Find resources in one of these key areas:
Or, Look for someone specifically by their specialty:
Section 5970 Audit Seminar:Upon completion of this seminar, participants should be better able to understand their respective organization’s responsibilities with respect to completing an audit under Section 5970 of the CICA Handbook. The seminar will introduce participants to the S5970 Standard, including basic S5970 terms, differentiate between the responsibilities of user auditors, service auditors and the service organization and describe the content and differences between Type I and Type II Service Auditor’s reports. Participants will be guided through planning and scoping activities, including establishing relevant control objectives as defined by the Standard and how to identify and document appropriate control techniques. The Presenters will also describe common pitfalls faced in implementing an audit in the first year, how much effort is generally required by the service organization and common deficiencies that they have encountered in the course of their S5970 auditing experience. The seminar will wrap up with a discussion on current drivers, trends and benefits including an overview of new Service Auditor Standard slated for 2011.Unified Compliance Seminar:The compliance burden in today’s technology world is heavy and is bound to increase in weight. As companies enjoy horizontal growth, they can find themselves managing five or more disparate regulatory bodies. IT leaders find themselves repeatedly designing compliance systems for overlapping reporting, leaving strategic revenue or growth opportunities to compete for a distant second place in resource allocation. The majority of costs associated with improving IT compliance come from frequently repeating time-consuming processes. This seminar is an opportunity for participants to take better control over their compliance needs. During the seminar, the presenter will address issues such as how taking a unified approach to compliance can: - Help reduce compliance overhead - Manage the complexity of compliance challenges - Provide value to business owners and enhance organizational efficiency - Work to reduce risk by optimizing processes and control efficiency The presenter will also discuss the different approaches that companies can follow to achieve a unified approach to compliance that more effectively link implementation, monitoring, and compliance efforts as part of the overall IT strategy.
Abby Hakim, CISAAbby Hakim is a Senior Manager in KPMG’s Risk and Compliance Advisory Services practice. Abby leads the IT Attestation Services (includes S5970) for KPMG in Western Canada and is the lead project manager on a number of S5970s. He also has experience leading tailored, specialized section 5025 audits of compliance with specified evaluation criteria. Abby is a Certified Information Systems Auditor (CISA) with over thirteen years of risk and controls experience. His experience includes designing, documenting, evaluating and testing, and providing assurance and advice on processes and controls for a wide range of business processes and technical environments. Abby has a Masters in International Financial Analysis from the University of Newcastle-upon-Tyne, UK and a Bachelor of Science in Economics with Computer Studies from the University of Sunderland, UK. Jason Stevenson, CISA, CISSPJason is a Senior Manager in KPMG’s Advisory Services practice, and serves as product leader for our Information Protection service line in Western Canada. Jason’s focus is assessing information’s confidentiality, integrity and availability and associated internal control practices for mitigation of risk inherent in today’s reliance on technology. He has led and/or conducted risk assessments, technical security reviews, security design/architecture, penetration studies (“ethical hacking”), IT attestations (e.g. S5970, SysTrust), and IT governance and performance assessments for numerous clients in a range of industries, including the public sector. These projects include identifying and assessing people, process, and technology aspects of strategy, management, policies/procedures and detailed technical specifications to address those risks for complex network environments, on-line transaction processing systems, n-tier client/server architectures, enterprise resource planning systems, real-time systems, and wireless networks. Jason is a Certified Information Systems Auditor, a Certified Information Systems Security Professional and holds the BS 15000/ISO20000 Auditor designation and the ITIL Foundation Certificate. Jason began his career with KPMG’s Victoria office and has also spent time in KPMG’s Vancouver and London (UK) offices. He is currently enrolled in the CMA Executive Program at the University of Victoria.
The details of the event and the registration form can be found at this link:
http://www.isacavictoria.ca/events/seminars.php?id=107
Begbie Room, Union Club, 805 Gordon St. Victor
Information Systems Audit and Control Association (ISACA) Victoria Chapter Colin Booth Phone: (250) 472-3546 Email: colin.booth@shaw.ca
Complete the attached Registration form and submit in accordance with the instructions on the form. A maximum of 50 registrations will be accepted. http://www.isacavictoria.ca/events/seminars.php?id=107
After March 1 - no refund, however the registration is transferable. Please notify the registrar of a substitution of registrants.
