Upcoming Chapter Events

Below are upcoming chapter conferences, seminars, review courses, and other events.  Prior chapter events can also be viewed.

For information on our event policies, see https://isaca-gwdc.org/event-policies/.

Loading Events

« All Events

  • This event has passed.

Risk Management and Governance Conference 2024

May 23 @ 8:30 am - 12:30 pm EDT

GWDC Members $10, Non-GWDC Members $30

The ISACA Greater Washington DC (GWDC) is proud to host our annual Risk Management and Governance conference. This conference is part of our monthly conference series.

IT professionals, IT advisory or audit professionals, business executives, students or professionals interested in learning more about IT risk management and governance should attend this event.

Registration closes on May 22, 2024 @ 12pm. 

Register Today!

The agenda for this event is being developed.  Details for this event will be posted when available.



08:30 AM – 09:30 AM

Where Is AI Taking Us? Cyber influence Operations and Synthetic Media

Presenter: David Branscome (Microsoft)

Tools like ChatGPT, OpenAI and DALL-E have burst onto the scene with a usability and simplicity that makes the use of AI seem to be easy enough for a child to use.

But is that good or bad? The answer may depend on who you ask.

In this discussion, we’ll look at how nation-states are using AI tools to shape public opinion to achieve their political and strategic goals. We’ll look at the cyberinfluence campaigns surrounding COVID-19 and the ongoing war in Ukraine, as well as the use of AI to digitally manipulate media for political gain. We’ll also investigate the tools being developed to counter these trends and help ensure the information we consume can be trusted.

09:30 AM – 10:30 AM

AI Risk Assessment: Where to Start, What to Ask, and Things to do About the Risk

Presenter: Joe Veroneau (Conveyor)

As AI advancements revolutionize business decision-making, understanding how to evaluate and mitigate AI-associated risk is top of mind for all companies. In this session, participants will learn practical ways to scope and prioritize where to start when including AI risk in their wider risk assessment methodology. Participants will learn to evaluate if AI risk is present critically, assess the potential impact and navigate the potential risks of AI-powered companies and processes.

10:30 AM – 11:30 AM

Bleeding Edge of Cybersecurity Risk

Presenters: Ramona Ratiu (Zurich Insurance and DePaul University) and Alex Islamov (MorganFranklin Consulting)

The presentation on the bleeding edge of cybersecurity risks offers a comprehensive exploration of the ever-evolving landscape of digital threats and vulnerabilities. We will delve into the intricacies of emerging technologies like artificial intelligence, quantum computing, the Internet of Things (IoT), and Information and Communication Technologies (ICT), which are being harnessed by sophisticated threat actors to launch unprecedented cyberattacks. You will gain insights into the growing menace of ransomware, supply chain attacks, and state-sponsored cyber espionage, along with the escalating challenges these pose to organizations worldwide. By highlighting the need for proactive adaptation, robust threat intelligence, and innovative cybersecurity strategies, this presentation will equip you with the knowledge and tools to navigate the cutting-edge risks in today’s digital world effectively.

11:30 AM – 12:30 AM

Information Risk Management

Presenter: Jay Ranade (Risk Management Professionals)

Information is the life blood of the organization, because information risk is primarily to the business processes. Without information (data), there is no business. Protecting data from confidentiality, integrity, availability, and privacy perspective is of paramount importance. Even from the enterprise risk management perspective, all OTHER enterprise risks depend upon information. Information risk management revolves around identifying risks, measuring risk, treating risk, and monitoring risk. One of the most complex tasks in information risks is designing KRIs and KCIs, where most of the organizations make mistakes.



David Branscome
Global Partner Solutions Architect for Security, Compliance and Identity @ Microsoft

David is a Global Partner Solutions Architect for Security, Compliance and Identity at Microsoft. In this role, David is responsible for training and supporting Microsoft partners on the latest security compliance and identity solutions, including Microsoft 365, Azure and Windows.

Joe Veroneau
Director, Trust & Security @ Conveyor Inc.

Risk management professional with wide experience across GRC domains in an operational and advisory capacity. Currently specializing in cloud security compliance.


Ramona Ratiu
Global Head of Cyber Tabletop Exercises- Cybersecurity – Zurich Insurance
Adjunct Professor – IT Risk Management – DePaul University
Board Strategic Advisor/Past President – ISACA Chicago Chapter
SheLeadsTech Ambassador


Ramona Ratiu’s current role at Zurich Insurance Group focuses on effective risk planning strategies as the core for strengthening, improving, and maturing the cybersecurity program. She successfully leads transformational cybersecurity projects through her strong planning and organizational skills. Ms. Ratiu’s experience in information security, governance, audit, risk management, and compliance helped her develop and implement technical and procedural solutions, enabling stakeholders to achieve and sustain compliance efficiently across multiple standards.

Ms. Ratiu holds a bachelor’s degree in finance and earned the Master of Science in Information Security and Compliance from DePaul University. In addition, she holds these certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM), COBIT5 Foundations, ITIL Foundations Certificate and GIAC Strategic Planning, Policy and Leadership (GSTRT).

Alex Islamov
Director, Cybersecurity Strategy and GRC @ MorganFranklin Consulting

Alex Islamov is the Director of Cybersecurity Strategy and Risk, and a leader of the MorganFranklin Consulting Cyber Financial Services pillar with over 18 years of experience helping companies navigate complex compliance and regulatory environments while providing comprehensive operational, information technology, and information security risk management solutions. Alex offers extensive experience in software and technology, healthcare, manufacturing and distribution, and financial services industries with significant subject matter expertise in IT Audit, IT SOX, IT/IS Governance, Regulatory Compliance, Data Privacy and Protection, Information Security and Cybersecurity, Enterprise Risk Management, Third-Party Risk Management, and Finance & Accounting. In addition, Alex possesses deep knowledge and understanding of the regulatory standards and frameworks such as COSO, SOX, NIST (800-53 and CSF), HIPAA, CSA CCM, FISMA, FedRAMP, CIS CSC, PCI-DSS, HITRUST, ISO, and SOC 1/2/3. Prior to joining MorganFranklin Cyber, Alex spent over 15 years in management/leadership positions at leading accounting firms, financial institutions, and software companies.

Jay Ranade
Senior Trainer @ Risk Management Professionals

Jay Ranade, a certified CIA, CISA, CISM, CISSP, ISSAP, CGEIT, CRISC, HCISPP, CRMA, and CBCP is an internationally renowned expert on computers, IT Risk management, disaster recovery, IT Security, cyber security and IT controls. He has written and published more than 37 IT-related books on various subjects ranging from networks, security, mainframe/distributed operating systems, and computer programming languages. He also has an imprint with McGraw-Hill with more than 300 books called the “Jay Ranade Series” with more than 7 million copies in print. His books have been translated in German, Portuguese, Spanish, Japanese, Chinese, and Korean. The New York Times critically acclaimed his book called the “Best of Byte” with endorsements from Bill Gates and Steve Wozniak.

Jay has consulted and worked for Global and Fortune 500 companies in the US and abroad including AIG, Merrill Lynch, Dreyfus/Mellon Bank, Johnson and Johnson, Unisys, McGraw-Hill, Mobiltel Bulgaria, Central Bank of Armenia, and Credit Suisse. His classes and lectures have been attended by employees of almost every Fortune 500 company globally.

He teaches graduate-level classes on Information Security Management and Ethical Risk Management at New York University. Jay is also an adjunct professor at St John’s University and teaches graduate-level classes on Accounting Information Systems, IT Auditing, Internal Auditing, Security/Forensics, and Operational Risk Management. Jay is senior faculty member for Wharton Executive Education program for U of Penn.

Jay teaches ISACA credentialing courses (CISA, CISM, CRISC, CGEIT, CSX-F) and non-credentialing classes for ISACA NY Metropolitan chapter, London, Singapore, Armenia, Bangkok, Bermuda, Cayman Islands, US Navy, and US Army.

Jay was awarded President’s “Outstanding Educator Award” by ISACA NY Metropolitan Chapter in June 2013.


Virtual Meeting Information

  • This event will be presented through Zoom.
  • Prior to the event, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.
  • Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.
  • The ISACA Greater Washington, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.


Event Questions and Policies

Registration Questions

If you have any registration questions about this event, please contact the chapter using the Registration Contact Form.

If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.


Cancellation and Refund Policy

Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.

If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.


Complaint Policy

The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.


CPE Information

Earn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org


CPE Distribution and Evaluation Survey

CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.


Learning Objective

After attending this event, attendees will learn about recent topics in the IT risk management and governance space.


CPE-Related Details

  • Prerequisites: None
  • Advance Preparation: None
  • Program Knowledge Level: Basic
  • Delivery Method:  Group Internet Based
  • Field of Study:  Information Technology – Technical


May 23
8:30 am - 12:30 pm EDT
GWDC Members $10, Non-GWDC Members $30
Event Category:
Event Tags:
, ,


Virtual Event


Avneet Sabharwal