Please visit our web site regularly for announcements of upcoming lunch education session.

March Education Event

Finding the Needle in your Network Security Haystack

Date: Tuesday, March 24, 2015
Time: 12:00 PM to 2:00 PM (2 CPE Hours)
Cost: ISACA Members - $50; Future Members - $55; Students - $30 (Students - Please bring valid student ID)

Location: Steamworks (Wine Room), 375 Water Street, Vancouver (at Water Street and W. Cordova, near the Waterfront Station)

A full 3 course lunch is included.

Invited Audience:
CIOs, CxOs, Senior Management, IT Governance, IT Management, Information Security Management, Risk Management, and IT Assurance professionals.

Finding an adversary within our networks can seem like a daunting task. With the operational burden of hunting through tens of thousands of alerts each day, how do we know how to prioritize what we need to focus on? Who’s attacking us? What do they want? What did they steal? Better yet, how do we even respond? Boards generally have four questions when a breach happens: Who breached us? What did they steal? Are they still in our systems? Do we have the security measures to make sure we can respond to potential future breaches on a timely basis?

In this session, we will dig deeper into how we can do a better job of operationalizing our security program to provide answers to these questions. We will dig into the types of intelligence that matters and some of the tactics, techniques and procedures advanced attackers are using to breach environments, maintain persistence and exfiltrate your data.

Jamie Haggett is a Consulting Systems Engineer at FireEye, Inc. Jamie is focused on helping organizations with a low risk tolerance combat highly complex cyber security challenges by helping them integrate people, process and technology using intelligence as a cornerstone to their security programs. Jamie has over 13 years experience in cyber security working in various sectors such as Government, Energy, Finance and Technology. Prior to FireEye, Jamie lead the mobile security efforts in global capacity with a leading Internet Security firm.

ISACA Vancouver Chapter uses secure online registration process which accepts Paypal and all major credit cards (Visa, MasterCard and American Express).  Please select the March Education Event from the Paypal web parts on the right, or below.

 *   *   *   *   *   *   *   *   *

‘COBIT 5 Assessor’ highly sought after course is being offered for the first time in BC. (Limited space available)

Looking to improve your organization’s effectiveness and process capabilities? Join others to take the COBIT 5 Assessor 3-day course offered by ISACA/IIA Vancouver and Victoria Chapters. The course provides a basis for assessing an enterprise’s process capabilities against the COBIT 5 Process Assessment Model (PAM). Evidence-based to enable a reliable, consistent and repeatable way to assess IT process capabilities, this model helps IT leaders gain C-level and board member buy-in for change and improvement initiatives. See course description below for more details.

PREREQUISITE: To register for the course you need to be familiar with COBIT 5. To register for the exam you need to be certified in COBIT 5 Foundation.

Target Audience: Senior IT Management, Seniors Business Managers, IT Auditors, IT Managers, IT Quality Professionals, IT Process Owners & Process Managers, Governance Managers, Internal and external auditors, IT consultants, Audit Managers / Directors / Chiefs

Date: October, 2015


COBIT 5 Assessor Course Description

The COBIT 5 Assessor course provides a basis for assessing an enterprise’s process capabilities against the COBIT 5 Process Assessment Model (PAM). Evidence-based to enable a reliable, consistent and repeatable way to assess IT process capabilities, this model helps IT leaders gain C-level and board member buy-in for change and improvement initiatives.

Assessment results provide a determination of process capability. They can be used for process improvement, delivering value to the business, measuring the achievement of current or projected business goals, benchmarking, consistent reporting and organizational compliance.

COBIT 5 is the internationally accepted best practice framework for IT governance and control. With a focus on managing processes, COBIT has helped organisations bridge the gaps between control requirements, regulatory compliance and business risks and to significantly increase the value of their investment in IT.

At the conclusion of this course, attendees will understand

• How to perform a process capability assessment using the Assessor Guide: using COBIT 5
• How to apply the Process Assessment Model (The PAM) in performing a process capability assessment Specifically:
      o To use the Process Reference Model, in particular to be able to use the 37 processes outlined in the PRM
      o To apply and analyse the measurement model in assessing process capability levels
      o To apply and analyse the capability dimension using generic criteria outlined in the PAM
• How to identify and assess the roles and responsibilities in the process capability assessment process
• How to perform and assess the 7 steps outlined in the Assessor Guide Specifically:
      o Initiate a process assessment o Scope an assessment, using the tools provided and the PAM for the selection of the appropriate processes
      o Plan and brief the teams o Collect and validate the data
      o Do a process attribute rating
      o Report the findings of the assessment
• How to use the self-assessment guide


Benefits for Individuals

• Understand levels of IT-related risk and make informed decisions to reduce information security incidents. Deliver this understanding and risk awareness to improve prevention, detection and recovery within an organization. • Provide tools for organizations to maintain high quality information to support business decisions. • Help an organization to meet with regulatory and statutory or government requirements. • Understand COBIT approach to governance and its relationship with other IT best practices.


Benefits for Organizations

• Achieve strategic goals and realise business benefits through the effective and innovative use of IT. • Support compliance with relevant laws, regulations, contractual agreements and policies and gain competitive edge over other organizations. • Reduce complexity and increase cost-effectiveness due to improved and easier integration of information security standards, good practices and/or sector-specific guidelines resulting in operational excellence through reliable, efficient application of technology. • Improved integration of information security in the enterprise, resulting in increased user satisfaction with information security arrangements and outcomes.


Exam Format

• Objective testing • 8 questions per paper with 10 marks available per question • 40 marks or more required to pass (out of 80 available) - 50% • 2 ½ hours duration • Open book (‘COBIT 5 Assessor Guide: Using COBIT 5’ and ‘COBIT Process Assessment Model (PAM): Using COBIT 5’ books only).


Instructor Bio

Zachy Olorunojowon is the Chief Learning Officer at ISG Training and Consulting, BC Canada, past president of ISACA Victoria Chapter, British Columbia and a member of ISACA since 2004. Zachy has over 15 years of IT experience spanning Systems development, Enterprise Information Systems Implementation, Strategic Project Management, Governance and Management of Enterprise IT. He is a Project Director with the Ministry of Health, British Columbia, Canada delivering multi-million dollar provincial projects. Prior to his current role, he has been a Chief Information Officer (CIO) and a Head of Information Technology with financial institutions in Nigeria where he implemented a number of financial systems including FINACLE and eBanking from Infosys, India and Temenos T24 eMerge from Switzerland and other Treasury applications. Zachy, a sought after COBIT 5 Trainer, is passionate about empowering delegates to influence and/or contribute to their organization’s governance and management of Enterprise IT. He has delivered COBIT and Risk IT courses in Lagos Nigeria, Victoria and Vancouver, British Columbia, Canada as well as at ISACA Training weeks in Boston and Las Vegas, US. The delegates at these trainings are from public, private and the big four Audit organizations. Zachy has conducted on-site COBIT training for Ministry of Finance, Internal Audit Division, Ontario, Canada, ISACA Vancouver Chapter, Coastal Savings and Credit Union, Vancouver, BC Canada and CPS Energy San Antonio, Texas, US. Zachy will be speaking at the first COBIT 5 Conference in Florida in March 2015. Zachy holds BSc. Information Systems and Management from University of London, UK and MBA from University of Victoria, BC Canada. He holds the following certifications: PMP, CISA, CGEIT and COBIT 5. He has been an ISACA accredited COBIT 4.1 trainer since 2010 and is an APMG Accredited COBIT 5 trainer. Zachy has written exam items for ISACA CGEIT certification and writes COBIT 5 implementation tips for ISACA’s COBIT 5 Focus.


Detailed Course Outline:

Register Online. Space is limited and will be based on first come first serve. (Registration Deadline: Apr 3, 2015)

 March Education Event ‭[1]‬

 Registration - Education Session

 Cancellations/Transfers & Refunds

All cancellations/transfers must be received in writing - please send an email to Telephone or verbal cancellations/transfers will not be accepted. Cancellations or transfers of registration at least 10 calendar days prior to the course will result in a full refund. Cancellations or transfers received less than 10 calendar days but more than 3 full* business days prior to the course are subject to an administration fee of $50 for full and half day courses, or $25 for executive breakfasts and luncheons, or hold on credit for use towards a future event.

Cancellation requests received less than 3 full business days prior to the course date (statutory holidays are not considered business days) will not be accepted and the full cost of the seminar will apply, with no credits or refunds. No-shows, registrants who register but do not show up for a seminar will also be responsible for the full cost of the seminar, with no refunds or credits. In such cases, substitution of attendee is permitted up to and including the day of the seminar.