Event History 

 

Events 2014

December Chapter Meeting - 11 December 2014

 
The recent Membership Meeting, Certification Recognition and Holiday Gala held on December 11, 2014 was a great success.  Over 100 chapter members and guests attended the session.  Special recognition was given to chapter members who attained ISACA certifications in 2014.  Our guest speaker, ISACA International President Robert Stroud, gave a lively presentation on CYBERSECURITY - THE NEW FRONTIER.  A link to Mr. Stroud's presentation slides is available at ISACA NJ 2014 Dec 11 Presentation Slides 

 ---------------------------------------------------------------------------------------------------------- 

Events 2012

IT Wireless Security - 16 February 2011

Speaker:  Steve Branigan

Venue: JH Cohn, Roseland, NJ            CPE:  8

Ever present and ever increasing threats to wireless network security were explored and hands-on demonstrations were provided in this very timely educational opportunity provided by NJ ISACA.  Hacker tools and techniques were illustrated as well as techniques to beat them at their own game. Steve Branigan provided his expertise and each participant received an AP-Binder CD as part of the class.

 Click here to view event pictures>

MS SQL Database Seminar - 23 March - 24 March 2011

Speaker: Betty J. Dorsey

Venue: Hanover Manor, Hanover NJ     CPE:  16

An intensive two-day seminar that introduced the risks associated with auditing these systems and the audit tasks needed for assessing those risks. Basic International Standards Organization (ISO) standard account management and security mechanisms were explored - many of which most RDBMS products support. Basic availability and integrity features common to most RDBMSs were also part of the discussion. SQL Server specific examples of those features and the SQL server specific ways of collecting data were also featured. Each participant received a sample audit script, an audit and security task list and a list of vulnerability testing tools that can be used in SQL server reviews.  Betty Dorsey is a frequent contributor to NJ ISACA Seminar and Education events and is a well-respected subject matter expert on this topic.

 

---------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------

Events 2011 

MS SQL Database Seminar - 23 March - 24 March 2011

Speaker: Betty Dorsey 

Venue: JH Cohn, Roseland, NJ            CPE: 16

Microsoft’s SQL Server™ is the fastest growing RDBMS in the world and many organizations are using it to store their mission-critical information on both internally and externally accessible servers.  The NJ ISACA Chapter offered this intensive two-day seminar to introduce the general risks associated with these products and the audit tasks associated with assessing those risks. Basic International Standards Organization (ISO) standard account management and security mechanisms were explored -  many of which most RDBMS products support.  Basic availability and integrity features common to most RDBMSs were also part of the discussion. SQL Server specific examples of those features and the SQL server specific ways of collecting data were also featured.  Betty Dorsey is a frequent contributor to NJ ISACA Seminar and Education events and is a well-respected subject matter expert on this topic.


 Click here to view event pictures>

---------------------------------------------------------------------------------------------------------

 
Spring 2011 CISA Review Class - 26 March - 23 April 2011

Speaker: Louise LeGoff , Scott Chu

Venue: Rutgers University               CPE: 40

The NJ Chapter of ISACA offers certification review courses at accessible locations to our NJ membership in support of their pursuit of ISACA certifications.  The CISA Review course included a detailed review of the five domains on the CISA exam and practice questions for each domain. Candidates who attended used their copy of the 2011 CISA Review Manual (ISACA product code CRM11) and a copy of the 2011 CISA Review Questions, Answers and Explanations 2011 (ISACA product code QAE11) to aid in their understanding of  the material.  Louise LeGoff and Scott Chu are highly experienced instructors and their expertise shined as they provided detailed coverage of the following CISA domains:
The Process of Auditing Information Systems
Governance and Management of IT
Information Systems Acquisition, Development and Implementation
Information Systems Operations, Maintenance and Support
Protection of Information Assets

 ____________________________________________________________

Spring 2011 CISM Review Class - 02 April - 23 April 2011

Speaker: George McBride

Venue: Rutgers University             CPE: 32

As part of our continuing commitment to offering certification review courses at accessible locations to our NJ membership to aid in their pursuit of certification,  our NJ ISACA 2011 CISM review course continued the tradition of offering high-quality content administered by knowledgeable experts. George McBride is a frequent contributor and active member of the NJ ISACA Board leadership. The course focused on both practical security management as well as instruction which made the experience both enjoyable and worthwhile to participants. This course included a detailed review of the CISM domains and numerous practice questions in each domain in a classroom setting and a mock exam on the last day of class.

____________________________________________________________ 

How Internal Audit Can Respond to IT Management’s Top Business Technology Issues - 11 April 2011

Speaker: Norm Kelson

Venue: Hanover Manor               CPE: 7

This dynamic and engaging seminar was well attended by NJ membership and took not only a detailed view of risk, compliance and security but also addressed the business aspects of these functions.  Norm Kelson provided various approaches to gaining management mindshare as he addressed the following top issues faced by  IT Management today:

• Regulatory Compliance
• Enterprise-based IT management and IT governance
• Information security management
• Disaster recovery/business continuity
• IT Value management
• Challenges of managing IT risks.

____________________________________________________________

Primer on Financial Reporting and Auditing for IT Auditors - 18 May 2011

Speaker: Norm Kelson

Venue: JH Cohn                        CPE: 7

Norm Kelson returned as a subject matter expert to provide an understanding of financial accounting and auditing with a scope relevant to the IT auditor’s previous training and jobs responsibilities.  This seminar truly hit the mark and addressed:
• Accounting terminology
• Financial statements and understand the underlying processes
• The accounting cycle and the closing activities
• Major processing cycles (revenue, purchasing, inventory, etc.), defining activities within each, and key issues the IT auditor should be aware
• Audit issues and their affect on the financial statements
• Opportunities for integrated audit procedures and procedures where IT audit can take the lead
• Internal control objectives and accounting principles that should be considered in a systems development project
• Exercises to support the educational objectives
____________________________________________________________

Annual General Meeting 2011 - June 2011
Everything I Needed To Know About Network Security, I Learned At The Tower Of London

Special Guest Speaker:  William (Bill) Hugh Murray

Venue: Wilshire Grand Hotel

A premier event for NJ ISACA members, we successfully held our Annual General Meeting on June 23, 2011 at the Wilshire Grand Hotel in West Orange, NJ.  Our Special Guest Speaker was none other than William (Bill ) Hugh Murray, a recognized founder of the systems audit field and, by Information Security Magazine, a Pioneer in Computer Security.  Bill's address: “Everything I Needed To Know About Network Security, I Learned At The Tower Of London (Subtitled: The Busman’s Holiday) was not only informative but entertaining as he explained how defense strategies for securing valuable assets today and in the future have much in common with the ancient past.

Click here to view event pictures>

____________________________________________________________

Annual Social 2011 - 23 June 2011

Venue: Perth Amboy

A great day for a NJ ISACA social event, 50 attendees departed from Perth Amboy onboard the Cornucopia Princess and cruised along the Raritan Bay and south NJ.  Many members participated in organized contests and won many prizes. A fun time was had by all!

Click here to view event pictures>

____________________________________________________________

Security of Mobile Assets - 28 July 2011

Speaker: Jeff Kalwiresky

Venue: Marriott Renaissance          CPE: 7

This seminar successfully addressed the business advantages of mobile computing as well as the emerging issues of how to control mobile devices, protect corporate assets and maintain compliance with relevant legislation and data privacy standards.

The seminar principally discussed the critical issues to be considered including:
• Policies and governance necessary to control mobile assets
• Ensuring that mobile devices and applications meet the security triad of Confidentiality, Integrity and Availability
• Security issues related to mobile applications and their development
• Issues related to the major platforms: Apple, Blackberry, Android, Windows, Bluetooth
• Authentication, encryption, and non-repudiation
• Multi-platform mobile environments: the Mobile Enterprise Application Platform (MEAP)

Jeff Kalwiresky provided in-depth knowledge and guidance garnered from his extensive career in security and mobility.

____________________________________________________________

Introduction to SAP for Internal Audit and Control Professionals - 14 September 2011

Speaker: Gary Dickhart

Venue: JH Cohn                CPE: 14

The course will introduce the concepts important to understand SAP implementation project integration points, risks, and business process control mapping and application security components.
In this two day seminar, we will:
• Implementation and project overview and important SAP components in your project scope
• Identify processes and activities relating to control integration for processes and general controls i.e. Security and Change Management
• How to identify gaps and potential solutions for filling gaps

____________________________________________________________

22 September 2011

Social Media and Privacy Cocktail:  Martini or Molotov

Speaker: Darlene Cedres

Venue: Wilshire Grand Hotel       CPE: 1


Click here to view event pictures>

____________________________________________________________

20 October 2011 

Audit Communication Strategies

Speaker: Lisa Sonpar

Venue: JH Cohn                     CPE: 7

The objectives of the Audit Communication Strategies are to teach participants (1) what business readers expect in written communications (2) what they do when they don't get what they expect, and (3) how to apply writing techniques to meet business readers’ expectations.
____________________________________________________________

15 October 2011 - 12 December 2011

Fall 2011 CISA Review Class

Speaker: Louise LeGoff , Scott Chu

Venue: Hampton Inn                 CPE: 40

This course includes a detailed review of the five domains on the CISA exam and practice questions for each domain. Candidates are required to have a copy of the 2011 CISA Review Manual (ISACA product code CRM11) and a copy of the 2011 CISA Review Questions, Answers and Explanations 2011 (ISACA product code QAE11), they can be purchased at ISACA's Bookstore. The course is taught by experienced instructors.  The course will cover the following domains:
The Process of Auditing Information Systems
Governance and Management of IT
Information Systems Acquisition, Development and Implementation
Information Systems Operations, Maintenance and Support
Protection of Information Assets

____________________________________________________________

04 November 2011

Rutgers Business School's 23rd World Continuous Auditing & Reporting Symposium

Speaker: Various

Venue: Rutgers University           CPE: 15

23rd WCARS (World Continuous Auditing & Reporting Symposium) is a full 2-day event hosted by Rutgers Accounting Research Center at the Rutgers Business School and is sponsored by NJ ISACA, CaseWare, KPMG, ACL, Ernst&Young, Oversight, AICPA, Deloitte, Itau, AAA–SET Section, and palgrave macmillan.

In the past ten years, the field of our conference has changed from a primarily academic driven conference to one that is sponsored and driven by the producers of continuous audit and continuous monitoring software, CPA firms, and internal audit departments of leading organizations. Sessions include continuous audit & reporting research, presentations about monitoring and control and continuous audit, audit automation and audit analysis.

Our Continuous Audit and Reporting Laboratory (CAR LAB) is actively working with several major U.S. corporations in active continuous auditing projects. We feel that organizations have matured to the point that they are now tending to adopt Continuous Auditing /Continuous Monitoring technology. On the other hand, standards are still related to the more traditional audits and regulations must be updated.

____________________________________________________________

10 November 2011

Windows 7 and Server 2008 r2 New Security Features

Speaker: Jay Ferron

Venue: Hampton Inn                    CPE: 8

With the introduction of Windows 7 and Server 2008 r2 there are new security features that an auditor or IT professional should be aware of.  As you roll out the new operating system, what are the issues and benefits that your company will see?  What are the risks, benefits and issues that need to be planned for? 
Our speaker, Jay Ferron, will cover these important issues with the use of lecture, demos and group discussions. 

Click here to view event pictures>

____________________________________________________________

01 December 2011

Voice Over IP Security Workshop

Speaker: Peter Thermos

Venue:    Hanover Manor                    CPE: 8

A critical aspect of the VoIP deployment is security. As malicious users, hackers and fraudsters take advantage of vulnerabilities in the current computing infrastructure to perpetrate various attacks such as email spam, DoS, and compromise systems; users and enterprise network owners have become more demanding and diligent in maintaining their networks/systems security posture while maintaining their user and customer privacy.

This talk discusses threats, vulnerabilities and protection mechanisms for VoIP communications. In addition the talk reveals tools and several real life examples of attacks that can be used to perform various attacks such as eavesdropping, DoS, Spam and Hijacking including discussion of a recent VoIP fraud case. Finally a list of recommendations is provided to start developing your own strategy to secure your VoIP network.


Click here to view event pictures>

 ____________________________________________________________