Below are radio ads promoting CISA and CISM to information assurance professionals affected by US Department of Defense directive 8570.01.
Training Opportunities:
June 19,
2008
Chapter Luncheon
Topic: Shrill, Hysterical and Misunderstood? Four Practical Steps for
Building a high-performing Information Security Organization
Date: Thursday, June 19, 2008
Time: 12:00 - 1:30 pm
Speaker: Gene Kim is the CTO and founder of Tripwire, Inc. and Paul Love -
CISSP, CISA, CISM, Director of Information Security at The Standard.
One of the most important trends in 2008 is the transition taking place in information security. In this age of ever increasing information security risks, regulatory compliance requirements and the need to support the organization, information securitys days as a stand-alone effort needs to end. While security shares the same objectives as others in the organization -- to ensure that IT is helping the business meet its goals, effectively, efficiently and securely -- enterprise security management functions are being pushed out into IT units and business groups. So, how can information security survive in this environment without constantly being at odds with IT operations and compliance efforts? Based on 10 years of research, the Security Visible Ops methodology describes how to link IT security and operational objectives in four practical steps by integrating security controls into IT operational, software development and project management processes.
Gene Kim is the CTO and founder of Tripwire, Inc. In 1992, he co-authored Tripwire while at Purdue University with Dr. Gene Spafford. Since then, Tripwire has been adopted by more than 6,000 enterprises worldwide. Since 1999, he has been studying high performing IT operations and security organizations, which led Gene to co-found the IT Process Institute (ITPI) in 2004. In conjunction with the ITPI, Gene co-authored the "Visible Ops
Handbook: Implementing ITIL in Four Practical And Auditable Steps" which has since sold over 75,000 copies. He was a principal investigator on the IT Controls Performance Study project, and in 2008, he co-authored the Security Visible Ops, a handbook describing how to link IT security and operational objectives in four practical steps by integrating security controls into IT operational, software development and project management processes. Gene currently serves on the Advanced Technology Committee for the Institute of Internal Auditors where he is part of the GAIT task force, which has created guidance on how to scope IT general controls for SOX-404.
In 2007, he was given the Outstanding Alumnus Award by the Department of Computer Sciences at Purdue University for achievement and leadership in the profession.
Paul Love - CISSP, CISA, CISM, Security+, has been in the IT field for over 15 years. Paul holds a Masters of Science degree in Network Security and a Bachelors in Information Systems. He has co-authored three security books, contributed to multiple Linux/Unix books, and has been the technical editor for over 10 best selling Linux and Unix books. Paul ran a successful Linux portal site during the dot com era and has been an avid Unix/Linux user and administrator both professionally and as a hobby for many years. Paul is currently the Director of Information Security at The Standard.
Job listings page.
Sr.
IT Internal Auditor
To post job listings contact a chapter
officer.
Chapter programs are open to all individuals interested in the field of Information Systems Auditing, Systems Controls, and Systems Security. For more information, contact Sean Sherman.
Download presentations
May
Presentation
Effective SDLC's:
Balancing Delivery and Control
Database Security Standards and Audit Implementation
March
Luncheon Presentation Documents
Cobit
Presentation
Cobit 4.1 Executive
Summary
Mapping Cobit to ISO 17799
PCI Presentation - PowerPoint Presentation
Information integrity and controls for business intelligence solutions - PowerPoint Presentation
Access Management PowerPoint Presentation
The Hacking Evolution: New Trends in Web Application Exploits and Vulnerabilities PowerPoint Presentation
IT Risk Assessment Framework PowerPoint Presentation
Chapter Bylaws
available here
UPCOMING EVENTS &
ANNOUNCEMENTS
For a complete listing of all planned activities,
please visit our Programs section. We will be
updating these items throughout the year.
ABOUT THE Information Systems Audit &
Control Association (ISACA)
ISACA is the only
professional membership association dedicated to information systems audit,
control and security. The Association was founded in 1969, and has grown
into an international organization of over 47,000 information system
professionals in 140 countries. ISACA fosters professionalism by facilitating
information transfer, communication, education, and standards. The
Certified Information Systems Auditor (CISAŽ) designation is granted to those
individuals whose competency has been tested and demonstrated. For more
information on the parent organization, CLICK HERE.
WILLAMETTE VALLEY CHAPTER
MEMBERSHIP
ISACA members
participate in one of more than 150 chapters of the Association. Members benefit
by having discounted materials developed by IS audit professionals, and
excellent opportunities to network with professionals in the same field.
A quarterly ISACA journal updates members with the latest developments in the
field and provides in-depth study for auditing various IS issues of the
companies. To learn more about local chapter benefits, contact our membership
officer, Sean Sherman.
Get Acrobat Reader here
free if you don't have it.
