May 2014 - 4th Annual ISACA Kettle Moraine Spring Symposium

Topics and Speakers

Time: 7:30 AM to 8:00 AM

Session 1: Cyber Security
Presenter(s): Munish Verma - Senior, IT Risk and Assurance (Ernst and Young)
Time: 8:00 AM to 08:50 AM

This session will take you through the evolution of Cyber Security risk, covering unsophisticated and sophisticated attackers, corporate espionage, organized crime and state sponsored attacks. Discussion will include the Advanced Persistent Threat (APT) imperative, why traditional "Prevention" does not work and what companies are or should be doing to rethink their current approach to managing the APT lifecycle, including; discussion of key concepts and control activities, threat intelligence, business priorities and risk tolerances, as well as program ownership and the overall governance process.

Please follow this link to read the biography of the speaker.

Session 2: Big Data
Presenter(s): Sean Donahue - Partner, Risk Assurance/David Sentance - Director (PWC)
Time: 9:00 AM to 09:50 AM

Learn about governance, risks, and compliance considerations that become particularly important in light of the explosion of data volume, variety, and velocity. Expand your understanding of the need for governance to ensure enterprise information is accurate, consistent across systems, and valuable to the business.

Please follow this link to read the biographies of the speakers.

Session 3: CIO Roundtable
     Kevin Knuese - Chief Technology Officer (Symmetry Corporation)  Bio »
     Jim Tarala - Chief Information /Technology Officer (Schenck)  Bio »
     Tim Van Ryzin - Director, Security & IT Risk Management (Regal Beloit )  Bio »
     Mike Williams - SVP, Enterprise Technology Services (FIS Global)  Bio »
     Damani Short - Executive Director, IT Risk Management (Johnson Controls )  Bio »
     Joseph N. Skotarzak - President (River Run Computers)  Bio »
     Tina Chang - CIO (Syslogic)  Bio »
Time: 10:00 AM to 12:00 PM

Learn in an open forum from a distinguished cast including the former CIO of the US Olympic Committee and Director of Risk Management from Regal Beloit.

Time: 12:00 PM to 1:00 PM

Session 4: Social Media - Don't Believe the Hype...At Your Own Peril!
Presenter(s): Jason Lininger - Director, IT Advisory (KPMG)
Time: 1:00 PM to 01:50 PM

It is tempting to see Social Media as a passing trend, yet another over-hyped concept in the increasingly saturated world of digital this, that and the other. Don’t believe it. In fact, Social Media is fundamentally changing the way human beings interact with each other. Major events like the Arab Spring and the US Presidential Election were significantly driven by Social Media. Not surprisingly, businesses are increasingly making use of Social Media. Whereas their initial foray into social media was from the marketing and corporate communications departments, now almost every department is experimenting with social media. But as with anything ripe with opportunity, Social Media is also ripe with risk. This session will provide attendees an overview of current and emerging trends in social media engagement. More importantly, it will also provide an understanding of where the risks lie in social media engagement.

Learning takeaways include:

  • How different departments in a business are engaging in social media
  • The risks the overall business and each department needs to think about with respect to social media
  • The various technologies that business employ to engage in social media

Please follow this link to read the biography of the speaker.

Session 5: Upcoming SOC Changes
Presenter(s): Vince Concialdi - Managing Director/Jeff Frantz - Director, Business Advisory Services (Grant Thornton)
Time: 2:00 PM to 02:50 PM

The objective of this discussion will be to provide an overview of the recent changes related to service organization control (SOC) reports.  An overview of the AICPA SOC 1 Guide (Updated May 2013) and the Trust Services Principles, Criteria & Illustrations (Updated February 2014) related to SOC 2 and SOC 3 reports will be provided.

Please follow this link to read the biographies of the speakers.

Session 6: Developing Technical Auditing Plans
Presenter(s): Jamin Miles - Manager, IT Audit (FIS Global)
Time: 3:00 PM to 03:50 PM

Discussion on need for more technology-specific audit programs for systems such as Oracle, SQL Server, Windows and UNIX. Learn to develop audit testing scripts when an audit focuses solely on these technologies, or when testing the technology is part of a broader scope. Discuss how to research and find the commands to retrieve the information you need. How to match all the data that can be extracted from the system to the control objectives for your review, and stay within your scope. Some basic commands and audit programs will be shared.

Please follow this link to read the biography of the speaker.

Social Hour
Time: 4:00 AM to 5:00 PM


Social Media: Rewards and Risk Mitigation

Cyber Security

Big Data