Early registration date extended to Monday 11/14!
Tuesday, November 15, 2016
3:30 pm to 5:00 pm – Pre-Meeting (Optional)
5:00 pm to 5:30 pm – Registration & Networking
5:30 pm to 6:30 pm – Dinner & Networking
6:30 pm to 8:30 pm – Program
Dinner Meeting Topic (5:30pm – 8:30pm)
Preparing for Successful Integrated IT Audits
|
David Bright and Irene Lee of Grant Thornton will be presenting on integrating IT application control testing within operational audits. The presentation will provide insights and best practices gained from the presenters’ experience with integrated audits and implementing the approach within two large financial service firms, in addition to Grant Thornton’s work with a variety of other clients.
Areas to be discussed include:
- Overview of IT Integrated Audits and Application Controls
- Planning Integrated Audits
- Preparing risk assessments
- Testing considerations
- Reporting observations and issues
Dinner Meeting |
|
|
David Bright, Manager, CPA, CISA
David is a Manager in Grant Thornton’s Southern California Business Advisory Services Practice. David brings more than 15 years of external and internal audit and advisory services experience. His audit experience includes testing IT general computing controls and key business application controls in accordance with regulatory guidelines.
His internal audit experience has included performing integrated technology audits of asset management, mortgage and asset servicing, custody, and enterprise function operations. These integrated technology audits reviewed application risks and controls regarding access administration, logical access, segregation of duties, interfaces, and system processing and calculations using Office of the Comptroller of the Currency and Federal Reserve Guidance.
David’s advisory experience includes providing technology risk management best practices. This included providing an understanding of key risk and controls needed and helping build out a team to perform testing of controls and processes implemented. |
|
|
Irene Lee, Senior Associate, CISA
Irene is a Senior Associate in Grant Thornton’s Southern California Business Advisory Services Practice. She has served diverse industries, including software/technology companies, financial services, consumer products, gaming/entertainment and aerospace. She has served both private and public companies, including multiple Fortune 500 clients. She has delivered a variety of IT Services including IT SOX, External IT Risk Assurance, Special Attestation Reporting, Information Security, Data Protection Assessments and other specialized Internal Audit services.
IT assessments include review of the security administration of financial applications and supporting operating systems, servers, databases and data warehouses; network security assessments; change management controls; data center security; cloud computing security; and disaster recovery/business resumptions planning.
Irene has experience auditing complex ERP systems (i.e. SAP, Oracle, Great Plains and Dynamics) as well as business unit specific systems: POS, HR, PLM systems, data warehouses and other systems/tools specific to business units or products. |
Pre-Meeting |
|
|
Jeffrey Phelan, Chief Evangelist, Acuity Solutions & RebootTwice LLC
With 25 years of building and growing new businesses, Jeffrey brings a diverse set of technology expertise and innovation leadership to Acuity Solutions. As an entrepreneur, on Venture-backed teams and in large corporate enterprises, Jeffrey has a deep background of creating and launching innovative products & solutions for consumers, in both business & government markets. Jeffrey joins Acuity from Northrop Grumman’s Information Systems sector where he helped develop cybersecurity strategy. Prior to Northrop Grumman, Jeffrey was Director of Products for Systems Integrator SRA International. |
Pre-Meeting Topic (3:30pm-5:00pm)
Cyberhunting – Why Defense is not Enough!
Significant reductions in false-positive malware identification, in part from faster and more accurate network-based detection, represent leverage to improve overall effectiveness of security automation and orchestration. BluVector is designed as a network appliance and analytic console – enhanced by supervised machine learning and workflow automation – to complement high-value analyst skills and to enable a highly sought proactive threat-hunting use case. BluVector offers security analysts a new ‘fighting chance’ in terms of detection accuracy and workflow speed. We like a baseball analogy to describe the challenge of spotting malware at line speed. A sharp batter’s eye includes the ability to classify pitches in an instant as fastball, offspeed changeup or curveball. In formative training, hitters train their eyes over the course of a lot of at-bats and by seeing a high volume and large variety of pitches. Malware-detection algorithms can and should train as well, because cyberattacks can obfuscate, penetrate over multiple vectors, come at you fast, or stay low and slow.
|
|
Dinner Meetings are generally the second Tuesday of each month. The exceptions are joint meetings with other groups and the summer months of July and August when we don’t meet.For Online Reservations, click the “Register” button below:
(Registration Link will be available soon)
2 CPEs for Dinner Program
1 CPE for Optional Pre-Meeting
Payment Methods:
Credit Card, Cash and Checks
(made payable to ISACA-LA).
|
Rates |
ISACA, IIA,
ISSA, OWASP
Members |
Full-Time Students
& Faculty
(Members and Non-Members)
|
Non-Members |
Pre-Meeting |
N/A |
N/A |
N/A |
Dinner Meeting:
Pre-Paid online by midnight the Friday before the event
Extented through Monday |
$25 |
$10 |
$30 |
Dinner Meeting:
Walk-Ins or Pre-Paid online after midnight the Friday before event |
$30 |
$20 |
$40 |
|
|
|
Address/Directions
|
|
3500 Ramona Boulevard
Monterey Park, CA 91754
(323) 268-4177
|
[google_map_easy id=”1″]
Disclaimer
ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.
Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.
Permission to be Photographed
By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.