Thursday, December 11th, 2014
5 pm – 5:30 pm: Registration and Networking
5:30 pm – 6:30 pm: Dinner and Networking
6:30 pm – 8:30 pm: Program (2 CPEs)
3:30 pm – 5:30 pm: Pre-Meeting (2 CPEs)
Dinner Meeting Topic:
The Increasing Importance of Supplier Risk Management
to the Enterprise
|
Organizations continue to increase reliance on suppliers and third parties to provide services and capabilities that have historically been provided in-house. However, the responsibility of managing related risks remains in-house. Without enterprise level supplier risk management, organizations can be exposed to any number of operational, compliance, and strategic risks through their supplier relationships. While an organization can outsource services and capabilities, it cannot effectively outsource responsibility.This session will review:
- Vendor risk management life cycle
- Complicating factors to vendor risk management
- Vendor risks and threat categories
- COBIT5 guidance for Vendor Risk Mitigation Strategy
|
Speaker: Sean Adee
Executive Director, Ernst & Young, LLP.
Sean has more than 20 years of experience in information technology (IT), financial operations, risk management, vendor management and audit. Sean currently is a member of EY’s National Advisory Practice where he serves clients in the areas of risk management, IT effectiveness and IT supplier and outsourcing management. Currently, Sean leads EY’s supplier risk and IT asset management services. Prior to joining Ernst & Young, Sean led the finance, IT, operations and administrative functions for GT Software, an Atlanta based enterprise software provider.
Sean has also worked in a variety of IT related positions in both consulting and industry, including:
- Dell Computer where he led the global IT audit function focusing operational risk mitigation, IT Governance, and large scale systems implementation initiatives. During his tenure at Dell he also provided oversight for a number of key IT vendor relationships in the US and Europe.
- Arthur Andersen as a manager, focusing on IT advisory and operational risk management services for several large fortune 500 clients.
- Harris Corporation in the IT operations and program management arena where he led several systems initiatives including the evaluation and selection of ERP systems, systems conversion project, IT outsourcing and data center consolidations.
|
3:30-5:30 Pre-Meeting — Security & Compliance Interest Group Discussion
Josh Chin & Rich Chew will facilitate the first Security & Compliance Interest Group Discussion of the year. They will be facilitating a discussion on vendor management operational topics, trends, lessons learned and emerging compliance players on the horizon, such as Dodd-Frank data governance.
No recording devices will be permitted in order to promote free discussion. Violators will be asked to leave. There will be no handouts; please bring paper for notes and experiences. Please register to facilitate room size and refreshments.
Josh Chin is President of the High Tech Crimes Investigators Association, So Cal Chapter (founding chapter), and Director of Net Force, a security and digital forensics firm.
Rich Chew is a consultant with vendor management experience spanning PCI and eBanking web host to 1800 financial institutions and supply chain firms for the Emerald Management Group. He has contributed to several ISACA white papers and guides including the AICPA & ISACA SOC 2 USERS GUIDE. He is a former CIO and bank regulator.
|
|
|
Dinner Meetings are generally the second Tuesday of each month. The exceptions are joint meetings with other groups and the summer months of July and August when we don’t meet.
2 CPEs (Dinner Program Only)
Payment Methods:
Credit Card, Cash and Checks
(made payable to ISACA-LA) only.
|
Rates |
ISACA, IIA, ISSA Members |
Full-Time Students
& Faculty
(Members and Non-Members)
|
Non-Members |
Pre-Meeting
None this month |
$0 |
$0 |
$0 |
Dinner Meeting:
Pre-Paid online by midnight the Friday before the event |
$25 |
$10 |
$30 |
Dinner Meeting:
Walk-Ins or Pre-Paid online after midnight the Friday before event |
$30 |
$20 |
$40 |
|
|
|
Address/Directions
|
|
3700 West Ramona Boulevard
Monterey Park, CA 91754
(323) 264-8426
|
Disclaimer
ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.
Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.
Permission to be Photographed
By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.