@ISACA Volume 13: 23 June 2010 

 
@ISACA Relevant, Timely News

Conference to Address Driving Value, Managing Risk and Achieving Objectives
IT Governance, Risk and Compliance Conference • Boston, Massachusetts, USA • 6-8 October 2010

Brian Barnier, CGEIT, principal at ValueBridge Advisors and chairman of the Conference Task Force, offers his thoughts on this year’s conference.

Question Please describe the theme and the reasons that it was chosen for this year’s conference.

Answer “Driving Value, Managing Risk, Achieving Objectives” is the theme for this year’s IT Governance, Risk and Compliance (IT GRC) Conference. ISACA® has a long history of members pulling together to create frameworks, guidance and education that stress creating risk-return value by focusing on business objectives (including compliance and performance). Therefore, we hope, through this theme, the conference will both harness ISACA’s strong history and show how that knowledge can help attendees be more personally effective in addressing this hot industry topic.

Question What industry trend(s) will be addressed at the conference?

Answer We will cover several trends that are grabbing attention, including:

  • Using risk management for both performance improvement and compliance
  • Governance focused on value, not just controls
  • Engaging more deeply with “the business” (business lines, functional areas and corporate) through the more business-focused language of risk management

Question Tell us a little about the keynote speaker?

Answer The ISACA IT GRC Conference has a history of top-notch, insightful speakers. With past keynotes including an Army general, Navy admiral and the vice chairman of the US National Transportation Safety Board, it was a challenge to find the right person. In listening to the needs of our previous attendees, we heard that their jobs are highly sensitive to the board of directors—the tone at the top, the culture, the expectation. They want to learn what is on the minds of the board members, especially audit and risk committee members. So, we are thankful to have W. Ronald Dietz, the chair of the audit and risk committee of the Board of Directors of Capital One, speaking at this year’s conference. He is a “financial expert” for US Securities and Exchange Commission (SEC) purposes and has written on risk management approaches for boards of directors. We are looking forward to his insight and coaching on what is needed from the risk management team.

Question Will this conference include any new or unique features or session formats?

Answer Yes, based on input we received, several improvements have been made. One stream will be focused on chief information officers and senior IT leaders—providing content they need to better interact with their business colleagues, boards and better guide their teams. Two other tracks are for senior practitioners and managers. One will be focused on building and implementing and the other on refining and improving. We have also pulled out the more introductory content and will dedicate that to a special one-day preconference workshop for those who are new to the IT GRC role; the workshop will help beginners get more value from the rest of the conference.

The IT Governance Forum is a premier ISACA event held as a “conference within a conference” at the IT Governance, Risk and Compliance Conference. It is designed as a systematic and interactive learning experience, stepping through the key aspects of the ISACA five domains of IT governance and the six domains of the Certified in the Governance of Enterprise IT® (CGEIT®) certification.

Building on what we introduced in 2009, we will continue our roundtable seating arrangements and more interactive formats to make it easier for people to make new contacts, collaborate in exercises and learn.

Click here for more information and to register for the IT GRC Conference.

Top


Participate in IFAC International Alignment Survey
Topic:  International Alignment of Risk Management and Internal Control Guidelines

The Professional Accountants in Business (PAIB) Committee of the International Federation of Accountants (IFAC), with the assistance of the Committee of Sponsoring Organizations (COSO), invites you to participate in a survey to assess the need to align risk management and internal control guidelines internationally.

Through the survey, the PAIB Committee seeks to:

  • Investigate how risk management and internal control frameworks, standards and/or guidance are being used around the globe
  • Identify the strengths and weaknesses of existing risk management and internal control systems
  • Determine the need for international alignment among the various national frameworks, standards and guidance that already exist in this area.

Click here to participate in the survey, which will take 15-20 minutes to complete. The survey will be open until 10 July 2010.

Top


Book Review:  Hacking Exposed Computer Forensics, 2nd Edition
Reviewed by Vishnu Kanhere, Ph.D., CISA, CISM, AICWA, CFE, FCA

Hacking Exposed Computer Forensics, 2nd Edition, is a useful reference book—a handbook of investigating computer incidents and frauds. There has been a virtual explosion of frauds, crimes and serious computer incidents worldwide. These cyber crimes and frauds have been increasing in volume, size, value and numbers. Apart from these incidents, the growing scams, Ponzi schemes and employee/management frauds on the backdrop of the global, financial meltdown have also been a cause of grave concern in corporate, regulatory and government circles.

Normal accounting practices, techniques and controls, and reliance on documentation, vouchers, statements, and paper evidence are increasingly found to be inadequate in dealing with these frauds. The use of emerging technology and tools has enabled computer forensics investigation, bringing in a new level of transparency and accountability to traditional investigations. Computer forensics is playing a vital role in the discovery, investigation and establishment of liability in cases of fraud.

Through this book, Aaron Phillip, David Cowen CISSP, and Chris Davis, CISA, CISSP, fullfill a growing need for a handbook that covers the entire investigation process, from setting up the required infrastructure to presentation of evidence acceptable to the judiciary, for the entry-level student as well as the senior, seasoned professional. The book speaks to all industries and addresses all sectors of business, industry and public/government sectors, as frauds and crimes are all-pervasive. While the book refers to US and European legislation and regulations, it is applicable to all geographical regions.

The strength of this publication is that it provides good insight into computer forensics to the beginner as well as expert investigator. Real-world examples, case studies, step-by-step instructions and notes/tips make the book easy to understand and use for the student and the professional.

Hacking Exposed Computer Forensics, 2nd Edition is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in the latest issue of the ISACA Journal, visit the ISACA Bookstore or e-mail bookstore@isaca.org.

Vishnu Kanhere, Ph.D., CISA, CISM, AICWA, CFE, FCA, is an expert in software valuation, IS security and IS audit.

Top


ISACA Congratulates 2010 Award Winners

ISACA® would like to congratulate the winners of the 2010 awards, many of which were presented at the International Conference in Cancun, Mexico, in June.

General Awards

John Lainhart Common Body of Knowledge Award

This award recognizes contributions to the development and enhancement of the common body of knowledge used by ISACA’s constituencies. It is not intended to be an annual award, but is presented only when individuals far exceed the norm. This year, ISACA presented the award to Urs Fischer, CISA.

Michael Cangemi Best Book/Article Award

This award recognizes an individual who makes a major contribution in the form of an article or a book about IS audit, control and/or security. This year, the award was presented to Chong Ee, CISA, CGEIT, for his article titled “Beyond the Looking Glass: IT Auditors and Client Communications.” The article appeared in volume 5, 2009, of the ISACA® Journal.

John Kuyers Best Speaker/Conference Contributor Award

This award, which recognizes individuals for major contributions to the development of ISACA global conferences or for outstanding individual speaking achievements, was presented to Jorge Hidalgo, CISA, CISM, CGEIT, and Carlos Villamizar, CISA, CGEIT.

President’s Cup Award

Established in 1992, this award recognizes chapters for participation in ISACA’s International Conference. Points are awarded to each chapter for each member who attends the event. This year’s award was presented to the ISACA Mexico City (Mexico) Chapter.

K. Wayne Snipes Award

This award was established in 1989 to recognize chapters that demonstrate excellent service to their members and communities. Performance is assessed on several criteria, including membership growth, educational events, member communication, promotion of the ISACA certifications, involvement with ISACA and involvement with other professional organizations. Winners are selected in each size category in each region. From those, one chapter in each size category is selected as the worldwide winner.

This year’s worldwide winners are:

  • Best small chapter worldwide—New Orleans
  • Best medium chapter worldwide—Costa Rica
  • Best large chapter worldwide—Orange County
  • Best very large chapter worldwide—North Texas

This year’s regional winners are:

Asia:
•Best medium chapter—Sri Lanka
•Best large chapter—Pune
•Best very large chapter—Mumbai

Europe/Africa:
•Best medium chapter—Valencia
•Best large chapter—Athens
•Best very large chapter—London

Central/South America:
•Best medium chapter—Costa Rica
•Best large chapter—Bogota

North America:
•Best small chapter—New Orleans
•Best medium chapter—Hudson Valley
•Best large chapter—Orange County
•Best very large chapter—North Texas

Membership Growth Awards

The award for the highest percentage of growth was presented to the Macao Chapter. The Tokyo Chapter earned the award for the highest numeric growth.

Membership Retention Awards

The Nagoya Chapter earned the award for the highest retention percentage, and the Northwest Ohio Chapter earned the award for the highest increase in retention.

Chapter Newsletter Awards

This award recognizes chapters for their newsletter, one of chapters’ strongest forms of communication with their members. One award per chapter size category is awarded annually. This year, the awards were presented to:

•Best small chapter—Northwest Ohio
•Best medium chapter—Adelaide
•Best large chapter—Malaysia
•Best very large chapter—Silicon Valley


Certification Awards

Thomas H. Fitzgerald Award

Presented each year to the highest scorer on the Certified Information Systems Auditor™ (CISA®) exam, the award was earned by:

•Thomas R. McLoughlin (June)
•Brian Stanley (December)


CISA Worldwide Achievement Award

This award, which recognizes the second highest score on the CISA exam, was earned by:

•Christopher R. Jacobson (June)
•Anne Overton (June)
•Leslie Dean Taylor, CISA (December)


CISA Geographic Excellence Awards

This award recognizes the CISA exam’s top scorer in each of ISACA’s five regions. The following individuals earned the award for the 2009 exams.

Asia:
•Meng Hailing (June)
•Bal Soni (December)
•Senthilkumar Lakshmanan Thangarajan (December)

Central/South America:
•Marck Zubrzycki, CISA (June)
•Pulka Adrian Guillermo (December)

Africa/Europe:
•Tony Stallard, CISA (June)
North America:
•Elizabeth Desrosiers, CGEIT (December)
•Ivaylo Stratkov (December)
•Masoud Loghmani (December)
•Michael Barich, CISA (December)
•Carol Powers (December)

Oceania:
•Julian Busic (June)


CISA Geographic Achievement Award

This award recognizes the CISA exam’s second-highest scorer in each of ISACA’s regions. The following individuals earned the award for the 2009 exams.

Asia:
•Prateek Trivedi, CISA (June)
•Qi Dang, CISA (June)

Central/South America:
•Jorge Castro, CISA (June)
•Jose Alejandro Guizar (December)
•Mike McDermid (December)
Europe/Africa:
•Gerald Stockinger, CISA (June)
•Richard Bush (June)
•Dietrich Cornelius, CISA (December)

Oceania:
•Andy Chung-Sang Siu, CISA (June)
•Pavan Kumar Rachakonda (June)


CISM Worldwide Excellence Award

This award, which recognizes the top score on the Certified Information Security Manager® (CISM®) exam, was earned by:

•Robert Hoffman, CISA, CISM (June)
•Jose Fidel Santiago, CISA (December)


CISM Worldwide Achievement Award

This award, which recognizes the second highest score on the CISM exam, was earned by:

•Lee Wee Tiong, CISA, CISM (June)
•Michel Kurek, CISA, CISM (December)
•Simon Moorhouse (December)
•Paul Le Mesle (December)


CISM Geographic Excellence Awards

This award recognizes the CISM exam’s top scorer in each of ISACA’s five regions. The following individuals earned the award for the 2009 exams.

Asia:
•Rand Ruo Shi, CISA (December)

Central/South America:
•Francisco Jose Lombardo (June)
•Shane R. Muffley (December)

Europe/Africa:
•Tim Sattler, CISA, CISM (June)
North America:
•Christopher B. Harris, CISM (June)
•Franklin Witter, CISM (December)
•Mike Roncadori, CISM (December)
•Ben Calvert (December)

Oceania:
•Julian Busic (December)
•Andy Chung-Sang Siu, CISA (December)


CISM Geographic Achievement Awards

This award recognizes the CISM exam’s second-highest scorer in each of ISACA’s regions. The following individuals earned the award for the 2009 exams.

Asia:
•Carlo Kristle Gonzales Diamarucut (June)
•Subodh Sriniwas Belgi, CISA, CISM (December)

Central/South America:
•Loaz Francisco, CISM (June)
•Jose Juan Marti, CISA, CISM (December)
•Fausto Cepeda Gonzalez, CISA, CISM (December)
Europe/Africa:
•Andrew Stalker, CISM (June)
•Thomas Schaefer (June)

North America:
•Julian Marin, CISA, CISM (June)
•Steve Swenson, CISM (June)

Oceania:
•Steve Harvey (June)


CGEIT Worldwide Excellence Award

This award, which recognizes the top score on the Certified in the Governance of Enterprise IT® (CGEIT®) exam, was earned by:

•Andriy Radchenko, CISA, CGEIT (June)
•Jurgen Van De Sompei, CGEIT (June)
•John P. Kelly (December)


CGEIT Worldwide Achievement Award

This award, which recognizes the second highest score on the CGEIT exam, was earned by:

  • Paul David Greenwood, CISA (December)

CGEIT Geographic Excellence Awards

This award recognizes the CGEIT exam’s top scorer in each of ISACA’s five regions. The following individuals earned the award for the 2009 exams.

Asia:
•Li Gang, CGEIT (June)
•Kavinda Walatara, CGEIT (December)

Central/South America:
•Jeann Jose Frias Garza, CISA, CGEIT (June)
•Renato Maia Silva, CISA, CISM (June)
•Richard Douglas Garcia, CISA, CISM (December)
North America:
•Cathy J. Berg, CISA, CGEIT (June)
•Samuel Tyler Harding, CISA, CISM, CGEIT (December)
•Glenn Montgomery, CISA (December)

Oceania:
•Faith Page, CISA (June)


CGEIT Geographic Achievement Awards

This award recognizes the CGEIT exam’s second-highest scorer in each of ISACA’s regions. The following individuals earned the award for the 2009 exams.

Asia:
•Sivasundaram Cumbamangalam Umpathy, CGEIT (June)
•Zhang Qianli, CISA, CISM, CGEIT (June)
•Wang Erle, CISA (December)

Central/South America:
•Eder De Abreu, CISA, CGEIT (December)
Europe/Africa:
•Mattias Palmer, CGEIT (December)

North America:
•Jerry David Norton, CISA (June)

Oceania:
•Graham Starkey (June)
•Alison Mary Fleming (December)

Top

Read More Articles in Our Archives