North America ISRM / IT GRC 

Browse All of Our Events »

Don't Miss Out!

North America ISRM / IT GRC is a quality professional development opportunity, where you can:

  • Expand your networking opportunities
  • Build a stronger IT community
  • Increase your member and vendor contacts
  • Interact with speakers who provide insight on IT audit and related topics
  • Return to the office motivated to immediately apply what you learned and contribute to your enterprises’ success

Registration for the 2012 North America ISRM / IT GRC Conference is Open! Please register on site at the Mirage Hotel and Casino. Contact ISACA's Conference Department at +1.847.660.5585 if you have questions.


North America ISRM / IT GRC ConferenceStay connected at this year’s North America ISRM / IT GRC Conference with your smart phone or other mobile device!

With this FREE new feature you will be able to:

  • Build your own conference schedule
  • Complete conference session surveys
  • Take notes, and export to email to yourself for review later
  • View session presentations

To access this powerful tool, please visit our smart link at www.tripbuilder.com/isacavegas2012apps

Employer Approval Letter

Need help developing your business case for attending ISACA’s North America ISRM / IT GRC conference? ISACA has developed a "Dear Boss" letter to assist with the approval process.
View the letter online
Download the electronic file

What's in it For You?

  • Customized learning experience. Choose the sessions that matter most to you and your enterprise.
  • World-class networking. Interact face-to-face with colleagues in an environment ideal for unparalleled knowledge sharing.
  • Update your knowledge. Broaden your understanding of new research and projects being developed across the globe.
  • Sharpen your skills. Expand your expertise. Earn valuable CPEs

What's in it For Your Organization?

  • Exceptional value for training dollars. Receive from every session full documentation that can be shared with colleagues.
  • Exclusive access to industry experts who offer tested solutions to problems facing your organization. Discover what works and doesn’t work from successful professionals.
  • Interact with vendors at the InfoExchange. Get answers directly from representatives, and discover products that decrease the expense to your organization and increase the return.

Venue

Stay in the heart of the conference action at a hotel specially discounted for ISACA attendees.

Mirage Casino-Hotel
3400 Las Vegas Boulevard South
Las Vegas, Nevada 89109
Phone: 1.800.499.6311
Phone Reservations: 1.800.374.9000

Room rates based on availability

Mirage Casino-Hotel


Registration Dates & Times

Workshop Registration:
Monday, 12 November 2012, 7:30AM – 12:00PM
Tuesday, 13 November 2012, 7:30AM – 12:00PM

Conference Registration:
Tuesday, 13 November 2012, 3:00PM – 7:00PM
Wednesday, 14 November 2012, 7:00AM – 5:00PM
Thursday, 15 November 2012, 7:30AM – 5:00PM
Friday, 16 November 2012, 7:30AM – 12:00PM

Event Dates & Times

Workshop Times:
Monday, 12 November 2012, 9:00AM – 5:00PM
Tuesday, 13 November 2012, 9:00AM – 5:00PM

Conference Times:
Wednesday, 14 November 2012, 8:30AM – 5:00PM
Thursday, 15 November 2012, 8:30AM – 5:00PM
Friday, 16 November 2012, 8:30AM – 12:15PM

Program Information


  2012 NA ISRM / IT GRC Brochure (1.8M)
  2012 NA ISRM / IT GRC Program Grid (46K)


North America ISRM / IT GRC Track Descriptions


Track 1 – Thwarting Cyber Threats
Track 2 – IT Risk Management Solutions
Track 3 – Compliance Makes Good Governance
Track 4 – Solving Business and IT Issues
Track 5 – IT Risk and Exposure Management

See full session listing by track


North America ISRM / IT GRC Workshops

2-Day Workshops, Monday-Tuesday, 12-13 November 2012

1-Day Workshop, Monday, 12 November 2012

1-Day Workshops, Tuesday, 13 November 2012

See full session listing by day

 

NEW! Oracle Lunch & Learn Session

Title: Trends in Identity Management
Speaker: Mike Neuenschwander, Senior Product Development Director
 Oracle Identity Management

Abstract:  As enterprises embrace mobile and social applications, security and audit have moved into the foreground. The way we work and connect with our customers is changing dramatically, and this means re-thinking how we secure the interaction and enable the experience. Work is an activity not a place - mobile access enables employees to work from any device anywhere and anytime. Organizations are utilizing "flash teams"—instead of a dedicated group to solve problems, organizations utilize more cross-functional teams. Work is now social—email collaboration will be replaced by dynamic social media style interaction. In this session, we will examine these three secular trends, and discuss how organizations can secure the work experience and adapt audit controls to address the "new work order".


Opening Keynote Address


The Virtualization of America


Michael RogersMichael Rogers

Play Invitation from the North America ISRM / IT GRC Keynote speaker

Over the next decade, more and more of our work, what we care about, and how we interact with others is going to move into the virtual world, facilitated by computers and the Internet. We’re seeing the rise of a new generation of “digital natives” who are remarkably comfortable with virtual relationships. What will this mean for how our businesses and organizations must grow and evolve in the years to come? This engaging keynote presentation will get you ready to answer this question, interact in new ways and more.

Michael Rogers is a technology pioneer, novelist and journalist whose consultancy, Practical Futurist, helps businesses and organizations worldwide think about the future. In recent years he has worked with companies ranging from FedEx, Boeing and Time-Life to Prudential, Dow Corning, GE and Genentech. Rogers has completed a two-year tenure as futurist-in-residence for The New York Times and also writes the Practical Futurist column for MSNBC. For ten years he was vice president of The Washington Post Company's new media division, guiding both the newspaper and Newsweek into the new century, as well as serving as editor and general manager of Newsweek.com. A writer for Rolling Stone, Rogers co-founded Outside magazine, joined Newsweek to create the magazine's Technology section, and is also a best-selling novelist whose fiction explores the human impact of technology.


Closing Keynote Address


Innovate or Die: Looking into the Future


Nils PuhlmannNils Puhlmann

Share in this fascinating presentation by Nils Puhlmann, Former Chief Security Officer of Zynga’s converged security department, cofounder of the Cloud Security Alliance and ISACA member.

Technology users now expect access to data when they want it and where they want it. With multiple devices, and the desire to take them with us wherever we go and use them on the way and once we are there, we increasingly look to social networks as our preferred places to engage in our favorite activities with our friends. Nils will speak on emerging technologies, markets and societies—things that will change information security as we know it. He will examine the way people and technology intersect, especially the overriding influence different generations exercise over what is developed and how it is used, relevant especially to ISACA, and the disaffection for controls and the ability to find a way to work around them. Nils will share his concern about the increasing shortage he sees in security talent, especially professionals with real-life experience in very specific specialty areas—noting that finding new ways to secure technology that is insecure out of the box is the “new normal”, and it is not an area that receives an appropriate amount of training. Nils will discuss the importance of innovation in your organization’s security process and how creative thinking is critical to its survival.

Nils Puhlmann is a frequent speaker and keynote presenter at global security and technology conferences. He is considered a thought leader in the field of information security and his advice is frequently sought after by corporations and government entities. You now have the opportunity to hear his visionary comments.

 

 

Program Sessions and Workshops


Monday, 12 November 2012

Time Workshop

9:00AM–5:00PM

WS1 Conquering the Risk IT Framework
WS2 Cybercrime and Cyberwar: The Cost to Your Organization
WS3 Risk-based Approach to IT Infrastructure Security and Control Assessments


Tuesday, 13 November 2012

Time Workshop

9:00AM–5:00PM

WS1 Conquering the Risk IT Framework (Cont.)
WS2 Cybercrime and Cyberwar: The Cost to Your Organization (Cont.)
WS4 Database Security: Using Audit, Controls and Security in Today’s Business Environment
WS5 COBIT 5: IT is Complicated, IT Governance Doesn’t Have to Be!


Wednesday, 14 November 2012

Time Session

8:30AM–9:45AM

General Session

10:15AM–11:45AM

T1 111 Overcoming Challenges for Superior System Security Metrics
T2 112 Developing an Application Security Center of Excellence
T3 113 Making the Move from COBIT 4.1 to COBIT 5
T4 114 Everyone’s Into Computers: Who’s Into Yours? Data Privacy and Security: Mitigating the Risks and Developing a Response Plan
T5 115 Moving from Point-in-time to Continuous Monitoring

1:00PM–2:00PM

T1 121 The Evolution of Industrial Control Systems Security
T2 122 Five Strategies for Securing Your Cloud for the Next Five Years
T3 123 IT Governance and Mobile Technology
T4 124 How to Make Everyone Hate You—Communication Skills for Security and Governance Professionals
T5 125 How to Make COBIT 5 for Information Security Work for You

2:15PM–3:15PM

T1 131 Identifying Control Requirements to Improve Virtualization Security
T2 132 Best Practices for Secure Access to Cloud Apps
T3 133 The IT GRC Survival Guide to Mergers and Acquisitions
T4 134 How to Make Everyone Hate You— Communication Skills for Security and Governance Professionals
T5 135 Payment Card Industry Data Security Strategy and How to Maintain Compliance

3:45PM–5:00PM

T1 141 Cyberthreats That Impact You Today
T2 142 End-to-end Diligence in Outsourcing Relationships
T3 143 The Tension of Cloud Computing and Compliance: PCI Compliance in the Cloud
T4 144 Speaker Forum
T5 145 ICS/SCADA Panel Discussion on Your Enterprise’s Preparedness and Ability to Mitigate Risk

5:15PM – 5:45PM Spotlight Session: Creating a Flexible, Interconnected, Comprehensive IT GRC Framework to Drive Increases in Compliance Productivity
Spotlight Session: Integrated Risk Management: Providing an actionable view of IT and Operational Risk to the C-Suite
Spotlight Session: Data Security and Compliance in an Evolving Data Center
6:00PM – 6:30PM Spotlight Session: Putting “Risk Management” in GRC
Spotlight Session: Measuring the Maturity of your Information Security Program. Impossible?
Spotlight Session: Automating IT Data Collection And Compliance For GRCM Controls


Thursday, 15 November 2012

Time Session

8:30AM–9:45AM

T1 211 Identity Management in the Cloud
T2 212 Even Non-profits Have Real Risks—How This Non-profit Deals with Risks That Threaten to Take it Under
T3 213 Healthcare Transformation—Transforming Your Audit Planning to Meet the Needs of the Healthcare Transformation Agenda
T4 214 Advanced Persistent Threat—A buzzword or an Imminent Threat?
T5 215 Big Data: Why it’s Important in Your Security Program

10:15AM–11:45AM

T1 221 Top Security Threats to Banks in 2013
T2 222 Analyze IT Risk Management Challenges
T3 223 How Communication and Behavior Influence Information Risk and Reporting Outcomes: A Panel Discussion
T4 224 Top Practices in Health IT Compliance Programs
T5 225 Data Governance & Electronic Discovery—Trends, Case Law and Leading Practices

11:45AM – 1:00PM Oracle Lunch & Learn: Trends in Identity Management

1:00PM–2:00PM

T1 231 Business Continuity Management—Session Series—Reducing Corporate Risk and Exposure Through Effective Processes and Controls Implementation
T2 232 SecureSpace, Adding Security to Your “Friends” List
T3 233 Before We Knew It: An Empirical Study of Zero-Day Attacks in the Real World
T4 234 Reform of the European Union (EU) Data Protection Framework—A U.S. Perspective
T5 235 How to Effectively Understand, Integrate and Cover IT Risk Functions for Audit Analytics Within the Healthcare Industry

2:15PM–3:15PM

T1 241 Business Continuity Management—Session Series—Reducing Corporate Risk and Exposure Through Effective Processes and Controls Implementation (Cont.)
T2 242 Beyond ROI: The Art and Science of Obtaining Leadership Support for IT and GRC Initiatives
T3 243 Incorporating New Regulations Into your IT Compliance Program
T4 244 Cybersecurity: Explore the Evolution of Cyberthreats to Develop a Proactive Approach in Your Enterprise
T5 245 Mobile Security—Balancing Risks and Controls in a BYOD Environment

3:45PM–5:00PM

T1 251 Business Continuity Management—Session Series—Reducing Corporate Risk and Exposure Through Effective Processes and Controls Implementation (Cont.)
T2 252 An Era of Data—The Nature, Use and Flow of Data Today—Part 1
T3 253 Using the new COBIT Assessment Program to Perform IT Process Assessments
T4 254 Managing an Information Security Project
T5 255 Speaker Forum

5:15PM – 5:45PM Spotlight Session: Optimize Your Data Loss Prevention Investment for Bottom Line Results
Spotlight Session: IT- OT Convergence Delivers True Security for Critical Infrastructure Protection
Spotlight Session: Addressing the Risks of Privileged Accounts on a Global Enterprise Scale


Friday, 16 November 2012

Time Session

8:30AM–9:30AM

T1 311 Gone in 60 Seconds: Mitigating Database Security Risk
T2 312 An Era of Data—Challenges Part 2
T3 313 Benchmark Your GRC Effectiveness
T4 314 Who is Part of Your Computer Incident Response Team?
T5 315 Keeping Patient’s Data Safe—Identify Management for Healthcare

9:45AM–10:45AM

T1 321 Establishing a Data Breach Response Process
T2 322 Security Risk—Managed Vendor Due Diligence
T3 323 Practical Guide to Implementing IT Governance
T4 324 Risk’s impact on Social Networking
T5 325 Advanced Risk Concepts for IT Risk Practitioners—Tolerance, Acceptance, and Transfer

11:15AM–12:15PM

General Session

  

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a three-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 32 CPE credits; 18 by attending North America ISRM / IT GRC and an additional 7 CPE credits for attending each day of optional workshops. ISACA conferences are Group Live and do not require any advanced preparation.

ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site:  www.learningmarket.org.

Conference Registration Fees

 

Member US $1,750 Non-member US $1,950


One-Day Workshop

Member US $550 Non-member US $750


Two-Day Workshop

Member US $750 Non-member US $950

Cancellation Deadline:

17 October 2012

Online Registration Close Date 7 November 2012

All fees are quoted in US dollars. The entire registration fee must be received by ISACA before your registration will be considered paid in full.

  

Registration Methods

Registration for the 2012 North America ISRM / IT GRC Conference is Open! Please register on site at the Mirage Hotel and Casino. Contact ISACA's Conference Department at +1.847.660.5585 if you have questions.

Choose one of these easy ways to register

  1. Fax your completed registration form to +1.847.253.1443
  2. Mail your completed registration form to:
    ISACA, 1055 Paysphere Circle, Chicago, IL 60674 USA
  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America, 135 S. LaSalle St., Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    [Please include attendee’s name and North America ISRM / IT GRC 2012 on the Advice of Transfer.]

Cancellation Policy

If your plans change and you won’t be able to attend the conference and/or workshop, contact us by phone, fax or e-mail to cancel your registration. All cancellations must be received by 17 October 2012 to receive a refund of registration fees. A cancellation charge of US $100 will be subtracted from conference refunds, and US $50 from workshop refunds. No refunds can be given after 17 October 2012. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees.

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, conference and/or workshop fees must be received by the published deadline. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. Conference materials are not guaranteed to those who register onsite or fail to submit payment prior to the event. For more information regarding administrative policies, please contact the ISACA conference department.
Phone: +1.847.660.5585
Fax: +1.847.253.1443
E-mail: conference@isaca.org

Disclaimer

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.


Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the web site at www.isaca.org/membership or contact the membership department at membership@isaca.org.

NOTE: This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.


Permission to be Photographed

By attending this event, the registrant grants permission to be photographed and videotaped during the event. The resultant photographs and videos may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site, in social media and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs and videos will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs or videos now or in the future.


Dress

Business casual is appropriate for this and all ISACA conference events.

Venue and Accommodations

Mirage Casino-Hotel
3400 Las Vegas Boulevard South
Las Vegas, Nevada 89109
Phone: 1.800.499.6311
Phone Reservations: 1.800.374.9000

Room rates based on availability


Resort fees are inclusive of daily news paper at Impulse and Bell Desk, Cardio Center admission, in-room robes, unlimited notary and incoming fax, minimum of 20 outgoing faxes and airline boarding pass printing at the Mirage Business Center, in-room internet access and unlimited local and toll-free telephone calls.

  Mirage deluxe king room

Special Hotel Information

Special hotel rates are available three days prior to and following the conference, and are subject to availability. To obtain the preferred rate, remember to mention that you are attending ISACA ISRM / IT GRC Conference. Reservation requests received after the cut-off date will be honored on a space-available basis only. All reservations must be guaranteed with a deposit of one night's room cost.

Individuals are responsible for securing their own deposit at the time reservations are made. ISACA strongly encourages all conference delegates to stay at the host hotel. Staying at the host hotel helps keep the cost of the conference and membership dues down by helping us fulfill our negotiated guest room commitments to the hotel. You will also enjoy the benefits of being onsite for conference activities at a reasonable price.

Thank You to Our Sponsors!

Platinum

Oracle

 

   

Gold

McAfee

 

   

Silver

AlertEnterprise

Courion Corporation

Modulo Qualys

Bronze

Vormetric C&F AdaptiveGRC

 

 

Hitachi ID Systems      

 

 
2012 Event Exhibitors

  Solution Center Floor Plan

 

Megatrends


Wednesday, 14 November 2012 2:15PM – 3:15PM

McAfee
Best Practices for Secure Access to Cloud Apps
Presenter: Vikas Jain, Director, Product Management, Mcafee, Inc.

 

Friday, 16 November 2012 8:30AM – 9:30AM

Oracle
Gone in 60 Seconds: Mitigating Database Security Risk
Presenter: Roxana Bradescu, Director of Product Management, Database Security, Oracle

Oracle Lunch & Learn Session


Thursday, 15 November 2012 11:45AM – 1:00PM

Oracle
Trends in Identity Management
Presenter: Mike Neuenschwander, Senior Product Development Director, Oracle Identity Management

Spotlight Educational Sessions


Wednesday, 14 November 2012 5:15PM – 5:45PM

C&F AdaptiveGRC     View Presentation
Creating a Flexible, Interconnected, Comprehensive IT GRC Framework to Drive Increases in Compliance Productivity
Presenters: Malcolm Lord, US Product Lead & Raef Meeuwisse, Functional Architect, C&F AdaptiveGRC™

 

Modulo     View Presentation
Integrated Risk Management: Providing an actionable view of IT and Operational Risk to the C-Suite
Presenters: Arti Raman, VP Int. Marketing and NA Sales & Portia Mills, Pre-Sales Engineer, Modulo Security, LLC

 

Vormetric     View Presentation
Data Security and Compliance in an Evolving Data Center
Presenter: Derek Tumulak, VP Product Management, Vormetric


Wednesday, 14 November 2012 6:00PM – 6:30PM

Courion Corporation
Putting “Risk Management” in GRC
Presenter: Chris Sullivan, VP of Product Planning, Courion Corporation

 

     View Presentation
Measuring the Maturity of your Information Security Program. Impossible?
Presenter: Mark Carney, CRISC, Vice President of Strategic Services, Fishnet Security

 

Qualys     View Presentation
Automating IT Data Collection And Compliance For GRCM Controls
Presenter: Jason Creech, Director of Compliance Solutions, Qualys Inc.


Thursday, 15 November 2012 5:15PM – 5:45PM


Optimize Your Data Loss Prevention Investment for Bottom Line Results
Presenter: Robert Eggebrecht, President, CEO, BEW Global

 

Alert Enterprise
IT- OT Convergence Delivers True Security for Critical Infrastructure Protection
Presenter: Pan Kamal, Vice President, Marketing, Alert Enterprise, Inc.

 

Hitachi ID Systems     View Presentation
Addressing the Risks of Privileged Accounts on a Global Enterprise Scale
Presenter: Bruce MacDonald, Senior IAM Solutions Architect, Hitachi ID Systems, Inc.

 

For Exhibitor and Sponsorship Opportunities

Please contact:

Sean Stringer
Director of Sponsorship
Phone: +1.847.660.5729
Fax: +1.847.253.1443
sstringer@isaca.org

  Exhibitor and Sponsorship Information

Questions

Contact ISACA's Education/Conference Department:
Tel: +1.847.660.5585
Fax: +1.847.253.1443
conference@isaca.org

Media Inquiries

Contact the ISACA Communications Department:
Tel: +1.847.660.5512 or
+1.847.660.5564
news@isaca.org

Please address Sponsorship questions to: sstringer@isaca.org