Events 

 


The annual BC AWARE campaign is taking place in a month's time (Jan 25 - Feb 6). ISACA Vancouver is offering complimentary access to the BC AWARE Day on January 26 at Telus Garden. This includes keynote presentations, workshops and networking opportunities.

BC Aware

BC AWARE Day at Telus Garden - January 26 (8AM - 9PM)

The objective of The BC AWARE Campaign is to assemble like-minded IT security, privacy, governance, risk, and assurance organizations in BC to hold their own security, privacy or information risk awareness events in a coordinated fashion under a single ‘Calendar of Events’ during the period of January 25 to February 5, 2016. To learn more and to secure your spot, please click here.


ISACA Vancouver - Monthly Education Sessions:

Other Upcoming Events


1. Internal Audit and Risk management: A collaborative approach

Date: Tuesday, February 9, 2016
Time: 12:00 PM to 2:00 PM (2 CPE Hours)
Cost: ISACA Members - $50; Future Members - $55; Students - $30 (Students - Please bring valid student ID)

Location: Steamworks, 375 Water Street, Vancouver (at Water Street and W. Cordova, near the Waterfront Station)

A full 3 course lunch is included.

Risk management practices reside in many functions across an organization but most prominently in the internal audit (IA) or enterprise risk management (ERM) functions. Helen will discuss the similarities and differences between how IA and ERM examine risk and the opportunities for the two to work together to deliver value to the organization in the development of risk based audit plans and strategic/corporate plans. Helen will also outline independence considerations for IA functions when leveraging ERM information in their own risk assessments for audits.

Biography

Helen To, CIA - Manager E&Y Risk Advisory
Has over 8 years of experience working primarily with public sector clients in the areas of enterprise risk management, risk assessments, internal audit, internal controls, and project management. She has led the internal audit or review of enterprise risk management programs at both the federal and provincial government levels. Helen has also worked with clients on examining the alignment and integration of enterprise risk programs with strategic planning processes.

*  *  *  *  *  *  *  *  *  *

2. Institutional Considerations for Managing IoT Risk

Date: Tuesday, 8 March 2016
Time: 12:00 PM to 2:00 PM (2 CPE Hours)
Cost: ISACA Members - $50; Future Members - $55; Students - $30 (Students - Please bring valid student ID)

Location: Steamworks (Wine Room), 375 Water Street, Vancouver (at Water Street and W. Cordova, near the Waterfront Station)

A full 3 course lunch is included.

Overview
Companies and institutions have a number of considerations regarding managing risk stemming from IoT systems and devices arriving on corporate and public campuses. From IoT devices, such as wearables, that simply 'walk on' to institutional spaces to corporate/institutional purchases of IoT systems such as energy management/smart grid systems, surveillance systems, building access systems, and similar, IoT introduces a new and broad arena of risk -- and that doesn't mean the old risk has conveniently gone away. This talk will discuss some considerations regarding the new world of IoT in corporate and institutional spaces and offer some suggestions for managing this risk.

Brief topic summary
Institutions have a number of considerations regarding managing risk stemming from IoT systems. From wearables to energy management/smart grid systems, building access systems, and similar, IoT introduces a new and broad arena of risk. This talk will discuss some of those risks and suggest some mitigation approaches.

Biography

Chuck Benson - Assistant Director for IT, Facilities Services, University of Washington

Chuck leads IT strategy & operations, information risk management, and information security for Facilities Services, SmartGrid, & building and space automation systems at the University of Washington. He chairs the University's IT Service Management Board as well as the Task Force on Industrial Control Systems & Internet of Things risk. He is also a member of the University's Unmanned Aerial Systems working group where he contributes to the development of drone policy and is a former Marine Corps helicopter pilot. He maintains a blog on information risk management in the SMB sector with a focus on institutional IoT risk management issues at http://longtailrisk.com.

*  *  *  *  *  *  *  *  *  *


3. Beyond the Cyber Incident Response Plan

Date: Thursday, April 14, 2016
Time: 12:00 PM to 2:00 PM (2 CPE Hours)
Cost: ISACA Members - $50; Future Members - $55; Students - $30 (Students - Please bring valid student ID)

Location: Steamworks, 375 Water Street, Vancouver (at Water Street and W. Cordova, near the Waterfront Station)

A full 3 course lunch is included.

Description: At this point we all understand the importance of an Incident Response Plan but our job as security professionals does not end after a document has been created. The purpose of this session is to discuss building a mature and robust Incident Response (IR) capability within an enterprise environment. We’ll discuss the various stages of developing an IR framework that will eventually lead to building proactive IR capabilities for your organization.

During the session we will answer the following questions:

· How do we ensure enterprise alignment of our IR program?
· How do we raise the maturity of our IR program?
· Why is throwing technology at the problem not the solution?

Bio: Kevin Sahota is the Cyber Security Operations Lead at Teck Resources Ltd, Canada’s largest diversified resource company, committed to responsible mining and mineral development. Kevin is focused on building a highly collaborative Cyber Security Operations Team. The main goal of this team is to develop mature Incident Response capabilities that align and meet the objectives of the business. Kevin has over 15 years of experience in Information Security working in various sectors such as Resource, Finance, Utility and Technology.

Tim Liu is a Security Analyst on the Cyber Security Operations Team at Teck Resources Ltd, Canada’s largest diversified resource company, committed to responsible mining and mineral development. Tim’s main focus is on developing and streamlining Incident Response (IR) processes and creating a flexible IR framework that can be scaled depending on the severity of the incident. These processes are used on a daily basis to respond to security incidents on the behalf of the Teck business. Previous to joining the Teck Cyber Security Operations team, Tim has prior experience developing web applications and services.

*  *  *  *  *  *  *  *  *  *


4. Make Information Governance Work for you

Date: Thursday, May 12th 2016
Time: 12:00 PM to 2:00 PM (2 CPE Hours)
Cost: FREE Event - Sponsored by Veritas Technologies LLC

Location: Steamworks, 375 Water Street, Vancouver (at Water Street and W. Cordova, near the Waterfront Station)

A full 3 course lunch is included.

Description: As data growth and fragmentation accelerate, their effects impact retention management, data protection, privacy, security, and risk, discovery, compliance, end user productivity, and more. Simply mitigating impacts only pushes the problem downstream, making it more complex and expensive. Information Governance is used to address root causes, maximizing the value of information while minimizing costs and risks. For many, Information Governance can appear daunting, with mountains of data, regulations, competing priorities, and no clear direction.

During the session we will answer the following questions:
Better understand Information Governance, its challenges, and its benefits
Look at active and passive approaches that automatically map information to enable decisions and how integrated technology and processes can deliver action
Discuss how to incorporate information governance into new and existing initiatives

Bio: Chris Stapenhurst is a member of the Veritas Information Intelligence Group and is the Veritas Information Governance Architect in Canada. Having worked in the industry in Canada for many years, Chris has helped hundreds of organizations solve for information governance challenges coast to coast, from the smallest organizations to the largest. Chris spends most of his time engaging clients directly and works closely with Veritas sales, engineering, product management and marketing. When not directly advising others, Chris is often traveling to local and international events speaking and involved in the information governance community..

*  *  *  *  *  *  *  *  *  *


 Cancellations/Transfers & Refunds

All cancellations/transfers must be received in writing - please send an email to registration@isaca-vancouver.org. Telephone or verbal cancellations/transfers will not be accepted. Cancellations or transfers of registration at least 10 calendar days prior to the course will result in a full refund. Cancellations or transfers received less than 10 calendar days but more than 3 full* business days prior to the course are subject to an administration fee of $50 for full and half day courses, or $25 for executive breakfasts and luncheons, or hold on credit for use towards a future event.

Cancellation requests received less than 3 full business days prior to the course date (statutory holidays are not considered business days) will not be accepted and the full cost of the seminar will apply, with no credits or refunds. No-shows, registrants who register but do not show up for a seminar will also be responsible for the full cost of the seminar, with no refunds or credits. In such cases, substitution of attendee is permitted up to and including the day of the seminar.