North America CACS 2015 


See Video Highlights from NA CACS 2015 Conference! Watch Now


See slideshow of NA CACS 2015

The North America CACS 2015 Conference
has concluded.

Please continue to check back for North America CACS 2015 session presentations, and updates on North America CACS 2016 Conference in New Orleans, Louisiana, which will be posted here as they become available.


Who Should Attend?

ISACA Members, and IS Audit, Assurance, Security and Risk Management and Governance Professionals worldwide.

The conference offers an unrivalled opportunity to expand your network and build onto your knowledge and skills.

Check out the expert-led sessions, workshops and learning tracks.

Track 1: IS Audit & Assurance | Track 2: Emerging Data Solutions | Track 3: Security/Cybersecurity | Track 4: Privacy | Track 5: GRC | Track 6: Career & Communications Management | Track 7: Forums/Megatrends | Workshops

What's In It For You?

Experience customized learning

Choose the sessions that matter most to you and your enterprise.

Interact face-to-face

Gain insights and share ideas with colleagues at this world-class networking event.

Update your knowledge and skills

Earn valuable CPEs.

What's In It For Your Organization?

Exceptional value for training dollars

Receive documentation from every session that can be shared with colleagues.

Access industry experts

Discover tested solutions that work for successful professionals and could work for your organization.

Meet leading suppliers

Visit the Expo Hall. Get answers directly from representatives, and discover products that decrease enterprise expense and increase ROI.



Earn up to 39 CPE hours by attending this conference.


Hyatt Regency Orlando

Stay in the Heart of the Conference Action

Hyatt Regency Orlando

9801 International Drive
Orlando, FL 32819
Phone: +1.407.284.1234
See Venue tab for more information.



Follow @ISACANews and join the North America CACS conversation by using the hashtag #NACACS.
Like ISACA on Facebook to stay informed.
Join the ISACA (Official) LinkedIn group and start a discussion about North America CACS today.

Download the North America CACS Mobile App!

Stay connected at this year's North America CACS Conference with your smart phone or other mobile device! With this FREE feature, you can: build your own conference schedule, complete sessions surveys, view the list of conference attendees, take notes, view session presentations, participate in the conversations feature and MORE!

To access this powerful tool, you can scan the QR code, or plug the following web address into your device into your phone's browser to automatically detect your device type and take you to the right place to download the app:

If you do not wish to download the app, but would still like to utilize all aspects of this helpful tool, including the session surveys, you may do so by using the following link from your computer, tablet or laptop:



Don't Miss Out!

  • Join your colleagues.
  • Expand your networking opportunities.
  • Build a stronger IT community.
  • Increase your member and vendor contacts.
  • Interact with speakers who provide insight on IT audit and related topics.

Return to the office motivated to contribute to your enterprise's success and immediately apply what you learned.



Thank You to Our 2015 Premium Sponsors!



Program Information

  Download the 2015 North America CACS Brochure

View program sessions and workshops below.

Pre-Conference 2-Day Workshop

Saturday, 14 March; 9:00AM - 5:00PM

Sunday, 15 March; 9:00AM - 5:00PM

* Please Note: This workshop is currently sold out. Please contact to be added to the waitlist.

Post-Conference 1-Day Workshops

Wednesday, 18 March; 1:00PM - 5:00PM

Thursday, 19 March; 9:00AM - 12:30PM

* Please Note: This workshop is currently sold out. Please contact to be added to the waitlist.

Keynote Speaker

The Gift of GAB – Goals, Attitude, Behavior

Conor Cunneen
Conor Cunneen
Award-Winning Business Humorist and Motivational Business Speaker

The Irish are famous for the Gift of GAB, but in this insightful, inspirational and hilarious St. Patrick’s Day morning session, Conor Cunneen shows that everyone can adopt and adapt The Gift of G.A.B. (Goals, Attitude & Behavior) to create an excellent environment and improved workplace. Learn leadership and key skills to succeed in the business world and your field. 

Opening Keynote Address

The Future of Information Risk and Security: Why Cyber Was Only the Beginning

Marc Goodman
Marc Goodman
Global Strategist

The future has already arrived—it’s just unevenly distributed. Though our information system risks today seem daunting, we are only at the earliest stages of our technological development. While much has been made of our growing levels of cyber risk today, it is but the first stage in an onslaught of technological development that will leave our heads spinning. Big data, artificial intelligence, black box algorithms, synthetic biology, the Internet of Things, virtual reality, robotics, and even brain science will have profound impacts on our world—and they are all hackable. How then can we build this brave new world safely and securely? Organizations like ISACA and its membership will play a key role in protecting these emerging technologies, but the time to consider what’s coming next is now. In this session, we discuss the challenges before us and consider how we might “survive progress” and thrive in our exponentially changing world.

Closing Keynote Speaker

Cyber-Security in the Age of Open Government

Beth Simone Noveck
Beth Simone Noveck
Founder & Director of The Governance Lab

On his first day in office, President Obama signed the Memorandum on Transparency and Open Government, calling for a transformation of how we govern and the creation of government that is more transparent, participatory, and collaborative. The domestic open government initiative has spawned an international movement. Now sixty-five countries have committed to implement open government action plans as part of the Open Government Partnership. With technology enabling the translation of these core values—transparency, participation, and collaboration—into new, more open practices, the question arises how does open government improve our ability to respond to cyber-threats? In a domain traditionally characterized by closed-door decision making, how might greater openness make us more secure and when? In this closing keynote, Beth Simone Noveck, former Deputy Chief Technology Officer of the United States, Founder of the White House Open Government Initiative and Professor of Engineering at New York University, argues that novel policies and technologies including open data, expert networks, prize-backed challenges, data collaboratives, and more might help us to become both more open and more resilient.

Conference Dates and Times  

Pre-Conference Workshop Registration

Saturday, 14 March 2015; 7:30AM – 12:00PM
Sunday, 15 March 2015; 7:30AM – 12:00PM

Conference Registration

Sunday, 15 March 2015; 3:00PM – 7:00PM
Monday, 16 March 2015; 7:00AM – 5:00PM
Tuesday, 17 March 2015; 7:30AM – 5:00PM
Wednesday, 18 March 2015; 8:00AM – 2:00PM

Post-Conference Workshop Registration

Wednesday, 18 March 2015; 8:00AM – 2:00PM

Pre-Conference Workshops

Saturday, 14 March 2015; 9:00AM – 5:00PM
Sunday, 15 March 2015; 9:00AM – 5:00PM

Post-Conference Workshops

Wednesday, 18 March 2015; 1:00PM – 5:00PM, continues on
Thursday, 19 March 2015; 9:00AM – 12:30PM


Monday, 16 March 2015; 8:30AM – 5:00PM
Tuesday, 17 March 2015; 8:30AM – 5:00PM
Wednesday, 18 March 2015; 8:30AM – 12:00PM

Saturday, 14 March 2015

Time 2015 North America CACS Pre-Conference Workshops

9:00AM - 5:00PM

WS3—Cybersecurity Fundamentals (Day 1)

Sunday, 15 March 2015

Time 2015 North America CACS Pre-Conference Workshops

9:00AM - 5:00PM

WS3—Cybersecurity Fundamentals (Day 2)

4:30PM - 5:30PM

First-time Attendee Reception

5:30PM - 7:00PM

Welcome Reception

Monday, 16 March 2015

Registration, Continental Breakfast, Coffee and Tea Service, and Expo Hall open at 7:00AM

Time 2015 North America CACS Sessions

8:30AM - 9:45AM

Opening Keynote Address—The Future of Information Risk and Security: Why Cyber Was Only the Beginning

9:45AM - 10:15AM

Refreshment Break

10:15AM - 11:30AM

111—The ERM and Audit Partnership: Strategic Success or the Death Knell of Auditor Independence?
112—Enabling IT Audit with Big Data & Analytics
113—Cybersecurity: Threats to Banks
114—Healthcare Security & Privacy Challenges
115—GRC Management Maturity
116—Strategies for Effective Partnership
117—Why Enterprises that Pass IT Audits Still Suffer Major Security Breaches

11:30AM - 12:45PM



121—Auditing DR/BCP
122—Embedding Data Analytics in Fraud Auditing
123—The Evolving Threat Landscape
124—Navigating the Internet of Things (IoT) Privacy Challenges
125—Social Media Risks
126—The Adaptable IT Auditor
127—GRC and the Big Risk Picture


Session Movement Break


131—A Holistic Approach to IT Auditing
132—New Age Data Analytics
133—You've Been Hacked - Now What?
134—Privacy Risk Mgmt Strategy/Assessment
135—How Intelligent is your SAP Environment?
136—It All Starts with You: "Personal Skills"
137—The Year of the Breach, Lessons Learned and the Role of the Audit


Refreshment Break


141—Breaking out of Risk Management Groundhog Day
142—Building Momentum: Integrating Data Analytics into Risk-Based Assessments
143—BYOD: Audit Concerns
144—Data Protection, Privacy, and Cybersecurity
145—Contracting for the Full Vendor Lifecycle
146—Manage Your Career Luck: How to Win Your Next Role
147—COBIT Updates


Expo Hall Networking Reception


SS1—Preventing the Inevitable – Safeguarding Critical Assets in the Age of the Mega-Breach
SS2—Using Analytics to Perform IT Audits
SS3—No More Spreadsheets! 


SS4—Cybersecurity, Privacy and Risk Hot Topics
SS5—User Driven Data Classification – How to Get Your Users on Your Security Team
SS6—Preparing for 2015: Internet Security, Best Practices from the Global 1000

Tuesday, 17 March 2015

Registration, Continental Breakfast, Coffee and Tea Service, and Expo Hall open at 7:30AM

Time 2015 North America CACS Sessions

8:30AM - 9:45AM

211—Technical Forum
214—The Gift of GAB – Goals, Attitude, Behavior

9:45AM - 10:15AM

Refreshment Break

10:15AM - 11:30AM

221—2015 IT Audit Benchmarking Survey
222—MDG Implication for Finance Transformation
223—Security Awareness
224—Privacy by ReDesign
225—Zero-Based Information Governance
226—People-Centric Skills
227—Operating an Effective ERM Program that Drives Business Performance

11:30AM - 12:45PM



231—Security Audit Tools
232—Acquire Data for CAATTS
233—APT: The Threat is Real
234—Cross-Industry Impacts of PHI
235—Sharpening the Lens
236—Change - It's Not Logical
237—Top 10 IT Audit Issues


Session Movement Break


241—SAP Implementation Assurance
242—Continuous Monitoring Integration with IS
243—Emerging Technology and Security Trends
244—GAPP vs. Gaps: Managing Enterprise Privacy
245—COSO in the Cyber Age
246—Building Security Leaders
247—Beyond the Breach: Attack Flashpoints That You Can Do Something About


Refreshment Break


251—Auditing Third Parties
252—Data Migration Quality & Risk Management
253—Updates from PCI SSC: Securing the Future
254—2014-2015 Top Security/Privacy Bloopers
255—GRC and Transformation
256—What Mark Twain Learned me 'bout Public Speaking!
257—Research Deliverables Update


SS7—Managing Risks from Next Generation Mobile Devices
SS8—Do you Have the Tools to Effectively Audit the IBM® System z (the Mainframe)?
SS9—User-Based Threats: Identifying Activities and Intent


The Special Social Event

Wednesday, 18 March 2015

Registration, Continental Breakfast, Coffee and Tea Service open at 7:30AM

Time 2015 North America CACS Sessions and Workshops

8:30AM - 10:00AM

311—Cloud Computing – Seeing through the Clouds: What IT Auditor Needs to Know
312—Audit as Controls Factory
313—A Cybersecurity Framework for SAP Systems
314—Make Your DLP Program Work
315—Risks and Cyber Threats in Healthcare
316—Managing Resistance to Change: ADKAR Model

10:00AM - 10:30AM

Refreshment Break

10:30AM - 12:00PM

Closing General Session and Keynote Address

1:00PM - 5:00PM

WS4—Conducting A Privacy Impact Assessment (Day 1)
WS5—Applied Data Analysis in IS Audit (Day 1)
WS6—COBIT 5 for Assurance (Day 1)

Thursday, 19 March 2015

Time 2015 North America CACS Post-Conference Workshops

9:00AM - 12:30PM

WS4—Conducting A Privacy Impact Assessment (Day 2)
WS5—Applied Data Analysis in IS Audit (Day 2)
WS6—COBIT 5 for Assurance (Day 2)


Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a three-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 39 CPE credits; 18 by attending North America CACS, 14 for the pre-conference and an additional 7 CPE credits for attending post-conference events. ISACA conferences are Group Live and do not require any advanced preparation.

ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site:

Please note that the session scanners at the Conference do not track CPE credit hours. You will still need to allocate your CPE hours in “My ISACA” following the conference. Your CPE Certificate of Attendance will be emailed to you four to six weeks following the conference.

Conference Registration Fees

Register and pay after 12 March 2015*
Member US $1,795 Non-member US $1,995

One-Day Workshop
Member: US $550 Non-Member: US $750

Two-Day Workshop
Member: US $750 Non-Member: US $950

Cancellation Deadline:

13 February 2015

*For all registration fees not paid in full by 12pm CDT on 12 March 2015, onsite registration rates apply.

If your conference or workshop fees are unpaid, your attendance at the event(s) is considered tentative. All tentative registrations are subject to cancellation until paid in full.

Group Discounts

ISACA offers discounts to organizations sending 4 or more employees to a single conference. Please contact the ISACA Conference department for more details at +1.847.660.5622 or
All fees are quoted in US dollars. The entire registration fee must be received by ISACA before your registration will be considered paid in full.

Government Discounts

ISACA offers a $350 conference registration discount to government employees. The government employee discount will be applied toward the main conference registration and is not applicable toward any pre- or post-conference workshops. Please contact the ISACA Conference department for more details at +1.847.660.5622 or

* All discounts apply to the main conference registration rate and can be used in conjunction with any early-bird registration discounts available at the time of registration and payment. Any other registration discount combinations cannot be honored.

Registration Methods

Choose one of these easy ways to register

  1. Register On Site
  2. Fax your completed registration form to +1.847.253.1443
  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America, 135 S. LaSalle St., Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    [Please include attendee’s name and NACACS 2015 on the Advice of Transfer.]

Cancellation Policy

If your plans change and you won’t be able to attend the conference contact us by phone, fax or e-mail to cancel your registration. All cancellations must be received by 13 February 2015 to receive a refund of registration fees. A cancellation charge of US $100 will be subtracted from conference refunds, and US $50 from workshop refunds. No refunds can be given after 13 February 2015. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees.

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, conference fees must be received by the published deadline. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact the ISACA conference department.
Phone: +1.847.660.5622
Fax: +1.847.253.1443


ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.

Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, check the box on the registration form. For more information about ISACA membership, visit the web site at or contact the membership department at

NOTE: This offer expires 30 days after completion of the event. Nonmembers pay the nonmember conference fee when registering.

Permission to be Photographed

By attending this event, the registrant grants permission to be photographed and videotaped during the event. The resultant photographs and videos may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site, in social media and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs and videos will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs or videos now or in the future.


Business casual is appropriate for this and all ISACA conference events.

Venue and Accommodations

Hyatt Regency Orlando

Hyatt Regency Orlando

9801 International Drive
Orlando, FL 32819
Phone: +1.407.284.1234

*Please call the Hyatt directly to make your reservation.

Hotel Cut-off Date: Thursday, 19 February 2015
***Limited number of rooms available! Make your reservation today!***

Government Rate is sold out.

All guest reservations are guaranteed by payment of first night’s room plus resort fee and tax. Cancellations with full refund will be allowed up until 48 hours prior to reservation date.

Hyatt Regency Orlando Rocks bar

Hyatt Regency Orlando Executive King Room

Hyatt Regency Orlando lobby

Special Hotel Information

Special hotel rates are available three days prior to and following the conference, and are subject to availability. To obtain the preferred rate, remember to mention that you are attending ISACA North America CACS Conference. Reservation requests received after the cut-off date will be honored on a space-available basis only. All reservations must be guaranteed with a deposit of one night's room cost.

Individuals are responsible for securing their own deposit at the time reservations are made. ISACA strongly encourages all conference delegates to stay at the host hotel. Staying at the host hotel helps keep the cost of the conference and membership dues down by helping us fulfill our negotiated guest room commitments to the hotel. You will also enjoy the benefits of being onsite for conference activities at a reasonable price.

Thank You to Our 2015 Sponsors!


Vanguard Integrity Professionals, an IBM Business Partner, provides enterprise security software and services that solve complex security and regulatory compliance challenges and deliver a rapid return on investment. With automated solutions for Audit and Compliance, Operational Security and Intrusion Management, Vanguard enables government agencies and corporations around the world to ensure continuous monitoring of System z, safeguard cloud computing secure domains, and protect critical data and applications from cybersecurity threats.



In the United States, Deloitte LLP and its subsidiaries have 57,000 professionals with a single focus: serving our clients and helping them solve their toughest problems. We work in four key business areas — audit, financial advisory, tax and consulting — but our real strength comes from combining the talents of those groups to address clients’ needs. Fortune and BusinessWeek consistently rank our organization among the best places to work, which is good news for our talent and our clients alike. When the best people tackle the most compelling challenges, everyone wins.


KPMG LLP's IT Advisory professionals help clients assess, manage, and remediate IT-related risks. We help organizations develop the right approach— turning risk into opportunity—to drive sustainable business value. We accomplish this by helping organizations demonstrate effective IT compliance through governance and controls, data integrity, security and privacy, and supplier management.


PwC US helps organizations and individuals create the value they're looking for. We're a member of the PwC network of firms in 157 countries with more than 184,000 people. We're committed to delivering quality in assurance, tax and advisory services. Tell us what matters to you and find out more by visiting us at

Learn more about PwC by following us online: @PwC_LLP, YouTube, LinkedIn, Facebook and Google +.



For almost 30 years, Boldon James has been a leader in data classification and secure messaging solutions, helping organizations of all sizes manage sensitive information securely and in compliance with legislation and standards, in some of the most demanding messaging environments in the world.


CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to protect against cyber threats before attacks can escalate and do irreparable business damage.


Maclear provides risk management software and services. We help customers evaluate their needs, adopt best practices and implement GRC automation using our proprietary SaaS software suite – Maclear eGRC Suite™. Maclear was founded in 2010 by GRC industry veterans to develop a unique SaaS GRC software product. In 2014 Maclear’s award-winning GRC offerings and loyal customer base enabled it to raise outside investor money for further business development.


Modulo is the leading global provider of information & technology GRC solutions, offering flexible and affordable methods for managing risk, compliance, and business continuity across the enterprise and extended enterprise of vendors. 1,000+ customers leverage Modulo to automate workflow; report compliance against regulations, standards, policies; prioritize risk through analytics and business metrics; secure cloud environments; remediate vulnerabilities; and more.


Zscaler is one of the most exciting technology companies and one of the top IPO candidates for 2015. As the most innovative firm in the $35 billion security market, the company is focused on bringing cloud computing to Internet security. Just as Salesforce transformed the CRM market, Zscaler is revolutionizing the world of Internet security.



Capital One is one of the 10 largest banks by deposits in the country, and a Fortune 500 company. We’re a diversified bank with a broad array of financial products and services. We lead by innovation. We approach financial services challenges the way an Internet start-up would approach a development challenge.


InteliSecure is a Managed Security Service Provider that focuses on Data Loss Prevention, protecting and preserving critical data assets and intellectual property values. InteliSecure is leading the security industry through its pioneering work in security humanistics, enabling better monitoring and analyzing of security breaches and positively impacting a business’ bottom-line.


ObserveIT, a pioneer in User Activity Monitoring, provides video recordings of user activity, analytics and alerting to address user- based attacks. Over 1,200 companies use ObserveIT. Visit for more information.


Qualys ( is a pioneer and leading provider of cloud security and compliance solutions with over 6,700 customers in more than 100 countries. The QualysGuard Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance, delivering critical security intelligence on demand.


Supporting Sponsors






For Exhibitor and Sponsorship Opportunities

Please contact: 

Sean Stringer
Director of Sponsorships
Phone: +1.847.660.5729
Fax: +1.847.253.1443

  2015 North America CACS Expo Hall Floor Plan


Contact ISACA's Training & Education Department:
Tel: +1.847.660.5622
Fax: +1.847.253.1443

Media Inquiries

Contact the ISACA Communications Department:
Tel: +1.847.660.5512 or

Please address Sponsorship questions to: