When: November 3, 17 and December 1 (Saturdays) 8:00AM to 330 PM
Where: Metlife Offices - 201 Metlife Way, Cary NC
Registration: Website
Cost:
ISACA-RTC Members - $75
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $100
All Others: $125
CPEs: Upto 21
Handouts: Handouts to participants
Lunch will be provided
Note: Class subject to cancellation if there are fewer than 6 enrollees.
For more information please contact the chapter Certification Coordinator
When: November 3, 17 and December 1 (Saturdays) 8:00AM to 330 PM
Where: Metlife Offices - 201 Metlife Way, Cary NC
Registration: Website
Cost:
ISACA-RTC Members - $75
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $100
All Others: $125
CPEs: Upto 21
Handouts: Handouts to participants
Lunch will be provided
Note: Class subject to cancellation if there are fewer than 6 enrollees.
For more information please contact the chapter Certification Coordinator
When: November 07, 2018 - 1300-1630
Where: RTP HQ
Registration: Website
Cost:
ISACA-RTC Members - Free (Log in to register to ensure discounted fee)
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $25
All Others: $40
CPEs: Upto 3
Handouts: Will Be Uploaded When available
Session I Third Party Information Risk Management Process at GSK (1-230PM)
To provide a high-level interactive overview of the framework and process to monitor & manage Interactions with all external supplier relationships from initial offerings to increased or enhanced service offerings through to termination of the relationship.
Speaker: Speaker: Reggie Williams, Director, Strategy & Risk, GSK
Speaker Biography: Reggie has 25+ years of experience in audit; risk & compliance; and project & service management focused on Technology risks.
He has both an undergraduate and graduate degree in Finance; along with a degree in programming. He has multiple certifications with emphasis on Technology risk; including
HIPPA, ITIL, Project Management & Information System Auditing. His working perspective concentrates on Business understanding to guide Technology risk focus; contributing on an individual, managerial, as well as a strategic level.
Session II
Part 1: On Site Verification – checking if you got the risk assessment right
This talk will answer some of the key questions in verifying the results of a third-party risk assessment by going on-site to a third-party. What are some of the options for approaching the on-site work and what, from Michael’s experience, has worked well and what are some of the pitfalls. This talk will give you an overview of a successful approach to plan, conduct, and report as well as what are some of the key skills needed to get the most value out of on-site work.
Part 2: Independent Attestations – overview, value, and areas of assurance they and don’t provide
This talk will consider different independent attestations suppliers often provide and the value these provide to a customer. Questions this talk will address include: What are the common attestations and certifications encountered in the information security area? What do they really indicate? What are the key questions to ask and details to examine to assess the value of the attestations in providing assurance of good controls from the supplier’s customer perspective?
Speaker: Michael Woods, Michael Woods, Director, Senior Information Security Consultant, Supplier Security, Risk and Assurance, GSK
Michael heads up GlaxoSmithKline’s on-site supplier assurance process for suppliers who manage or process the company’s most sensitive information. He has over 15 years’ experience conducting third-party on-site audits and assurance visits and over 25 years’ experience working in the information security field. He is a CISSP and is a graduate of NC State University.
For more information and to register for the training session, please visit the ISACA RTC website.
