Below are upcoming chapter conferences, seminars, review courses, and other events. Prior chapter events can also be viewed.
For information on our event policies, see https://isaca-gwdc.org/event-policies/.
The 2023 Annual FISMA Conference provides a useful update to IT Auditors on the current landscape of efforts to comply with the Federal Information Security Modernization Act of 2014 (FISMA). Come hear perspectives from senior federal executives from the Office of the National Cyber Director, National Institute of Standards and Technology, and the United States Department of Justice who play key roles in FISMA compliance efforts. During this session, we will learn about recent changes to the FISMA metrics, and the opportunities and challenges agencies face in complying with FISMA.
IT advisory or audit professionals that serve or support the Public Sector should attend this event.
Registration closes on April 12, 2023 @ 12pm. This is a free virtual event for GWDC Members.
The ISACA Greater Washington D.C. Chapter is proud to have Cotton, A Sikich Company as the sponsor for this annual event.
Founded in 1981, Cotton is a certified public accounting firm headquartered in historic Old Town Alexandria, Virginia. Cotton has focused our practice on providing services predominantly for governmental agencies and programs, and we have continued to expand both our client base and our range of services. Today, Cotton provides a full range of audit, accounting, IT, and management consulting services. In 2022, Cotton was acquired by Sikich LLP, a global company specializing in technology-enabled professional services. With more than 1,500 employees, Sikich draws on a diverse portfolio of technology solutions to deliver transformative digital strategies and ranks as one of the largest CPA firms in the United States. From corporations and not-for-profits to state and local governments and federal agencies, Sikich clients utilize a broad spectrum of services and products to help them improve performance and achieve long-term, strategic goals.
2:45 PM – 2:55 PM
3:00 PM – 4:50 PM
Panel Discussion: 2023 Annual FISMA and Risk Management Framework
4:55 PM – 5:00 PM
Yehuda Schmidt joined Cotton, A Sikich Company in January 2015. Yehuda has 30 years’ experience in assisting federal government agencies with finance, accounting, business process improvement, information technology (IT) internal controls, and program management. He has extensive experience in managing reviews of internal controls over financial reporting, operational controls, and risk management in compliance with Office of Management and Budget (OMB) Circular A-123. Yehuda is leading client’s IT risk assessments in compliance with NIST SP 800-37, and IT assessment in compliance with NIST SP 800-53.
Yehuda holds an MBA in Finance and Entrepreneurship, and B.Sc. in Accounting and Economics from the Hebrew University of Jerusalem, Israel. He is a Certified Public Accountant (CPA), a Certified Information Systems Auditor (CISA), a Certified Risk and Information Systems (CRISC), and Certified Governance of Enterprise IT (CGEIT).
Melinda Rogers was designated as Deputy Assistant Attorney General for Information Resource Management in September 2020. Prior to her designation, she served as Deputy Chief Information Officer (CIO), and earlier she was the Department’s Chief Information Security Officer (CISO). In her role as CIO, Ms. Rogers is responsible for overseeing the Department’s $3.4 billion Information Technology (IT) investment portfolio, providing strategic direction to DOJ Components, and directly supporting mission operations through IT service delivery. Additionally, within Ms. Rogers’ purview is the Department’s Cybersecurity Program, which proactively monitors and mitigates risks associated with the management, security, and acquisition of DOJ technology assets. Ms. Rogers also has extensive experience in the banking and financial services sector in private industry, where she was most recently Equifax’s Assistant Vice President for Fraud Prevention and Identity Verification Solutions.
Ms. Rogers received her MBA from Emory University in Atlanta and is an alumna of George Mason University.
Victoria Yan Pillitteri is a supervisory computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST). Ms. Pillitteri is the Acting Manager of the Security Engineering and Risk Management Group and also leads the Federal Information Security Modernization Act (FISMA) Implementation Project, supervising a team of technical and administrative staff that are responsible for conducting the research and development of the suite of risk management guidance used for managing cybersecurity risk in the federal government, and associated stakeholder outreach and public-private coordination/collaboration efforts. She serves as the lead of the Joint Task Force working group, a partnership with Department of Defense, the Intelligence Community and Civilian Agencies to develop a unified security framework to protect USG from cyberattacks and is co-chair of the Federal Cybersecurity and Privacy Professionals Forum hosted NIST.
She previously worked on development of the Cybersecurity Framework and Privacy Framework, led the NIST Smart Grid and Cyber Physical Systems Cybersecurity Research Programs, served on the board of directors of the Smart Grid Interoperability Panel, and completed a detail in the office of the NIST Director as an IT policy advisor. She has co-authored a number of NIST Special Publications (SPs) and Interagency Reports (IRs) on information security, including SP 800-12, 800-37, 800-53, 800-82, 800-171, 800-171A, 800-171B, 800-137A, 1108 and IR 7628.
Victoria holds a B.S. in Electrical Engineering from the University of Maryland, a M.S in Computer Science, with a concentration in Information Assurance, from the George Washington University, completed the Key Executive Leadership Program at American University, and is a Certified Information Systems Security Professional (CISSP). She has completed a Senior Executive Service Candidate Development Program (SES CDP) and is SES certified.
Lisa Barr has over 20 years’ experience in the public and private sector leading and directing projects in Cybersecurity, IT Strategic Planning and Risk Management. Lisa is the first Director for Federal Cybersecurity within the Office of National Cyber Director. She leads federal cybersecurity initiatives and efforts that focus on creating cohesion across the federal enterprise and reducing the burden on federal agencies. Within these 20 years, she spent 13 years with the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA). She has held numerous trusted leadership positions covering cybersecurity policy, supply chain cybersecurity, federal cybersecurity governance, and critical infrastructure resilience. Lisa served a one-year rotational assignment to the OMB Office of the Federal CIO as a Senior Advisor and program lead for the Federal Acquisition Security Council. Previous to her federal service, Lisa spent several years in the private sector focusing on IT and cyber strategic planning and program management.
Lisa holds a Master’s degree in National Security and Resource Strategy; has received an Executive Chief Information Security Officer certification through Carnegie Mellon; and is a Certified Information Security Manager.
Virtual Meeting Information
Event Questions and Policies
If you have any registration questions about this event, please contact the chapter using the Registration Contact Form.
If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.
Cancellation and Refund Policy
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.
If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.
Earn up to 2 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
After attending this event, attendees will learn about recent changes to the FISMA metrics and the opportunities and challenges agencies face in complying with FISMA.