ISACA 

Baton Rouge, 

Louisiana Chapter 

Home

About

Events

Newsletter

Membership

Certification

Officers

Feedback

Resources

Presentations

Job Postings

 

 

 

 

 

What's New?

(Posted 02/08/2010)

ISACA’s Dallas Training Week Provides Tools for IT Career Success

Rolling Meadows , Illinois , USA (2 February 2010) — IT departments play critical roles not only in the achievement of business goals and objectives, but in the overall security of enterprises, as well. To help IT audit, security and governance professionals learn new strategies and solutions, ISACA will host Training Week in Dallas , Texas , USA , from 22-26 March 2010, at the InterContinental Dallas.

“IT professionals are faced with increasing demands to reduce risk and effectively govern their enterprises’ information technology,” said Emil D’Angelo, CISA, CISM, international president of ISACA. “ISACA Training Week provides information security managers, IT auditors and IT governance professionals with expertise to successfully contribute to their enterprises’ overall IT health, and helps prepare them for the CISA, CISM and CGEIT certification exams.”  

Instructors at the Dallas event include Don Caniglia, CISA, CISM, audit consultant with Campbell & Associates; Craig McGuffin, CISA, CISM, principal of C.R. McGuffin Consulting Services; and John Tannahill, CISM, management consultant specializing in information security and audit services.

Who

ISACA

What

ISACA Training Week

When

22-26 March 2010

Where

InterContinental, Dallas , Texas , USA

Web site

www.isaca.org/trainingweek

 

The ISACA Training Week registration fee, which includes course materials, is US $2,295 for ISACA members and US $2,495 for nonmembers. Participants are eligible to earn up to 38 continuing professional education (CPE) hours.

For additional ISACA Training Week information or to register, please visit www.isaca.org/trainingweek.

Upcoming ISACA Training Weeks include:

·  24-28 May, Charlotte , North Carolina , USA

·  13-17 September, Orlando , Florida , USA

·  11-15 October, Indianapolis , Indiana , USA

·  6-10 December, Las Vegas, Nevada, USA

________________________________________________________________________________

(Posted 12/18/2009)

ISACA Announces New CRISC Certification for Risk Professionals

Rolling Meadows, IL, USA (13 January 2010) — ISACA, a global association of 86,000 IT audit, risk, governance and security professionals, is responding to market demand by introducing a new risk-related certification. The Certified in Risk and Information Systems Control (CRISC) designation is for IT professionals who identify and manage risks through the development, implementation and maintenance of information systems (IS) controls. These professionals help enterprises accomplish business objectives such as effective and efficient operations, reliable financial reporting, and compliance with regulatory requirements.

A grandfathering program, through which experienced professionals can earn the certification without passing an exam, will open in April. The first CRISC exam will be administered in 2011.

ISACA established CRISC (pronounced “see risk”) to recognize IT professionals with skills and abilities related to:

- Risk identification, assessment and evaluation

- Risk response

- Risk monitoring

- IS control design and implementation

- IS control monitoring and maintenance

The CRISC designation will demonstrate to employers that the certification holder is able to identify and evaluate the risks unique to a specific organization and help the enterprise accomplish its business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls,” said Urs Fischer , chair of ISACA’s CRISC Task Force. “We conducted an extensive amount of research globally and found that enterprises are becoming more risk-aware and are looking to identify professionals who possess the skills to help them protect their assets and enhance their businesses. CRISC fills a gap that currently exists in the marketplace.  

CRISC complements ISACA’s three existing certifications: Certified Information Systems Auditor ( CISA ), established in 1978 and earned by more than 70,000 professionals since its inception; Certified Information Security Manager (CISM), earned by more than 12,000 professionals since it was launched in 2002; and the newer Certified in the Governance of Enterprise IT (CGEIT), earned by more than 4,000 professionals since it was developed in 2006:

- CISA is designed for IT professionals who perform independent reviews of control design and operational effectiveness; CRISC is for IT and business professionals who identify, evaluate and manage risk, and design, implement and maintain IS controls.

- CISM is for individuals who manage, design, oversee and/or assess an enterprise’s information security, including the identification and management of information security risks; CRISC is for IT professionals whose roles also encompass operational and compliance considerations.

- CGEIT is for IT and business professionals who have a significant management, advisory or assurance role relating to the governance of IT, including risk management; CRISC is for IT and business professionals who are engaged at an operational level to mitigate risk.

Additional information about the CRISC certification is available at www.isaca.org/crisc.

________________________________________________________________________________

(Posted 01/14/2010)

ISACA Chapter Meeting

Date/Time: Thursday, February 18, 2010; 11:30 am - 12:30 pm;

Place:  D'Angelo's; 7970 Jefferson Hwy; Ste F; Baton Rouge, LA 70809

Price:  $20.00 for members; $30.00 for non-members.

To register click here.

________________________________________________________________________________

(Posted 01/12/2010)

Training Event

Topic:  Practical Stats: Statistical Sample for Auditors;  

Presenter: Danny Goldberg of Soft Audit Consulting;

Date/Time: Tuesday, April 27, 2010; 8:30 am - 4:30 pm;

Place:  Blue Cross Blue Shield of LA, Main Campus, Operations Building- Audubon Room; 5525 Reitz Ave;

Price:  $125.00 for members; $200.00 for non-members.

To register click here. For more details about the course content, please click here.

________________________________________________________________________________

(Posted 12/18/2009)

3rd Annual Wow! event on January 15th , 2010 from ISACA South Florida Chapter

The WOW! Event is an all-day, 8-Hour CPE event, and this year’s theme is Security and Governance. There will be a number of well-known speakers lined up, including Robert Stroud – ISACA International’s Vice President.

The event will be held at the Four Seasons Hotel in Miami and the ISACA member cost is $175. Fees also include a breakfast, lunch and admission to the happy hour after the event.

Also, in terms of lodging, for folks who would like to stay at the Four Seasons, a $240 per night rate is available (as opposed to the standard ~350-400/night) for ‘ISACA South Florida WOW Event’ attendees.

For more details about the event, click here.

The registration link for the event is as follows:

http://guest.cvent.com/EVENTS/Info/Invitation.aspx?i=321aec0b-c6e2-4a73-8613-4005619f3518

________________________________________________________________________________

(Posted 11/03/2009)

Cloud Computing Benefits and Risks Detailed in New ISACA Guidance

Rolling Meadows, IL, USA (29 October 2009) — Cloud computing is rapidly becoming a business information technology (IT) buzz word, but there is still much debate on what exactly it is and how it benefits enterprises. A new white paper from ISACA, a nonprofit association of 86,000 global information technology professionals, clearly describes how enterprises can achieve greater efficiencies and mitigate new risks associated with cloud computing. The white paper, Cloud Computing:  Business Benefits with Security, Governance and Assurance Perspectives, is available as a free download from www.isaca.org/cloud.

Cloud computing offers enterprises the ability to reduce IT infrastructure costs through a model of paying for service on demand. This requires less upfront capital expenditure and allows businesses to benefit from the ability to efficiently ramp up and power down based on current needs, as well as the flexibility to introduce new IT services.

“One way of describing cloud computing is to compare it to a utility,” said Jeff Spivey , trustee for the IT Governance Institute, which is affiliated with ISACA, and director of Security Risk Management, Inc. “In the same way businesses pay for the amount of electricity, gas and water that they use, there is now the ability to pay for IT services based on how much is consumed.”

 As with any new advancement, though, there are many facets to consider.

“The benefits of cloud computing are tremendous, but it also creates new risks and security concerns,” added Spivey. “Through cloud computing, IT services can be contracted through an external provider, so new governance and control approaches are needed to ensure flexibility, resilience and security.”

According to the white paper, in addition to the financial savings involved with cloud computing, one of this model’s strengths is for enterprises to streamline processes and increase innovation. This can translate into more reliable backup, more satisfied customers, increased scalability and possibly even higher margins.

While the risks associated with cloud computing may be similar to business IT risks already addressed, enterprises may need to adjust their policies and procedures to focus on the new dynamic environment. The white paper also delivers effective strategies for mitigating risks and addressing assurance issues related to cloud computing.

“The cloud represents a major change in the way computing resources will be utilized,” said Spivey. “By addressing many of these issues in advance, and with the involvement of a broad range of stakeholders, enterprises can gain significant advantage with appropriate control.”

In recognition of new risks around this emergent technology, ISACA has become an affiliate of the Cloud Security Alliance, which collaborated on this paper and will be involved in joint projects with ISACA in the future (www.cloudsecurityalliance.org).

________________________________________________________________________________

(Posted 11/03/2009)

ISACA International is partnering with TechTarget to present a virtual seminar and trade show entitled, GRC and IT Frameworks, Control and Implementations. This event will take place on 3 November 2009 from 8:00 am to 3:00 pm (CST). This is a new virtual format for ISACA and we are excited to offer this opportunity to our members. To view the schedule of events, please visit http://events.techtarget.com/GRC/.

The event is free to all registrants and 3 CPE credits will be offered to participants who attend educational sessions that are part of the day’s activities. Participants will also have the opportunity to network with colleagues and interact with speakers, vendors and ISACA staff.

 Please direct any questions, calls or e-mails regarding this event to Laureen Kaczmarek (lkaczmarek@isaca.org or +1.847.660.5532).

________________________________________________________________________________

(Posted 11/03/2009)

Survey: Employees Plan to Spend Nearly Two Full Work Days Shopping for the Holidays Using Work Computers

ISACA research reveals major gap between employee’s online behaviors and business expectations

Rolling Meadows, IL, USA (21 October 2009) — Employees plan to spend nearly two full working days (14.4 hours) on average shopping online from a work computer this holiday season, according to a survey conducted on behalf of ISACA, a nonprofit association of 86,000 information technology (IT) professionals. One in 10 plans to spend at least 30 hours shopping online at work. Convenience (34%) and boredom (23%) are the biggest motivators, according to those polled.

Despite an economy expected to show flat or declining holiday retail sales, the second annual “Shopping on the Job: Online Holiday Shopping and Workplace Internet Safety” survey found that fully half of those surveyed plan to shop online for the holidays using a work computer. Less surprising is a growing uncertainty—the number of employees who are unsure about whether they will spend more or less time shopping online compared to a year ago has doubled.

The potential danger of shopping online is that it can open the door to viruses, spam and phishing attacks that invade the workplace and cost enterprises thousands per employee in lost productivity and potentially millions in destruction or compromise of corporate data.

Employees who shop online using a work computer are also likely to engage in other high-risk behaviors. Survey participants also bank online (51%), click on e-mail links redirecting them to shopping sites (40%) and click on links from social network sites (15%). Yet nearly one in five says they are not concerned that their online shopping habits may affect the safety of their organization’s IT infrastructure.

“With the Internet now available to almost any employee in the workplace, it’s unrealistic to think that companies can completely stop the use of work computers for online shopping,” said Robert Stroud, international vice president of ISACA and vice president of IT service management and governance for the service management business unit at CA Inc. “What companies can and should do is educate employees about the risks of online shopping and remind them of their company’s security policy. This is especially important this year, when the convenience of shopping online may be very appealing to employees whose workloads have doubled or tripled because of downsizing.”

Upwardly Mobile Shopping

This survey also found that more than one in 10 Americans who use a mobile work device such as a BlackBerry or iPhone plan to use it for holiday shopping. The increasing use of mobile work devices for personal business such as shopping can lead to additional security issues and exposure to data loss for a company.

“The lines between work and personal data are becoming more and more blurred as a growing number of people check work e-mail from their own phone or PDA, or use a work-supplied mobile device to shop or update their Facebook page. As our mobility increases, so does the risk to our corporate IT systems,” said John Pironti, a member of ISACA’s Certification Task Force and chief information risk strategist for Archer Technologies.

A significant percentage of those surveyed do not actively manage their work computer’s security. Thirty percent report that they leave security up to their company’s IT department. Of those who connect via a wireless connection, 30% don’t or don’t know how to check the security of wireless settings and just 21% personally check their work computer for the most recent security patches.

Reality Gap between Employees and the IT Department

A separate ISACA survey of more than 1,500 IT professionals, who are ISACA members in nine countries, conducted during the same time period shows a major gap between what the IT department believes and what the employees are planning when it comes to online holiday shopping. Close to half (48%) of those in IT believe employees will spend just over one work day, or nine hours, shopping online from a work computer—yet ISACA’s consumer survey shows that employees will average closer to two work days, or 14.4 hours.

IT professionals are realistic about the potentially staggering costs of shopping online for the holidays from workplace computers. One in four estimates that their company will lose US $15,000 or more per employee in productivity during this year’s holiday season.

“The reality gap between the IT department’s perceptions and the online shopping behaviors of the rest of the company actually represents an important opportunity for IT,” said Paul Williams, a member of ISACA’s Governance Advisory Council and a past president of the association. “By educating employees and communicating common-sense online policies, IT can better protect one of the most critical assets a company has—its IT systems.”

5 Tips for Safe Shopping From the Office Computer

ISACA recommends that employees and IT departments take the following steps to reduce the risk of spam, viruses and accidental downloading of backdoor “agents” that can highjack corporate data.

For online shoppers:

1.   Use your desktop PC, not your mobile device, to shop, because your desktop browser is likely to be more secure.

2.   Protect sensitive information, like credit card numbers, by password-protecting both your mobile device and its memory card.

3.   Make sure you update your anti-virus and anti-malware programs continually.

4.   Treat social networking sites with the same caution as other web sites—social sites are a growing target for fraudsters and virus writers.

5.   Be cautious of special offers. If it looks too good to be true, it probably is. Fake online offers and coupons may lead to harmful sites, so be suspicious.

 

For the IT department:

1.   Educate employees. Blocking sites can do more harm than good, causing employees to seek out less secure ways to get around your blockade. Education works better.

2.   Get employees on board with learning by teaching them how to protect both their work computers and their home computers.

3.   Reinforce what you teach by having employees sign an acceptable-use policy every year.

4.   Offer a “safe zone” for holiday shopping—create an online sandbox that can be taken down after the holidays.

5.   Don’t wait until Cyber Monday to step up security. Think of “Cyber Season” as the time from September to January and be extra-diligent throughout that time.

 

About the ISACA Shopping on the Job Survey

 

The second annual “Shopping on the Job: Online Holiday Shopping and Workplace Internet Safety” survey is based on online polling in September 2009 of 1,210 US consumers and 1,513 IT professionals. The IT portion of the study provides the business/IT department’s perspective, polling members of ISACA in nine countries: the US , Canada , Mexico , the UK , France , Germany , Hong Kong , India and Australia . The study, which was designed to capture insights about online holiday shopping at work and employee compliance with workplace policies governing online shopping, was conducted by M/A/R/C Research and ISACA, respectively. The M/A/R/C study results contain a margin of error of 3.9% at the 95% confidence level.

________________________________________________________________________________

(Posted 9/03/2009)

TIGER TRAP 2010 - Cyber Security Capture the Flag event

For more details click here.

________________________________________________________________________________

(Posted 5/27/2009)

In an effort to keep our membership informed, your ISACA BR Chapter has created a Twitter profile for the Baton Rouge ISACA chapter. You can find the listing as ISACABR at www.twitter.com.  You can find updates about events, trainings and everyday notices through this account if you are interested in joining as a follower.  

________________________________________________________________________________

(Posted 4/24/2009)

 

CISA Wins Award, CISM NamedFinalist, CGEIT Earned by 3,000 Pros

We are pleased to announe that CISA has won SC Magazine's award for Best Certification Program this year, and CISM was named a finalist in the same category.  To see the announcement, click here.  Additional information on the award is available at this site.

ISACA's CGEIT certification also has important news this week. It has now been earned by more than 3,000  professionals. To see the announcement, click here.

________________________________________________________________________________

Non-members - If you are a non-member, but would like to be added to the ISACA-Baton Rouge e-mail distribution list for notification of Chapter Meetings, training opportunities and other events, please send an e-mail to:  emailme@isaca-br.org

________________________________________________________________________________

 

Chapter News and Information

 

 

Website hits Bronze

 

Excerpt of the email from HQ...

 

On behalf of the ISACA International Membership Board, I am pleased to extend congratulations to the Baton Rouge Chapter for achieving recognition for your web site.  Your chapter has been awarded a bronze-level award for 2008. You should be proud of the work your chapter put forth in the design, content and management of your chapter web site to earn this recognition.

 

Every year, the Membership Board reviews all of the chapter web sites that link from the ISACA International web site (www.isaca.org/chapters).  

 

Please accept our congratulations on a job well done by you and your chapter board.

 

Best regards,

 

Summer R. Cole
Membership Services Coordinator

 

(last updated 04/17/09)

 

Chapter has new permanent mailing address

 

All inquiries and mail can now be mailed to BR Chapter of ISACA @ PO Box 4561, Baton Rouge, LA 70821.

 

(last updated 04/21/09)

 

 

Chapter Officers


Congratulations to the newly elected 2009-20010 ISACA-Baton Rouge Chapter Officers:

- Stacy Manning - President

- Slava Sotnikov - Vice President

- Collen McGehee - Secretary/Treasurer

- Dana Tarver - Publicity Coordinator

- Michael Redmond - CISA/CISM Coordinator

- Michelle Seeling - Membership Coordinator

- Jon Davis - Marketing Director

- Rochana Lahiri - Webmaster

- The latest growth statistics for our Chapter are as follows:

 

Member Totals

10/31/09

Member Totals

10/31/08

Member Totals

10/31/07

% Change

2009 vs. 2008

% Change

2009 vs. 2007

169

149

145

13% increase

17% increase

As of 04/03/2009

CISAs

CISMs

CGEIT

63

13

3

 

(last updated 11/24/09)

 

Chapter Mission Statement

 

The mission of the Baton Rouge Chapter of ISACA (in affiliation with ISACA International) is to: 

 

Promote information governance, security and audit standards, practices and controls through the education, certification and professional networking of our members.

Promote awareness and recognition of the competencies and practices of information governance, security, and audit professionals among our community stakeholders.

 

 

Disclaimer and Privacy Statement

Send an email to the Webmaster