• New Training Session Sign In Process

    We will be beta testing a barcode based sign in process (replacing the physical sign-in sheets) for our monthly training sessions. The barcode that will be used for the sign-in is at the bottom of the registration confirmation email. You can use your cell phone or a paper print out of the registration confirmation email to sign in. This will enable us to track attendance better and also enable uploading of session CPEs directly to ISACA International.

William Alston Scholarship

This is a reminder that the Chapter gives up to 2 $500 scholarships per year for you or your immediate family. This scholarship is available to applicable individuals enrolled in a degree granting program at any college or university. If you or your dependent receives a scholarship a check will be made payable to both the student and the institution they are / will be enrolled in (for new students they have to be accepted at the institution and have accepted the institution's offer). There is a preference for students going into IT, IT Security, IT Audit related programs, but this is not a requirement.

2019 May Training Session

2019 May Training Session

When: May 1, 2019 - 1:00 PM - 4:00 PM EST
Where: RTP HQ
Registration: Website
Cost
ISACA-RTC Members - Free (Log in to register to ensure discounted fee)
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $35
All Others: $50
CPEs: Upto 3
Handouts: Will Be Uploaded When available

Session I - Cybersecurity Risk Management and Network Security Auditing

Cybersecurity threats are becoming more prevalent and breaches are highly publicized.  Board of Directors and Audit Committees alike are continuing to ask how management is addressing this threat and how they are managing the risk of a data breach. Leveraging the NIST Cybersecurity Framework and approaches to cybersecurity risk quantification via the Factor Analysis of Information Risk (FAIR) Methodology, we have helped clients simplify the concepts of cybersecurity, show members how their organization ranks amongst their peers in relation to InfoSec maturity, and provide management targeted recommendations on how to prioritize and address gaps within their controls to ultimately mitigate risks to the company.

We will discuss this approach, and leading practices to effectively audit and assess technical network security controls, such as logging and monitoring, configuration management, and incident response.

Speaker:  Daniel Stone, CISA, CPA

Daniel is a Senior Manager within the Internal Audit and Financial Advisory (IAFA) practice focused on Technology Audit. Daniel has 6 years of experience in leading and performing IT general and application controls assessments for SOX compliance. Daniel also has significant experience with Cybersecurity Risk Assessments, primarily using the NIST Cybersecurity Framework, and audits of technical security controls including hardware and network device configuration management, encryption, vulnerability management, and identity management.

Session II - Topic: Robotic Process Automation, Process Mining and Next Generation Auditing

The objectives of "Next Gen" IA functions may be straightforward, but the means by which they achieve these objectives include a range of innovative approaches and tools, that must be tailored to specific organizations and their needs.  Process mining tools can fundamentally change the way that we analyze processes and perform audits with automation in walkthroughs, revealing process variants and complexities, and identifying areas that do not comply with intended process design.  Along with potential areas for Robotic Process Automation (RPA) within internal audits own activities, the audit function should have a role in identifying risks and providing guidance around control and design enhancements across the adoption of RPA in the business.

Speaker: Gregg Wishna, CISA

Gregg is an Associate Director in Protiviti’s Internal Audit and Financial Advisory group.  Gregg has over 13 years consulting and audit experience with Protiviti; leading projects and working closely with Senior Management on Internal Audit and Data Analytics initiatives.  In addition to Internal Audit, Gregg has led several Data Management consulting projects, with a focus on Data Governance, Business Intelligence, and Process Improvement.  In this capacity, Gregg has helped to develop strategy and new programs to enhance the overall use of organization data through new technologies and processes to produce impactful reporting and analytics capabilities for the business and internal audit.

For more information and to register for the training session, please visit the ISACA RTC website.