Please Sign In

Members, please sign in to access chapter information, including essential members-only content. If you are not sure you are a member, please sign in, and then click to My ISACA on the main ISACA web site to view your membership status and your chapter.Non-members are welcome to visit the public pages of this site.

 Follow ISACAvictoria

   Twitter    Facebook    Google+    Tumblr    Pinterest

Welcome to the ISACA Victoria Chapter

Our aim is to sponsor local educational luncheons and seminars, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout Victoria, British Columbia.

ISACA (previously the Information Systems Audit and Control Association) is a world-wide association of IS governance professionals. The association focuses on assurance, security and governance, and provides globally recognized certification in Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control certification (CRISC), and Cybersecurity Nexus – CSX Certificate and CSX-P Certifications.

Upcoming Events


Trust Frameworks and Certification Schemes


Presentation overview

Use of external services providing federated identity management, credentials and authentication is increasing, in particular for use with hybrid or public cloud services.

Risk is introduced to any organization that ‘outsources’ services that have previously been internally delivered. By using an external service provider, even one in the same overall organization but in a different division, the reliant organization becomes dependent on the security, operational stability and reliability of the external provider.

This session explores how some risks introduced by external provision of federated identity and access management can be mitigated through contract-based techniques and independent certification schemes. Andrew will talk about the role standards and codes of practice play in assessment and certification schemes. He compares identity federation with third-party certification approaches and how both methods can be supported by a ‘trust framework’.



Andrew Hughes CISM CISSP has been providing IM/IT consulting for over 20 years. He worked for Sierra Systems in Victoria for 14 years focused on public sector clients, identity management, information security and privacy consulting. Four years ago, he changed paths and has been working with international associations, consortia and standards bodies as an independent consultant. He has held many leadership roles over the years, including several roles on the ISACA Victoria Chapter Board. He is currently Chair of the Leadership Council of the Kantara Initiative as a member/volunteer. Kantara is a member-driven international association that establishes conformity assessment programs for digital identity systems and personal information management systems. Kantara has several national government members and offers a certification scheme for the US Federal Government.

Who Should Attend?

IT Auditors, Managers, and Directors; QA personnel; Information Security Managers, Auditors, Directors, and Analysts; CIOs


Date and Time
Wed, 21 December 2016
12:00 PM – 2:00 PM PST

Add to Calendar

The Union Club of British Columbia
805 Gordon Street
Victoria, BC V8W 1Z6




 Click here to view other upcoming events

Please check back often for upcoming chapter events or alternatively, you can subscribe to our mailing list .