Upcoming Chapter Events
Below are upcoming chapter conferences, seminars, review courses, and other events. Prior chapter events can also be viewed.
For information on our event policies, see https://isaca-gwdc.org/event-policies/.
Annual FISMA and Risk Management Conference
April 23, 2026
Virtual Event (Zoom)
Earn up to 2 CPE
5 for GWDC Members
$15 for Non-Members
Annual FISMA and Risk Management Conference
To protect federal information and systems, the Federal Information Security Modernization Act of 2014 (FISMA) requires federal agencies to develop, document, and implement information security programs. The 2026 Annual FISMA Conference provides a useful update to IT Auditors and the Federal IT community on the current landscape and efforts to comply with FISMA. Come hear perspectives from senior federal executives who play key roles in FISMA compliance efforts. During this session, you will learn about recent changes to the FISMA metrics, and the opportunities and challenges agencies face in complying with FISMA.
Who should attend? IT advisory or IT audit professionals that serve or support the Public Sector.
Registration closes on April 22 @ 5PM.
Event Sponsor
We are proud to have Sikich. as the sponsor for this event.
Sikich has approximately 2,000 team members and operates across North America, EMEA and APAC. Our approach is strategically and thoughtfully designed to help our clients, teams and communities accelerate success. Sikich draws on a diverse portfolio of technology solutions to deliver transformative digital strategies. From corporations and not-for-profits to state and local governments and federal agencies, Sikich clients utilize a broad spectrum of services and products to help them improve performance and achieve long-term, strategic goals. Our professionals have performed extensive IT, cybersecurity, and privacy engagements across
Federal environments. As a full-service provider to Federal government agencies, our professionals have performed financial management advisory and assurance services, such as:
- Assisting the U.S. Defense Industrial Base (DIB) sector in enhancing its cybersecurity posture within the multi-tier supply chain to ensure compliance with Cybersecurity Maturity Model Certification (CMMC) requirements.
- Conducting CFO Act engagements on behalf of more than three dozen federal CFOs and Offices of Inspectors General (OIGs) in the Executive and Legislative Branches.
- Conducting FISMA audits, IT and cybersecurity performance audits, evaluations of access controls, configuration and change management, systems development life cycle including audits of Agile and Waterfall implementations, disaster recovery and contingency planning, and overall governance and security frameworks.
- Supporting agencies adhere to the processes outlined in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800 series and conducting Security Assessment and Authorization (SA&A) activities.
Event Details
Date and Time
The conference will be held on April 23, 2026 from 2:45 PM – 5:00 PM.
Add this event to your calendar using the Add to Calendar link at the bottom of the page.
Virtual Event
The conference will be held using Zoom.
Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.
Pricing
The fee for GWDC Members is $5 for the conference.
The fee for all other registrants is $15 for the conference.
To become a member and take advantage of the member rate for our events, among other benefits, join ISACA and select the Greater Washington D.C. Chapter as your local chapter.
Event Policies
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details.
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services.
All complaints should be submitted through the Registration Contact Form.
Conference Agenda
2:45 PM – 2:55 PM
Opening Remarks and Housekeeping
Logistics, CPEs, etc.
3:00 PM – 4:50 PM
Panel Discussion: 2026 Annual FISMA and Risk Management Framework
Moderator:
- Yehuda Schmidt, CISA, GRISC, CGEIT, CPA
Director @ Sikich
Panelists:
- Jennifer Franks
Director, Center for Enhanced Cybersecurity, Acting Director & Analytics Foundry @ US Government Accountability Office (GAO) - Victoria Yan Pillitteri, CISSP
Supervisory Computer Scientist and Security Engineering and Risk Management Group Manager @ National Institute of Standards and Technology (NIST) - Patrick Bevill, CISSP
Chief Information Security Officer @ Federal Retirement Thrift Investment Board (FRTIB)
Former Fellow @ the National Institute of Standards and Technology
4:50 PM – 5:00 PM
Closing Remarks
Share this Event
If you are interested, planning to attend, or attending this event, please share with your colleagues across your social media networks.
Presenters
At times presenters for a session may change due to schedule conflicts and other unexpected situations. If a previously presenter has been substituted, the changes will be noted.
Yehuda Schmidt
Director @ Sikich
CISA, CRISC, CGEIT, CPA
Yehuda Schmidt is a Director with Sikich with over 30 years’ experience in assisting federal government agencies with IT risk assessments, assessing systems and applications security posture in accordance with NIST standards, business process improvement, and program management. He has extensive experience in managing reviews of internal controls over financial reporting, operational controls, and risk management in compliance with Office of Management and Budget (OMB) Circular A-123. Yehuda is leading clients’ IT risk assessments in compliance with NIST SP 800-37, and IT assessment in compliance with NIST SP 800-53.
Yehuda holds an MBA in Finance and Entrepreneurship, and B.Sc. in Accounting and Economics from the Hebrew University of Jerusalem, Israel. He is a Certified Public Accountant (CPA), a Certified Information Systems Auditor (CISA), a Certified Risk and Information Systems (CRISC), and Certified Governance of Enterprise IT (CGEIT)
Jennifer Franks
Director, Center for Enhanced Cybersecurity and Acting Director, Analytics Foundry @ US Government Accountability Office
Jennifer Franks directs the Center for Enhanced Cybersecurity within GAO’s Information Technology and Cybersecurity team. She oversees reviews that primarily focus on emerging cybersecurity issues and assessing an agency’s ability to protect the confidentiality, integrity, and availability of its sensitive data and computing infrastructure. Her multi-disciplinary teams actively review agencies’ computer security vulnerabilities across their enterprise-wide computing environment by assessing program management compliance and technical controls recommended for the agencies to follow in accordance with federal guidance and leading practices. In addition, she leads reviews in the areas of IT management and operations, financial management, healthcare and public health IT, data protection, and privacy.
Further, Jennifer serves as the Acting Director of the Analytics Foundry; a dedicated cloud computing environment that manages GAO’s complex analytical functions.
Jennifer earned a master’s degree in information security policy and management from Carnegie Mellon University and earned a bachelor’s degree in computer information systems from Hampton University.
Victoria Yan Pillitteri
Supervisory Computer Scientist and Security Engineering and Risk Management Group Manager @ National Institute of Standards and Technology (NIST)
CISSP
Victoria Yan Pillitteri, CISSP, Supervisory Computer Scientist and Security Engineering and Risk Management Group Manager at the National Institute of Standards and Technology (NIST).
Victoria Yan Pillitteri is a supervisory computer scientist and manager of the Security Engineering and Risk Management Group at the National Institute of Standards and Technology (NIST). The group conducts the research and development of the suite of risk management, systems security engineering, and cybersecurity risk analytics and measurement guidance used for managing cybersecurity risk. She is the co-author of multiple NIST publications that are foundational for cybersecurity risk management, including the security and privacy controls, control assessment procedures, the Risk Management Framework, and the CUI security requirements and assessment procedures (Special Publications (SP) 800-53, SP 800-53A, SP 800-53B, 800-37, 800-171, and 800-171A).
Ms. Pillitteri holds a B.S. in Electrical Engineering from the University of Maryland, a M.S. in Computer Science, with a concentration in Information Assurance, from the George Washington University, completed the Key Executive Leadership Program at American University, and is a Certified Information Systems Security Professional (CISSP).
Patrick Bevill
Chief Information Security Officer @ Federal Retirement Thrift Investment Board (FRTIB)
CISSP
Patrick Bevill is the Chief Information Security Officer at the Federal Retirement Thrift Investment Board (FRTIB). His thirty-year cybersecurity and technology career includes public and private sector experience in a variety of leadership roles, including as a Federal CISO, cybersecurity engineer, and C-level and VP-level positions in everything from Fortune 500 companies to Silicon Valley startups. Patrick’s Federal career has been focused on driving cybersecurity maturity and enabling agile IT Security Operations, and on interagency advocacy for the cybersecurity needs of the smaller, non-CFO Act agencies.
He has a Master of Science degree in computer information systems from Boston University and a CISSP certification. He is also a recipient of a Fed100 award and a Presidential Rank Award, the highest of honors for Federal employees.
CPE Information
Earn up to 2 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
Poll Questions
Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls.
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
Learning Objective
After attending this event, attendees will learn about updates on the current FISMA landscape and efforts to comply with FISMA.
CPE-Related Details
- Prerequisites: None
- Advance Preparation: None
- Program Knowledge Level: Basic
- Delivery Method: Group Internet Based
- Field of Study: Information Technology – Technical