Please Sign In

Members, please sign in to access chapter information, including essential members-only content. If you are not sure you are a member, please sign in, and then click to My ISACA on the main ISACA web site to view your membership status and your chapter.Non-members are welcome to visit the public pages of this site.

 Job Opportunities

 BC AWARE Campaign 2016

Click here for the Events Calendar or visit


Email Contacts:

General Info Programs Registration
Past President

ISACA Vancouver Chapter
P.O. Box 48894
Bentall Centre
Vancouver, BC
V7X 1A8

Welcome to the ISACA® Vancouver Chapter

Our goal is to promote the practices and the development of professionals in IT risk, governance of enterprise IT, information security management, and IT assurance within the local business and academic community, the chapter membership, and with future members throughout the Greater Vancouver area.

We sponsor local educational seminars and workshops, as well as conduct regular chapter meetings.

ISACA Vancouver Chapter Video - LEARN, CONNECT and GROW
Please click here.

BC AWARE YouTube Channel: For the latest videos, please click here.

ISACA Vancouver's Achievement at #ISACA Awards

ISACA is proud to recognize the most active and engaging chapters who, by supporting the membership and professional community locally, also support ISACA’s purpose and promise. Recipients are typically selected by chapter size.

ISACA Vancouver Chapter was awarded the 2016 COMMUNICATIONS EXCELLENCE AWARD for large chapters.

The Communications Excellence Award recognizes chapters who plan and execute great communications with their constituents through a variety of channels.

ISACA also recognizes superb performance in the CISA certification exam through the THOMAS H. FITZGERALD AWARD.

Congratulations to Catherine Meleady, CISA, CRISC, for achieving the highest worldwide score on the 2016 CISA examinations!

We invite you to download the awards booklet here

2017/18 Monthly Education Sessions

ISACA Vancouver and IIA - Assessing Organization Culture - Practical Tools and Techniques

We see organizations today putting great emphasis on defining their values and maintaining strong cultures. Why? These values are meant to translate in specific desired behaviors to support the achievement of organizational objectives. Examples of such behaviors are: taking personal responsibility, admitting to and learning from past mistakes, having an open and honest dialogue regarding important issues, including key risks, and willingness to provide constructive challenge in the name of making the best decision, to name a few. Deviating from these desired behaviors creates cultural risk which can have significant financial and reputational repercussions.

Many organizations have realized the importance of culture and have taken steps to evaluate and manage their cultural risks. Boards of Directors are specifically called to heighten their attention to cultural risk and apply the same oversight to culture as they give to other corporate risks. Internal Audit and Risk Management play important roles in this process.

Join us for this half-day session to learn from practitioners who have experienced cultural assessment and cultural auditing in real life. You will take away valuable frameworks and practical tools and techniques to incorporate in your audit approach, provide greater context to your audit findings, bring more clarity and rigor to your discussions with management, and ultimately help strengthening the cultures of your organizations.

Speakers Information

Frank Martens, CPA
Global Risk Framework and Methodology Leader at PWC

With over 30 years of experience, Frank helps clients implement practical plans that retain the conceptual integrity of risk management, internal control and audit. His work spans public and private companies, public sector entities, crown corporations, and not-for-profits in the energy, health care, higher education, mining, oil and gas, software, and tourism sectors.

In addition to serving his clients, Frank is also a thought speaker and author on Enterprise Risk Management (ERM) and Internal Controls. As a 15-year contributor to the Committee of Sponsoring Organizations of the Treadway Commission (COSO), he has spoken about and co-authored numerous publications. He was a principal contributor to the COSO Enterprise Risk Management-Integrating with Strategy and Performance, led the revision of its Internal Control-Integrated Framework, and have produced several articles on risk and control for Canadian and US publications. A key tenant of the ERM Framework is its combined focus on culture, capabilities, and practices that must work together in managing risk.

Wayne Thompson, CA, CPA , CIA and CRMA
VP Internal Audit at Coast Capital Credit Union

Wayne is the Chief Auditor at Coast Capital Savings, and a member of the Senior Leadership Team. He leads a team of auditors conducting a range of assurance and advisory services to the organization. He has an administrative report to the CEO and a function reporting line to the Chair of the Audit Committee.

Prior to joining Coast, Wayne worked for 15 years in public practice, most recently as the Risk Practice leader for a Big 4 Consultancy firm. Wayne’s professional experience is concentrated in the areas of Internal Audit, Risk Management and Regulatory Compliance, including CEO/CFO Internal Controls Certification programs in Canada, the United States and Japan. He also worked extensively with client on other regulatory compliance programs in areas such as anti-money laundering, anti-corruption and privacy. Assessing Risk Culture was one of the main components of his advisory and assurance work. He will speak to his experience related to auditing culture.

Maggie Ivanova, MSc. Acc., MBA, CIA and CRMA
Manager Integrated Risk at Central 1 Credit Union

Maggie is a senior business professional with over 10 years of experience in governance, risk management, strategic planning, internal audit and performance improvement. She started her career as a consultant and worked on a variety of consulting and internal auditing projects in many industries including: construction and mining, public sector and crown corporations, education, health care and financial services. She then moved through a variety of risk management roles in different organizations and is currently the Integrated Risk Manager at Central 1. Throughout her career, Maggie has conducted many cultural assessments, both as an internal auditor and as a risk management advisor, and has helped organizations develop practical improvement strategies. In her current role, Maggie led the development and implementation of Central 1 first Cultural Risk Assessment Methodology.

Maggie has Bachelor’s and Master’s degrees in Accounting and Control, an MBA in Strategic Management, and certifications in Internal Auditing and Risk Management Assurance.

REGISTRATION INFORMATION: To register, please click here
Registration Fees: IIA and ISACA Members: $99; Non-Members: $110 (breakfast is included)
CPEs: Total of 4 CPE credits
DATE: February 23, 2018
TIME: 8:30am to 12:00pm (registration starts at 8:00am)
LOCATION: BC Hydro, 333 Dunsmuir St Downtown Vancouver

*  *  *  *  *  *  *  *  *  *

ISACA Vancouver and CPABC Social Mixer

The CPABC and ISACA Vancouver Chapters are organizing a social mixer for members of our two chapters. This will be a great opportunity to catch up with your fellow CPABC and ISACA members in a cozy and fun atmosphere, increase your professional network and win door prizes. While attendance is free, we ask that you please register for the event for logistics purposes as we have a limited number of spaces.


5:00 pm Doors open & Registration
5:30 pm Welcome and Introductions by Chapter President/Chair
5:30 pm - 7:30 pm Networking and Canapés


Tuesday, 6th March 2018
5:00 PM – 7:30 PM PDT

Steamworks Brewing Co.
375 Water St, Vancouver, BC V6B 5C6

To register, please follow this link :

*  *  *  *  *  *  *  *  *  *

ASIS International - Enterprise Security Risk Management

Enterprise Security Risk Management (ESRM) is an ASIS International strategic priority, with the project charter recently being approved by the Board of Directors. This luncheon event will focus on the importance of a holistic approach to security management, with insights provided by a leading industry professional.

Dana Adams, CPP, CISSP, MBA, is the Director of Security Services at TELUS, a leading national telecommunications company in Canada. With over 20 years of experience in the security industry, Dana has successfully transitioned the Security Services from command and control, to a strategic consulting partner with internal stakeholders, clients and both provincial and national law enforcement organizations.

During his tenure with TELUS, Dana has successfully developed and delivered the TELUS security plan for the 2010 Winter Olympic Games in Vancouver, established effective partnerships with Law Enforcement and Public Safety, redesigned and implemented a new executive protection program, and developed and delivered asset protection programs for network infrastructure (copper cabling), retail operations, supply chain security and data protection. <br.
As the 2018 President of the ASIS International Professional Certification Board, Dana will further discuss the significant impact of industry designations, and address the necessity for these to continuously align to the shifting marketplace.

3 Course Meal Served:
Salad: Strawberry Frisée Salad
Entrée: Grilled Peppered Beef Sirloin
Dessert: Mango Cheese Cake with Raspberry Coulis
*Any allergies and dietary restrictions can be accomodated*

Date and Time: Wed, 7 March 2018 - 11:30AM-1:30PM PST
Location: Sutton Place Hotel Vancouver/ 845 Burrard Street Vanvouver BC
Cost: $45-$50

To register, please click here

*  *  *  *  *  *  *  *  *  *

*  *  *  *  *  *  *  *  *  *

ISACA Vancouver and IIA Social Media, Social Engineering and Ethics (two training sessions)

Social Media and Social Engineering Risk: What every internal audit and risk management professional needs to know (3.5 hours, qualifies for 4 CPEs)

Social media is a dominant force in today’s world of connectedness. Its use is still growing in all parts of the world, and with that, risk is growing exponentially. Within an organization, use of social media by different departments can compromise the reputation of the organization and staff. Changes in internet usage, such as the proliferation of mobile devices and the rising use of social media, have presented many new challenges, including for cyber security. In this session you will learn how to identify and mitigate the new risks related to the changing social media landscape by:

• Looking at some of the worst corporate social media blunders, understanding what caused them and what could have been done differently
• Discussing fallout from real life cases of cybersecurity breaches, formulating a pragmatic approach toward combating cyber threats and building cybersecurity strategies
• Understanding the key elements of a successful social media strategy and what needs to be in the social media policy

This session will also touch upon social engineering. Discover how vulnerable your organization can be to social engineering and it’s easier than we think. The greatest security threat any organization faces today is the human threat. You will discover how easily confidential information leaks out of your organization daily by:
• Recognizing how the bad guys can infiltrate your organization
• Understanding how the good guys mitigate the problem
• Learning how to incorporate human vulnerability checks into your standard audit practice
• Learning how to make yourself and your organization more secure

Ethics: Making ethical decisions in times of uncertainty (3.5 hours, qualifies for 4 CPEs)

Hailed by many participants as the best ethics course ever, Ethics Viewpoint illustrates the challenges in implementing an organization wide ethics policy. Explore how best to embed ethics into a corporate culture. Ethical issues are associated with workplace deviance or corruption and its counterparts – lying, evasion of accountability, and abuse of authority. What causes them and how should they be dealt with?
This session focuses on integrating ethics with everyday corporate life. Ethics breaches begin with people – understand the team you work with. In an interactive session, participants will put into practice ethics issues that will help build a strong ethical business culture. The seminar’s topics include:
• Personal ethics vs. professional ethics
• How easy are ethics to define in the workplace?
• Does employee behavior influence ethical practice?
• Most common ethical breaches

Nejolla Korris is a popular speaker on lie detection, fraud prevention and investigation, workplace fraud, social engineering, social media risk, organizational justice and ethics. She has spoken internationally throughout the US, Canada, Europe, Asia and Africa. Her clients include associations, corporations, government agencies, law enforcement, and the military. Ms. Korris is also a frequent presenter for The Institute of Internal Auditors, ISACA and the American Institute of Certified Public Accountants. Last year we had her deliver two sessions to our members in Vancouver: Fraud Detection – Words Never Lie and Building Your Corporate Fraud Team.
Nejolla has a BA in Law from Carleton University. She was awarded the Queen's Diamond Jubilee Medal for her international work in linguistic lie detection. Nejolla served as the Honorary Consul for the Republic of Lithuania as well as the Chair of the Consular Corps in Edmonton. She writes a column in Edmontonians magazine entitled Civil Wars and a blog called the Korrispondent.

REGISTRATION INFORMATION: To register, please click here
Registration Fees:
• IIA and ISACA Members: Social Media and Social Engineering Risk – $150; Ethics – $150;
Special Bundle: Both Courses - $280
• Non-Members: Social Media and Social Engineering Risk -$175; Ethics - $175;
Special Bundle: Both Courses: $330
CPEs: Total of 8 CPE credits
DATE: Friday, March 23rd, 2018
TIME: 8:00am to 5:00pm
LOCATION: BC Hydro, 333 Dunsmuir St Downtown Vancouver

*  *  *  *  *  *  *  *  *  *

News and Announcements


ISACA VANCOUVER chapter earns the prestigious 2016 Communications Excellence Award for all ISACA Large chapters!!!

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

SANS SEC401: Security Essentials Bootcamp Style

The SANS SEC401: Security Essentials Bootcamp Style instructor led course will be offered in North Vancouver at the ICBC campus on November 6 – 11, 2017. There will be space for a maximum of 24 participants. All of the details are available on the SANS page.

A special 10% discount is being offered exclusively for ISACA members. Those interested may contact to obtain the discount code, prior to registration. The code cannot be applied after the registration.

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Get the Cybersecurity Fundamentals Study Guide that can Help you Enhance Your Cyber Knowledge and Start Your Cyber Career Strong!

Cyber attacks and threats continue to plague enterprises around the world. As these attacks continue to grow, so does the need for skilled cyber security professionals. With the high demand for qualified professionals, now is a great time to consider a career in cyber security. To support faculty and help college/university students get started in cyber, local ISACA chapters in association with ISACA's Cybersecurity Nexus (CSX) program have created an exclusive academic package that offers the Cybersecurity Fundamentals Study Guide as a complimentary "Career Starter" gift.

CSX's Cybersecurity Fundamentals Study Guide can enable you to:
* Develop a comprehensive understanding of the principles that frame and define cyber security
* Get a head start on your career in the in-demand but fiercely competitive field of cyber security
* Prepare for the Cybersecurity Fundamentals Certificate exam and the globally accepted certificate that will help your resume/CV rise to the top of the recruiters' stacks

Please click here to download ISACA-Vancouver's brochure with further details.

Please click here to visit the website where instructors and students can download or purchase the materials.

Other Chapter Events

In the interest of keeping you informed of events that may be beneficial to you, there is an exciting opportunity with the ISACA Winnipeg Chapter on May 16th to witness, first-hand, how vulnerable organizations are to cyber-attack. The cyber risks that we face have exploded and understanding where the vulnerabilities are and the role we all play as employees and managers is a vital first step in mitigating those risks. From board member to owner to IT professional, we all can gain from this knowledge.

Kevin Mitnick, the world’s most famous hacker, will be presenting at a keynote luncheon during the Western Canada Information Security Conference (WCISC) being held at Winnipeg’s RBC Convention Centre. Tickets can be purchased for the luncheon at or grab a ticket for the full, day-long conference to be able to network with other professionals and learn even more about the security concerns facing our organizations. The full conference pass will also give you access to the exhibitors hall where vendors are on hand to present today’s tools for combatting and responding to information security threats.

The ISACA Winnipeg Chapter is also hosting a two-day CSX Fundamentals Workshop in conjunction with the WCISC. Members can attend the workshop at the ISACA Winnipeg member rate. Details about the seminar can be found at here.

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

All cancellations/transfers must be received in writing - please send an email to Telephone or verbal cancellations/transfers will not be accepted. Cancellations or transfers of registration at least 10 calendar days prior to the course will result in a full refund. Cancellations or transfers received less than 10 calendar days but more than 3 full* business days prior to the course are subject to an administration fee of $50 for full and half day courses, or $25 for executive breakfasts and luncheons, or hold on credit for use towards a future event.
Cancellation requests received less than 3 full business days prior to the course date (statutory holidays are not considered business days) will not be accepted and the full cost of the seminar will apply, with no credits or refunds. No-shows, registrants who register but do not show up for a seminar will also be responsible for the full cost of the seminar, with no refunds or credits. In such cases, substitution of attendee is permitted up to and including the day of the seminar.