Events 

 

Please visit our web site regularly for announcements of upcoming lunch education session.

May Education Event

Dismantling the Fraud Triangle

Date: Thursday, May 28, 2015
Time: 12:00 PM to 2:00 PM (2 CPE Hours)
Cost: ISACA Members - $50; Future Members - $55; Students - $30 (Students - Please bring valid student ID)

Location: Steamworks (Wine Room), 375 Water Street, Vancouver (at Water Street and W. Cordova, near the Waterfront Station)

A full 3 course lunch is included.

Invited Audience:
CIOs, CxOs, Senior Management, IT Governance, IT Management, Information Security Management, Risk Management, and IT Assurance professionals. 

Overview
Failure to identify and manage risks can pose significant threats to an organization. The 2014 ACFE Report to the Nations states that leading causes of fraud cases are lack of internal controls (32%), lack of management review (20%) and the overriding of existing controls (18.9%). Analytics can be employed throughout a risk-based audit life cycle, by testing internal control effectiveness, benchmarking with external data, and looking at trends and predictions. Through timely identification of control breakdowns, organizations can work to remediate issues quickly and prevent potential instances fraud.

This session will use practical examples to explain how data analytics can shed light weaknesses within an organization. Aligning with industry best practices we will walk through the steps to address abuse and potential fraud. Over and above technology, we will also address the overall tone at the top for an organization plays a part in reducing rationalization and the need and opportunity to commit fraud.

During this presentation attendees will learn how to:

  • Integrate analytics into the audit management processes
  • Understand top risks and controls to monitor
  • Focus on maximizing potential through relevant and timely insights
  • Use specific analytics tactics to identify fraud
  • Use a pro-active audit approach to provide a value-added service to their organization

Biography:

Fred Wechselberger - Global Accounts Manager, CaseWare IDEA

Fred Wechselberger has over 15 years of experience helping organizations implement and use data extraction and analysis software. Fred brings unique perspectives on the use of CAATs having experience with federal and state bodies like the SEC, Central Bank of Nigeria, Government Uganda, and corporate bodies like GE, GM, American Express, MMC, Safaricom, Prudential and many globally recognized CPA firms.

Registration: ISACA Vancouver Chapter uses secure online registration process which accepts Paypal and all major credit cards (Visa, MasterCard and American Express)

 

*   *   *   *   *   *

 

March Education Event

Finding the Needle in your Network Security Haystack

Date: Tuesday, March 24, 2015
Time: 12:00 PM to 2:00 PM (2 CPE Hours)
Cost: ISACA Members - $50; Future Members - $55; Students - $30 (Students - Please bring valid student ID)

Location: Steamworks (Wine Room), 375 Water Street, Vancouver (at Water Street and W. Cordova, near the Waterfront Station)

A full 3 course lunch is included.

Invited Audience:
CIOs, CxOs, Senior Management, IT Governance, IT Management, Information Security Management, Risk Management, and IT Assurance professionals.

Overview:
Finding an adversary within our networks can seem like a daunting task. With the operational burden of hunting through tens of thousands of alerts each day, how do we know how to prioritize what we need to focus on? Who’s attacking us? What do they want? What did they steal? Better yet, how do we even respond? Boards generally have four questions when a breach happens: Who breached us? What did they steal? Are they still in our systems? Do we have the security measures to make sure we can respond to potential future breaches on a timely basis?

In this session, we will dig deeper into how we can do a better job of operationalizing our security program to provide answers to these questions. We will dig into the types of intelligence that matters and some of the tactics, techniques and procedures advanced attackers are using to breach environments, maintain persistence and exfiltrate your data.

Biography:
Jamie Haggett is a Consulting Systems Engineer at FireEye, Inc. Jamie is focused on helping organizations with a low risk tolerance combat highly complex cyber security challenges by helping them integrate people, process and technology using intelligence as a cornerstone to their security programs. Jamie has over 13 years experience in cyber security working in various sectors such as Government, Energy, Finance and Technology. Prior to FireEye, Jamie lead the mobile security efforts in global capacity with a leading Internet Security firm.

Registration:
ISACA Vancouver Chapter uses secure online registration process which accepts Paypal and all major credit cards (Visa, MasterCard and American Express).  Please select the March Education Event from the Paypal web parts on the right, or below.

 *   *   *   *   *   *   *   *   *

‘COBIT 5 Assessor’ highly sought after course is being offered for the first time in BC. (Limited space available)

Looking to improve your organization’s effectiveness and process capabilities? Join others to take the COBIT 5 Assessor 3-day course offered by ISACA/IIA Vancouver and Victoria Chapters. The course provides a basis for assessing an enterprise’s process capabilities against the COBIT 5 Process Assessment Model (PAM). Evidence-based to enable a reliable, consistent and repeatable way to assess IT process capabilities, this model helps IT leaders gain C-level and board member buy-in for change and improvement initiatives. See course description below for more details.

PREREQUISITE: To register for the course you need to be familiar with COBIT 5. To register for the exam you need to be certified in COBIT 5 Foundation.

Target Audience: Senior IT Management, Seniors Business Managers, IT Auditors, IT Managers, IT Quality Professionals, IT Process Owners & Process Managers, Governance Managers, Internal and external auditors, IT consultants, Audit Managers / Directors / Chiefs

Date: October, 2015

 

COBIT 5 Assessor Course Description

The COBIT 5 Assessor course provides a basis for assessing an enterprise’s process capabilities against the COBIT 5 Process Assessment Model (PAM). Evidence-based to enable a reliable, consistent and repeatable way to assess IT process capabilities, this model helps IT leaders gain C-level and board member buy-in for change and improvement initiatives.

Assessment results provide a determination of process capability. They can be used for process improvement, delivering value to the business, measuring the achievement of current or projected business goals, benchmarking, consistent reporting and organizational compliance.

COBIT 5 is the internationally accepted best practice framework for IT governance and control. With a focus on managing processes, COBIT has helped organisations bridge the gaps between control requirements, regulatory compliance and business risks and to significantly increase the value of their investment in IT.

At the conclusion of this course, attendees will understand

• How to perform a process capability assessment using the Assessor Guide: using COBIT 5
• How to apply the Process Assessment Model (The PAM) in performing a process capability assessment Specifically:
      o To use the Process Reference Model, in particular to be able to use the 37 processes outlined in the PRM
      o To apply and analyse the measurement model in assessing process capability levels
      o To apply and analyse the capability dimension using generic criteria outlined in the PAM
• How to identify and assess the roles and responsibilities in the process capability assessment process
• How to perform and assess the 7 steps outlined in the Assessor Guide Specifically:
      o Initiate a process assessment o Scope an assessment, using the tools provided and the PAM for the selection of the appropriate processes
      o Plan and brief the teams o Collect and validate the data
      o Do a process attribute rating
      o Report the findings of the assessment
• How to use the self-assessment guide

 

Benefits for Individuals

• Understand levels of IT-related risk and make informed decisions to reduce information security incidents. Deliver this understanding and risk awareness to improve prevention, detection and recovery within an organization. • Provide tools for organizations to maintain high quality information to support business decisions. • Help an organization to meet with regulatory and statutory or government requirements. • Understand COBIT approach to governance and its relationship with other IT best practices.

 

Benefits for Organizations

• Achieve strategic goals and realise business benefits through the effective and innovative use of IT. • Support compliance with relevant laws, regulations, contractual agreements and policies and gain competitive edge over other organizations. • Reduce complexity and increase cost-effectiveness due to improved and easier integration of information security standards, good practices and/or sector-specific guidelines resulting in operational excellence through reliable, efficient application of technology. • Improved integration of information security in the enterprise, resulting in increased user satisfaction with information security arrangements and outcomes.

 

Exam Format

• Objective testing • 8 questions per paper with 10 marks available per question • 40 marks or more required to pass (out of 80 available) - 50% • 2 ½ hours duration • Open book (‘COBIT 5 Assessor Guide: Using COBIT 5’ and ‘COBIT Process Assessment Model (PAM): Using COBIT 5’ books only).

 May Education Event ‭[1]‬

 Registration - Education Session

 Cancellations/Transfers & Refunds

All cancellations/transfers must be received in writing - please send an email to registration@isaca-vancouver.org. Telephone or verbal cancellations/transfers will not be accepted. Cancellations or transfers of registration at least 10 calendar days prior to the course will result in a full refund. Cancellations or transfers received less than 10 calendar days but more than 3 full* business days prior to the course are subject to an administration fee of $50 for full and half day courses, or $25 for executive breakfasts and luncheons, or hold on credit for use towards a future event.

Cancellation requests received less than 3 full business days prior to the course date (statutory holidays are not considered business days) will not be accepted and the full cost of the seminar will apply, with no credits or refunds. No-shows, registrants who register but do not show up for a seminar will also be responsible for the full cost of the seminar, with no refunds or credits. In such cases, substitution of attendee is permitted up to and including the day of the seminar.