ISACA Norway Chapter - Sommermøte 2017

Velkommen til ISACAs sommermøte og generalforsamling 2017.

I år vil vi ha tema som spenner over flere av ISACAs interesseområder. For å hjelpe oss med å dekke helheten har vi i år hentet inn foredragsholdere fra flere land - Canada, Sør Afrika, India og Storbritannia. Temaene vi går inn på omhandler Cloud, Awareness, Revisjon, Virksomhetsstyring og Samhandling. 

Grunnet det store internasjonale bidraget vil sommermøtet i år som i fjor, stort sett foregå på engelsk. Av den grunn har vi også valgt å legge ut programmet på dette noe mer internasjonale språket.

Før sommermøtet starter tar vi en time med årsmøte. Bli med på en trivelig middag og nettverking etter sommermøtet. 

Program:

12:00 – 13:00
Registration
12:30 – 13:30
ISACA Norway Chapter annual meeting 2017
13:30 – 14:00
Food and beverages. Registration for members meeting.
14:00 – 14:15
Opening note from the board
14:15 – 15:00
A business driven approach to IT Governance, using COBIT 5
Tichaona Zororo (ZA), Director with ISACAs International board
15:15 – 16:00
How to increase the Return on Value of an IT training investment
Paul Wilkinson (UK), Director and Owner of gamingworks.nl
16:15 – 17:00
When Private is Public: A Cloud case-study
Ryan Mattinson (CA), Security Practice Lead with Nagarro
17:15 – 18:00
The changing landscape of IT Auditing
Tichaona Zororo (ZA), Director with ISACAs International board
18:15 – 18:45
Challenges & possibilities when sharing information within Cyber Security
Vivek Agrawal (IN), PhD researcher at NTNU
19:00 –
Drinks reception and dinner.


Speakers

Tichaona Zororo (CISA, CISM, CGEIT, CRISC, Certified COBIT 5 Assessor, CIA, CRMA), is a member of ISACA Board of Directors, Deputy Chair of ISACA Audit and Risk Committee, an IT advisory executive with EGIT |Enterprise Governance IT (Pty) Ltd., an IT Advisory firm based in South Africa. He has several years of experience in mainstream IT, IT auditing, security, governance and risk, across private and public sectors in Africa, Europe and Asia. He is an advisor to a number of boards and boards of directors, IT and business leaders across the globe on the utilization of disruptive technologies to create and preserve stakeholder value, governance and management of enterprise IT, IT risk, cybersecurity and IT auditing. He was involved in the development of numerous ISACA white papers and COBIT 5 publications. A renowned COBIT 5 expert, advisor and trainer, Tichaona is credited for being the first COBIT 5 Certified Assessor in Southern Africa. He has served on the ISACA Framework Committee, CGEIT Test Enhancement Subcommittee and External Advocacy Committee, and is the current president of ISACA South Africa Chapter.
Paul Wilkinson has been actively involved in the IT industry for more than 35 years. Fulfilling a wide range of roles ranging from Computer Operator to IT infrastructure operations manager. He was co-author of the ITIL publication “Planning to Implement IT Service Management”, was a member of the ITIL advisory group for ITIL Version 3, and the architects team for ‘ITIL Practitioner’. Paul is also co-director and owner of GamingWorks, the company that developed the internationally renowned ‘Apollo 13 – an ITSM case experience’ ITSM simulation game as well as DevOps, Cybersecurity, Project management and Business & IT-Alignment business simulations. He was also co-author and developer of the ‘ABC of ICT’ (The Attitude, Behavior and Culture of ICT) publications, having conducted ABC workshops and simulation workshops with delegates representing more than 4000 organizations world-wide.
Ryan Mattinson has his background in digital forensics and penetration testing, but over the last 8 years he has worked internationally with clients in every sector on a range of information security projects including security/privacy assessment of cloud services, CISO advisory and security architecture for critical infrastructure. He has presented at a number of international conferences, appeared as a subject matter expert on TV and radio; and given testimony as an expert witness.
Ryan is a Canadian based in Oslo and the current Security Practice Lead at Nagarro AS.
Vivek Agrawal received the MS degree in Information and communication systems security from Royal Institute of Technology, Sweden, in 2013. He is currently working towards the Ph.D. degree in the area of information security management at NTNU, Norway. He is also working on a CCIS funded research project (UnRizkNow) as a part of his Ph.D. research work.


Talks

14:15 – 15:00
A business driven approach to IT Governance, using COBIT 5
TBA
15:15 – 16:00
How to increase the Return on Value of an IT training investment
Digital Transformation’ seems to be the latest industry buzzword. An increasing dependency upon IT brings with it increased exposure to business risk. Boards are recognizing more and more the need for the effective Governance of enterprise IT. Yet we have been promising for years to bring IT under control, adopting frameworks and best practices such as COBIT and ITIL and failing. In this session we will explore how ‘Attitude, Behavior and Culture’ are barriers preventing many from effectively deploying Cobit as a governance instrument. We will also look at how current approaches to training are letting us down, and examine a new approach to training which can help ensure that COBIT theory can be translated into practice, using experiential learning – training that can engage end-to-end stakeholders. Finally, we will look at a case study showing how one organization used this approach to realize business value and reduce business risk, embedding Cobit into behavior.
Takeaways:
Recognize key attitude behavior, culture issues, and how to use the ABC card set to assess your own ABC barriers.
Recognize how the 8-field model can be used to scope and to demonstrate the return on value of a training investment.
Recognize how experiential learning instruments can support ‘Cobit 5.0 implementation and change enablement.
16:15 – 17:00
When Private is Public: A Cloud case-study
Use of the cloud and software as a service are key elements of business strategy for organizations seeking to embrace and benefit from digitalization.
The cost reduction and efficiency gains are becoming increasingly real and apparent. The risk is equally real but often goes unmanaged. Even though cloud providers may go to great lengths to secure their services, many organizations still leak personally identifiable information (PII) of their employees and clients by configuring and using these services insecurely. In this case study we will review a recent cloud privacy breach to understand the root cause and lessons learned. We will finish by covering some common pitfalls and tips to help organizations reap the benefits of cloud services without exposing themselves and their customers to unnecessary risk.
17:15 – 18:00
The changing landscape of IT Auditing
TBA
18:15 – 18:45
Challenges & possibilities when sharing information within Cyber Security
We believe that proper sharing and reuse of knowledge among the information security professionals (ISPs) can improve the quality of their work and overall security in Norway. Therefore, we are establishing an open electronic community of practice (eCoP) to encourage knowledge sharing among the ISPs in the information security area. However, there are many challenges associated with the participation and sharing relevant information in the community. Hence, we are interested to learn about the current state of the participation in eCOP and the preferences of ISPs related to knowledge sharing process. I will introduce my research project in the beginning of the talk and invite all the participants to answer an online questionnaire on their electronic device (mobile, laptop, and tablet PC).  I will present the findings based on the survey response during the end of the session. The input from the ISPs will help us to design the incentive schemes and sharing rules of our electronic community.



Meny, sommermøte:
Forrett

Ørrettartar med sennep, kapers, grovbrød chips og estragonkrem
Hovedretter
Bakt torsk, egg, reker, pepperrot, brunet smør og nypotet
Eller
Entrecote av kalv med løk-krem, sukkererter, vårløk, hasselnøtter og morkelsaus.
Dessert
Jordbær med vaniljeis og havrecrunch

Beklager, påmeldingsfristen er utløpt. Ta kontakt med arrangøren for mer informasjon