If the handout download links from within past event articles are broken, please navigate to Chapter->Downloads to obtain the document.

2010 October - IT Governance, Risk and Compliance: Leveraging Tools to Enhance Program Effectiveness

Topic: IT Governance, Risk and Compliance: Leveraging Tools to Enhance Program Effectiveness

When: 1300-1430 October 6, 2010

Topic: Checklist 2.0

When: 1500 - 1545 October 6, 2010

Where: RTI Dreyfus Auditorium

CPEs: Upto 3

Cost: Free to ISACA RTC Members; Affiliated Members - $25; All Others - $40

Handouts: icon Oct 6 2010 Session - IT GRC - Leveraging Tools (1.64 MB)

Registration: ISACA RTC

First Session

In recent years, the term “Governance, Risk, and Compliance” (or GRC) has become an industry buzzword, akin to Web 2.0 and Cloud Computing.  As the market for vendors and technologies matures, it is important for companies to distinguish truth from hype to avoid investment in resources and technology that will provide limited long-term bottom-line value.

 

This presentation will provide an overview on the differences between enterprise GRC and IT GRC, and outline the case for IT GRC in an enterprise context, including industry benchmarks and trends that support the case for a centralized, automated approach.  The presentation will also explore evaluation and selection considerations, and leading practices for integrating automated solutions with existing initiatives to maximize value and program effectiveness.

 

 

Second Session

Checklist 2.0 - Organized Best Practices – is a collaborative and customizable web platform tool for generating up-to-date and peer-reviewed audit plans, audit programs, and best practices in different technology domains. Checklist 2.0 content is contributed to, and organized by, trusted experts and authoritative sources around the world.  Checklist 2.0 covers a diverse range of requirements including SOX, HIPAA, PCI-DSS, ISO etc.

Srini Kolathur will be discussing Checklist 2.0, a tool which aids companies in identifying and prioritizing specific audit controls to their business environment. This tool is currently in beta test and is being offered to interested parties at no cost.

Speaker: Orson Lucas (KPMG)

Bio:

Mr. Lucas has over 9 years experience of leading information security and information privacy risk assessments, gap analyses, and technical architecture assessment projects through disciplined project management and innovative use of technology.  He holds several certifications, including ISACA’s Certified in Risk and Information System Controls (CRISC) and Certified Information Systems Auditor (CISA), IAPP’s Certified Information Privacy Professional (CIPP), and Archer Certified Consultant v 4.2 (ACC).  Mr. Lucas has been a featured speaker at national and regional events, including Archer Road Show events in Charlotte and Dallas, the Blue Cross Blue Shield National Privacy and Security Conference, IAPP National Privacy Summit, Raleigh ARMA Chapter, and regional ISC events.

Speaker: Srini Kolathur (Checklist 2.0)