If the handout download links from within past event articles are broken, please navigate to Chapter->Downloads to obtain the document.

2018 October Training Session

When: October 03, 2018 - 1:00PM - 4:30PM

Where: RTP HQ
Registration: Website
ISACA-RTC Members - Free (Log in to register to ensure discounted fee)
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) : $35
All Others: $50
CPEs: Upto 3
Handouts: Will Be Uploaded When available

Session I: Scalable IAM: A Collaborative Approach

Identity and Access Management operates at the intersection of systems of record, security, audit, and privacy. To serve diverse stakeholders and a broad user community, it is critical to wrangle IAM architecture into a cohesive suite of services that are transparent, intuitive, and robust.

Thoughtful and comprehensive metrics are key to developing sound recommendations and empowering stakeholders to take an active role in shaping services to meet community needs, but with the scale and detail typical of IAM transactions, creating reporting mechanisms that tell a complete story can be a challenge in and of itself.

In this talk, we'll cover lessons learned about generating meaningful reports and metrics, specific challenges we've faced at Duke and results of remediation measures, synthesized into best practices we've established through lengthy processes of trial and error. Finally, we'll discuss how Duke is working to future-proof its identity services in light of emerging security concerns, new privacy regulations, and a community whose work, educational, and research activities are increasingly dependent on IT infrastructure.

Speaker: Mary McKee, Duke University

Mary McKee joined Duke University as an undergraduate in the Computer Science program, where a student project led to an internship with Duke's Office of Information Technology. The rest is history.

After a decade of work as a full-stack developer, Mary joined OIT's Identity Management team, where she oversees functions including account management, authentication services, and group and authorization tooling. She is also working on development of Consent-informed Attribute Release (CAR), an open-source system for managing institutional rules and user preferences about how personal information can be exchanged between an enterprise identity system and affiliated sites and services.

Session II: A CISO’s Perspective on Managing Cyber-Security Risk

Government regulators, auditors, security vendors and even public opinion influence a bank CISO’s security risk decision-making processes. This presentation uses real-life examples to explain how one CISO uses a risk framework to manage a comprehensive security program.

Speaker: Jeff Jancula, Chief Information Security Officer, First Citizens Bank, Raleigh, North Carolina

During my six years at First Citizens, I’ve been fortunate enough to work with extremely talented, creative and dedicated people to help FCB almost double in size to $35 billion in assets.


My team is frequently sought after for security leadership and business advice, even outside of the bank. I am proud that we invest in our people and technologies that help keep our customers, our bank and the financial community secure.

Before joining First Citizens, I spent more years than I care to mention developing software and testing security systems in banking, manufacturing and software engineering.


For more information and to register for the training session, please visit the ISACA RTC website.