@ISACA Volume 14: 3 July 2013 

 
@ISACA Relevant, Timely News

Attention Job Seekers: The ISACA Career Centre Has a Brand New Look

In keeping with ISACA’s commitment to help you make the most of your job search efforts, ISACA is pleased to announce exciting new changes to the ISACA Career Centre.

The Career Centre now has a more optimal mobile viewing experience, newly formatted job seeker pages, simplified navigation and prominent placement of valuable content. Here is a brief overview of the enhancements:

  • Upgraded job seeker detail pages: A contemporary layout and better organized content give candidates an immediate snapshot of ISACA’s entire suite of career services. Career resources, association news and fresh content are embedded within every job seeker page to make it easier to find the information you need.
  • New Career Centre landing page: In keeping with industry standards, the main job seeker page will function as the initial starting point of the ISACA Career Centre. All job seeker components will now have better placement on the new landing page, limiting the number of clicks needed to access important information.
  • Responsive design elements: By incorporating responsive design elements into the newly upgraded job seeker pages, the ISACA Career Centre enhances your viewing experience by automatically shifting and resizing the Career Centre pages based on the type and orientation of the mobile device that you are using.

The new ISACA Career Centre enhancements are designed to make your experience better than ever while continuing to bring you the most comprehensive employment resource for IT professionals. Check out the latest enhancements by visiting the Career Centre today.

Top


Get Involved in ISACA’s Online Community

ISACA’s online Knowledge Center continues to grow as a popular networking and educational community for members worldwide. With more than 100 topics, the Knowledge Center always welcomes new subject matter experts (SMEs) to serve as topic leaders. As a meeting place for ISACA members to network and collaborate, topic leaders start conversations and respond to other members to keep the conversation going.

There is an easy 3-step process to becoming a topic leader:

  1. Complete the application and send it to leaderhelp@isaca.org along with your résumé or curriculum vitae (CV).
  2. Your application will be reviewed by the ISACA team.
  3. If approved, you will serve as a community leader upon receipt of the signed community leader guidelines.

Topic leaders spend an average of 2 hours per week working within their topics and are eligible to earn up to 20 continuing professional education (CPE) credits. Alerts are available to easily monitor topic activity.

If you are interested in becoming a topic leader, please visit the Become a Topic Leader page of the ISACA web site for more information including a video demonstration, which provides more detail on the role of a topic leader and the Knowledge Center. Visit the Knowledge Center for a comprehensive list of topics. The topics for which we are actively recruiting topic leaders include:

Top


Act Now! Register for September CISA and CISM Exams

Have you been thinking about earning your Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) certification? Now is a great time. The final registration deadline for the 7 September 2013 exam administration is 22 July.

Please remember that the special September exam administration is only for CISA or CISM and only at select locations worldwide. Learn more about the September exam locations on the September Exam Sites page of the ISACA web site. Additional details on the September CISA and CISM exam administration can be found on the September 2013 Exams page.

Top


Secure Information Flow With Mobile and Wireless Technologies
By Bruce R. Wilkins, CISA, CISM, CGEIT, CRISC, CISSP

Whether your enterprise is issuing mobile devices to employees or employees are using their own devices, one thing is certain: Your enterprise has been extended into its employees’ pocket. One of the most popular ways to connect these devices is through wireless technology.

When addressing wireless technology, the conversation focuses on wireless fidelity (Wi-Fi) and cellular communications. In today’s technology, the line between the two is becoming more and more blurred. Although the underlying technology remains quite specific to the communication infrastructure, the way the technology is being used is similar. Today, corporations can use microcell technology to reduce cell usage in high-density employee areas, such as a corporate campus. Microcells, which enable communication throughout the campus without incurring usage charges, are connected to the traditional cellular systems for external communications. This is a giant leap in technology from cellular repeaters that, in the past, had been quite common. In the next generation of cell phones, manufacturers are redefining how voice is communicated. Similar to the techniques used by Skype, these new devices are transmitting voice and data via data plans. The impact of this transmission technology alone cannot be understated when discussing how cellular plans will be structured in the near future.

When architecting wireless solutions, these technologies can be plugged and snapped together to extend or replace the traditionally wired corporate enterprise. The technologies can also provide visitors connectivity via hotspots. Regardless of how your enterprise chooses to use these wireless technologies, the information flow must be secured between the originating and target end points. The following are some helpful tips to tame the impact of these technologies on an enterprise:

  1. Understand the technological and physical perimeter. You secure technology from the position that is defined for you through management’s risk appetite. Whether your enterprise believes in the concept of inside and outside or that everyone is outside and only data are inside, a strong perimeter must be maintained.
  2. Focus the point of entry for wireless technologies. Whenever possible, wireless users should be routed into an external DMZ so that first access decisions can be made and monitoring can be performed. Once users are collected in the DMZ, they can be channeled toward the enterprise or to other external networks.
  3. Be cautious when using encryption indigenous to wireless technologies. The more sensitive the data, the stronger the encryption technique should be. It is not uncommon to install an encryption client that provides a higher level of confidence.
  4. Control mobile device functionality. Mobile devices allowed in corporate areas need to be configured so that physical security is maintained. Cameras, cellular or other functionality might need to be automatically disabled in order to enhance monitoring and protect controlled areas. Another approach is to prohibit mobile devices in controlled areas.
  5. Monitor, monitor, monitor. Monitor connectivity to microcell network and wireless access points, the DMZ and, of course, wherever the user has access within the enterprise.

Bruce R. Wilkins, CISA, CISM, CGEIT, CRISC, CISSP, is the chief executive officer of TWM Associates Inc. In this capacity, Wilkins has the opportunity to provide his customers with secure engineering solutions for innovative technology and cost-reducing approaches to existing security programs.

Top


ISACA Congratulates 2012-2013 Award Winners

ISACA congratulates the winners of the 2012-2013 awards, many of which were presented during the Annual Meeting of the Membership at World Congress: INSIGHTS 2013 in Berlin, Germany, in June.

Professional Awards

President’s Award
Each year, the international president of ISACA identifies one person or group of people who he/she believes has gone above and beyond the call of duty in contributing to ISACA’s mission and demonstrating years of commitment, extraordinary effort, enthusiasm and dedication. This year, the award was presented to Robert Stroud, CGEIT, CRISC.

Michael Cangemi Best Book/Article Award
This award was instituted during the 1996-97 year to recognize individuals for major contributions to publications in the field of information systems (IS) audit, control and/or security. This year, the award was presented to Steven J. Ross, CISA, CISSP, MBCP, for his long-standing ISACA Journal column, Information Security Matters. Some of Ross’ recent columns include “Just Okay Practice” and “This Should Not Be Happening.”

John Kuyers Best Speaker/Conference Contributor Award
This award was instituted during the 1996-97 year to recognize individuals for major contributions in the development of ISACA global conference(s) and/or outstanding speaking achievements. This year’s award was presented to Ramses Gallego, CISM, CGEIT, CCSK, CISSP, ITIL, SCPM, Six Sigma Black Belt.

John Lainhart Common Body of Knowledge Award
This award was instituted during the 1996-97 year to recognize individuals for major contributions to the development and enhancement of the common body of knowledge used by the constituents of the association in the field of IS audit, security and/or control, IS audit certification and/or IS audit standards. This year, ISACA presented the award to Christos K. Dimitriadis, CISA, CISM, CRISC.

Harold Weiss Award for Outstanding Achievement
This award was instituted in 1985 to recognize individuals for dedication to the IT governance profession. This year’s award was presented to Krishna Seeburn.

Paul Williams Award for Inspirational Leadership
This award is presented to an ISACA volunteer to recognize strategic leadership accomplishments on ISACA’s behalf. The recipient must contribute to ISACA over the course of several years and far exceed the norm in achieving strategic results and/or driving ISACA’s strategy forward. This year, the award was presented to Lynn Lawton, CISA, CRISC, CITP, FBCS, FCA, FIIA.

President’s Cup Award
Established in 1992, this award recognizes chapters for participation in ISACA’s World Congress: INSIGHTS. Points are awarded to each chapter for each member who attends the event and the distance the attendees must travel. This year’s award was presented to the ISACA Abuja (Nigeria) Chapter.

Chapter Awards

K. Wayne Snipes Award
This award was established in 1989 to recognize chapters that demonstrate excellent service to their members and communities. Performance is assessed based on several criteria, including membership growth, educational events, member communication, promotion of ISACA certifications, and involvement with ISACA and other professional organizations. Winners are selected in each size category in each region. From those, one chapter in each size category is selected as the worldwide winner.

This year’s worldwide winners are:

  • Best small chapter worldwide—Estonia
  • Best medium chapter worldwide—Muscat (Oman)
  • Best large chapter worldwide—South Florida (USA)
  • Best very large chapter worldwide—Denver (Colorado, USA)

This year’s regional winners are:

Asia:

  • Best medium chapter—Muscat (Oman)
  • Best large chapter—Manila (Philippines)
  • Best very large chapter—Bangalore (India)

Central/South America:

  • Best small chapter—Montevideo (Uruguay)
  • Best large chapter—Costa Rica

Oceania:

  • Best medium chapter—Adelaide (South Australia)
  • Best very large chapter—Melbourne (Victoria, Australia)

Europe/Africa:

  • Best small chapter—Estonia
  • Best medium chapter—Winchester (England, UK)
  • Best large chapter—Athens (Greece)
  • Best very large chapter—Switzerland

North America:

  • Best small chapter—Boise (Idaho, USA)
  • Best medium chapter—Jacksonville (Florida, USA)
  • Best large chapter—South Florida (USA)
  • Best very large chapter—Denver (Colorado, USA)

Membership Growth Awards
The award for the highest percentage of growth is presented to four different chapters based on size. The chapters that earned the award for the highest percentage growth are:

  • Small—Venice (Italy) (102 percent)
  • Medium—Brasília (Brazil) (46 percent)
  • Large—Moscow (Russia) (25 percent)
  • Very Large—Bangalore (India) (13 percent)

Membership Retention Awards
The award for the highest percentage of retention is presented to four different chapters based on size. The chapters that earned the award for the highest percentage of retention are:

  • Small—Estonia (93 percent)
  • Medium—Central Arkansas (USA) (91 percent)
  • Large—Denmark (95 percent)
  • Very Large—Switzerland (88 percent)

Certification Awards

Thomas H. Fitzgerald Award
This award is presented in recognition for achieving the highest worldwide score on the June and December 2012 Certified Information Systems Auditor (CISA) examinations. The award was earned by:

  • June—Kenneth E. Long, CISA
  • December—Michael F. Stevens

CISA Worldwide Achievement Award
This award is presented in recognition for achieving the second highest worldwide score on the June and December 2012 CISA examinations. The award was earned by:

  • June—Randall Brachmann, CISA
  • December—Matthew W. Maglieri, CISA

CISM Worldwide Excellence Award
This award is presented in recognition for achieving the highest worldwide score on the June and December 2012 Certified Information Security Manager (CISM) examinations. The award was earned by:

  • June—Urmas Aamisepp, CISM, and David Adamson, CISM (tie)
  • December—Bruno Blumenthal, CISM, Darren Seary, CISM, and Rod Saunders, CISM (tie)

CGEIT Worldwide Excellence Award
This award is presented in recognition for achieving the highest worldwide score on the June and December 2012 Certified in the Governance of Enterprise IT (CGEIT) examinations. This award was earned by:

  • June—Pierre M. Tardif, CGEIT
  • December—Morten Tandle, CGEIT

CGEIT Worldwide Achievement Award
This award is presented in recognition for achieving the second highest worldwide score on the June and December 2012 CGEIT examinations. This award was earned by:

  • June—Razvan Pirvu, CGEIT, and Paolo Garofalo, CISA, CGEIT (tie)
  • December—Duncan Hall, CGEIT, and Rafal Morawski, CISA, CISM, CGEIT (tie)

CRISC Worldwide Excellence Award
This award is presented in recognition for achieving the highest worldwide score on the June and December 2012 Certified in Risk and Information Systems Control (CRISC) examinations. This award was earned by:

  • June—Casey Brook Essary, CISM
  • December—Stephen Easterbrook

CRISC Worldwide Achievement Award
This award is presented in recognition for achieving the second highest worldwide score on the June and December 2012 CRISC examinations. The award was earned by:

  • June—Liviu-Cristian Luca, CISA, CISM, CGEIT, CRISC
  • December—Nancy J. Wilson, CISA, CRISC, and Phyllis A N Lee, CISA (tie)

CISA Geographic Excellence Award
This award is given in recognition for achieving the highest score in the geographic area on the June and December 2012 CISA examinations. This award was earned by:

June:

  • Area 1—Oh Kyung Hee
  • Area 2—Alejandro Jose Cabezon
  • Area 3—Nathalie Louise Viney
  • Area 5—Simon Roller, CISA, and Simon Jeffery (tie)

December:

  • Area 1—Taimour Al Neimat, CISA
  • Area 2—Geraldo Magela Lopes De Freitas, CISA
  • Area 3—Pal Kristiansen
  • Area 5—Russell Ming Yaw Loi

CISA Geographic Achievement Award
This award is presented in recognition for achieving the second highest score in the geographic area on the June and December 2012 CISA examinations. This award was earned by:

June:

  • Area 1—Pau Hon Wai Henry, CISA, and David Oberle, CISA (tie)
  • Area 2—Rodrigo de Carvalho Correia
  • Area 3—Nuno Santos Mendes, CRISC

December:

  • Area 1—Roland Reuel Q. Salamatin
  • Area 2—Acacio De Paula, CISA, CRISC
  • Area 5—Simon Gill, CISA

CISM Geographic Excellence Award
This award is presented in recognition for achieving the highest score in the geographic area on the June and December 2012 CISM examinations. This award was earned by:

June:

  • Area 1—Seow Chee Keong, CISA, CISM, and Vikrant Tara Nanda, CISM (tie)
  • Area 2—Luis F. Perez, CISM
  • Area 4—Vasu Kohli, CISM, CRISC, and Keith E. McCartney, CISA, CISM (tie)

December:

  • Area 2—Abdy Sanjur, CISA
  • Area 5—Timothy Charles Niblett, CISM

CISM Geographic Achievement Award
This award is presented in recognition for achieving the second highest score in the geographic area on the June and December 2012 CISM examinations. This award was earned by:

June:

  • Area 2—Manoel Theophilo Barbosa Filho, CISM
  • Area 3—Martin Psarsky, CISA, and George Robertson, CISM (tie)
  • Area 5—Ross Cameron Peachey, CISA, CISM

December:

  • Area 1—Madhav Shenvi, CISA, CISM
  • Area 2—Marco Chaves
  • Area 4—Craig Rydalch, CISM
  • Area 5—Ben Chung and Matthew Nixon, CISA (tie)

CGEIT Geographic Excellence Award
This award is presented in recognition for achieving the highest score in the geographic area on the June and December 2012 CGEIT examinations. This award was earned by:

June:

  • Area 1—Lam Man Ho
  • Area 2—Jorge Delgado, CISA, CISM, CGEIT, CRISC
  • Area 5—Eleute Llido Fostanes, CISA

December:

  • Area 2—Steve Felipe Aguirre, CISA, CGEIT
  • Area 4—Bashar W. Dari, CISA, CISM, CGEIT

CGEIT Geographic Achievement Award
This award is presented in recognition for achieving the second highest score in the geographic area on the June and December 2012 CGEIT examinations. This award was earned by:

June:

  • Area 1—Stephen M. Wigney, CGEIT
  • Area 2—Gelson Heindrickson
  • Area 4—Mohsin Master, CISA, CGEIT
  • Area 5—Dejan Mirkovic

December:

  • Area 1—Aditya Vardhan, CISA
  • Area 2—Felipe Koller, CISA, CGEIT, CRISC
  • Area 3—Jari Kiero, CGEIT
  • Area 4—Martyn Forbes
  • Area 5—Jacqueline Sin, CISA

CRISC Geographic Excellence Award
This award is presented in recognition for achieving the highest score in the geographic area on the June and December 2012 CRISC examinations. This award was earned by:

June:

  • Area 1—Mustafa Mahmoud Nasser, CISA, CISM, CRISC
  • Area 2—Fabio Hildebrand, CISA
  • Area 5—Mqhele Nzama, CISA, CISM

December:

  • Area 1—Upesh Bhupendra Parekh, CISA
  • Area 2—Jorge Delgado, CISA, CISM, CGEIT, CRISC

CRISC Geographic Achievement Award
This award is presented in recognition for achieving the second highest score in the geographic area on the June and December 2012 CRISC examinations. This award was earned by:

June:

  • Area 1—Lim Han Kiong, CISM
  • Area 2—Gustavo Miguel Ramos Tabacchi, CISA, CRISC
  • Area 3—Fotios Tsifountidis
  • Area 4—Rebecca Gail Hodgkins, CISA, CRISC
  • Area 5—Paul Doman

December:

  • Area 2—Jorge Betancourth Vega, CISM, CRISC
  • Area 3—Juffali Kenzi Shahalir, CISA, CISM, CGEIT
  • Area 4—Phillip Glen Hirschel, CRISC
  • Area 5—Gabriel Taiwo Akindeju, CISA, CISM, CRISC

Top

Read More Articles in Our Archives