North America CACS 2018 Conference: Computer Audit, Control and Security 


2017 CACS Highlights Watch Now >>




CEO of Two Bit Circus, a Los Angeles-based experiential entertainment company.

See why North America CACS attendees enjoy over 95% satisfaction at the best conference in the United States for IT Audit, Risk and Governance professionals. Stream Brent Bushnell's opening keynote address virtually, anywhere you have access to an Internet connection.

View 2017 Keynote



Get a Head Start on Enhancing Your Tech, Audit and Security Expertise


It is more crucial than ever for you to stay ahead of trends and tools. Join us 30 April-2 May 2018 in Chicago, Illinois, and be a part of the top conference for IS audit and security professionals!

North America CACS 2017 was another record-breaking event. Don't miss next year's exciting encore with:

  • More than 90 sessions to customize for your goals
  • More in-depth options for advanced learning
  • Enhanced networking opportunities

Get more of what you want — be a part of this INCREDIBLE experience!


Choose from dynamic, timely topics that help you address challenges and learn innovative solutions.


Enjoy direct access to industry leaders, expert speakers and valuable resources.

Read the full report here.



Countdown to



Earn up to 39 CPE hours by attending this conference.

Join the Conversation





See everything Chicago
has to offer
— world-class entertainment, dining and

Stay in the Heart of the
Conference Action at the
Chicago Hilton and Towers

See the Event Destination tab for more information.

 Hilton Chicago

Follow @ISACANews and join the North America CACS conversation by using the hashtag #NACACS.
Like ISACA on Facebook to stay informed.
Follow @ISACANews on Instagram to see behind the scenes photos of the conference.
Follow ISACA’s Company page on LinkedIn for updates.

Thank You to Our 2017 Premium Sponsors!

2018 Conference Program

As the program is developed, we will continue to add information to this page – check back frequently for updates!

Topic Areas for 2018

The North America CACS Conference is the premier conference for Audit/Assurance, COBIT, Compliance, Risk, Security, and Strategy/Governance professionals. This year’s program will include sessions on:

  • IS Audit & Assurance
  • Security/Cyber Security
  • Integrated Risk Management
  • Big Data, Data Analytics & Visualization
  • COBIT 5
  • Career & Communications Management
  • Industry Focused Sessions
  • Industry Trends & Insights



Space will be limited for these workshops, so be sure to reserve your spot and register today!

2 day Workshops | Pre-Conference (14 CPE)

Saturday, 28 April | 9:00AM – 5:00PM
Sunday, 29 April | 9:00AM – 5:00PM

1 day Workshops | Post-Conference (7 CPE)

Wednesday, 2 May | 1:30PM – 5:00PM; continued on
Thursday, 3 May | 9:00AM – 12:30PM

2018 Opening Keynote Address

Erik Wahl

The Spark and the Grind: The Discipline of Creativity

Erik Wahl
Internationally recognized artist, TED speaker, and No. 1 bestselling author

Erik’s keynote experience will create a dynamic multidimensional metaphor for how to systematically embrace innovation and risk. His message: disruption is the new normal and businesses must embrace creativity in a wholesale fashion, or risk being left behind. Erik’s presentation will inspire you to be increasingly agile and outline how to use disruption as a competitive advantage. Some companies will be disrupted others will choose to be the disruptor. Choose wisely. His new book, the Spark and the Grind, activates the essential components of translating ideas into action. His breakthrough thinking has earned praise from the likes of top influencers in both art and business. Erik’s previous book, a bestseller called Unthink, was hailed by Forbes Magazine as “the blueprint to actionable creativity”, and by Fast Company Magazine as “provocative with a purpose.” Inspired by street art, he became an acclaimed graffiti artist – though he has since stopped selling his works for personal gain, and instead uses his art to raise money for charities. His keynote is where his passion for business growth and art converge into a fantastic performance.

2017 Conference Recap

Check out what our attendees said about their experience at the North America CACS 2017 in Las Vegas:

“Always a great way to network with others in the Audit, Security and Compliance Industries!” – Julie, Senior Global IT Auditor

“This was my 7th North America CACS and it gets better every year. I’ll continue to come back.” – Charla, IT Security Auditor

Now you can find out what they were talking about! Select sessions from North America CACS 2017 Conference were recorded and are now available for purchase and CPE credit – check out the CPE On Demand packages on Cybersecurity, IS Audit & Assurance, Integrated Risk Management, & GRC!

2017 Top-Rated Speakers

Congratulations to the following speakers who were rated in the top 5% at the North America CACS 2017 Conference.

According to our post-conference survey results, these speakers were all rated 4.75 or higher (on a 5-point scale) by the attendees of their sessions. Minimum of 20 survey responses required to qualify.

Robert Findlay



McKell Gomm, CISA
Audit & Security: Combating Emerging Threats



Rex Johnson & Alan Gutierrez-Arana
PCI Data Security Standard: Dealing with the challenges of evolving standards


Consequences That Matter - IT Risk



Alejandro Mijares, CISA, CRISC
Cybersecurity: Threat to Banks



Paul Phillips, CISA, CISM
Tips for Effective Presenting



Glenn Wilson
Hackers & The Crown Jewels – How to Fight the Good Fight



Lisa Young, CISA, CISM
A Risk-based Approach to Data Governance



New Ideas

Do you have a topic that is not mentioned above that you think should be offered at this conference? We want to know! Tell us about it by submitting your idea on Twitter using #NACACS!

COBIT 5 Foundation Exam

Monday, 30 April 2018

  • Earn the COBIT 5 Foundation Certificate!
    Attendees can take the Foundations Exam for an additional US $150! The COBIT 5 Foundation Exam will take place on Monday, 30 April 2018.



Saturday, 28 April 2018


7:30AM – 5:00PM

Registration Desk Open

9:00AM – 5:00PM

2-day Pre-Conference Workshops Begin

Sunday, 29 April 2018


8:00AM – 6:30PM

Registration Desk Open

9:00AM – 5:00PM

1-day Pre-Conference Workshops Begin

9:00AM – 5:00PM

2-day Pre-Conference Workshops Continue

5:30PM – 6:30PM

Welcome Reception

Monday, 30 April 2018


7:00AM – 7:15PM

Registration Desk and Innovation Exchange Open

8:30AM – 10:00AM

Opening General Session

10:30AM – 5:15PM

Conference Programming

5:15PM – 7:15PM

Networking Reception in the Innovation Exchange

5:30PM – 6:45PM

Spotlight Educational Sessions

Tuesday, 1 May 2018


7:30AM – 4:00PM

Innovation Exchange Opens

7:30AM – 5:00PM

Registration Desk Open

8:30AM – 5:00PM

Conference Programming

5:15PM – 5:45PM

Spotlight Educational Sessions

6:30PM – 9:00PM

Social Event

Wednesday, 2 May


8:00AM – 5:00PM

Registration Desk Open

8:30AM – 9:45PM

Conference Programming

10:15AM – 11:45AM

Closing General Session

1:30PM – 5:00PM

Post-Conference Workshops

Thursday, 3 May


8:00AM – 1:00PM

Registration Desk Open

9:00AM – 12:30PM

Post-Conference Workshops


Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a three-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 39 CPE credits; 18 by attending North America CACS, 14 for the pre-conference and an additional 7 CPE credits for attending post-conference events. ISACA conferences are Group Live and do not require any advanced preparation.

Please note that the session scanners at the Conference do not track CPE credit hours. You will still need to allocate your CPE hours in “My ISACA” following the conference. Certificates of Attendance will be accessible via your MyISACA account. To view your certificate, log into your account and navigate to the “myDOWNLOADS & CERTIFICATES” tab. There you will find a “MY CPE CERTIFICATES” section where all of your ISACA event CPE Certificates will live.

Your Certificate of Attendance details the maximum number of CPE hours you could have earned by attending this event. CPE policies for each ISACA certification, as well as details on how to report your CPE hours, are available here on ISACA’s website. Reporting can also be done by submitting information on the annual renewal invoice.

Conference Registration Fees

Register and pay before 11:59PM CDT (UTC-6) on Tuesday, 24 April 2018
Member US $1,745 Non-member US $1,945

Register and pay after Tuesday, 24 April 2018
Member US $1,945 Non-member US $2,145

One-Day Workshop
Member: US $650 Non-Member: US $850

Two-Day Workshop
Member: US $850 Non-Member: US $1,050

Cancellation Deadline:

31 March 2018


Registration and Payment Policy

Registration submissions for this conference and any additional workshops are not processed, and a seat is not confirmed or reserved, until full payment is received. All submissions not paid in full will be placed on a waitlist and priority will be given to paid registrants in a payment first-come, first-serve basis. Space is limited, so it is highly recommended that payment is provided at the time of submission to guarantee a seat within the conference and all related events.

Registration rate is determined by the date payment is received by ISACA HQ and current membership status. Please plan accordingly, as it may take 10 or more business days for a wire transfer or mailed check to reach ISACA. Should we receive payment after a registration rate deadline, your account will be adjusted to reflect the current due amount. Entrance to the conference and all related events is contingent upon full payment.

Discounts for the Conference are available, detailed below. In order to verify eligibility for any of these discounts, please contact or +1.847.660.5670. Note that discounts cannot be credited to you after the transaction has been completed.  All discounts are applied to the main conference registration fee, and cannot be applied to workshop registrations. 

Group Discounts

ISACA offers discounts to organizations sending 4 or more employees to a single conference. Group registrations must be processed in a single registration transaction. Please contact the ISACA Conference department for more details at +1.847.660.5670 or; cannot be combined with any other registration discount offerings.

Government Discounts

ISACA offers a $350 conference registration discount to government employees. Please contact the ISACA Conference department for more details and eligibility verification at +1.847.660.5670 or; cannot be combined with any other registration discount offerings.

Academic and Student Discounts

ISACA offers a $350 discount to academic institution employees and students. Please note that you must be an ISACA Student member in order to receive the student discount; additional membership and qualification details can be found here. For additional registration details and eligibility verification, please contact ISACA’s Conference Department at +1.847.660.5670 or; cannot be combined with any other registration discount offerings.

Cancellation Policy

All cancellations must be received by the published deadline to receive a refund of registration fees. A cancellation charge of US $100 will be subtracted from conference refunds, and US $50 per workshop from workshop refunds. No refunds can be given after the date specified. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees.

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, conference fees must be received by the published deadline. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact the ISACA conference department.
Phone: +1.847.660.5670
Fax: +1.847.253.1443


Payment Methods

  1. Pay online at
  2. Mail your payment to:
    1055 Paysphere Circle
    Chicago, IL 60674 USA
  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America
    135 S. LaSalle St.
    Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    * Please include attendees name on the Advice of Transfer.


ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.

Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the web site at or contact the membership department at

NOTE: This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.

Permission to be Photographed

By attending this event, the registrant grants permission to be photographed and videotaped during the event. The resultant photographs and videos may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site, in social media and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs and videos will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs or videos now or in the future.


Business casual is appropriate for this and all ISACA conference events.

Welcome to Chicago!

The world's best food. The world's best museums. Architecture that awes. And enough shopping for days. Find it all in Chicago. With events every weekend, plus live music, theatre and comedy every night — spring in Chicago buzzes with energy and excitement all season.


Conference Venue

Chicago Hilton

720 S. Michigan Avenue
Chicago IL 60605
Phone: 312.922.4200
Hotel Website

Click Here to Make Your Reservation!

ISACA Group Rate:  $219.00 + taxes/fees per night, single/double occupancy
Group Rate Deadline:  Wednesday, 4 April 2018

There are a limited number of rooms available at ISACA’s Group Room Rate and reservations will be handled on a first come-first served basis. All reservations made after the deadline or after the room block fills, are subject to space and rate availability. In order to guarantee hotel reservations, guests will be required to provide credit card and will be charged a deposit equal to one night rate plus taxes and fees. Cancellations with full refund will be allowed up until 72 hours prior to the arrival date of the reservation.

A magnificent location, overlooking Grant Park, Lake Michigan and Museum Campus, is just the beginning at Hilton Chicago. Add 234,000 sq. ft. of event space, exceptional dining venues, and over 12 specialty suite options and you’ll start to see the allure. This downtown Chicago hotel offers easy access to the South Loop, combined with warm service and a full menu of amenities – all you need for an extraordinary stay.




Help Us to Help You!

For the best possible experience, ISACA strongly encourages all conference delegates to stay at the host hotel. It is the most convenient location for attendees to be able to participate in all conference activities at a reasonable price. Also, every reservation made for those attending ISACA events will help us to fulfill our commitment to the hotel, which in turn allows ISACA to continue to keep the cost of the conference fees and membership dues as low as possible.

Thank You to Our 2017 Sponsors!



RSA Business-Driven Security™ solutions help customers comprehensively and rapidly link security incidents with business context, enabling them to respond effectively and protect what matters most. Our award-winning solutions for threat detection and response, identity and access assurance, consumer fraud protection, and business risk management help RSA customers thrive in an uncertain, high-risk world.


Vanguard Integrity Professionals provides enterprise security software and services that solve complex security and regulatory compliance challenges for financial, insurance, healthcare, education, transportation and government agencies around the world. Vanguard provides Cybersecurity Solutions Securing any Enterprise. The world’s largest Financial, Insurance, Government Agencies and Retailers entrust their security to Vanguard Integrity Professionals. Vanguard is committed to protecting and securing the Cloud, zOS Security Server and Enterprise environments. Vanguard provides 24/7/365 live customer support from the United States of America.




Make it an Experience. Only Adobe gives everyone — from emerging artists to global brands — everything they need to design and deliver exceptional digital experiences. It doesn’t matter if you’re a designer, a marketer, a publisher, or a master storyteller. We empower anyone with an idea with the tools and the insight to transform reality. We help create experiences that make a difference and truly matter.


Deloitte’s Information Technology Internal Audit (IT IA) services help clients extend their internal audit oversight and performance, addressing IT risks as well as broader organization-wide business risks. Deloitte helps connect IT and IA to gain a greater understanding of the risks and opportunities that come with today's systems, applications and other technologies. Our focus on emerging IT audit, security, governance and risk issues—combined with our extensive industry experience—can better enable you to navigate IT challenges, manage organization-wide risks and elevate the role of IA.


Organizations can achieve tangible benefits from emerging technologies such as connected and mobile devices, social media, robotic process automation, 3-D printing or cloud computing. But in doing so, they must recognize the risks that can accompany these disruptive technologies. KPMG’s Emerging Technology Risk practice helps clients recognize and responsibly manage these risks enabling the achievement of benefits. We do this by aligning our partners and professionals with distinct technology skill sets and capabilities with industry-leading methodologies and processes, enabling us to help our clients navigate the challenges from adopting these technologies.


Protiviti is a wholly owned subsidiary of Robert Half International Inc. (NYSE symbol: RHI). Founded in 1948, Robert Half, the world's first and largest specialized staffing firm, is a member of the S&P 500 index. The company places professionals on a project and full-time basis in the fields of accounting and finance, technology, office administration, legal support and creative services. For 2016, Robert Half reported revenues of over $5.25 billion and now has staffing and consulting operations in more than 400 staffing and consulting locations worldwide.


About PwC
At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 157 countries with more than 223,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at

PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see for further details.

© 2017 PwC. All rights reserved.


RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events. RedSeal helps customers understand their network from the inside out – providing actionable intelligence, situational awareness and a Digital Resilience Score to help enterprises measure and improve their resilience. Government agencies and Global 2000 companies around the world rely on RedSeal to help them improve their overall security posture, accelerate incident response and increase the productivity of their security and network teams. Founded in 2004, RedSeal is headquartered in Sunnyvale, California and serves customers through a direct and channel partner network.




CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyber threats before attacks can escalate and cause irreparable business damage. CyberArk is trusted by the world’s leading companies – including more than 45 of the Fortune 100.


Maclear provides proprietary, award winning, comprehensive enterprise governance, risk and compliance (eGRC) solutions. Our core capabilities cover governance, risk and compliance management software, services and advisory. Our integrated holistic approach to eGRC helps drive efficiency, effectiveness and agility for our clients by minimizing risk and compliance threats, enabling process improvement, fostering collaboration and facilitating automation.


Saviynt is a leading provider of Cloud Security and Identity Governance solutions. Saviynt enables enterprises to secure applications, data and infrastructure in a single platform for Cloud (Office 365, AWS, Salesforce, Workday) and Enterprise (SAP, Oracle EBS, Epic, Cerner). Saviynt delivers IGA 2.0 by integrating advanced risk analytics with fine-grained privilege management.


SecZetta redefines the identity perimeter by putting identity first. As a recognized leader in both Identity Lifecycle Management and Identity and Access Management Software and Services, SecZetta provides the most comprehensive solutions to addressing employee and non-employee identity lifecycle. With products built to fill the gaps in IGA products' identity life cycle capabilities, SecZetta provides software to gain full visibility of global identities and true management and control of nonemployee lifecycle and risk.


SSH Communications Security is a leading provider of enterprise cybersecurity solutions which monitor, control, and automate trusted access to critical data. Our technology secures the infrastructure of the modern digital world and runs in over 90 percent of all data centers. Customers worldwide trust our other solutions to manage and monitor access, while greatly reducing costs, time, and compliance risks. We have offices in North America, Europe and Asia and through a network of certified partners.




Capital One® is a bank and credit card company, but at our core we’re building a leading information-based tech company. Whether it’s rapidly adopting the latest, innovative techniques possible or recruiting high-level talent we’re on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking.


Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,200 customers in more than 100 countries. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand.


R-CAP™ Audit Life-Cycle and Risk Management Solution leverages on the latest technology and brings Audit Universe & KPIs at your fingertips by offering Mobility, Collaboration & Smart Editing. R-CAP features include: Observations Tracking, Risk & Controls Matrix, Regular Business Monitoring, Audit Timesheet Management, Insightful Dashboards & Reports, and Efficient Workpaper Documentation.




Supporting Sponsors


Spotlight Education Sessions

SS1-COMPLIANCE on Z/OS Using Multifactor Authentication | Sponsored by Vanguard Integrity Professionals
1 May 2017 | 5:30PM – 6:00PM | Mont-Royal 1

SS2-It is ALL about the DATA! | Sponsored by SSH Communications Security
1 May 2017 | 5:30PM – 6:00PM | Mont-Royal 2

SS3-Intelligent Risk Management, Automated | Sponsored by SAI Global
1 May 2017 | 5:30PM – 6:00PM | Nolita

SS4-Requirements to Implement a Robust ERM/ORM Program | Sponsored by Maclear
1 May 2017 | 6:15PM – 6:45PM | Mont-Royal 1

SS5-Managing Third Party Identity Risk | Sponsored by SecZetta
1 May 2017 | 6:15PM – 6:45PM | Mont-Royal 2

SS6-Improving Productivity & Resilience Through Ecosystem Integration | Sponsored by RedSeal
1 May 2017 | 6:15PM – 6:45PM | Nolita

SS7-Raising Internal Audit’s Game: IT Audit Trends in the Digital Age | Sponsored by PricewaterhouseCoopers LLP
2 May 2017 | 5:15PM – 5:45PM | Mont-Royal 1

SS8-Continuous Compliance in the Cloud Era | Sponsored by Saviynt
2 May 2017 | 5:15PM – 5:45PM | Mont-Royal 2

SS9-How to Scale Your Business Using a More Secure and Compliant Container Platform | Sponsored by Adobe Systems
2 May 2017 | 5:15PM – 5:45PM | Nolita

Innovation Sessions

IN1-Achieving Uniform Compliance and Risk Management Through Harmonized GRC | Sponsored by Qualys
1 May 2017 | 12:00PM – 12:20PM | Expo Hall

IN3-3..2..1..Ignition! How to Launce a Successful Risk Management Program in 20 Minutes or Less | Sponsored by RSA
1 May 2017 | 3:50PM – 4:10PM | Expo Hall

IN5-Keeping Pace with Technology – Evolution of an Audit Department | Sponsored by Capital One
2 May 2017 | 9:50AM – 10:10AM | Expo Hall

IN7-Every Cloud Has a Silver Lining! | Sponsored by R-CAP
2 May 2017 | 12:15PM – 12:35PM | Expo Hall


For Exhibitor and Sponsorship Opportunities

Please contact: 

Sean Stringer
Director of Sponsorship
Phone: +1.847.660.5729
Fax: +1.847.253.1443



Contact ISACA's Training & Education Department:
Tel: +1.847.660.5670
Fax: +1.847.253.1443
Click here to submit a question.

Media Inquiries

Contact the ISACA Communications Department:
Tel: +1.847.660.5512 or

Please address Sponsorship questions to: