in enterprise level information security, operational risk, enterprise architecture, IT services, systems development life cycle, e-commerce, core business systems, and traditional engineering discipline. Background and experience also include managing, developing and implementing information security programs and strategies; security threat and risk assessments, security assurance services, and security incident management. Michael currently leads the information security function at Coast Capital Savings, Canada s second largest credit union with total assets under administration of $13.5 billion, more than 475,000 members and 51 branches in the Metro Vancouver, Fraser Valley, and Vancouver Island regions of British Columbia. He has received industry certifications such as; CRISC, CGEIT, CISM, CISA, CISSP -ISSMP and actively participates in the local information security, IT governance and risk community. Michael has served on the ISACA Vancouver Chapter board for 6 years in various roles and completed the 2011-2012 term as President. He is also a Governing Body Co-Chair for the inaugural Vancouver CISO Executive Summit, responsible for the strategic direction of this year s summit. Chester Tai Chester has been serving the ISACA Vancouver board as the treasurer since 2011. Chester obtained his undergraduate degree in accounting from the University of Ottawa in 2010 and passed the CISA exam in the same year. He is now working as a junior accountant focusing on accounting and internal process improvement. Though not currently working in the field of IT audit, Chester has strong interest in various IT areas such as network security, cloud computing, and ERP systems, and is aiming to pursue a career as a CISA in the near future. 2

Farzin Ismail, B.Com., CIA, CISA Profile Farzin Ismail leads Deloitte s Data Risk practice for Western Canada. She has over 13 years of experience in delivering business and information technology (IT) risk management services to large, global public companies in Canada and the US. The majority of her time has been spent on leading the design, implementation and review of risk and control frameworks of a number of large-scale business and IT transformation programs in complex, highgrowth companies. Her more recent focus has been in assisting organizations to improve the reliability and performance of their data through the development and implementation of data governance and stewardship programs. She has worked in various industries including public sector, technology, consumer business and financial services. Farzin holds a Bachelor of Commerce and is both a Certified Internal Auditor (CIA) and Certified Information Systems Auditor (CISA). Kevin Teo Profile A Senior Consultant in the Advisory Services practice of Ernst & Young LLP, Kevin is focused on providing professional services pertaining to baseline security testing and advisory, IT General Control and Application Control reviews for various SOX, financial audit and SAS70 (SSAE16) / S5970 (CSAE 3416) engagements. His representative engagement experience includes, but is not limited to data analytics through the use of ACL and SAS, e-voting system reviews, security restructuring and remediation and the auditing of SAP, Oracle, AS400, SQL Server, Windows, as well as RACF, ACF-2 and Top Secret Mainframes. Kevin brings a diverse array of IT auditing and consulting experience from his work in Chicago, New York and Vancouver and also has a year of academic teaching experience as the Accounting Information Systems teaching assistant at the University of Wisconsin-Madison, teaching subjects covering database design, process flow-charting, the systems development lifecycle, as well as IT General Controls. Prior to relocating to North America, Kevin was a competitive swimmer who represented his native country (Singapore) at various international events such as the Asian, ASEAN and Asia-Pacific games, winning medals at many of these events. In his spare-time, he still enjoys an invigorating game of water-polo in the summer and snowboarding in the winter. Kevin has also served two and a half years in the Singapore Army and was trained at the School of Infantry Specialists as a Combat Engineer. He has earned Formation Colors Awards for his service and commitment to his unit and country. Having served on the ISACA board as Programs Director for the past year, Kevin is excited to continue in his role in making insightful sessions available for chapter members as well as to help the chapter maintain compliance with National requirements. Karen Kwok, CISA, CRISC Karen is an Internal Auditor at TELUS Communications Inc. She has over 8 years of IT advisory and assurance experience performing IT audit, Internal Audit and Regulatory Compliance and Financial Operations Improvement. Her experience includes IT and business process and controls assessment, risk rationalization, information security assessments, project risk management and fraud investigations. She has a throughout knowledge of IT auditing principles and general IT controls and frameworks. Karen also has a strong understanding of ERP applications within the scopes of audit support, conversion review, and business process review. Karen was a member of the ISACA Board for the Vancouver Chapter in 2009-2010 and 2011-2012. 3

Kin Kwan, CISA, CISSP, GCIH, GPEN Kin has over 12 years of IT experience in various roles including Windows and Unix administration, Database administration and IT security and governance. He currently work as a Senior Technical Advisor, Information Security at Coast Capital Savings. Before joining Coast Capital Savings, he worked at ICBC leading the PCI compliance initiative and revamping their security policies and standards. Kin also held a position as the head of IT security and risk management for a private company located in Gastown and held systems administration and corporate security roles for a large online gambling company for several years. Throughout his IT career, Kin has obtained various vendor certifications: VMware (VCP), Sun Micro Systems (SCSA) and Microsoft (MCSE). Kin also has IT security certifications including CISSP, CISA, GCIH and GPEN and is currently working toward SABSA. He likes to keep up to date on the latest news and trends by attending security conferences such as Defcon in Las Vegas and West Coast Security Forum in Vancouver. Outside of work, Kin enjoys travelling, especially going on road trips with his family and friends. He also enjoys playing and watching hockey but spends most of his time with his two young sons and a very active golden retriever name 'Kowa'. Kin also volunteers at various local charity events such as Variety Club Charity for Kids. Edward Pereira, B.Com., CISA, CISM, CRISC Edward Pereira began his career after obtaining a Bachelor of Commerce at UBC in Finance and Transportation. Ed built on this initial educational cornerstone during a 10-year management career in the airline business by obtaining his CGA. A 3-year term as Divisional Controller of the Flight Operations division and responsible for managing $450 million, capped off his airline career. During this time, Ed recalls designing an industry-first application for examining air navigation invoices electronically, and was also fortunate to be part of the industry s largest back office systems transformation project where 300 unique systems were migrated concurrently. Ed then combined his interests in IT with his financial background and founded MeetUP.com, serving the meetings and conventions industry with one of the very first web-based hotel block management engines. This led to the sale of his company and a brief relocation to southern California to integrate the product within a suite of related tools for the meeting event planner. Upon his return to Canada, Ed worked for TAP Solutions as an IT strategy consultant with clients in both the private and public sector and obtained his PMP during this time. Eventually, Ed landed in the industry where yet another passion lay skiing! Ed was a founding member of Intrawest s Internal Audit where he obtained his CISA, and accrued significant SOX experience on three continents. Ed has since become the Director of IT Security & Audit with Intrawest establishing both the function, as well as other IT general controls. While obtaining his CISM, Ed also developed the PCI Compliance project for Intrawest, initiated an IT audit function, and ushered in a whole new set of IT security technology and process. Ed currently works for Lululemon Athletica. Outside of his work career, Ed s staying involved in one of his other lifelong passions by coaching both of his kids soccer teams. 4

Imad Jebara, CA, CPA (California), MBA, CISA, CRISC Imad is a Manager in KPMG s Risk and Compliance Advisory services practice in Vancouver. He has over ten years of experience, with over five year of public practice experience, including experience applying risk management frameworks and techniques; identifying and evaluating operational, financial and compliance risks and controls; documenting and analyzing business environments and processes; service organization audits (SAS 70, CICA s5970, SSAE 16, CSAE 3416 & ISAE 3402) and analyzing financial and operational information. He has served as the Marketing Director in the ISACA board for the fiscal year 2011/2012. He holds the following designations Chartered Accountant (CA) Masters of Business Administration with emphasis on Finance (MBA) Masters in Management Information Systems (MMIS) Bachelor of Arts in Accounting with a minor in Business Administration Institute of Management Accountants, Certified Financial Manager (CFM) and Certified Management Accountant (CMA) Certified Public Accountant (CPA) California Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Security + Professional Network+ Professional Gaith Sarhan, MPAcc Gaith is a Senior Consultant in the Enterprise Risk Services (ERS) group in the Vancouver office of Deloitte & Touche. He has two years experience in Information Technology Audit and Business Process Reviews. Gaith focuses on assisting clients with the preparation of third party assurance reports including CSAE 3416, and SOC1 related reports. His industry focus includes clients in IT outsourcing, core banking system providers, and financial services. He has had extensive experience in assessing and improving clients third party reports. Gaith will become a Certified Information System Auditor and a Chartered Accountant in September. Mahmood Rashid, CISA, CISSP, CRISC As per the communiqué from the ISACA Vancouver Chapter regarding the call for Volunteers for the Board 2012/2013 Term, I would like to continue serving on the board in my current position. I have been working at different capacities in the Information Technology field for over twenty years, of which as an IT Architect for the past five years. In addition to promoting accountably and transparency within the positions where I have worked, I have also been involved with volunteering with various charitable institutions since my teenage years and recently as the Secretary of a local Society over the past two years and as a Director of a local Charitable organization since April of 2011. I believe that my past experiences and passion to give back to the organizations I am a part of will enable me to serve the members of the local Chapter of ISACA in Vancouver. 5

New Proposed Board Members Wyn Wang CIA, CISA, CPA(NH) Manager Having been a CISA and member of ISACA since 2008, I would like to become a member of the chapter board to serve our local professionals and help future professionals by volunteering my time and experiences with peers from the industry. Wyn is a manager in the Specialist Advisory Services Group at Grant Thornton, whose main focus is on risks and controls. Wyn has eight years of professional service experience delivering Internal Audit, Compliance and Risk Management services for business processes as well as various aspects of information technology ( IT ). Her clients have ranged from smaller and mid-size organizations to large multi-national companies that operate in complex environments. Some of Wyn s projects include: Led and managed IT network security audit for a provincial crown corporation including planning, execution and reporting. Successfully ensured delivering of agreed upon results on time and on budget. IT risk assessment for a local transportation client assessing risks and controls associated with IT processes. IT process testing and documentation for a leading Canadian Payment Processing company as part of a Sarbanes Oxley and Statutory Audit engagement. This involved documenting and testing processes in place at locations throughout the US and Canada. Rob Behrouzian, B.Eng, CISM, CRISC, CISA, CIPP/IT Rob has been in the IT industry for more than 15 years and has worked in variety of IT roles such as assurance manager, audit manager, internal/external assurance/compliance practitioner, IT operation team lead, systems engineer, consultant, technical trainer, and unified messaging engineer. Highly experienced professional with knowledge in governance, risk and controls, Information technology controls, privacy controls, financial statement audits and regulatory compliance reviews in multiple industries. Acquired extensive experience in all phases of assurance and advisory engagements: risk assessments, scoping, planning, work programs, budgeting, managing teams, quality reviews, project management, training, mentoring staff, reporting and presentations of value added findings and recommendations to key stakeholders. Developed and consistently apply strong analytical and problem solving skills in offering customized solutions to client challenges. Rob is currently serving as the Treasurer and member of Board of Directors at CERA (Communities for Embracing Restorative Actions) Society. CERA's mission is to enhance the quality of justice in the communities through restorative measures that attempt to repair the harm caused by crime, resolve conflict, and restore balance in relationships. Restorative justice is a non-adversarial, non-retributive approach to justice that emphasizes healing in victims, meaningful accountability of offenders, and the involvement of citizens in creating healthier and safer communities. Having lived and worked in North America, and Asia, Rob brings a diverse international experience and perspective with him. Bachelor of Science, Computer Engineering CISM, Certified Information Systems Manager CISA, Certified Information Systems Auditor CRISC, Certified in Risk Information Systems Control CIPP/IT, Certified Information Privacy Professional 6

Elson Kung, CISA, PMP A senior manager, information risk, at HSBC, Elson Kung manages information risk on behalf of the business lines and support functions he serves. In the banking and IT industries for 15 years, his work has spanned sales and service, business analysis, project management, as well as risk and control. He has hands-on and leadership experience in Basel 2 data maintenance, operational risk self-assessment, SOX testing coordination, and information risk management. Elson is a CISA and Project Management Professional (PMP) and is ITIL Foundation-certified. Emily Chee, B.Com (Hons.) Emily Chee is a Consultant in KPMG s Risk Consulting, Advisory Services practice. Her experience includes: performing data analytics, identifying IT application controls, testing of general IT controls and application controls, assessing risk impact, delivering related documentation, and providing recommendations for improvement areas. Emily specializes in areas such as access administration, change management, project development, and computer operations. Having a background in accounting and management information systems, Emily has had the opportunity to work with various ERP systems (SAP, JD Edwards, Oracle, Hyperion, and PeopleSoft) and a variety of operating systems. She also has experience dealing with complex business and IT environments. Prior to joining KPMG in September 2010, Emily held junior positions in day-to-day business operations for the insurance, financial, retail, and distribution industries. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information