Maria Lopez - Education Committee Chair


Committee Members

Jomol Peter

Michael Maertz

Scott Lubliner

Call to Action

The Education Committee is looking for volunteers to participate in committee activities. Please send e-mails to to learn how to get involved.

Upcoming Onsite Courses

Full time students and veterans are eligible for 25% discount of membership rates, upon presentation of current class schedules or valid student/veteran ID. Please be sure to register early for the upcoming classes. Unless registration is open, date and topics maybe changed at a later date.  


How to Audit Waterfall & Agile Development Methodologies – October 09, 2018

Location: Cohn Reznick 1301 Avenue Of The Americas, New York, NY 10019

ISACA NY is hosting “How to Audit Waterfall & Agile Development Methodologies” a one-day session.

Seminar Objective

This seminar is intended to provide an auditor the base level knowledge required to perform a pre & post implementation audit of the deployment of business systems.   This seminar is structured based the two most common development methodologies used in the industry; Agile and Waterfall. 

Traditional development used the Waterfall development methodology which provided an effective method to ensure that organizations were establishing functional requirements derived from user participation prior to proceeding with the design and construction phases.  These long project phases were always under scrutiny especially when project were continuously delivered late and never included all of the promised functionality.  These issues paved the way for the Agile development methodology approach of delivering smaller packages of functional code that can be used by productions users within shorter timeframes which are referred to as sprints.  The assembly of the Scrum teams which produced these sprints also provided the basis for establishing true quantitative measurements for the amount of work (user stories) that were to be delivered by these sprints.

The methods used for auditing a Waterfall development methodology is quite different from Auditing an Agile development methodology which will be one of the primary areas covered during this seminar.  Each of these development methodologies have their strengths and weakness as it relates to in-house development, companies operating third-party vendor products and those companies that are using SaaS solutions. 

Regardless of the level of experience of the attendee, the instructor’s experience of conducting audits of 4+ system migrations per year audit and extensive development experience will bring new insights to even the most experienced auditor.

Who Should Attend

This seminar is designed for IT, Integrated and Operation Auditors at all levels.


Mitchell Levine is the founder of Audit Serve, Inc. which is an IT Audit & Systems consulting company.   For the last 26 years at Audit Serve, Mr. Levine has split his time between traditional IT & Integrated Audit consulting projects, Restructuring IT Departments, PCI Implementations, and performing pre & post-implementation reviews of system migrations.  Mr. Levine spends 220+ days per year consulting which is the basis for the material which is included in the seminars.

Mr.  Levine has developed Waterfall Development Methodologies for three companies and has performed over 25 system migration reviews for companies which utilize both Waterfall and Agile development methodology over the past 8 years. 

Over the past seven years Mr. Levine has presented over 85 seminars to twenty different ISACA & IIA chapters.  Mr. Levine also was the primary writer and editor of Audit Vision which is published bi-monthly and has a subscription base of over 3,500 audit & security professionals.

Prior to establishing Audit Serve, Inc. in 1990, Mr. Levine was an IT Audit Manager at Citicorp where his duties included managing a team of IT Auditors who were responsible for auditing 25+ service bureaus and the corporate financial systems.


Level: All levels, 7.5 CPE

To register: - PC - Mobile


Business Continuity for IT Auditors and Information Security Professionals - November 13 & 14, 2018

Location: Cohn Reznick 1301 Avenue Of The Americas, New York, NY 10019 


ISACA is proud to offer a two-day seminar, combining lecture with a hands-on,

case-study based workshop that introduces Auditors and Information Security

Professionals to the principles and practice of Business Continuity

Management (BCM). It is based on the latest trends in BCM (mobile

workforces, bring-your-own-device (BYOD), mass notification, contingent

outsourcing). It includes standards, methodology, and audit and review

techniques for both business and Information Technology resilience and



Intended audience: I.T. Auditing Managers, Information Security managers

and staff, Risk Managers, Operations Personnel, Internal Financial and

Operational Auditors, Corporate Management, Chief Financial Officers and



Learning objectives: Participants in this seminar will learn:

       How to view and measure business continuity risk

       The business rationale for Business Continuity Management

       How to view and measure business continuity risk

       Widely accepted standards for Business Continuity Management

       The latest trends in Business Continuity

       Requirements for governance and oversight of a Business Continuity

       Management program

       The Business Continuity Plan maintenance program

       An overview of tools and techniques for Business Continuity Planning

       An approach to auditing a Business Continuity Management program and the plans developed by such a program


Instructor: Steve Ross

Mr. Ross is Executive Principal of Risk Masters International LLC and holds certification as a Master Business Continuity Professional (MBCP) and an Associate Fellow of the Business Continuity Institute (AFBCI). Mr. Ross is a specialist in Business Continuity Management, Crisis Management and IT Disaster Recovery Planning. Prior to founding Risk Masters, Mr. Ross was with Deloitte as the global leader of their Business Continuity Management practice. In recent years, his focus has been on the resilience and recoverability of large corporate business and technology environments with particular interests in establishing Business Continuity Management programs, designing resilient data centers and planning for recovery from cyberattacks. He was editor of the multi-volume series, e-Commerce Security, and author of several of the books in the series, including e-Commerce Security: Business Continuity Planning. His book, Creating a Culture of Security, was published in 2011.


Level: All levels, 16 CPE

To register: - PC - Mobile