Annual General Meeting

1
(No Transcript)
2
ISACA-Utah Chapter

• Annual General Meeting
• Mark Murdock, Vice President
• Julie Park, Secretary
• Kyle Chugg, President

3
Mark Murdock

• Chapter luncheon meetings/seminar topics
• Security Alliance ISACA, ASIS International,
  ISSA
• COBIT 4.0
• Val IT

4
Topics 2005-2006

• Web and E-commerce Security and Audit, Web
  Security Solutions
• Endpoint Threatscape and Security, Network
  Consulting Services, Inc.
• IT Governance Auditing, Fall 2005 seminar, Peter
  Osterio
• Anatomy of a Database Attack, Application
  Security, Inc
• Hacking Live, Grant Thornton
• Encryption, PGP Corporation
• VoIP Technology and Security Concerns,
  SinglePoint Networks
• IT Project Management Best Practices, Spring
  2006, Ernie Nielsen

5
Topics 2006-2007

• September Network security demonstration,
  Deloitte Touche
• October VoIP, Fall 2006 seminar
• November Change Management, Tripwire. (half-day
  workshop)
• December 2006 - May 2007

6
Security Alliance
7
Security Alliance

• Alliance for Enterprise Security Risk Management
• Planning four research projects that will result
  in published studies on
• Integrating information technology (IT) with
  physical security devices and process controls
• International security convergence
• Value proposition for corporate security as
  convergence increases
• How risk councils help organizations understand
  and manage convergence

8
COBIT 4.0
9
COBIT 4.0
10
COBIT 4.0
11
COBIT 4.0
12
COBIT 4.0
13
Val IT

• Val IT focuses on the investment decision (are we
  doing the right things?) and the realisation of
  benefits (are we getting the benefits?).
• COBIT, focuses on the execution (are we doing
  them the right way and are we getting them done
  well?).

14
VAL IT
15
Val IT COBIT 4.0
16
Facts and Membership

• Founded in 1969, as the EDP Auditors Association
  (EDPAA)
• More than 50,000 members in over 140 countries
• 26,947 members in North America
• 148 members, Utah Chapter
• More than 170 chapters worldwide

17
Membership Benefits

• Information Systems Control Journal
• JournalOnline articles
• Discounts on ISACA conferences
• Global Communiqué online
• Standards, Guidelines Procedures
• Career Centre enhanced capabilities
• K-NET (over 5,200 links)

www.isaca.org/benefits
18
Membership Benefits

• Discounts on CISA and CISM exams materials
• Research publication downloads
• Discounts on IT Governance Institute (ITGI)
  research publications
• Discounted registration fee for Protivitis
  KnowledgeLeader site
• Audit programs Internal Control Questionnaires
• Peer-reviewed bookstore

19
ISACA Conferences
www.isaca.org/conferences
20
Local Chapter Benefits

• Access to affordable local continuing education
• Information exchange opportunities through
  chapter meetings
• Networking with your professional peers
• Leadership experience on local boards and
  committees
• Opportunity to make a positive impact on the
  local business community and the profession

21
Certification Requirements

• Passing score on CISA/CISM Exam
• At least five years of experience (substitutions
  available)
• Adherence to Code of Professional Ethics
• Minimum 120 hours of continuing education every 3
  years

22
June CISA Exam Registrations

• 11,527 registered for the December 2005 exam
• 10,621 have registered for the June 2006 exam
• More than 44,000 people have earned designation
  since inception
• More than 30,000 are currently certified
• 2006 CISA exams will cover new CISA job practice
  areas as defined in recent job practice analysis

As of 30 March
23

• 1,242 registered for December 2005 exam
• 1,226 currently registered for June 2006 exam
• More than 5,400 currently CISM certified
• CISM Review material development process
  enhanced
• 2006 materials were reviewed by a team of 50
  CISMs
• 2006 CISM Review Manual now available
• CISM Job Analysis approved in October
• 2007 exam and study materials will reflect new
  job analysis
• 2007 study materials will be developed with same
  team structure as CISA

As of 30 March
24
Professional Benefits

• CISA is a well-recognized qualification in
  internal audit departments, IS audit/computer
  assurance departments and the business process
  re-engineering spectrum of management consulting
• CISA signifies that a person is professionally
  dedicated, and complies with standards and
  expectations.
• Growing number of organizations are requiring
  CISA certification
• Highly respected designation

25
Department of Defense Directive

• US Department of Defense Policy Calls for
  Certifying Up to 80,000ISACAs CISA and CISM
  Among Approved Certifications
• Rolling Meadows, IL, USA (30 May 2006)US
  Department of Defense (DoD) 8570.01-M
  Information Assurance Workforce Improvement
  Program manual names ISACAs Certified
  Information Systems Auditor (CISA) and Certified
  Information Security Manager (CISM)
  certifications among those approved for DoD
  information assurance (IA) professionals. The
  directive requires up to 80,000 professionals to
  earn one of 13 certifications offered by five
  organizations.