2019 June Training Session
2019 June Training Session
When: June 5, 2019, 1:00 PM - 4:00 PM EST
Where: RTP HQ
ISACA-RTC Members - Free (Log in to register to ensure discounted fee)
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $35
All Others: $50
CPEs: Upto 3
Handouts: Will Be Uploaded When available
Session I: Factor Analysis Information Risk (FAIR Methodology)
FAIR is a standard risk taxonomy and risk quantification model by The Open Group, a global standards consortium, that can express cyber risk in financial terms. It provides information risk, cybersecurity and business executives with the standards and best practices to help organizations measure, manage and report on information risk from the business perspective.
Speaker: Keith Stouder, IT Risk Officer, Duke University
Keith joined Duke's Office of Audit, Risk and Compliance as the IT Risk Officer in 2018. In this role he is responsible for understanding and promoting IT risk awareness and technology risk management strategy for the university, health system, and their wholly-owned subsidiaries and affiliated entitites. He leads a team responsible for designing and implementing assessment and assurance strategies for IT risk management and monitoring risk mitigation plans across the entire Duke enterprise. Keith holds an M.P.A. and M.S. from Ball State University along with several IT certifications including CISM and CISA.
Session II: SOC for Cybersecurity
SOC reports have been around for years. In 2017 the AICPA came out with a SOC for Cybersecurity. What is this? Who is it for? Why ANOTHER type of SOC report? Why should we get one? How will it help our companies? All these questions and more will be answered on June 5th!
Speaker: Ben Hunter, Risk Advisory Manager, Bernard Robinson & Co.
Ben Hunter is a Risk Advisory Manager at Bernard Robinson & Co. He began his career at RSM, the 5th largest public accounting firm in the US, spent 3 years in industry and moved back to public accounting at BRC in Nov of 2017. He specializes in Cybersecurity and Information Technology Audits and Assessments.
Ben began his cybersecurity career in the US Marine Corps. After his service, Ben went to UNC Greensboro and earned his Master of Science in Accounting. After becoming a Certified Public Accountant (CPA), he continued his cybersecurity and IT Audit training by obtaining the ISACA certifications: Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Control (CRISC). Ben also obtained the AICPA Certified Information Technology Professional (CITP) and is a Certified Fraud Examiner (CFE).
At BRC, Ben is leading the Cybersecurity Risk and IT Audit consulting practice. Ben has years of experience performing Cybersecurity Risk and Control Assessments, HIPAA Audits, Phishing/Ransomware awareness and security training, Business Continuity Planning / Disaster Recovery (BCP/DR) planning and testing, IT Internal Audits, Sarbanes-Oxley (SOX) Control Testing, Systems Vulnerability Scanning Assessments, and System and Organization Control reports (SOC). He speaks at a variety of organizations, including rotary clubs, professional organizations, universities and CPE events.
Ben is a member of the AICPA, the NCACPA, the ACFE, and ISACA.
Ben’s unique perspective into the financial and information technology worlds allows him to communicate the technology risks in clear language for the decision makers.
For more information and to register for the training session, please visit the ISACA RTC website.