Upcoming Chapter Events
Below are upcoming chapter conferences, seminars, review courses, and other events. Prior chapter events can also be viewed.
For information on our event policies, see https://isaca-gwdc.org/event-policies/.
IT Risk Fundamentals Review Course
February 22 @ 8:30 am - 5:00 pm EST
GWDC Members $350, Non-GWDC Members $600
Every organization experience risk. ISACA’s IT Risk Fundamentals Certificate is perfect for anyone wanting to learn about information and technology (I&T)-related risk. Our IT Risk Fundamentals course covers the fundamentals of risk management; from identifying and prioritizing risk to responding and communicating the risk to management.
This course covers the six critical functions of the IT Risk Fundamentals Certificate: Risk Intro and Overview, Risk Governance and Management, Risk Identification, Risk Assessment and Analysis, Risk Response, and Risk Monitoring.
This course is intended for anyone wanting to strengthen their understanding of the IT risk management life cycle as well as those students preparing for the IT Risk Fundamentals exam. No prior knowledge required! This course will teach you the fundamentals of IT Risk Management.
Registration closes on February 21 @ 3pm.
Re-Take Discount
Students who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details.
Course Overview
February 22 & March 1
The course will be held on February 22 and March 1, 2025 (Saturdays) from 8:30 am to 5:00 pm.
Add this event to your calendar using the Add to Calendar link at the bottom of the page.
Virtual Event
The course will be held using Zoom.
Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.
GWDC Member Fee – $350
The fee for GWDC Members is $350 for the course.
The fee for all other registrants is $600 for the course.
To become a member and take advantage of the member rate for our events, among other benefits, join ISACA and select the Greater Washington D.C. Chapter as your local chapter.
Earn up to 14 CPEs
Attendees can earn up to 14 CPEs for this event.
Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls.
Share this Event in Your Network
Agenda
The course will cover the following six critical IT Risks functions:
- Domain 1 – Risk Introduction and Overview (5%): We start by setting a strong foundation and understanding of risk. In this domain we will cover fundamental concepts of IT risk management. We will discuss how risks links to business functions, the importance of the three lines of defense and the role of IT controls.
- Domain 2 – Risk Governance and Management (15%): We will explain the structure of risk governance and management and how it’s used to set a direction for a business. We will discuss risk appetite, risk tolerance, and risk capacity and introduce the risk management cycle.
- Domain 3 – Risk Identification (20%): Risk identification is the process of spotting and documenting the risks a business faces. It is crucial because only identified risks can be assessed and responded to. In this domain we will talk about assets, threats, and vulnerabilities and how we can use them to identify risk.
- Domain 4 – Risk Assessment and Analysis (25%): After identifying risk, the next step is to understand its impact on the business. In this domain, we will discuss the different approaches to risk assessments, how to use risk registers to document risks, and the importance of risk aggregation.
- Domain 5 – Risk Response (15%): After risk has been identified and assessed, decisions need to be made about the appropriate risk response. In this domain we will discuss risk response strategies, control design and implementation and other response approaches.
- Domain 6 – Risk Monitoring, Reporting and Communication (20%): The monitoring and reporting of risk play an important role in the risk management process. Indicators for risk and performance should be considered carefully and chosen deliberately, based on their alignment with enterprise goals. Because of the changing nature of risk and associated controls, ongoing monitoring and reporting are essential steps in the risk management process.
The instructor will provide a copy of the presentation materials (PDF) to online attendees, along with additional materials prepared by instructor to support the course.
Instructor
Ramona Ratiu
Cybersecurity | Board Advisor | Adjunct Professor | Mentor | SheLeadsTech Ambassador
MS, CISM, GSTRT, GCCC
Ramona Ratiu is a seasoned cybersecurity professional with a focus on effective risk planning and cyber resilience strategies. Currently serving at Zurich Insurance Group, she spearheads transformative cybersecurity projects to build on the organizational resilience. With a background encompassing information security, governance, audit, risk management, and compliance, Ms. Ratiu has honed her expertise in developing and implementing technical and procedural solutions. These solutions facilitate stakeholders in achieving and sustaining compliance across various standards efficiently.
Equipped with a bachelor’s degree in finance and a Master of Science in Information Security and Compliance from DePaul University, Ms. Ratiu holds several prestigious certifications, including Certified Information Systems Manager (CISM), Certified Information Systems Auditor (CISA), GIAC GCCC and GSTRT.
Industry engagements: Teaching Certifications Review Courses (7+ years): As an APMG Accredited Trainer, Ramona Ratiu has instructed CISM and IT Risk Fundamentals courses for the ISACA Chicago Chapter.
Global Teaching Engagements (2022-2023): Ramona extended her expertise globally, teaching IT Risk courses to students in Sri Lanka, UK, Romania, and underrepresented students from Africa through the CyberGirls program.
She serves as an Adjunct Professor at DePaul University, lecturing students on IT Risk Management principles.
Mentorship and Leadership Roles: Ramona served as President of the ISACA Chicago chapter for 2 consecutive terms (4 years). She acts as a mentor for the Chicago GROW mentorship program and serves as a Professional mentor for the TechWomen program focused on Emerging Leaders.
Additionally, she founded the “SheLeadsTech with… Expertise” program, dedicated to increasing women’s representation in technology leadership roles. Ramona also serves as a Global SheLeadsTech Ambassador.
Advocacy and Awards: Ramona’s dedication to the ISACA Chicago Chapter led to significant achievements, including the 2020 J Wayne Snipes Best Chapter Award and the 2021 Innovative Chapter Award for the #CollectiveResilience program. She was honored with the 2022 Outstanding Chapter Leader award and the 2023 Inspirational Leadership Award for her inspiring work, education, mentorship, and guidance to advance current and future generations of technologists and advocating for women worldwide. In 2024, she led the SheLeadsTech Chicago program to win the Innovative Award for Education. She has received the 2024 Excellence in Leadership Award for Best Faculty Advisor, by DePaul University.
Recent Publications: Ramona continues to contribute to the industry’s knowledge base with articles and publications such as “Blueprint for Ransomware Preparations and Defense,” “Strengthening Collaboration for Cyber Resilience,” “Securing the Future: Enhancing Cybersecurity in 2024 and beyond,” and “Applying Zero Trust principles” – published by ISACA.
Ms. Ratiu’s extensive experience and qualifications position her as a key figure in the realm of cybersecurity, driving resilience and preparedness within organizations.
IT Risk Fundamentals Certificate Exam
The exam is be offered via Computer-Based Testing (CBT).
Registration and administration of the exam is handled by ISACA®, not the GWDC. Registering for this review course does not register you for the exam.
For full details on this certificate, visit the ISACA’s CET Cloud Fundamentals Certificate page.
Exam Preparation
For students who wish to take the IT Risk Fundamentals exam, it is highly recommended that the prospective candidates should purchase the official study guide.
Event Questions and Policies
Cancellation and Refunds
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details.
Complaints
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services.
All complaints should be submitted through the Registration Contact Form.
CPE Information
Earn up to 14 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org.
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
CPE-Related Details
- Learning Objective: After completing the course, students will be prepared to sit for the CET exam.
- Prerequisites and Advance Preparation: None
- Program Knowledge Level: Basic
- Delivery Method: Group Internet Based
- Field of Study: Information Technology – Technical