|
|||||||||||||||||||||||||||
|
Home
|
What's New? (Posted 02/08/2010) ISACA’s
“IT
professionals are faced with increasing demands to reduce risk and
effectively govern their enterprises’ information technology,” said
Emil D’Angelo, CISA, CISM, international president of ISACA. “ISACA
Training Week provides information security managers, IT auditors and IT
governance professionals with expertise to successfully contribute to
their enterprises’ overall IT health, and helps prepare them for the
CISA, CISM and CGEIT certification exams.” Instructors at the Dallas event include Don Caniglia, CISA, CISM, audit consultant with Campbell & Associates; Craig McGuffin, CISA, CISM, principal of C.R. McGuffin Consulting Services; and John Tannahill, CISM, management consultant specializing in information security and audit services.
The
ISACA Training Week registration fee, which includes course materials, is
US $2,295 for ISACA members and US $2,495 for nonmembers. Participants are
eligible to earn up to 38 continuing professional education (CPE) hours. For
additional ISACA Training Week information or to register, please visit www.isaca.org/trainingweek. Upcoming
ISACA Training Weeks include: ·
24-28 May, ·
13-17 September, ·
11-15 October, ·
6-10 December, Las Vegas, Nevada, USA ________________________________________________________________________________ (Posted 12/18/2009) ISACA Announces New CRISC Certification for Risk Professionals Rolling Meadows, IL, USA (13 January 2010) — ISACA, a global association of 86,000 IT audit, risk, governance and security professionals, is responding to market demand by introducing a new risk-related certification. The Certified in Risk and Information Systems Control (CRISC) designation is for IT professionals who identify and manage risks through the development, implementation and maintenance of information systems (IS) controls. These professionals help enterprises accomplish business objectives such as effective and efficient operations, reliable financial reporting, and compliance with regulatory requirements. A
grandfathering program, through which experienced professionals can earn
the certification without passing an exam, will open in April. The first
CRISC exam will be administered in 2011. -
Risk
identification, assessment and evaluation -
Risk
response -
Risk
monitoring -
IS
control design and implementation -
IS
control monitoring and maintenance CRISC
complements ISACA’s three existing certifications: Certified Information
Systems Auditor ( - CISA is designed for IT professionals who perform independent reviews of control design and operational effectiveness; CRISC is for IT and business professionals who identify, evaluate and manage risk, and design, implement and maintain IS controls. - CISM is for individuals who manage, design, oversee and/or assess an enterprise’s information security, including the identification and management of information security risks; CRISC is for IT professionals whose roles also encompass operational and compliance considerations. - CGEIT is for IT and business professionals who have a significant management, advisory or assurance role relating to the governance of IT, including risk management; CRISC is for IT and business professionals who are engaged at an operational level to mitigate risk. ________________________________________________________________________________ (Posted 01/14/2010) ISACA Chapter Meeting Date/Time: Thursday, February 18, 2010; 11:30 am - 12:30 pm; Place: D'Angelo's; 7970 Jefferson Hwy; Ste F; Baton Rouge, LA 70809 Price: $20.00 for members; $30.00 for non-members. To register click here. ________________________________________________________________________________ (Posted 01/12/2010) Training Event Topic:
Practical Stats: Statistical Sample for Auditors; Presenter: Danny Goldberg of Soft Audit Consulting; Date/Time: Tuesday, April 27, 2010; 8:30 am - 4:30 pm; Place: Blue Cross Blue Shield of LA, Main Campus, Operations Building- Audubon Room; 5525 Reitz Ave; Price: $125.00 for members; $200.00 for non-members. To register click here. For more details about the course content, please click here. ________________________________________________________________________________ (Posted 12/18/2009) 3rd
Annual Wow! event on January 15th The
WOW! Event is an all-day, 8-Hour CPE event, and this year’s theme is
Security and Governance. There will be a number of well-known speakers
lined up, including Robert Stroud – ISACA International’s Vice
President. The event will be held at the Four Seasons Hotel in Miami and the ISACA member cost is $175. Fees also include a breakfast, lunch and admission to the happy hour after the event. Also, in terms of lodging, for folks who would like to stay at the Four Seasons, a $240 per night rate is available (as opposed to the standard ~350-400/night) for ‘ISACA South Florida WOW Event’ attendees. For more details about the event, click here. The
registration link for the event is as follows: http://guest.cvent.com/EVENTS/Info/Invitation.aspx?i=321aec0b-c6e2-4a73-8613-4005619f3518 ________________________________________________________________________________ (Posted 11/03/2009) Cloud
Computing Benefits and Risks Detailed in New ISACA Guidance ________________________________________________________________________________ (Posted 11/03/2009) ISACA International
is partnering with TechTarget to present a virtual seminar and trade show
entitled, GRC and IT Frameworks, Control and Implementations. This
event will take place on 3 November 2009 from 8:00 am to 3:00 pm
(CST). This is a new virtual format for ISACA and we are excited to offer
this opportunity to our members. To view the schedule of events, please
visit http://events.techtarget.com/GRC/.
The
event is free to all registrants and 3 CPE credits will be offered to
participants who attend educational sessions that are part of the day’s
activities. Participants will also have the opportunity to network with
colleagues and interact with speakers, vendors and ISACA staff. ________________________________________________________________________________ (Posted 11/03/2009) Survey:
Employees Plan to Spend Nearly Two Full Work Days Shopping for the
Holidays Using Work Computers ISACA
research reveals major gap between employee’s online behaviors and
business expectations The
potential danger of shopping online is that it can open the door to
viruses, spam and phishing attacks that invade the workplace and cost
enterprises thousands per employee in lost productivity and potentially
millions in destruction or compromise of corporate data. Employees
who shop online using a work computer are also likely to engage in other
high-risk behaviors. Survey participants also bank online (51%), click on
e-mail links redirecting them to shopping sites (40%) and click on links
from social network sites (15%). Yet nearly one in five says they are not
concerned that their online shopping habits may affect the safety of their
organization’s IT infrastructure. “With
the Internet now available to almost any employee in the workplace, it’s
unrealistic to think that companies can completely stop the use of work
computers for online shopping,” said Robert Stroud, international vice
president of ISACA and vice president of IT service management and
governance for the service management business unit at CA Inc. “What
companies can and should do is educate employees about the risks of online
shopping and remind them of their company’s security policy. This is
especially important this year, when the convenience of shopping online
may be very appealing to employees whose workloads have doubled or tripled
because of downsizing.” Upwardly
Mobile Shopping This
survey also found that more than one in 10 Americans who use a mobile work
device such as a BlackBerry or iPhone plan to use it for holiday shopping.
The increasing use of mobile work devices for personal business such as
shopping can lead to additional security issues and exposure to data loss
for a company. “The
lines between work and personal data are becoming more and more blurred as
a growing number of people check work e-mail from their own phone or PDA,
or use a work-supplied mobile device to shop or update their Facebook
page. As our mobility increases, so does the risk to our corporate IT
systems,” said John Pironti, a member of ISACA’s Certification Task
Force and chief information risk strategist for Archer Technologies. A
significant percentage of those surveyed do not actively manage their work
computer’s security. Thirty percent report that they leave security up
to their company’s IT department. Of those who connect via a wireless
connection, 30% don’t or don’t know how to check the security of
wireless settings and just 21% personally check their work computer for
the most recent security patches. Reality
Gap between Employees and the IT Department A
separate ISACA survey of more than 1,500 IT professionals, who are ISACA
members in nine countries, conducted during the same time period shows a
major gap between what the IT department believes and what the employees
are planning when it comes to online holiday shopping. Close to half (48%)
of those in IT believe employees will spend just over one work day, or
nine hours, shopping online from a work computer—yet ISACA’s consumer
survey shows that employees will average closer to two work days, or 14.4
hours. IT
professionals are realistic about the potentially staggering costs of
shopping online for the holidays from workplace computers. One in four
estimates that their company will lose US $15,000 or more per employee in
productivity during this year’s holiday season. “The
reality gap between the IT department’s perceptions and the online
shopping behaviors of the rest of the company actually represents an
important opportunity for IT,” said Paul Williams, a member of ISACA’s
Governance Advisory Council and a past president of the association. “By
educating employees and communicating common-sense online policies, IT can
better protect one of the most critical assets a company has—its IT
systems.” ISACA
recommends that employees and IT departments take the following steps to
reduce the risk of spam, viruses and accidental downloading of backdoor
“agents” that can highjack corporate data. 1.
Use your desktop PC, not your mobile device, to shop, because your desktop
browser is likely to be more secure. 2.
Protect sensitive information, like credit card numbers, by
password-protecting both your mobile device and its memory card. 3.
Make sure you update your anti-virus and anti-malware programs
continually. 4.
Treat social networking sites with the same caution as other web
sites—social sites are a growing target for fraudsters and virus
writers. 5. Be cautious of special offers. If it looks too good to be true, it probably is. Fake online offers and coupons may lead to harmful sites, so be suspicious.
1.
Educate employees. Blocking sites can do more harm than good, causing
employees to seek out less secure ways to get around your blockade.
Education works better. 2.
Get employees on board with learning by teaching them how to protect both
their work computers and their home computers. 3.
Reinforce what you teach by having employees sign an acceptable-use policy
every year. 4.
Offer a “safe zone” for holiday shopping—create an online sandbox
that can be taken down after the holidays. 5. Don’t wait until Cyber Monday to step up security. Think of “Cyber Season” as the time from September to January and be extra-diligent throughout that time.
The
second annual “Shopping on the Job: Online Holiday Shopping and
Workplace Internet Safety” survey is based on online polling in
September 2009 of 1,210 US consumers and 1,513 IT professionals. The IT
portion of the study provides the business/IT department’s perspective,
polling members of ISACA in nine countries: the ________________________________________________________________________________ (Posted 9/03/2009) TIGER TRAP 2010 - Cyber Security Capture the Flag event For more details click here. ________________________________________________________________________________ (Posted 5/27/2009) In an effort
to keep our membership informed, your ISACA BR Chapter has created a
Twitter profile for the Baton Rouge ISACA chapter. You can find the
listing as ISACABR at www.twitter.com.
You can find updates about events, trainings and everyday notices through
this account if you are interested in joining as a follower. ________________________________________________________________________________ (Posted 4/24/2009)
CISA Wins Award, CISM NamedFinalist, CGEIT Earned by 3,000 Pros We are pleased to announe that CISA has won SC Magazine's award for Best Certification Program this year, and CISM was named a finalist in the same category. To see the announcement, click here. Additional information on the award is available at this site. ISACA's CGEIT certification also has important news this week. It has now been earned by more than 3,000 professionals. To see the announcement, click here. ________________________________________________________________________________ Non-members - If you are a non-member, but would like to be added to the ISACA-Baton Rouge e-mail distribution list for notification of Chapter Meetings, training opportunities and other events, please send an e-mail to: emailme@isaca-br.org ________________________________________________________________________________
Chapter News and Information
Website hits Bronze
Excerpt of the email from HQ...
On behalf of the ISACA International Membership Board, I am pleased to extend congratulations to the Baton Rouge Chapter for achieving recognition for your web site. Your chapter has been awarded a bronze-level award for 2008. You should be proud of the work your chapter put forth in the design, content and management of your chapter web site to earn this recognition.
Every year, the Membership Board reviews all of the chapter web sites that link from the ISACA International web site (www.isaca.org/chapters).
Please accept our congratulations on a job well done by you and your chapter board.
Best regards,
Summer
R. Cole
(last updated 04/17/09)
Chapter has new permanent mailing address
All inquiries and mail can now be mailed to BR Chapter of ISACA @ PO Box 4561, Baton Rouge, LA 70821.
(last updated 04/21/09)
Chapter Officers
- Stacy Manning - President - Slava Sotnikov - Vice President - Collen McGehee - Secretary/Treasurer - Dana Tarver - Publicity Coordinator - Michael Redmond - CISA/CISM Coordinator - Michelle Seeling - Membership Coordinator - Jon Davis - Marketing Director - Rochana Lahiri - Webmaster - The latest growth statistics for our Chapter are as follows:
As of 04/03/2009
(last updated 11/24/09)
Chapter Mission Statement
The mission of the Baton Rouge Chapter of ISACA (in affiliation with ISACA International) is to:
|
||||||||||||||||||||||||||
|
Disclaimer and Privacy Statement Send an email to the Webmaster |
|||||||||||||||||||||||||||
