BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//ISACA Greater Washington, D.C. Chapter - ECPv6.16.4.1//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:ISACA Greater Washington, D.C. Chapter
X-ORIGINAL-URL:https://isaca-gwdc.org
X-WR-CALDESC:Events for ISACA Greater Washington, D.C. Chapter
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20210314T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20211107T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20220313T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20221106T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20230312T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20231105T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20240310T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20241103T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230422T090000
DTEND;TZID=America/New_York:20230422T170000
DTSTAMP:20230306T010329Z
CREATED:20221220T140840Z
LAST-MODIFIED:20230306T010329Z
UID:29746-1682154000-1682182800@isaca-gwdc.org
SUMMARY:CRISC Spring 2023 Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certified in Risk and Information Systems Controls™ (CRISC®).  This review course will provide practical advice on preparing for the CRISC exam and specific instruction regarding the job practice areas addressed by CRISC as defined by ISACA® Global. The dates of this course are three (3) consecutive Saturdays: April 22\, 29\, May 6\, 2023 from 9 am to 5 pm Eastern. \nPlease take a moment to hear from the instructor\, Jim Wiggins\, about the course and how it will help you prepare for the CRISC exam.  Jim has over 20 years of cybersecurity experience and is an ISACA accredited instructor. \n \nThis event is intended for anyone sitting for the CRISC Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on April 21 @ 5pm.  \nRegister Today! \n  \n\nEarly-Bird Discount \nThose who register by March 21\, 2023 save $50 off the price of the course.   \nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nAgenda \n\nDay 1 \n\n\nIntroduction \nGovernance (Domain 1) \n\n\nDay 2 \n\n\nIT Risk Assessment (Domain 2) \nRisk Response and Reporting (Domain 3) \n\n\nDay 3 \n\n\nInformation Technology and Security (Domain 4) \nPractice Tests \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CRISC exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CRISC Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CRISC Review Manual and the CRISC Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n	CRISC Review Manual\n	CRISC Review Questions\, Answers & Explanations Manual\n	CRISC Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CRISC page as part of their study program.  \n  \nInstructor \n\n \n\n\nJim Wiggins \nJim has over 25 years of direct experience in the design\, operations\, management\, and auditing of information technology systems\, with the past 20 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and state government contracting clients. \nToday\, Jim is the Founder and Principal at Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, C&A\, Security+\, and other courses requested by Securible’s clients. Today with Securible\, Jim provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Agency (CISA) inside of the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501c6 non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024. FITSI provides a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501c3 public charity that focuses on cyber education and is the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation runs the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at http://www.fitsifoundation.org. \nIn 2020\, Jim started a TV show around cybersecurity. This show is called “Cybersecurity Today” and can be viewed in the Washington\, DC area. Also\, episodes can be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW Named Jim to the “Federal 100” for his work to tirelessly promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make in the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nVirtual Meeting Information \n\n	This event will be presented online through Microsoft Teams.  \n	The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 21 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing the course\, students will be prepared to sit for the CRISC exam.\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/crisc/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2022/12/crisc_spring_2023-e1676941024183.png
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230414T093000
DTEND;TZID=America/New_York:20230414T170000
DTSTAMP:20230329T184017Z
CREATED:20221220T161345Z
LAST-MODIFIED:20230329T184017Z
UID:29776-1681464600-1681491600@isaca-gwdc.org
SUMMARY:Seminar - Introduction to Auditing with PowerShell Part 1:  Overview and Basic Commands
DESCRIPTION:This one-day virtual seminar is designed for students who want to learn different ways that PowerShell® can be used in performing audits. Students will learn the basics of PowerShell\, including commands to import\, view\, summarize\, and export data. Students will also be taught how PowerShell can be used to obtain data from Windows Event Logs\, Active Directory\, Azure Active Directory\, and other data sources. \nThis seminar is for any Auditor\, IT Auditor\, or Cybersecurity professional who want to incorporate PowerShell into their toolkits for accomplishing audits and projects. \nRegistration closes on April 13\, 2023 @ 12pm.  Capacity is limited to 30 registrants. \nCapacity for this event has been reached.  We are considering a second session for the seminar this spring.  If you’re interested\, click the registration button below   and add your name to the waitlist. \nRegister Today! \n  \n\nRelated Seminar \nIf this topic interests you\, the chapter is also offering an Introduction to Auditing with PowerShell Part 2: Objects and Scripting seminar. \n\n  \nAgenda \n\nMorning Topics \n\n\nOverview of PowerShell \nBasics of Using PowerShell Commands \nPowerShell Commands to Import\, Summarize\, View\, and Export CSV Data \n\n\nAfternoon Topics \n\n\nOverview of Using PowerShell to Import Data from XML and Text Files \nOverview of Using PowerShell to Import Data from Windows Event Logs \nOverview of Using PowerShell to Import Data Word and Excel Files \nOverview of Using PowerShell to Import Data from Active Directory \nOverview of Using PowerShell to Import Data from Azure Active Directory \nPractical Exercises \n\n  \nInstructor \n\n \n\n\nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 28 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 17+ years\, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development\, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n\n  \nVirtual Meeting Information \n\n	This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter completing this course\, students will have skills to use PowerShell to import\, summarize\, and output data. Students will also have an awareness of potential data sources that PowerShell can be used with. \n  \nCPE-Related Details \n\n	Prerequisites: Students should be familiar with using Windows and using CSV files.\n	Advance Preparation: The instructor will provide materials in advance of the course that should be saved to the student’s computer. Students can follow along with the instructor in executing PowerShell commands during the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/seminar-introduction-to-auditing-with-powershell-part-1-spring2023/
LOCATION:Virtual Event
CATEGORIES:Special Seminars
ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2022/12/ps_seminar-e1678063263304.png
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230413T144500
DTEND;TZID=America/New_York:20230413T170000
DTSTAMP:20230403T134555Z
CREATED:20230218T155631Z
LAST-MODIFIED:20230403T134555Z
UID:30042-1681397100-1681405200@isaca-gwdc.org
SUMMARY:2023 Annual FISMA and Risk Management Framework Panel Discussion
DESCRIPTION:The 2023 Annual FISMA Conference provides a useful update to IT Auditors on the current landscape of efforts to comply with the Federal Information Security Modernization Act of 2014 (FISMA). Come hear perspectives from senior federal executives from the Office of the National Cyber Director\, National Institute of Standards and Technology\, and the United States Department of Justice who play key roles in FISMA compliance efforts. During this session\, we will learn about recent changes to the FISMA metrics\, and the opportunities and challenges agencies face in complying with FISMA. \nIT advisory or audit professionals that serve or support the Public Sector should attend this event. \nRegistration closes on April 12\, 2023 @ 12pm.   This is a free virtual event for GWDC Members. \nRegister Today! \n  \nEvent Sponsor \nThe ISACA Greater Washington D.C. Chapter is proud to have Cotton\, A Sikich Company as the sponsor for this annual event.  \n \nFounded in 1981\, Cotton is a certified public accounting firm headquartered in historic Old Town Alexandria\, Virginia. Cotton has focused our practice on providing services predominantly for governmental agencies and programs\, and we have continued to expand both our client base and our range of services. Today\, Cotton provides a full range of audit\, accounting\, IT\, and management consulting services. In 2022\, Cotton was acquired by Sikich LLP\, a global company specializing in technology-enabled professional services. With more than 1\,500 employees\, Sikich draws on a diverse portfolio of technology solutions to deliver transformative digital strategies and ranks as one of the largest CPA firms in the United States. From corporations and not-for-profits to state and local governments and federal agencies\, Sikich clients utilize a broad spectrum of services and products to help them improve performance and achieve long-term\, strategic goals. \n  \nAgenda \n\n2:45 PM – 2:55 PM \n\n\nOpening Remarks \n\n\n3:00 PM – 4:50 PM \n\n\nPanel Discussion: 2023 Annual FISMA and Risk Management Framework \nModerator: \n\n	Yehuda Schmidt\nCPA\, CISA\, CRISC\, CGEIT\nSr. Manager\, Cotton\, A Sikich Company\n\nPanelists: \n\n	Melinda Rogers\nDeputy Assistant Attorney General Chief Information Officer\, United States Department of Justice\n	Victoria Yan Pillitteri\nCISSP\nFederal Information Security Modernization Act (FISMA) Implementation Project Lead\n	Lisa N. Barr\nDirector of Federal Cybersecurity\, Office of the National Cyber Director\n\n\n\n4:55 PM – 5:00 PM \n\n\nClosing Remarks \n\n  \nModerator \n\n \n\n\nYehuda Schmidt\nSr. Manager\, Cotton\, A Sikich Company \nCPA\, CISA\, CRISC\, CGEIT \nYehuda Schmidt joined Cotton\, A Sikich Company in January 2015. Yehuda has 30 years’ experience in assisting federal government agencies with finance\, accounting\, business process improvement\, information technology (IT) internal controls\, and program management. He has extensive experience in managing reviews of internal controls over financial reporting\, operational controls\, and risk management in compliance with Office of Management and Budget (OMB) Circular A-123. Yehuda is leading client’s IT risk assessments in compliance with NIST SP 800-37\, and IT assessment in compliance with NIST SP 800-53. \nYehuda holds an MBA in Finance and Entrepreneurship\, and B.Sc. in Accounting and Economics from the Hebrew University of Jerusalem\, Israel. He is a Certified Public Accountant (CPA)\, a Certified Information Systems Auditor (CISA)\, a Certified Risk and Information Systems (CRISC)\, and Certified Governance of Enterprise IT (CGEIT). \n\n  \nPanelists \n\n \n\n\nMelinda Rogers\nDeputy Assistant Attorney General Chief Information Officer\, United States Department of Justice \nMelinda Rogers was designated as Deputy Assistant Attorney General for Information Resource Management in September 2020. Prior to her designation\, she served as Deputy Chief Information Officer (CIO)\, and earlier she was the Department’s Chief Information Security Officer (CISO). In her role as CIO\, Ms. Rogers is responsible for overseeing the Department’s $3.4 billion Information Technology (IT) investment portfolio\, providing strategic direction to DOJ Components\, and directly supporting mission operations through IT service delivery. Additionally\, within Ms. Rogers’ purview is the Department’s Cybersecurity Program\, which proactively monitors and mitigates risks associated with the management\, security\, and acquisition of DOJ technology assets. Ms. Rogers also has extensive experience in the banking and financial services sector in private industry\, where she was most recently Equifax’s Assistant Vice President for Fraud Prevention and Identity Verification Solutions. \nMs. Rogers received her MBA from Emory University in Atlanta and is an alumna of George Mason University. \n\n\n \n\n\nVictoria Yan Pillitteri\nFederal Information Security Modernization Act (FISMA) Implementation Project Lead\, National Institute of Standards and Technology\nCISSP \nVictoria Yan Pillitteri is a supervisory computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST). Ms. Pillitteri is the Acting Manager of the Security Engineering and Risk Management Group and also leads the Federal Information Security Modernization Act (FISMA) Implementation Project\, supervising a team of technical and administrative staff that are responsible for conducting the research and development of the suite of risk management guidance used for managing cybersecurity risk in the federal government\, and associated stakeholder outreach and public-private coordination/collaboration efforts. She serves as the lead of the Joint Task Force working group\, a partnership with Department of Defense\, the Intelligence Community and Civilian Agencies to develop a unified security framework to protect USG from cyberattacks and is co-chair of the Federal Cybersecurity and Privacy Professionals Forum hosted NIST. \nShe previously worked on development of the Cybersecurity Framework and Privacy Framework\, led the NIST Smart Grid and Cyber Physical Systems Cybersecurity Research Programs\, served on the board of directors of the Smart Grid Interoperability Panel\, and completed a detail in the office of the NIST Director as an IT policy advisor. She has co-authored a number of NIST Special Publications (SPs) and Interagency Reports (IRs) on information security\, including SP 800-12\, 800-37\, 800-53\, 800-82\, 800-171\, 800-171A\, 800-171B\, 800-137A\, 1108 and IR 7628. \nVictoria holds a B.S. in Electrical Engineering from the University of Maryland\, a M.S in Computer Science\, with a concentration in Information Assurance\, from the George Washington University\, completed the Key Executive Leadership Program at American University\, and is a Certified Information Systems Security Professional (CISSP). She has completed a Senior Executive Service Candidate Development Program (SES CDP) and is SES certified. \n\n\n \n\n\nLisa N. Barr\nDirector of Federal Cybersecurity\, Office of the National Cyber Director \nLisa Barr has over 20 years’ experience in the public and private sector leading and directing projects in Cybersecurity\, IT Strategic Planning and Risk Management. Lisa is the first Director for Federal Cybersecurity within the Office of National Cyber Director. She leads federal cybersecurity initiatives and efforts that focus on creating cohesion across the federal enterprise and reducing the burden on federal agencies. Within these 20 years\, she spent 13 years with the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA). She has held numerous trusted leadership positions covering cybersecurity policy\, supply chain cybersecurity\, federal cybersecurity governance\, and critical infrastructure resilience. Lisa served a one-year rotational assignment to the OMB Office of the Federal CIO as a Senior Advisor and program lead for the Federal Acquisition Security Council. Previous to her federal service\, Lisa spent several years in the private sector focusing on IT and cyber strategic planning and program management. \nLisa holds a Master’s degree in National Security and Resource Strategy; has received an Executive Chief Information Security Officer certification through Carnegie Mellon; and is a Certified Information Security Manager. \n\n  \nVirtual Meeting Information \n\n	This event will be presented through Zoom.\n	Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 2 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter attending this event\, attendees will learn about recent changes to the FISMA metrics and the opportunities and challenges agencies face in complying with FISMA. \n  \nCPE-Related Details \n\n	Prerequisites: None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2023-fisma-panel/
LOCATION:Virtual Event
CATEGORIES:Panels
ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/02/fisma_panel_2023-e1676941581180.png
ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230329T170000
DTEND;TZID=America/New_York:20230329T190000
DTSTAMP:20230306T010721Z
CREATED:20230221T002234Z
LAST-MODIFIED:20230306T010721Z
UID:30352-1680109200-1680116400@isaca-gwdc.org
SUMMARY:Networking Event following the 2023 Women in Technology and Leadership Conference
DESCRIPTION:The ISACA GWDC is hosting a networking event following the Women in Technology and Leadership Conference 2023.  The networking event will be from 5:00 to 7:00 PM at the Hilton McLean Tysons Corner.  Members do not have to attend the conference to attend this networking event.  This is a free event and an RSVP is required to attend. \nRegistration closes on March 28\, 2023 @ 5 pm.  \nRSVP Today! \n  \n\nEvent Sponsorship \nIf your organization is interested in being a sponsor for this event\, please contact Bonita Patillo\, Special Events Director\, for details on sponsorship opportunities.  (Go to the Contact Us page select “Special Events” under “I have a question about”) \n\n  \nVenue Information \nHilton McLean Tysons Corner\n7920 Jones Branch Drive\nMcLean\, Virginia 22102\n \nHotel Website | Phone Number: (703) 847-5000 \nParking Information\nThe hotel offers complimentary parking (Ballroom Entrance / South Parking location). \nNearest Metro\nThe hotel offers free shuttle pick up service from Tysons Corner Metro Station.   To arrange a pickup\, call the hotel at 703-847-5000. \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \n 
URL:https://isaca-gwdc.org/event/2023-womenintech-networking/
LOCATION:Hilton McLean Tysons Corner\, 7920 Jones Branch Drive\, McLean\, VA\, 22102\, United States
CATEGORIES:Social Events
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230329T100000
DTEND;TZID=America/New_York:20230329T170000
DTSTAMP:20230329T103407Z
CREATED:20230221T002151Z
LAST-MODIFIED:20230329T103407Z
UID:30350-1680084000-1680109200@isaca-gwdc.org
SUMMARY:Women in Technology and Leadership Conference 2023
DESCRIPTION:The ISACA GWDC Chapter is proud to host our 2023 Women in Technology and Leadership Conference. This conference is our premier annual event centered around the experience of women in technology and leadership positions. Our technology enrichment topics will focus on awareness and strategies around Cybersecurity\, Data Privacy\, and Technology Leadership.  Specific leadership focus areas include how to pursue IT and Cybersecurity roles in the organization\, discuss if the glass ceiling is too low\, and how women and advocates may support women’s career paths in technology. Our speakers are top leaders and experts in the technology field\, ready to share their experiences\, insights\, and tips for succeeding in a rapidly evolving industry. Attendees will have the opportunity to learn about the latest trends and challenges\, connect with like-minded professionals\, and engage in thought-provoking discussions. \nThis is an in-person event that will be held at the Hilton McLean Tysons Corner. IT executives\, management and operations staff\, risk management leaders and professionals\, IT auditors\, cybersecurity professionals\, students or anyone interested in learning more about this topic should attend this event. \nThere will be a free networking session after this event.   A separate RSVP is required to attend the networking session.  \nRegistration closes on March 28\, 2023 @ 5 pm.  \nRegister Today! \n  \n\nEvent Sponsorship \nIf your organization is interested in being a sponsor for this event\, please contact Bonita Patillo\, Special Events Director\, for details on sponsorship opportunities.  (Go to the Contact Us page select “Special Events” under “I have a question about”) \n\n  \nAgenda \n\n10:00 AM – 11:00 AM \n\n\nNever Trust\, Always Verify: The Zero Trust Approach to Cybersecurity \nPresenter: Sushila Nair (Capgemini) \nZero Trust is a cybersecurity model that assumes that all resources and services\, both internal and external\, are not inherently trustworthy\, and therefore require strict access control and continuous verification. It’s a departure from traditional perimeter-based security models\, which assume that everything inside the network is safe by default. \nThis presentation will cover the key principles of Zero Trust\, including the principle of never trusting\, always verifying\, the importance of strong identity and access management\, and the need for continuous monitoring and analysis of all network activity. We will also discuss the various components of a Zero Trust architecture and how it differs from traditional security models. \nAdditionally\, the presentation will provide an overview of the steps required to implement a Zero Trust architecture\, the benefits of Zero Trust\, and how Zero Trust can help organizations meet regulatory and compliance requirements. We will also discuss how auditors can assess the effectiveness of a Zero Trust architecture. \nBy the end of this presentation\, attendees will understand the importance of implementing a Zero Trust architecture and how it can help improve their organization’s cybersecurity posture. They will have a solid understanding of the key principles\, architecture\, and benefits of Zero Trust\, as well as how to implement it and how to assess its effectiveness. Overall\, the goal is to provide attendees with the knowledge and tools they need to take the first steps toward a Zero Trust architecture. \n\n\n11:00 AM – 12:00 PM \n\n\nTaking an Identity-centric Approach to Zero Trust \nPresenter: Christine Owen (Guidehouse) \n“Identity is the new perimeter” is being repeated over and over again\, because it’s true! A viable Zero Trust Architectures requires a mature\, enterprise-wide IAM program so an organization can understand who is accessing its resources. Christine will discuss the different IAM tools necessary\, and how they interact together to create the foundation of Zero Trust. \n\n\n12:00 PM – 01:00 PM \n\n\nLunch \n\n\n01:00 PM – 02:00 PM \n\n\nData Governance \nPresenter: Cortney Worthy (Zoom) and La-Nay Grant (Cisco) \nDuring this session\, Cortney will cover the following topics: \n\n	Understanding the difference between Data Governance\, Data Privacy and Data Security and why it matters to your organization.\n	Why a Data Governance Framework is Foundational to an Organization’s Data Security Strategy? And what Role does Identify Management play In Data Governance?\n\n\n\n\n02:00 PM – 03:00 PM \n\n\nResilience in an Era of Disruption \nPresenter: Terry Grafenstine (Citi) \nWe are living in a world where pandemics\, social unrest\, cyber-attacks\, and geo-political tensions are becoming the norm. To survive in this era of disruption\, organizations must shift from a traditional Business Continuity/Disaster Recovery (BCDR) model to Enterprise Resilience. In this session\, attendees will learn about: \n\n	Impacts of Disruption\n	Regulatory Focus on Resilience\n	The differences between BCDR and Enterprise Resilience\n	Key considerations in an Enterprise Resilience Model\n\n\n\n03:00 PM – 04:00 PM \n\n\nCrack the Cybersecurity Career Code – CISO’s guide to different career paths in cybersecurity \nPresenter: Ruchi Shewaramani (WA Health Benefit Exchange) \nDo you aspire to join cybersecurity? Already in cybersecurity and aiming to be a CISO? Did you know you do “not” have to be highly technical to excel in cybersecurity? \nIn this session\, Ruchi Shewaramani will present the various career paths to enter and excel in the highly sought after domain of cybersecurity. She will break some popular myths about cybersecurity. You will hear in depth on the various career opportunities across the fields of Application Security\, Identity & Access Management\, Cloud Security and Governance\, Risk and Compliance. \n\n\n04:00 PM – 05:00 PM \n\n\nPanel Discussion \nPanelists: Cortney Worthy (Zoom)\, Sarah Abedin (BreaktheTide)\, K. Casey Watkins (FTI Consulting\, Inc.)\, and Whitney Singletary \nDuring this session\, panelists will discuss the following questions: \n\n	Is the glass ceiling still too short?\n	How to better support and mentor women in technology.\n\n\n\n05:00 PM – 07:00 PM \n\n\nNetworking Social \nImmediately following this event\, the GWDC will host a networking event. A separate RSVP is required for the networking event. \n\n  \nPresenters \n\n \n\n\nSushila Nair\n Vice President – North American Cybersecurity Practice at Capgemini\nCISSP\, GIAC GSTRT\, CISA\, CISM\, CRISC\, CDPSE\, CCSK\, CCAK \nSushila Nair is Capgemini’s Vice President\, North American Cybersecurity practice. Capgemini is a global leader in providing secure digital transformation for our clients. Sushila has most recently served as the Vice President for cybersecurity offers at NTT Data Services and has held the role of a CISO for 10 years. Sushila has over 30 years of experience in computing infrastructure\, business and security risk analysis\, preventing credit card fraud\, and served as a legal expert witness. Sushila has been featured in global technical events including RSA\, Segurinfo and ISACA’s global conferences\, co-authored books and is regularly quoted in the press. She plays an active role in supporting best practices and skills development within the cybersecurity community through her work with ISACA and CSA. \nSushila is part of the ISACA global emerging trends working group and vice president of ISACA Greater Washington\, D.C. Chapter. Sushila Nair was named by IT Security Guru as one of the Most Inspiring Women in Cyber 2022! \n  \n\n\n \n\n\nChristine Owen\nDirector at Guidehouse \nChristine C. Owen is a recovering attorney who found solace as the Zero Trust Lead at Guidehouse. She is interested in securing people\, things\, applications\, devices\, and the cloud taking an identity-centric approach. Christine oversees and manages client engagements to provide enterprise IAM and Zero Trust solutions. \nChristine learned IAM principles while consulting for an IAM program that encompassed the entire Federal government. She then moved into a sandbox\, teaching First Responders how to secure their systems; her work resulted in the ICAM Educational Series\, published on the DHS S&T website. In her downtime\, Christine enjoys bourbon\, her grumpy Westie\, and chatting about IAM with anyone who will listen. \n \n\n\n \n\n\nCortney Worthy\nLeader of Data Governance & Compliance at Zoom Video Communications \nCortney Worthy is a passionate Data Governance & Management executive with 14+ years experience. A Mississippi native\, Cortney relocated to the DC Metro area after obtaining a degree in Finance from the University of Memphis and started a career in government consulting. She has successfully led the stand up of several Chief Data Offices across multiple government agencies to include the Department of Defense\, Department of State\, and United States Citizenship and Immigration Services. Cortney currently serves as the Leader of Data Governance & Compliance at Zoom Video Communications where she leads the maturation of data governance capabilities. Cortney’s self-proclaimed super power is her ability to “build relationships of influence to lead organizations to data driven insights with governance as a foundation”. When she’s not working tirelessly to ensure your data is safe and secure\, she serves as a Girl Scout Leader mentoring the next female generation of developers\, engineers\, data scientists\, and leaders. You can also find her making her way up the charts on the Peloton leader board! \n \n\n\n \n\n\nRuchi Shewaramani\nChief Information Security Officer at WA Health Benefit Exchange \nRuchi Shewaramani is a cyber security executive with 15+ years of experience in Information Technology Security\, Identity and Access Management (IAM)\, Governance\, Risk and Compliance (GRC) across Healthcare\, Education and Financial institutions. She holds a Masters in Software Engineering from Seattle U. In the last decade\, she has managed the security program for various Health and Human Services Agencies in the District of Columbia (DC) and Washington state and successfully cleared numerous federal audits. She specializes in leading HealthCare agencies to secure their data\, be compliant with state/federal partners and provide digital trust to the citizens they serve. She is currently serving as the Chief Information Security Officer for WA Health Benefit Exchange and as a Board member for ISACA Greater Washington DC Chapter. \n  \n\n\n \n\n\nTerry Grafenstine\nChief Auditor\, Technology and Business Services at Citi\nCPA\, CISSP\, CISA\, CIA\, CRISC\, CGEIT\, CGAP \nTerry Grafenstine was appointed as the Chief Auditor for Technology and Business Services in November 2020. She is responsible for leading the Internal Audit teams covering technology infrastructure\, cyber\, resilience\, platforms and applications within businesses and functions\, and global business services. Terry joined Citi in April 2019 as the Chief Auditor of Cyber\, Third Party Risk Management\, and Business Continuity. \nTerry has over 25 years of experience in the internal auditing and information technology profession. Before joining Citi\, Terry was a Managing Director in Deloitte’s Risk and Financial Advisory practice where she provided strategic advisory services to Chief Audit Executives across all commercial industries and IT audit\, risk\, and governance advisory services to first line executives in the defense and national security space. Prior to joining Deloitte\, Terry served for eight years as the appointed Inspector General of the U.S. House of Representatives\, where she designed\, managed\, and delivered audit and investigative services\, including the annual financial statement audit and a comprehensive cyber assurance program. \nTerry has held numerous leadership roles to support the auditing\, accounting\, and information technology profession\, including as ISACA’s Global Chair (2017-2018) and as a member of the AICPA board of directors. She currently serves on both the IIA’s North American and Global Boards of Directors. Terry speaks globally on a wide range of subjects\, including cyber security\, internal auditing\, accounting standards\, resilience\, leadership\, and risk. In 2019\, the Institute of Internal Auditors (IIA) recognized Terry as one of the “Top Ten Audit Thought Leaders of the Decade” and inducted Terry into their Hall of Distinguished Audit Practitioners\, the highest honor given by the IIA’s North American board for the accomplishments and contributions made by individuals to advance the internal audit profession. She has received numerous awards and accolades\, including FedScoop’s “Golden Gov Federal Executive of the Year\,” the Greater Washington DC Society of CPAs “Government CPA Leader of the Year”\, the NY Metropolitan ISACA Chapter’s “Joseph J Wasserman Cyber and Governance Leader of the Year\,” and ISACAs “Common Body of Knowledge” and “Best International Conference Speaker of the Year” awards. \nTerry holds a bachelor’s degree in Accounting from Saint Joseph’s University and is a Certified Public Accountant (CPA)\, Certified Information Systems Security Professional (CISSP)\, Certified Information Systems Auditor (CISA)\, Certified Internal Auditor (CIA)\, Certified In Risk and Information Systems Control (CRISC)\, Certified in the Governance of Enterprise IT (CGEIT)\, and Certified Government Auditing Professional (CGAP). Terry has been with Citi IA for 4 years\, has 29 years of auditor experience and 2 years of non-auditor experience. \n \n\n\n \n\n\nSarah Abedin\nFounder and CEO of BreaktheTide\nCISA\, CGEIT\, CRISC\, CDPSE \nSarah Ahmad Abedin is the Founder and CEO of BreaktheTide\, a 501c(3) nonprofit organization in the United States. BreaktheTide (www.breakthetide.org) provides a fundraising platform for nonprofit organizations to help raise funds for empowering women\, children and underprivileged communities. She is a Board member of Sambhali U.S.\, a nonprofit organization in the United States. Sambhali U.S. is a volunteer organization for Girls and Women Empowerment in Jodhpur\, India. Sarah is also a Board member of Gultaz Memorial School and College in Doulatpur\, Chattogram\, Bangladesh. \nSarah is an Information Technology and Cybersecurity expert by profession with extensive management and leadership experience on a broad range of complex\, fast-paced environments in public and private sectors. She started her career as an IT Auditor for the State of Michigan Office of the Auditor General and over the next 30 years she has worked in various capacities for global companies like KPMG\, Financial Industry Regulatory Authority (FINRA)\, NASDAQ Stock Market\, IBM and others. Sarah specialized in IT Security\, Cybersecurity\, Enterprise Governance\, Risk\, Compliance and Privacy in addition to her audit experience (internal and external). Her expertise is in the US Federal Law (NIST\, FISMA\, FedRAMP\, US Data Privacy law\, SOX\, HIPAA)\, COBIT with an emphasis on Strategy\, Governance\, Risk\, Compliance\, Security and Privacy. \nSarah has always been passionate to work in the developmental areas for empowering girls and women.  She has been a mentor and a founding Advisory Council Member of ISACA’s SheLeadsTech (2017-1018). She was also the first Bangladeshi American President (2013-2016) of the Greater Washington DC (GWDC) Chapter of ISACA\, the largest chapter in the world. She was a Member of Privacy Advisory Group of ISACA (2020-2021) and Governance Committee of ISACA (2019-2020). She was an Expert Reviewer of COBIT 2019 Framework (Introduction & Methodology; Governance & Management Objectives). She started the annual Women in Leadership & Technology conference for GWDC in 2016 and hosed this event every year since 2016 to present. \nSarah was an Adjunct professor at the University of Maryland Global Campus (Fall 2012) and an Advisory Board Member of University of Maryland Global Campus\, Graduate School of Management and Technology (Financial Management & Accounting). \nSarah obtained her BBA in Accounting Information Systems from Eastern Michigan University and MBA in Electronic Business from Carey Business School of Johns Hopkins University. \n \n\n\n \n\n\nLa-Nay Grant\nData Governance Leader\, CISCO \nLa-Nay is a leader within Data Governance and has 15+ years of experience. She began her career as a Congressional Intern then led advanced Data Analytics efforts as a Federal Government employee. She is an Ex-Big Senior Manager that now works for Cisco. In her current role she creates policy and initiatives that ensures her organization is compliant with local and international rules and regulations. As well as moving data operations forward by creating robust and innovative solutions that increase business value. She is a big believer in understanding how users see\, process\, and execute on data from various angles to best effect change. \nLa-Nay is a lifelong East of the River Washingtonian. She is a proud HBCU graduate and an active alumni member. She has created and launched mentoring programs focusing on HBCU students and STEM based extracurricular programs for middle school students. She holds a BS in Information Science and Systems from Morgan State University and a MA in Forensic Psychology from Marymount University. \n \n\n\n \n\n\nK. Casey Watkins\nHead of Global Cybersecurity & Privacy\, FTI Consulting\, Inc. \nFor more than 15 years Casey Watkins has served as FTI Consulting’s Head of the Global Cybersecurity & Privacy (GCP) Division based in the Mclean\, VA office. \nMr. Watkins is an information security\, privacy and risk management professional\, executive\, researcher and cybersecurity change agent with many years of information technology and business leadership experience. He is responsible for maintaining FTI’s security and privacy standards and keeping the firm’s security and privacy program up to date. He has over 30 years professional experience in Information Technology and Management with experiences in IT Management\, Project/Program Management\, Network Engineering\, Systems development design\, analysis and implementation; Information Security and IT Audit for complex multi-national organizations and the Department of Defense having spent a combined total of 24 years active and reserve as an Officer in the United States Army. \n \n\n  \nVenue Information \nHilton McLean Tysons Corner\n7920 Jones Branch Drive\nMcLean\, Virginia 22102\n \nHotel Website | Phone Number: (703) 847-5000 \nParking Information\nThe hotel offers complimentary parking (Ballroom Entrance / South Parking location). \nNearest Metro\nThe hotel offers free shuttle pick up service from Tysons Corner Metro Station.   To arrange a pickup\, call the hotel at 703-847-5000. \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 6 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After this event\, attendees will have a better understanding of Women in Technology and Leadership current trends and practices.\n	Prerequisites: None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method: Live\, in-person\n	Field of Study: Information Technology – Technical
URL:https://isaca-gwdc.org/event/women-in-tech-conference-2023/
LOCATION:Hilton McLean Tysons Corner\, 7920 Jones Branch Drive\, McLean\, VA\, 22102\, United States
CATEGORIES:Conferences
ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2023/02/women_in_technology_and_leadership_conference_2023-e1677425207400.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230325T083000
DTEND;TZID=America/New_York:20230325T170000
DTSTAMP:20230306T010503Z
CREATED:20221220T141216Z
LAST-MODIFIED:20230306T010503Z
UID:29734-1679733000-1679763600@isaca-gwdc.org
SUMMARY:CISA Spring 2023 Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 4-day virtual review course for the Certified Information System Auditor® (CISA®) exam.  This review course will provide practical advice on preparing for the CISA exam and specific instruction regarding the job practice areas addressed by CISA as defined by ISACA® Global. The dates of this course are four (4) consecutive Saturdays: March 25; April 1\, 8\, and 15\, 2023 from 8:30 am to 5 pm Eastern. \nPlease take a moment to hear from one of the instructors\, Jim Wiggins\, about the course and how it will help you prepare for the CISA exam.  The instructors Jim Wiggins and Tyler Harding combined have over 40 years of audit\, IT\, and cybersecurity experience and are ISACA accredited instructors. \n \nThis event is intended for anyone sitting for the CISA Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on March 24\, 2023 @ 5pm.  \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nAgenda \n\nDay 1 \n\n\nModule 1 – The Process of Auditing Information Systems \nModule 2 – Governance and Management of IT \n\n\nDay 2 \n\n\nModule 3 – Information Systems Acquisition\, Development\, and Implementation \n\n\nDay 3 \n\n\nModule 4 – Information Systems Operations\, Maintenance\, and Support \n\n\nDay 4 \n\n\nModule 5 – Protection of Information Assets \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISA exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISA Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISA Review Manual and the CISA Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n	CISA Review Manual\n	CISA Review Questions\, Answers & Explanations Manual\n	CISA Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISA page as part of their study program.  \n  \nInstructors \n\n \n\n\nJim Wiggins \nJim has over 25 years of direct experience in the design\, operations\, management\, and auditing of information technology systems\, with the past 20 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and state government contracting clients. \nToday\, Jim is the Founder and Principal at Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, C&A\, Security+\, and other courses requested by Securible’s clients. Today with Securible\, Jim provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Agency (CISA) inside of the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501c6 non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024. FITSI provides a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501c3 public charity that focuses on cyber education and is the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation runs the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at http://www.fitsifoundation.org. \nIn 2020\, Jim started a TV show around cybersecurity. This show is called “Cybersecurity Today” and can be viewed in the Washington\, DC area. Also\, episodes can be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW Named Jim to the “Federal 100” for his work to tirelessly promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make in the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n\n \n\n\nTyler Harding \nSenior Manager\, Amazon Supply Chain \nCPA\, CISA\, CISM\, CISSP\, CAP\, GGEIT\, FITSP:A\, FITSP:M \nTyler Harding is a Senior Manager and leads a commercial and DoD compliance program at Amazon Supply Chain (supplychain.amazon.com). The Compliance team’s goal is to earn customer’s trust and maintain compliance with multiple information security certifications such as ISO 27001\, AICPA SOC 2\, HiTRUST\, and NIST SP 800-171. Prior to his role at Amazon Supply Chain\, Tyler was the DoD Security and Compliance Manager for AWS and led efforts to accredit AWS cloud services to Impact Levels 4 and 5 under DoD’s Cloud Computing Security Requirements Guide (CC SRG). \nBefore joining Amazon in 2019\, Tyler spent over 20+ years in public accounting firms such as PWC\, KPMG\, and Kearney & Company in their respective IT audit practices and led engagement teams through many SOC 1\, FISMA\, and financial statement audits. \nAs a recovering IT auditor\, Tyler now enjoys his Summers and Falls swimming\, cycling\, and playing an occasional round of golf! Tyler has also supported the ISACA Greater Washington D.C. Chapter for over 20 years by teaching CISA\, CISM\, and CGEIT review courses. \n\n  \nVirtual Meeting Information \n\n	This event will be presented online through Microsoft Teams.  \n	The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 32 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing the course\, students will be prepared to sit for the CISA exam.\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/cisa-spring-2023-review-course/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2022/12/cisa_spring_2023-e1676940839164.png
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230318T083000
DTEND;TZID=America/New_York:20230318T163000
DTSTAMP:20230306T010538Z
CREATED:20221220T141438Z
LAST-MODIFIED:20230306T010538Z
UID:29741-1679128200-1679157000@isaca-gwdc.org
SUMMARY:CISM Spring 2023 Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certified Information Security Manager® (CISM) Exam. The CISM® review course will provide practical advice on preparing for the CISM exam and specific instruction regarding the job practice areas addressed by CISM as defined by ISACA® Global. The dates of this course are three (3) consecutive Saturdays from March 18\, 25\, April 1\, 2023 from 8:30 am to 4:30pm Eastern. \nPlease take a moment to hear from the instructor\, Jim Wiggins\, about the course and how it will help you prepare for the CISM exam.  Jim has over 20 years of cybersecurity experience and is an ISACA accredited instructor. \n \nThis event is intended for anyone sitting for the CISM Exam. Students are expected to have prepared for the exam prior to attending the course. \nRegistration closes on March 17 @ 5pm. \nRegister Today! \n  \n\nRe-Take Discount \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \n\n  \nAgenda \n\nDay 1 \n\n\nModule 1 – Information Security Governance \nModule 2 – Information Security Risk Management \n\n\nDay 2 \n\n\nModule 3 – Information Security Program \nModule 4 – Incident Management \n\n\nDay 3 \n\n\nModule 5 – Exam Preparation Strategies \n\n  \nCourse Materials and Exam Resources \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISM exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISM Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISM Review Manual and the CISM Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n	CISM Review Manual\n	CISM Review Questions\, Answers & Explanations Manual\n	CISM Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISM page as part of their study program.  \n  \nInstructor \n\n \n\n\nJim Wiggins \nJim has over 25 years of direct experience in the design\, operations\, management\, and auditing of information technology systems\, with the past 20 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and state government contracting clients. \nToday\, Jim is the Founder and Principal at Securible\, LLC. Securible is an information security service provider offering cyber training programs to organizations of all sizes. At Securible\, Jim has taught IT security certification courses such as CISSP\, CISM\, CISA\, Ethical Hacking\, C&A\, Security+\, and other courses requested by Securible’s clients. Today with Securible\, Jim provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Agency (CISA) inside of the Department of Homeland Security (DHS). More information on Securible can be found at: http://www.securible.com. \nJim is also the Founder and Chief Executive Officer (CEO) of the Federal IT Security Institute (FITSI). FITSI is a 501c6 non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024. FITSI provides a role-based IT security certification program targeted at the federal workforce. More information on FITSI can be found at: http://www.fitsi.org. \nAdditionally\, Jim is the Founder and Executive Director of the FITSI Foundation. The FITSI Foundation is a 501c3 public charity that focuses on cyber education and is the philanthropic sister organization of the Federal IT Security Institute. The FITSI Foundation runs the Wounded Warrior Cyber Combat Academy (W2CCA). More information on the FITSI Foundation can be found at http://www.fitsifoundation.org. \nIn 2020\, Jim started a TV show around cybersecurity. This show is called “Cybersecurity Today” and can be viewed in the Washington\, DC area. Also\, episodes can be streamed online at the following website: http://www.cybersecuritytoday.org. \nIn 2019\, FCW Named Jim to the “Federal 100” for his work to tirelessly promote cybersecurity education across all branches of the federal government. \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make in the federal workforce. \nJim holds the following IA/IT security certifications: CISSP\, ISSEP\, CISM\, CISA\, CRISC\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nVirtual Meeting Information \n\n	This event will be presented online through Microsoft Teams.  \n	The instructor will email students prior to the event with instructions and additional information. \n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 24 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing the course\, students will be prepared to sit for the CISM exam.\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/cism-spring-2023-review-course/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2022/12/cism_spring_2023-e1676940650358.png
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230223T083000
DTEND;TZID=America/New_York:20230223T123000
DTSTAMP:20230225T125653Z
CREATED:20221220T153038Z
LAST-MODIFIED:20230225T125653Z
UID:29772-1677141000-1677155400@isaca-gwdc.org
SUMMARY:IT Audit Conference 2023
DESCRIPTION:The ISACA Greater Washington DC (GWDC) is proud to host our annual IT Audit conference. This conference is part of our monthly conference series. \nIT professionals\, IT advisory or audit professionals\, business executives\, students or professionals interested in learning more about IT Audit should attend this event. \nRegistration closes on February 22\, 2023 @ 12pm.  \nRegister Today! \n  \nAgenda \n\n8:30 – 9:30 AM \n\n\nCost Estimating and Scheduling practices for IT modernization Projects \nPresenter: Stephen Gilbride (Library of Congress OIG) \nThis presentation will provide a brief discussion on auditing technical projects for success. Mr. Gilbride will share federal guidance (GAO) and practical experience in the use of Cost Estimating and Scheduling practices for IT modernization projects and programs \n\n\n9:30 – 10:30 AM \n\n\nIT Audit in NASA Environment \nPresenters: Scott Riggenbach (NASA OIG)\, Chris Reeves (NASA OIG)\, and Linda Hargrove (NASA OIG) \nThis presentation will discuss the process of various IT audit performed in NASA environment\, including Cybersecurity Readiness\, Insider Threat and Software Asset Management. \n\n\n10:30 – 11:30 AM \n\n\nIT Audit in Cloud Environments \nPresenters: Shar Qureshi (Deloitte) and Twinkle Patel (Deloitte) \nIn this session\, you will learn about the different types of cloud services and deployment models\, understand the cloud shared responsibility model\, recognize key risks and controls based on the cloud service type\, how to evaluate a SOC report\, and additional considerations from an audit perspective. \n\n\n11:30 AM – 12:30 PM \n\n\nThe value of an IT auditor when integrating controls during a systems implementation or modernization effort. \nPresenter: Geoffery (Geoff) Weber (KPMG) \nGetting controls “right” during systems implementation or modernization efforts is commonly less expensive than designing them post-implementation. Integrators have a tendency to focus on functionality topics rather than controls – perhaps spending more time on users desired business process requirements and screen designs\, for example\, than on security issues. Increasing demands of new regulations for access and security controls provide an opportunity for organizations installing or upgrading ERP systems to design and implement good controls from the onset. This enables the controls to be better monitored and sustained throughout the life of the system. Not doing so has proved expensive: “Going live” before appropriate internal controls are in place negatively impacts business performance and creates unnecessary costs to retrofit controls into the new system. This situation may also cause the organization to report significant control deficiencies and/or material weaknesses. The end result could be adverse audit opinions on the adequacy of their internal controls and financial statements. A proper IT audit lens and methodology that focuses on key control areas helps reduce the risk of failed control environment associated with these systems efforts. \n\n  \nPresenters \nStephen Gilbride\nDirector IT Audits\, the Library of Congress Office of the Inspector General\nCIA\, CISA\, CRISC\, CGFM\, CEH \nMr. Gilbride has been the Director of IT Audits for over 6 years at the Library of Congress Office of the Inspector General. Prior to that he has worked for Accenture Federal Services as a Senior Manager of Internal Audit\, Information Technology. He has also worked for Kearney & Company in the DC area as a Senior Manager of Information Technology Audits for Federal clients. \nMr. Gilbride has a technology engineering background\, having spent twenty years with Nortel Networks in various roles and living in multiple countries designing\, delivering\, and providing sales support for network hardware and software products. \n  \nScott Riggenbach\nAssistant Director IT Audits\, NASA Office Inspector General \nScott Riggenbach has been a member of the NASA Office Inspector General team for the last 17 years based at the Kennedy Space Center in Florida. Prior to that he started his career doing IT audits at Arthur Andersen in Atlanta\, GA and a small startup auditing firm in the DC area. Mr. Riggenbach is an Assistant Director within NASA OIG’s Mission Support Directorate and is responsible for leading the majority of the IT audits for the organization. Scott graduated from Ohio University in Athens\, Ohio and currently resides in Viera\, FL with his wife and two children. \n  \nChris Reeves\nIT Specialist\, NASA Office Inspector General \nChris Reeves has worked for the NASA OIG since 2007. Prior to joining the NASA OIG team Chris spent 10 years serving as an IT specialist in the US Navy. While in the Navy he was responsible for shipboard communications\, information systems administration\, and cyber hygiene. He served at the Space and Naval Warfare Information Technology Center\, the Defense Information Systems Agency\, and the USS Crommelin\, a guided missile frigate based in Pearl Harbor. Chris has led and been involved in a wide range of information technology audits while with the NASA OIG. He has a bachelors in Information Technology Management\, lives in Galveston\, TX and has two young daughters\, Reagan and Avery. \n  \nLinda Hargrove\nIT Specialist\, NASA Office Inspector General \nWith more than three decades of experience in the IT ecosystem\, Linda Hargrove has managed\, led\, and supported complex IT projects for major aerospace programs. Her entire career has been working in data and computing systems at Kennedy Space Center\, FL. Linda is proud to be working at NASA OIG —providing impactful IT oversight by strengthening cybersecurity. Over the years\, her work has garnered various awards\, including NASA’s coveted Space Flight Awareness Launch Honoree Award. Linda holds bachelor and master’s degrees\, with honors\, from Rollins College in Winter Park\, Florida and has taught ‘Computer Systems Analysis & Design’ and ‘Communicating with Technology’ at the collegiate level. \n  \nShar Qureshi\nSenior Manager\, Digital Controls – Cloud Risk\, Deloitte \nShar is a Senior Manager in Deloitte’s Risk and Financial Advisory Digital Controls – Cloud Risk offering. He has been working in financial services and the tech industry for over 19 years. For the past 6 years\, he has been giving all his attention to controls advisory\, assurance and security engagements focusing primarily on AWS. \nHe is a technologist and brings a unique combination of audit/assurance and deep technical understanding of cloud. He has provided guidance to many organizations cross-industry on matters related to governance\, risk management\, compliance and security as organizations navigate their digital transformation. \nHe is an invited speaker and has had the pleasure to present at AWS Re:Inforce\, industry roundtables\, conferences and workshops. He has facilitated numerous cloud audit related courses through many of Deloitte’s partnerships and alliances. He is responsible for leading the upskilling\, cloud fluency\, learning and development initiatives for Deloitte assurance specialists. \n  \nTwinkle Patel\nAdvisory Manager\, Deloitte \nTwinkle Patel is a Manager within Deloitte’s Risk and Financial Advisory Digital Controls – Cloud Risk Offering with over 5 years of experience specializing in Technology Risk. For the past 3 years\, she has been giving all her attention to performing cloud assessments and audits to help companies navigate the cloud environments securely and quickly\, specifically for the Microsoft Azure (Azure) cloud platform. \nPreviously\, Twinkle has worked on Assurance projects\, supporting external financial statement audits\, SOC1 engagements\, and audits in the federal government that are aligned to NIST 800-53 and 800-37. Currently\, she is working on internal audits and projects with a focus on IT security and cloud computing related technologies in the consumer and retail industry. \nIn addition to supporting financial audits\, Twinkle has focused on leveraging her knowledge of IT controls and risk to help serve companies in an advisory capacity\, specializing in risk and control assessments\, pre and post implementation reviews. Twinkle is also currently serving as the project manager on an internal audit project for another publicly listed retail and healthcare company. \n  \nGeoffery (Geoff) Weber\nPrincipal\, KPMG – Federal Practice \nGeoff Weber is a Principal in KPMG’s Federal Practice. His experience spans more than 30 years leading information technology audits and advisory services in the Federal Industry. He currently leads teams assessing technology controls and risks for Federal Audit and Advisory clients. This includes topics such as IT controls\, IT transformation\, ERP/GRC system advisory services\, technology integration\, information security and privacy\, and IT audit and assurance. Geoff began his career in 1991 as a member of the civil service at the Department of Defense and joined KPMG’s Federal Practice in 1998. He earned a BS in Accounting and an MBA from George Mason University and holds CISA and CISM certifications. \n  \nVirtual Meeting Information \n\n	This event will be presented through Zoom.\n	Prior to the event\, participants must install the Zoom app on their respective devices or use the web-based Zoom. Calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After this conference\, attendees will have a better understanding of current trends and practices in IT Audit.\n	Prerequisites: None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2023-it-audit-conference/
LOCATION:Virtual Event
CATEGORIES:Conferences
ATTACH;FMTTYPE=image/png:https://isaca-gwdc.org/wp-content/uploads/2022/12/it_audit_conference_2023-e1676940047519.png
ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230209T163000
DTEND;TZID=America/New_York:20230209T180000
DTSTAMP:20230204T190214Z
CREATED:20230123T192503Z
LAST-MODIFIED:20230204T190214Z
UID:29903-1675960200-1675965600@isaca-gwdc.org
SUMMARY:Networking Event following the 2023 Diversity\, Equity and Inclusion Trends Special Event
DESCRIPTION:The ISACA GWDC is hosting a networking event following the 2023 Diversity\, Equity and Inclusion Trends in Technology special event.  The networking event will be from 4:30 to 6:00 PM at the Hilton McLean Tysons Corner.  Members do not have to attend the DEI special event to attend this networking event.  This is a free event and an RSVP is required to attend. \nRegistration closes on February 8\, 2023 @ 5 pm.  \nRSVP Today! \n  \n\nEvent Sponsorship \nIf your organization is interested in being a sponsor for this event\, please contact Bonita Patillo\, Special Events Director\, for details on sponsorship opportunities.  (Go to the Contact Us page select “Special Events” under “I have a question about”)\n \n  \nVenue Information \nHilton McLean Tysons Corner\n7920 Jones Branch Drive\nMcLean\, Virginia 22102\n \nHotel Website | Phone Number: (703) 847-5000 \nParking Information\nThe hotel offers complimentary parking (Ballroom Entrance / South Parking location). \nNearest Metro\nThe hotel offers free shuttle pick up service from Tysons Corner Metro Station.   To arrange a pickup\, call the hotel at 703-847-5000. \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \n 
URL:https://isaca-gwdc.org/event/2023-dei-networking-event/
LOCATION:Hilton McLean Tysons Corner\, 7920 Jones Branch Drive\, McLean\, VA\, 22102\, United States
CATEGORIES:Social Events
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230209T110000
DTEND;TZID=America/New_York:20230209T163000
DTSTAMP:20230219T005206Z
CREATED:20230123T192404Z
LAST-MODIFIED:20230219T005206Z
UID:29874-1675940400-1675960200@isaca-gwdc.org
SUMMARY:2023 Diversity\, Equity and Inclusion Trends in Technology Special Event
DESCRIPTION:ISACA GWDC is proud to host the 2023 Diversity\, Equity and Inclusion Trends in Technology event.  In this event we will focus on current trends in Diversity\, Equity and Inclusion (DEI) and learn how DEI initiatives contribute to organization culture\, help with effective governance\, and why DEI still matters.  This is an in-person event that will be held at the Hilton McLean Tysons Corner. \nIT Executives\, Management and Operations staff\, Risk management leaders and professionals\, IT Auditors\, Cybersecurity professionals\, students or anyone interested in learning more about how diversity\, equity and inclusion can improve individual’s careers and mission of the organization should attend this event. \nThere will be a free networking session after this event.   A separate RSVP is required to attend the networking session.  \nRegistration closes on February 8\, 2023 @ 5 pm.  \nRegister Today! \n  \n\nEvent Sponsorship \nIf your organization is interested in being a sponsor for this event\, please contact Bonita Patillo\, Special Events Director\, for details on sponsorship opportunities.  (Go to the Contact Us page select “Special Events” under “I have a question about”) \n\n  \nAgenda \n\n11:00 AM – 12:15 PM \n\n\nPanel Discussion #1 \nModerator:  Bonita Patillo (ISACA GWDC)  Current Panelists: Chris Ajiri (Zoom Communications)\, Jasmine Brennan (T. Row Price)\, Isabel Luo (ALM First)\, Diane Dempsey (BAE Systems) \nIn this panel\, the following topics will be discussed: \n\n	Ways that DEI has been prioritized and tactical activities that have been implemented.\n	Benefits to employees and organizations of DEI initiatives and a diverse workforce.\n	Promoting DEI initiatives in hybrid work environments.\n	Advice for individuals struggling to be their authentic self and how to strive for equity and inclusion in the workplace.\n\n\n\n12:15 PM – 1:00 PM \n\n\nLunch \nLunch is provided for this event. \n\n\n1:00 PM – 1:30 PM \n\n\nAttracting and Retaining Cyber Talent \nPresenter: Marcia Main (Upside) \nAttracting and retaining cyber talent\, the diverse way! Join us for this talk and explore 3 creative (and brave!) strategies that can help you overcome the current talent shortage and build stronger\, happier and more diverse teams. We will discuss: \n\n	The need for [diverse] cybersecurity talent\n	Why is it so hard to build diverse teams?\n	Brave techniques to take diversity beyond just talk\n\n\n\n1:30 PM – 2:30 PM \n\n\nPanel Discussion #2 \nModerator:  Bonita Patillo (ISACA GWDC)  Current Panelists: Dr. Shelton Ricks (Fed Government)\, William E. Jones (VaBHMA)\, Mick Vollmer (ABNB FCU)\, Marcia Main (Upside)\, Britani Jones (The Hanover Insurance Group) \nIn this panel\, the following topics will be discussed: \n\n	Promoting DEI initiatives with a reduced or eliminated budget.\n	Ways organizations can make their employees feel valued.\n	Potential impacts that organizations may have if they do not invest in a DEI program.\n	Using the recruitment process help narrow the DEI gap.\n\n\n\n2:40 PM – 3:30 PM \n\n\nHacking Diversity: 3 Simple Steps to Excel as a Risk Leader \nPresenter: Vishal Chawla (BluOcean Digital) \nIn this presentation we will discuss: \n\n	What are you really missing as an IT Risk leader if you don’t have a diverse team?\n	How Inclusion may be the most important tool to be a successful Risk Leader?\n	What are “three steps” you can take today to turn DEI as a business advantage for your Risk department and help your companies build trust with their customers!\n\n\n\n3:40 PM – 4:30 PM \n\n\nThe Impact and Importance of Supplier Diversity and Sustainable Procurement Strategies \nPresenter: Tomaneci Waller Day (T.Rowe Price) \nThis presentation will cover: \n\n	Why Supply Chain DEI strategies are a business imperative for all companies\n	Customer expectation and reputational risk\n	Explore the evolving Environmental Social Governance (ESG) corporate commitments and how these strategies can impact the diverse local business community.\n\n\n\n4:30 PM – 6:00 PM \n\n\nNetworking Event \nImmediately following this event\, the GWDC will host a networking event.  A separate RSVP is required for the networking event. \n\n  \nPanelists and Presenters \n\n \n\n\nChris Ajiri\nData Governance Leader\, Zoom Communication \nChris is a Data Governance Leader at Zoom Communication where he reports to Zoom’s CIO\, he is a seasoned Enterprise Data Management expert with over 15 years in the Industry. Chris works closely with Product\, Privacy and Compliance teams to improve data scalability across the organization. \nChris has executed and implemented various Data Governance and Data Management initiatives. He has worked in the financial industry (Capital One Bank and Freddie Mac) where he spent the majority of his career in data risk management\, data operations\, data validation\, data audits and operational process improvements. In his past role at the Department of Homeland Security (DHS) prior to joining Zoom\, he designed data governance\, data standards and data quality capabilities; hence\, implementing operational and data driven solutions at the Office of the Chief Data Officer (OCDO). \nChris is also a part-time adjunct professor at the School of Information Sciences at the University of Maryland College. Chris earned his master’s degree in Technology management from Georgetown University in Washington DC and a bachelors in Computer Information Systems from the Business School at the University of Maryland College Park. \n\n  \n\n \n\n\nJasmine Brennan\nVP\, Head of DEI Americas\, T. Rowe Price \nJasmine Brennan is a member of T. Rowe Price’s Corporate Diversity\, Equity\, and Inclusion team\, and serves as the VP\, Head of DEI\, Americas. She has been with the firm since March of 2020 and in this role\, Jasmine leads the DEI strategic initiatives for the Americas\, oversees the firm’s global BRG program\, and partners closely with firm’s DEI advisory groups\, championing to accelerate progress and outcomes. \nPrior to joining T. Rowe Price\, Jasmine held a variety of DEI leadership roles across industrial distribution\, consumer product\, and human capital management industries. In her last role\, Jasmine led DEI and CSR at Aerotek\, an Allegis Group company. During her tenure\, Jasmine led a team with responsibility for inclusive leadership training and education\, DEI councils and employee resource group governance\, DEI client engagement and diversity talent programs\, and philanthropic giving and employee volunteerism. \nJasmine graduated from Canisius College with a Bachelor of Arts in Psychology. She received a Master of Science in HR Management from New York Institute of Technology and completed a Diversity Practitioner Certification at Cornell University. She is passionate about authenticity\, inclusion\, well-being and belonging\, and incorporates those areas into both her personal and professional life. \n  \n\n\n \n\n\nIsabel Luo\nManaging Director\, Quantitative Risk\, ALM First \nIsabel is a senior-level executive in the financial services industry with 15+ years of experience in statistical modeling\, capital markets\, and consumer lending. She brings a solid background in leveraging economic theory and statistical methods to identify and mitigate credit\, interest rate\, and liquidity risk. For the last two decades\, Isabel has been assisting financial institutions in quantitative research\, regulatory capital planning and stress testing (CCAR)\, model development and risk management. She designs and develops analytical processes to predict change of consumer behavior in economic cycles. She presents complex technical analysis to diverse audiences including board members\, C-suite executives\, investors\, and regulators. \nCurrently Isabel holds a Managing Director position in a financial advisory firm with $80B fixed- income investments under management. She assists clients in deploying machine learning algorithm in financial analysis and forecasts. Prior to that\, Isabel served as an expert advisor at NCUA (regulatory authority for credit unions)\, advising on how policy would impact the credit union industry. She assisted in drafting regulations and conducted complex research projects to mitigate and effectively manage market risk and liquidity risk. \nPrior to the appointment at NCUA\, Isabel was a Vice President/Managing Director in the nation’s second largest credit union. She was responsible for the annual capital plan submission to NCUA and the Board of Directors. She played a key role as a member of ALCO and financial risk management committees. In addition\, she managed a team of financial analysts\, data scientists\, and economists in model development and risk management. She devised a capital planning and stress testing framework\, which was recognized with the Best Use Case Award at QRM Balance Sheet Management Conference attended by 500 institutions in 2018. \nBetween 2010 and 2013\, Isabel was a senior risk manager of Freddie Mac’s credit risk management division\, where she oversaw analytics and advised on key policy issues including loan modification programs\, foreclosure improvement proposals\, servicer surveillance platform\, and GSE servicing standards implementation for nonperforming subprime mortgages. Isabel was on a team of six people who earned first place in the 2012 Rising Leaders Business Case Competition and Leadership in Action Award. \nPrior to joining Freddie Mac in 2010\, Isabel worked in private equity and financing subsidiaries of General Motors that originated and serviced non-prime mortgages. \nIsabel holds a Master of Business Administration (MBA) in Finance from University of Minnesota and a Bachelor of Science degree in Mathematical Statistics from Shanghai University of Finance and Economics. In 2021\, she was awarded a professional diploma in Machine Learning and Artificial Intelligence through the Columbia Engineering Executive Education Program. \n\n  \n\n\nDiane Dempsey\nDirector\, Small Business Programs for BAE Systems Intelligence & Security Sector. \nMs Dempsey has enjoyed an extensive career in the field of procurement\, subcontracts and supplier diversity. Currently she is the Director\, Small Business Programs for BAE Systems Intelligence & Security Sector. Ms Dempsey has also been a small business advocate for several prime contractors in the DC Metropolitan area. She serves on multiple boards and committees\, most recently served as the Chair\, Capital Region Minority Supplier Development Council Board of Directors. Additionally\, she has served as the TRIAD Industry Group Co-Chair since 2006. Her leadership and advocacy have been recognized with many awards\, including the National Veterans Small Business Coalition 2021 Prime Contractor – Advocate of the Year and U.S. Women’s Chamber of Commerce\, 2021 CEO Award. \nShe received her B.S. from Mary Washington College\, Certificate in Contracts & Procurement\, University of Virginia\, and Master’s Certificate in Procurement & Supply Chain Management\, MS and MBA from the University of Maryland. She is also a certified supplier diversity professional and instructor for the Alliance of Supplier Diversity Professionals. \n\n  \n\n\nMarcia Main\nChief Information Security Officer\, Upside \nMarcia Main currently serves as the Chief Information Security Officer (CISO) for Upside – an exciting retail technology company\, focused on driving value to all points of brick and mortar commerce. Coming from humble beginnings in her native country of Brazil\, she found a path to success in technology – starting as a software engineer and finding her true passion in security after moving to the U.S. She has over 20 years of diverse experience in technology & information security\, having recently led a large security team for Rally Health (at the time\, a non-integrated entity of UnitedHealth Group) and previously held leadership roles in information assurance & security with companies such as KPMG LLP\, FTI Consulting\, and Verizon. Marcia enjoys running\, reading\, and all things fashion – believing that dressing can instill self-confidence and be a wonderful outlet for creativity. She lives in Rockville\, Maryland with her husband Matthew Main and her cat Sophia. \n\n  \n\n\nWilliam E. Jones\nPresident and Founder\, Virginia Black History Month Association \nMr. William E. Jones\, USMC (retired) was born in Brooklyn\, New York and was raised in Baltimore\, Maryland where he enlisted in the Marine Corps in July 1981. During his 21-year tenure as a Marine\, he fulfilled various assignments to include supporting the Multi-National Peacekeeping Force in Beirut\, Lebanon and participating in Operation Desert Shield/Desert Storm. \nAs a government civilian\, Mr. Jones has worked with the U.S. Navy as an Engineering Technician as well as a Program Manager and Deputy Program Manager with the Defense Threat Reduction Agency (DTRA) for the Biological Combat Assessment System. He later held the position of Program Manager for DTRA’s Transformational Medical Technologies Program. He was later assigned as a Project Officer at Marine Corps Systems Command in Quantico\, Virginia. Today\, Mr. Jones is employed as a Program Manager with the Transportation Security Administration (TSA)\, Department of Homeland Defense (DHS) in Springfield\, Virginia. \nIn 2017\, Mr. Jones was selected to serve on the Board of Directors of the Gladys P. Todd Academy\, which tutored and mentored young high school students which provided college scholarships that allow them to graduate from community college before graduating from high school. Mr. Jones was also elected as the Vice-Chairman of the Marine Corps Systems Command’s Diversity Awareness Program. The program manages and oversees the celebrations for the eight Special Emphasis Programs recognized by the Department of Defense. \nMr. Jones’ impressive and extensive educational background includes graduating from the U.S. Army Chemical School and Parachute School. He holds a Bachelor of Science in Psychology with a minor in Behavioral Science from the University of Maryland. He is also a graduate of the Whiting School of Engineering at Johns Hopkins University\, with a Master of Science in Systems Engineering. In 2016\, Mr. Jones furthered his graduate studies at the University of Maryland\, graduating with a Master of Business Administration (MBA). \nHis decorations include: the Meritorious Service Medal\, the Navy Commendation Medal 2nd award\, the Marine Expeditionary Medal\, the National Defense Medal\, the Southwest Asia Service Medal\, the Marine Corps Recruiting Ribbon\, the Kuwait Liberation Medal\, and the U.S. Army Parachute Wings. \nIn 2004\, he was selected for the Department of Defense “2005 Today’s Military” ad campaign\, which published his picture and personal story in magazines like Ebony\, Money\, The Smithsonian\, Sports Illustrated\, and many more. In 2009\, he was also appointed to the Spotsylvania County Board of Directors for Minority Affairs Committee\, which ensures the fair and equal hiring for local county positions. Mr. Jones hobbies include volunteering as the Head Elder at the Fredericksburg Seventh-Day Adventist Church where he currently worships\, as well as serving as Founder/President of the Virginia Black History Month Association. \n  \n\n\n \n\n\nDr. Shelton Ricks\nDeputy Director for Enterprise Leadership and Management\, Federal Government \nShelton is a lifelong learner\, professor\, researcher\, and leadership enthusiast\, steeped in interest in organizational leadership. He has made his mark in the field of social science research\, the study of societies\, and the relationships among individuals within those societies. \nDr. Ricks is currently the Deputy Director for Enterprise Leadership and Management in the Federal Government and has traveled the world in many capacities sharing the importance of leadership and followership\, soft-skill development\, the impact of diversity\, equity\, inclusion\, and accountability (DEIA) and the power of using data analytics to support initiatives. Shelton has worked previously for Verizon\, Northrop Grumman\, Federal Express\, Norfolk Public Schools\, The City of Newport News\, and Bank of America\, and as an entrepreneur for Shelton LR and Associates. \nAdditionally\, Shelton has endured a decade of service\, molding business-minded individuals as a professor at Kellogg Graduate School at Northwestern University\, DeVry University\, Keller Graduate School of Management\, and Eastern Gateway Community College. \nConcerning building respect across differences\, Shelton currently serves on the board of directors for ACCESS VR\, a virtual reality immersive learning company in Northern Virginia; one of the key missions is to increase felt anxieties of diversity and inclusion experiences through immersive learning experiences. Dr. Ricks wrote a whitepaper\, Presence and Immersive Technology Adoption (PiTA): Exploratory Research -Simulation Soft-Skill Development Exploring Use Cases in Virtual Reality\, which he will present at the Interservice/Industry Training Simulation Education Conference (I/ITSEC) in December 2023. The findings highlighted incremental gains from pre and post-assessments concerning comfort levels with discussing diversity and inclusion training and felt anxiety. \nFurthermore\, Shelton has partnered with Kari Heistad at Culture Coach International on several key initiatives to build tools that allow increases in cultural competency. He also is a committee member for the Virginia Black History Month Annual Gala (VaBHMA) and a facilitator for the Intelligence Community Harriet Tubman Leadership Ethos Ride. Shelton holds a Bachelor’s degree in Critical Thinking and Assessment\, a Master’s degree in Business Administration with a concentration in Human Resource Management\, and a doctorate in Management/Organizational Leadership. \nDr. Ricks has been married for over 20 years and has three children. He moonlights as a music director during his free time. \n\n  \n\n \n\n\nMick Vollmer\nChief Information Officer\, ABNB Federal Credit Union\nMBA\, MSIT \nMick Vollmer is married with 2 children and has been a resident of Hampton Roads\, VA for 30 years. He is currently the Chief Information Officer for ABNB Federal Credit Union in Chesapeake\, VA. Mick’s previous lives include Vice President of Cyber and Cloud Security Risk Management at Fifth Third Bank based in Cincinnati; Executive Vice President for Technology Innovation at Towne Bank headquartered in  Suffolk\, VA; Chief Information Officer and Chief Technology Officer for The City of Virginia Beach; and Executive Director and Information Security Officer at ValueOptions\, FHC Health Systems\, headquartered in Northern Virginia. \nMick earned his MBA and a Masters Degree in Information Technology from the University of Maryland. Mick earned a Bachelor of Science degree from Old Dominion University\, and a degree in Engineering from Tidewater Community College. \nMick is a graduate of LEAD Hampton Roads\, LEAD Virginia and the University of Virginia’s Sorensen Institute for Political Leadership. His industry certifications include ISACA GIAC\, ISC 2 CISSP\, Cloud Security Alliance CCSK\, Cloud+\, ITIL v3 and Federal Chief Information Officer Certificate from the US General Services Agency. \nMick’s honors and recognition include a US Patent\, Virginia Governor’s Technology Innovation Award\, Gartner’s Security Innovation Award and Public Technology Institute’s Technology Innovation Award. \n\n  \n\n \n\n\nBritani Jones\nProgram Manager of Inclusion\, Diversity\, Equity\, The Hanover Insurance Group \nBritani Jones (she/her) is the Program Manager of Inclusion\, Diversity\, Equity at The Hanover Insurance Group. In this role\, Britani is one of our IDE subject matter experts\, sharing her perspective\, insights and knowledge to help us build and sustain a more equitable and inclusive work environment that supports our entire employee population. She reports to Haydee Santana\, AVP of Inclusion\, Diversity\, Equity. \nBritani joined The Hanover in December 2019 as a Small Commercial Sales Manager and was chair of the Community Committee for the Kinship Village Business Resource Group. She is a member of the Big I Diversity Council. \nBritani has been in the insurance industry for nearly 15 years\, and prior to joining The Hanover\, she held various marketing and underwriting roles with national and large regional carriers\, including Nationwide\, State Farm and Erie Insurance.  \nIn her personal life\, Britani is active in her district’s school board\, advocating for equitable educational programs and she previously sat on the board of a local parent-led community organization that aims to bring equitable policies and practices to the county in which she and her family reside. \nBritani resides in the DC Metro area with her husband\, Bryan\, and their two sons\, Jace and Logan. \n\n  \n\n\nVishal Chawla\nFounder & CEO\, BluOcean Digital \nVishal is the founder and CEO of BluOcean Digital – a firm obsessed with igniting people’s creativity to invent solutions that protect the trust of companies\, their customers\, and communities by delivering outcome-based consulting services and technology-enabled cybersecurity and privacy solutions. \nWith over 25 years of diversified experience serving clients in the U.S. and internationally in the financial services\, technology\, and media industries\, Vishal has also served as the Senior Partner for PwC Cybersecurity practice\, Global Cybersecurity and Risk Consulting leader at Grant Thornton\, and Senior Partner for Deloitte Cybersecurity practice. \nHe specializes in assisting clients with aligning their cybersecurity & privacy strategies and programs with their Business Strategies\, Digital Transformation program\, and Innovation agenda. Vishal has extensive experience operationalizing risk-led global Cyber & Privacy Risk Management strategies to help clients achieve Customer Trust\, Innovation\, and agility in their business operations\, Operational Resilience\, and Regulatory compliance throughout their digital transformation journey. \nHe has been published or quoted in numerous publications and is a frequent contributor to industry events. Vishal frequently writes for publications such as the WSJ\, MIT magazine\, Risk & Compliance magazine\, RMA Journal\, ISACA\, and Compliance week. He is a frequent speaker on strategic risk\, operational risk\, and Cyber risk at various conferences. \nVishal is certified information systems and security professional (CISSP) living in Great Falls\, Virginia. Vishal is the proud father of two children and is passionate about spending time with his family\, exercising\, Indian music\, cricket enthusiast\, and reading. \n\n  \n\n \n\n\nTomaneci Waller Day\nSupplier Diversity Senior Manager\, T. Rowe Price \nTomaneci brings over a decade of experience in diversity and inclusion program oversight\, structure\, and operations. She began her passion and commitment for diversity\, equity\, and inclusion as the Small Local Minority Business Enterprise\, Outreach Coordinator for the Washington Suburban Sanitary Commission (WSSC) in Laurel Maryland. She later spent ten years with Freddie Mac\, in McLean Virginia\, progressively holding more responsible leadership roles in supplier diversity programming\, including Director of Employees & Suppliers Inclusion and Diversity. As lead for Supplier Diversity for Freddie Mac\, she designed and executed several corporate-wide strategies that delivered a consistent year-over-year increase in employee and supplier diversity metrics and creating The Supplier Academy\, Freddie Mac’s first diverse supplier development program. \nIn 2021 Tomaneci joined T. Rowe Price as the Supplier Diversity Sr. Manager\, responsible for standing up the supplier diversity strategy and driving the leadership\, planning\, organization\, implementation of the T. Rowe Price corporate commitment to supply chain diversity inclusion and sustainable procurement. Tomaneci works to forge partnerships with key stakeholders to advocate for the growth of diverse suppliers and enable supplier inclusion and utilization within contract categories and sourcing strategies. \nTomaneci holds a Bachelor of Arts from Norfolk State University\, a Master of Science from Virginia Commonwealth University\, and earn an executive certification in Diversity and Inclusion for Human Resources from Cornell University. \n\n  \nVenue Information \nHilton McLean Tysons Corner\n7920 Jones Branch Drive\nMcLean\, Virginia 22102\n \nHotel Website | Phone Number: (703) 847-5000 \nParking Information\nThe hotel offers complimentary parking (Ballroom Entrance / South Parking location). \nNearest Metro\nThe hotel offers free shuttle pick up service from Tysons Corner Metro Station.   To arrange a pickup\, call the hotel at 703-847-5000. \n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 5 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After this event\, attendees will have a better understanding of DEI current trends and practices.\n	Prerequisites: None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method: Live\, in-person\n	Field of Study: Personnel/Human Resources – Non-technical
URL:https://isaca-gwdc.org/event/2023-diversity-equity-and-inclusion-trends-in-technology-special-event/
LOCATION:Hilton McLean Tysons Corner\, 7920 Jones Branch Drive\, McLean\, VA\, 22102\, United States
CATEGORIES:Special Event
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20230119T083000
DTEND;TZID=America/New_York:20230119T123000
DTSTAMP:20230127T234223Z
CREATED:20221220T151918Z
LAST-MODIFIED:20230127T234223Z
UID:29769-1674117000-1674131400@isaca-gwdc.org
SUMMARY:2023 Emerging Technology Conference
DESCRIPTION:The ISACA Greater Washington DC (GWDC) is proud to host our annual Emerging Technology conference. This conference is part of our monthly conference series. \nIT professionals\, IT advisory or audit professionals\, business executives\, students or professionals interested in learning more about emerging technology should attend this event. \nRegistration closes on January 18\, 2023 @ 1pm.  \nRegister Today! \n  \nAgenda \n\n8:30 – 9:30 AM \n\n\nSecure Controls Framework (SCF): The Evolution of Integrated Controls Management (ICM) \nPresenters: Tom Cornelius (ComplianceForge) and David Driggers (HowToGRC) \nThe presentation will cover the past\, present and future of the SCF. This addresses the rise of the metaframework to address Integrated Controls Management (ICM) to address being both “secure and compliant” in an increasingly complex compliance environment. The presentation will also cover the SCF’s Conformity Assessment Program (CAP) that is going live in February to enable first and third-party assessments against tailored SCF control sets. \n\n\n9:30 – 10:30 AM \n\n\nBeyond the Hype of Mesh Architectures \nPresenter: Peter Illdefonso (Amazon Web Services) \nThe buzz of Mesh Architectures promises the zero-ETL\, native\, and seamless integrations for data systems. Cutting through the buzz\, companies are starting to launch services that will facilitate Mesh Architectures. Understanding the concepts of data\, networks\, and systems integrations will help companies build a strategy to maximize the value from these innovations. So far\, most Mesh concepts have been based on a significant amount of manual coding and tagging. Virtualized data catalogs\, zero-ETL connections\, and vendor managed networks will begin to remove the need for manual and error prone integrations. We will explore the constructs of Mesh and use examples from AWS to show how the concept of Mesh is becoming a reality. \n\n\n10:30 – 11:30 AM \n\n\nWarehouse Technology Transformation: A Case Study in Strategic Modernization \nPresenter: Robert Brian Marshal (KPMG) \nAs warehouses continue to transform at exponential rates regarding technology and data platforms\, implementation efforts can far exceed expectations when it comes to costs and results. By developing a strategy to modernize these platforms according to mission needs\, clients can set realistic expectations and procure appropriate systems and technology to realize potential results in the following areas: \n\n	Improved data integrity through enhanced capture techniques\n	Streamlined end-to-end business processes and warehouse operations with internal controls\n	System-based transactional accuracy for inventory balances and financial reporting purposes\n	Carbon-neutral initiatives to meet ESG objectives\n\nOver the past 5 years\, KPMG has helped the Marine Corps to implement technology initiatives at its Wilson Weapons Warehouse in Albany\, GA to establish a foundation on which to build on for future technology modernization and institute a commercial-level transformation in the Federal landscape. This case study will present the efforts to implement a modernization strategy to build that foundational element on which current 5G installation efforts are underway \n\n\n11:30 AM – 12:30 PM \n\n\nThe Modern Digital Workplace: Seven Trends that are Driving Change \nPresenter: Vishal Brown (NTT DATA) \nFactors like remote work\, the emergence of the gig workforce\, and the changing nature of work itself are forcing enterprises to rethink their employee experience. This is driving investment in systems and services that allow employees to stay connected to their business infrastructure and one another\, and support networks with greater resilience across more locations and devices. This talk will frame how we should think about the Modern Workplace and seven important trends shaping it\, and what that means to the design and delivery of workplace services that can lead to superior employee experiences. \n\n  \nPresenters \nTom Cornelius\nSenior Partner\, ComplianceForge \nTom Cornelius is the senior partner at ComplianceForge\, a firm that specializes in cybersecurity and privacy documentation. Tom is also the founder and contributor of the Secure Controls Framework (SCF). \n  \nDavid Driggers\nPartner\, HowToGRC \nDavid Driggers is a partner with HowToGRC\, an advisory firm specializing in implementation and operationalization of SCF-based Integrated Controls Management (ICM) solutions. In addition to being the President of the SCF Accreditation Body (SCF-AB)\, David is also the founder of CMMCplus and SCF Connect cybersecurity software products. \n  \nVishal Brown\nPortfolio Leader – Digital Workplace Services\, NTT DATA\, Inc. \nVishal is the Chief Evangelist and GTM Offering Leader for Digital Workplace Services at NTT DATA with over 20 years of industry experience. Focused on elevating the employee experience and their productivity\, I bring expertise of Modern Workplace technologies that leverage AI\, automation\, and machine learning to enable the Digital Workplace ecosystem. I have helped multiple Fortune 500 organizations design\, implement\, and manage human-centric digital workplace environments. \nHe has published several white papers\, articles\, and blogs and presented at executive industry forums and conferences\, including delivering keynote addresses for worldwide product launches. \n  \nRobert Brian Marshal\nDirector\, Federal Advisory Services\, KPMG \nRobert Brian Marshall is the Warehouse Modernization and Transformation Lead in KPMG’s Federal Advisory Services Practice. With a strong background in defense and commercial supply chain\, logistics\, and operations; his experience includes system design and implementation projects; distribution network strategy development and execution; and business process reengineering for commercial and federal clients. In addition\, he is an Air Force veteran with over 12 years’ experience directing large-scale operations in high-tempo environments. Brian can be found on LinkedIn and is a member of several veteran groups on the social platform. \n  \nPeter Illdefonso\nSolutions Architech\, Amazon Web Services \nPeter Ildefonso has been an Enterprise Solutions Architect for Amazon Web Services for 3 years. He is responsible for working across a large number of industries to identify business problems and working backwards to identify viable and scalable technical solutions. Peter has been helping customers plan and migrate critical workloads for more than 11 years with a recent focus on modern data systems prototyping to provide customers with the speed and scale needed for public facing solutions. He was previously a government cloud migration specialist\, developer\, and systems engineer and is a proud graduate of Clemson University. \n  \nVirtual Meeting Information \n\n	This event will be presented through Zoom.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After this conference\, attendees will have a better understanding of current trends and practices in emerging technology.\n	Prerequisites: None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2023-emerging-tech-conference/
LOCATION:Virtual Event
CATEGORIES:Conferences
ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221117T083000
DTEND;TZID=America/New_York:20221117T123000
DTSTAMP:20230129T162112Z
CREATED:20221104T013010Z
LAST-MODIFIED:20230129T162112Z
UID:29646-1668673800-1668688200@isaca-gwdc.org
SUMMARY:2022 IT Fraud Conference
DESCRIPTION:The ISACA Greater Washington DC (GWDC) is proud to host our annual IT Fraud conference. This conference is part of our monthly events. \nFraud and cybersecurity professionals\, IT advisory or audit professionals\, business executives\, students or professionals interested in learning more about IT fraud should attend this event. \nRegistration closed on November 16\, 2022 @ 12 p.m. Participants can use the link below to access CPE Certificates\, feedback survey\, and presentations. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nAgenda \n\n8:30 AM – 9:30 AM \n\n\nStanch the Flow: Anatomy of Fraud in Government Programs \nPresenters: Linda Miller (Guidehouse) and Zachary Rosenfeld (Guidehouse) \nFraud in federal programs is getting bigger\, more complex and more ambitious than ever. Although the unprecedented public spending in the wake of the COVID-19 pandemic ‐ and the similarly unprecedented amount of taxpayer dollars lost to fraud ‐ have drawn more attention to this problem in recent years\, the government's fraud woes long predate the pandemic. The U.S. government needs to move with haste to systematically identify fraud risks that threaten its new benefit programs. If these agencies don't take proactive steps to prevent fraud now ‐ choosing instead to let law enforcement entities chase after fraudsters only after they've stolen program funds ‐ the U.S. government stands to lose several billion more in taxpayer dollars\, with dubious prospects for recovery. In this session\, Linda Miller of Guidehouse will provide insights on how to stanch the flow of money from vulnerable agencies. \n\n\n9:30 AM – 10:30 AM \n\n\nIdentity Theft and Tax Schemes \nPresenter: Anika Pompey (Internal Revenue Service (IRS)) \nAccording to the IRS\, “tax-related identity theft happens when someone steals your personal information to commit tax fraud. Your taxes can be affected if your Social Security number is used to file a fraudulent return or to claim a refund or credit.” During this session\, Anika Pompey will discuss identity theft and tax schemes\, how to identity and protect yourself against business and individual identity theft\, and steps to take if an individual or business becomes the victim of tax-related identity theft. In addition\, Anika Pompey will also discuss the 2022 Dirty Dozen Tax Schemes. \n\n\n10:30 AM – 11:30 AM \n\n\nHow does fraud happen via APIs? \nPresenter: Jeremy Synder (FireTail.io) \nIn this talk\, Jeremy Snyder will examine the causes of API data breaches and API abuse. He'll explain the main control factors\, and where to provide observability or instrumentation components to view the necessary data elements. In addition\, Jeremy will discuss best practices around API security\, and building API security into a development cycle or a security operations pro. \n\n\n11:30 AM – 12:30 PM \n\n\nAdversarial OSINT Reconnaissance \nPresenter: Kirby Plessas (Plessas Experts Network\, Inc.) \nFew realize how broadly Open Source Intelligence gathering can impact their organization's attack surface including its network\, metadata\, and personnel. Join Kirby Plessas for a rapid-fire\, hands-on\, live demonstration of the reconnaissance an adversary can commit against an organization using publicly available data. Scouring Google\, exploiting images\, and collecting critical data shared by and about individuals round out this attack planning demonstration that also points the way toward what should be done to secure your organization. \n\n  \nPresenters \nLinda Miller\nPartner\, Guidehouse \nLinda Miller is an expert in helping organizations identify and manage their risks to fraud. Linda is a former Olympian in the sport of rowing\, a dynamic speaker and a passionate advocate for diversity in the workplace. With the October 2022 acquisition of Grant Thornton\, she became a Partner at Guidehouse\, where she brings her Fraud & Financial Crimes expertise to a variety of government and private sector clients. In May 2020 Linda was appointed by the Chair of the Council of Inspectors General on Integrity and Efficiency to be the Deputy Director of the Pandemic Response Accountability Committee (PRAC). She held this role for one year\, helping to stand up the government's pandemic oversight function in a fully virtual setting in the midst of the pandemic. Linda also spent ten years at GAO\, where she led the development of GAO's Framework for Managing Fraud Risks in Federal Programs (GAO 15-593SP). This framework was codified in statute with the signing of the Fraud Reduction and Data Analytics Act which requires federal agencies to adhere to the leading practices contained within it. \n  \nZachary Rosenfeld\nManaging Consultant\, Guidehouse \nZachary Rosenfeld has more than 11 years' experience conducting evaluations and managing risk for federal programs in emergencies and complex contingency environments. He has delivered high profile evaluations\, performance audits\, white papers\, and briefings on international fraud and anti corruption\, including a first-of-its-kind evaluation commissioned by Congress to examine corruption in Afghanistan and the efficacy of the Afghan government's anti-corruption policies. At Guidehouse\, he leads teams responsible for conducting program evaluations and establishing effective\, proactive fraud risk management programs using maturity assessments\, fraud risk assessments\, and data analytics tools. His clients include the Department of State\, Federal Communications Commission\, and the Export-Import Bank of the United States. \n  \nAnika Pompey\nSenior Stakeholder Liaison\, Internal Revenue Service (IRS) \nAnika Pompey is a Senior Stakeholder Liaison with the Internal Revenue Service (IRS) in Washington\, DC. In this role\, she is responsible for performing outreach and establishing relationships with tax practitioners\, business and industry organizations\, and other audiences for the purpose of sharing information about IRS policies\, practices\, and procedures. Prior to becoming a Senior Stakeholder Liaison\, Anika held the position of Tax Compliance Officer (TCO). In this role\, she planned and conducted examinations of individual income tax returns. She was also responsible for educating taxpayers about tax law and tax-related accounting. Anika held the position of TCO for nine years before becoming the frontline manager of a TCO group. Anika has also held the position of Contact Representative where she was responsible for assisting customers with their tax accounts. Overall\, Anika's IRS career spans more than 15 years. \n  \nJeremy Synder\nFounder and CEO\, FireTail.io \nJeremy is the founder and CEO of FireTail.io. FireTail provides API security via code library\, and works with customers worldwide to keep APIs secure. Prior to FireTail\, Jeremy has worked at Rapid7\, DivvyCloud\, AWS and other companies. Jeremy has lived in 5 countries and speaks 5 languages. \n  \nKirby Plessas\nFounder and CEO\, Plessas Experts Network\, Inc. \nKirby Plessas is the founder and CEO of Plessas Experts Network\, Inc. (PEN)\, an Open Source Intelligence (OSINT) Internet technology and information extraction company specializing in training\, researching\, and consulting to meet the unique needs of diverse law enforcement\, government\, and private-sector organizations.\n \n\n \nMs. Plessas established herself as one of the foremost tradecraft experts in OSINT through a successful career as a member of the U.S. Military and as a Government Contractor prior to founding PEN in 2008. A service-disabled veteran\, Ms. Plessas began her career in Military Intelligence as an Arabic linguist supporting the Department of Defense and continued using her OSINT experience at the Defense Intelligence Agency. Acknowledged as an expert in her field\, in 2007 she was instrumental in the creation and institution of an innovation center for conducting Open Source Intelligence (OSINT). In great tribute to her long list of personal and corporate accomplishments in her field\, the Department of Homeland Security declared Ms. Plessas an OSINT Technical Expert (2010).\n \n\n \nThrough her work at PEN\, Kirby Plessas shares her love of innovative technology and OSINT expert skills by delivering hands-on training courses throughout the United States and internationally. \n  \nVirtual Meeting Information \n\nThis event will be presented through Zoom.\nPrior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\nThe ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant's inability to respond to the polls.\n\n  \nEvent Questions and Policies \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org. \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter this conference\, attendees will have a better understanding of current trends and practices in identifying and addressing IT fraud. \n  \nCPE-Related Details \n\nPrerequisites: None\nAdvance Preparation: None\nProgram Knowledge Level: Basic\nDelivery Method:  Group Internet Based\nField of Study: Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-it-fraud-conference/
LOCATION:Virtual Event
CATEGORIES:Special Seminars
ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221112T080000
DTEND;TZID=America/New_York:20221112T170000
DTSTAMP:20240911T150804Z
CREATED:20220920T010249Z
LAST-MODIFIED:20240911T150804Z
UID:29509-1668240000-1668272400@isaca-gwdc.org
SUMMARY:Certified in Emerging Technology (CET) Cloud Fundamentals Review Course
DESCRIPTION:The GWDC is sponsoring an intensive one day virtual review course for the Certified in Emerging Technology™ (CET) Cloud Fundamentals Certificate.  The course will be held on November 12\, 2022 from 8:00 am to 5:00 PM. \nThis course covers characteristics\, components\, deployment models\, risks\, and business drivers of cloud computing. Learners gain insight into the principles and concepts of cloud computing\, services models\, cloud governance\, and an overview of critical cloud service considerations. The interactive\, self-guided format blends both knowledge and performance-based training components to provide a truly unique and dynamic learning experience that builds and reinforces the critical skills required to perform real-world technical tasks. \nThis event is intended for anyone sitting for the CET Cloud Fundamentals Certificate Exam. Students are expected to have prepared for the exam prior to attending the course. \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \nRegistration closed on November 11\, 2022 @ 5pm. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nCourse Details \nAgenda \nModule 1 – Cloud Computing Models \n\n	Cloud Components\n	Cloud Service Implementation Considerations\n	Cloud Deployment Models\n\nModule 2-Cloud Service Models \n\n	Software as a Service\n	Platform as a Service\n	Solution Stacks\n	Infrastructure as a Service\n\nModule 3-Cloud Governance \n\n	Business Drivers to Cloud \n	Risks Associated with cloud solutions\n	Cloud Vendor Selection and Management\n	Portability of Services\n\nModule 4-Cloud Service supports \n\n	Distinguish between service implementation and support in the cloud\n	Describe the testing and validation requirements for post-cloud implementation\n	Articulate the special role that configuration management plays in cloud computing\n	Identify resource management challenges with cloud computing implementations\n\n  \nAbout the CET \nThe Cat exam will be offered via Computer-Based Testing (CBT). \nRegistration for the CET exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CET Cloud Fundamentals Certificate and Exam Registration \n  \nCCAK Exam Preparation \nFor students who wish to take the CET Cloud fundamentals exam\, it is highly recommended that the prospective candidates should purchase the official study guide and labs here as the exam includes hands on elements. \n  \nInstructor \n \nSushila Nair\nVice President\, Security Portfolio @ NTT DATA Services\, NTT DATA\, Inc.\nCISSP CISM CRISC CISA \nSushila Nair is certified by ISACA International to teach the CCAK Exam Review Course and specializes in cybersecurity\, risk\, and audit services. Sushila Nair is the current Vice President of the Greater Washington\, D.C. ISACA Chapter and has presented at CACS\, BrightTALK\, Seguruinfo and many other international events.  Sushila has taught review courses for the GWDC and ISACA Global. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented virtually.  \n	The instructor will email students prior to the event with instructions and additional information. \n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 10 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objectives \n\n	Identify characteristics\, benefits\, deployments\, and components of cloud computing\n	Evaluate cloud delivery models\, including SaaS\, PaaS\, and IaaS\n	Define governance needs\, business drivers\, strategic value\, and risks associated with cloud computing\n	Understand business model considerations for cloud computing\, including testing\, resource management\, data availability\, and business continuity\n\n  \nCPE-Related Details \n\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/cet-2022-fall-review/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221105T090000
DTEND;TZID=America/New_York:20221119T170000
DTSTAMP:20221122T190937Z
CREATED:20220910T153631Z
LAST-MODIFIED:20221122T190937Z
UID:29452-1667638800-1668877200@isaca-gwdc.org
SUMMARY:CRISC® Fall 2022 Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certified in Risk and Information Systems Controls™ (CRISC®).  This review course will provide practical advice on preparing for the CRISC exam and specific instruction regarding the job practice areas addressed by CRISC as defined by ISACA® Global. The dates of this course are three (3) consecutive Saturdays: November 5\, 12\, and 19\, 2022 from 9 am to 5 pm eastern. \nThis event is intended for anyone sitting for the CRISC Exam. Students are expected to have prepared for the exam prior to attending the course. \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \nRegistration closed on November 4\, 2022 @ 5pm. Participants can use the link below to access CPE Certificates and the feedback survey.  Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nCourse Details \nAgenda \nDay 1  \n\n	Introduction\n	Governance (Domain 1)\n\nDay 2 \n\n	IT Risk Assessment (Domain 2)\n	Risk Response and Reporting (Domain 3)\n\nDay 3  \n\n	Information Technology and Security (Domain 4)\n	Practice Tests\n\n  \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CRISC exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CRISC Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CRISC Review Manual and the CRISC Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n	CRISC Review Manual\n	CRISC Review Questions\, Answers & Explanations Manual\n	CRISC Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CRISC page as part of their study program.  \n  \nInstructor \n \nJim Wiggins\n \nJim has over 25 years direct experience in the design\, operations\, management\, and auditing of information technology systems\, with the past 20 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients. \nToday\, Jim is the founder and executive director of the Federal IT Security Institute (FITSI). FITSI is a 501c6 non-profit\, certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024. FITSI provides a role-based IT security certification program targeted at the federal workforce. \nJim is also the executive director of the FITSI Foundation. The FITSI Foundation is 501c3 public charity that runs the Wounded Warrior Cyber Combat Academy (W2CCA). \nAdditionally\, Jim provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Agency (CISA) inside of the Department of Homeland Security (DHS). \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make in the federal workforce. \nIn 2019\, FCW Named Jim to the “Federal 100” for his work to tirelessly promote cybersecurity education across all branches of the federal government. \nJim holds the following IA/IT security certifications: CISSP\,ISSEP\, CISM\, CISA\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented virtually.  \n	The instructor will email students prior to the event with instructions and additional information. \n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 21 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing the course\, students will be prepared to sit for the CRISC exam.\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/crisc-fall-2022-review-course/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221104T093000
DTEND;TZID=America/New_York:20221104T170000
DTSTAMP:20221120T130726Z
CREATED:20220910T164017Z
LAST-MODIFIED:20221120T130726Z
UID:29469-1667554200-1667581200@isaca-gwdc.org
SUMMARY:Seminar - Introduction to Auditing with PowerShell® Part 2:  Objects and Scripting
DESCRIPTION:This one-day virtual seminar is designed for students to expand their skills in using PowerShell® to perform audits. This course explores two fundamental aspects of using PowerShell: objects and scripting.  PowerShell is built around the concept that data in PowerShell is an object of a specific type.  An object can be as simple as text or number or as complex as a collection of objects. Auditors need to understand this concept to unlock the information stored in different object types and the actions that can be taken.  PowerShell is also more than a series of commands; it is a scripting language complete with its own version or popular scripting features and syntax. While built for systems administrators\, auditors can also use key aspects of PowerShell’s scripting language to write effective and repeatable scripts for use in their audits. \nThis seminar is for any Auditor\, IT Auditor\, or Cybersecurity professional who want to incorporate PowerShell into their toolkits for accomplishing audits and projects. \nRegistration closed on November 3\, 2022 @ 12pm.  Capacity is limited to 30 registrants. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nRelated Seminar \nThis seminar builds on the concepts taught in the Introduction to Auditing with PowerShell Part 1: Overview and Basic Commands seminar. \n  \nSeminar Details \nSeminar Outline \n\n	PowerShell refresher\n	Understanding objects in PowerShell\n	Object types and their properties and methods\n	PowerShell scripting basics and best practices\n	Tips for troubleshooting commands and scripts\n	Practical Exercises\n\n  \nInstructor \n \nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 27 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 16+ years\, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development\, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls\n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter completing this course\, students will have skills to use objects in PowerShell and develop PowerShell scripts. \n\nAdditional CPE-Related Details \n\n	Prerequisites: Students should have a basic understanding of PowerShell. The ISACA GWDC course Introduction to Auditing with PowerShell Part 1: Overview and Commands satisfies this prerequisite.\n	Advance Preparation: The instructor will provide materials in advance of the course that should be saved to the student’s computer. Students can follow along with the instructor in executing PowerShell commands during the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-fall-seminar-auditing-powershell-p2/
LOCATION:Virtual Event
CATEGORIES:Special Seminars
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221022T083000
DTEND;TZID=America/New_York:20221105T170000
DTSTAMP:20221120T130752Z
CREATED:20220920T010310Z
LAST-MODIFIED:20221120T130752Z
UID:29505-1666427400-1667667600@isaca-gwdc.org
SUMMARY:Certificate of Cloud Auditing Knowledge (CCAK™) Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certificate of Cloud Auditing Knowledge (CCAK™).  The dates of this course are three consecutive Saturdays: October 22\, 29\, and November 5\, 2022 from 8:30 am to 5:00 PM. \nThe CCAK course is designed to cover the following five core areas of focus: Cloud governance\, Cloud compliance\, Cloud auditing\, Cloud assurance\, and CSA tools. The course will provide knowledge on cloud security assessment methods and techniques\, and will assist students in updating their expertise in cloud and hybrid security auditing. CCAK is a joint project by Cloud Security Alliance® and ISACA®. The CCAK is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program fills the gap in the market for technical education for cloud IT auditing. \nThis event is intended for anyone sitting for the CCAK Exam. Students are expected to have prepared for the exam prior to attending the course. \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \nRegistration closed on October 21\, 2022 @ 5pm. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nCourse Details \nAgenda \nMODULE 1 – Cloud Governance \n\n	Overview of governance\n	Cloud assurance\n	Cloud governance frameworks\n	Cloud risk management\n	Cloud governance tools\n\nMODULE 2 – Cloud Compliance Program \n\n	Designing a cloud compliance program\n	Building a cloud compliance program\n	Legal and regulatory requirements\n	Standards and security frameworks\n	Identifying controls and measuring effectiveness\n	CSA certification\, attestation and validation\n\nMODULE 3 – CCM and CAIQ Goals\, Objectives and Structure \n\n	CCM\n	CAIQ\n	Relationship to standards: mappings and gap analysis\n	Transition from CCM V3.0.1 to CCM V4\n\nMODULE 4 – A Threat Analysis Methodology for Cloud Using CCM \n\n	Definitions and purpose\n	Attack details and impacts\n	Mitigating controls and metrics\n	Use case\n\nMODULE 5 – Evaluating a Cloud Compliance Program \n\n	Evaluation approach\n	A governance perspective\n	Legal\, regulatory and standards perspectives\n	Risk perspectives\n	Services changes implications\n	The need for continuous assurance/continuous compliance\n\nMODULE 6 – Cloud Auditing \n\n	Audit characteristics\, criteria & principles\n	Auditing standards for cloud computing\n	Auditing an on-premises environment vs. cloud\n	Differences in assessing cloud services and cloud delivery models\n	Cloud audit building\, planning and execution\n\nMODULE 7 – CCM: Auditing Controls \n\n	CCM audit scoping guidance\n	CCM risk evaluation guide\n	CCM audit workbook\n	CCM an auditing example\n\nMODULE 8 – Continuous Assurance and Compliance \n\n	DevOps and DevSecOps\n	Auditing CI/CD pipelines\n	DevSecOps automation and maturity\n\nMODULE 9 – STAR Program \n\n	Standard for security and privacy\n	Open Certification Framework\n	STAR Registry\n	STAR Level 1\n	STAR Level 2\n	STAR Level 3\n\n  \nAbout the CCAK \nThe CCAK exam will be offered via Computer-Based Testing (CBT). \nRegistration for the CCAK exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CCAK and Exam Registration \n  \nCCAK Exam Preparation \nStudents who wish to do the exam should purchase the exam study guide here. The Q&A database is purchased here and is helpful for the exam revision. \n  \nInstructor \n \nSushila Nair\nVice President\, Security Portfolio @ NTT DATA Services\, NTT DATA\, Inc.\nCISSP CISM CRISC CISA \nSushila Nair is certified by ISACA International to teach the CCAK Exam Review Course and specializes in cybersecurity\, risk\, and audit services. Sushila Nair is the current Vice President of the Greater Washington\, D.C. ISACA Chapter and has presented at CACS\, BrightTALK\, Seguruinfo and many other international events.  Sushila has taught review courses for the GWDC and ISACA Global. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented virtually.  \n	The instructor will email students prior to the event with instructions and additional information. \n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 21 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objectives \n\n	Demonstrate key concepts of cloud governance and the role of assurance\, transparency and accountability in the cloud.\n	Explain cloud risk management and the application of cloud governance tools.\n	Devise the designing\, building and evaluating of a cloud compliance program based on laws\, regulations and regulatory standards.\n	Apply control objectives\, technical and process controls\, security metrics and relate them to cloud control frameworks\, certification\, attestation and authorisations.\n	Define and illustrate how to use the CSA Cloud Control Matrix and the CSA Top Threat Analysis Methodology.\n	Build and execute an audit plan that addresses cloud concerns by utilising the Cloud Control Matrix.\n	Discuss the impact of continuous assurance and auditing\, cloud automation\, native development and integration models on auditing and compliance .\n	Describe the role of the CSA STAR Program.\n\n  \nCPE-Related Details \n\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/ccak-2022-fall-review/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221021T093000
DTEND;TZID=America/New_York:20221021T170000
DTSTAMP:20221120T130813Z
CREATED:20220910T163238Z
LAST-MODIFIED:20221120T130813Z
UID:29463-1666344600-1666371600@isaca-gwdc.org
SUMMARY:Seminar - Introduction to Auditing with PowerShell® Part 1:  Overview and Basic Commands
DESCRIPTION:This one-day virtual seminar is designed for students who want to learn different ways that PowerShell can be used in performing audits. Students will learn the basics of PowerShell\, including commands to import\, view\, summarize\, and export data. Students will also be taught how PowerShell can be used to obtain data from Windows Event Logs\, Active Directory\, Azure Active Directory\, and other data sources. \nThis seminar is for any Auditor\, IT Auditor\, or Cybersecurity professional who want to incorporate PowerShell into their toolkits for accomplishing audits and projects. \nRegistration closed on October 20\, 2022 @ 12pm. Capacity is limited to 30 registrants. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nRelated Seminar \nIf this topic interests you\, the chapter is also offering an Introduction to Auditing with PowerShell Part 2: Objects and Scripting seminar. \n  \nSeminar Details \nSeminar Outline \n\n	Overview of PowerShell\n	Basics of Using PowerShell Commands\n	PowerShell Commands to Import\, Summarize\, View\, and Export CSV Data\n	Overview of Using PowerShell to Import Data from XML and Text Files\n	Overview of Using PowerShell to Import Data from Windows Event Logs\n	Overview of Using PowerShell to Import Data Word and Excel Files\n	Overview of Using PowerShell to Import Data from Active Directory\n	Overview of Using PowerShell to Import Data from Azure Active Directory\n	Practical Exercises\n\n  \nInstructor \n \nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 27 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 16+ years\, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development\, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls\n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nLearning Objective \nAfter completing this course\, students will have skills to use PowerShell to import\, summarize\, and output data. Students will also have an awareness of potential data sources that PowerShell can be used with. \n\nAdditional CPE-Related Details \n\n	Prerequisites: Students should be familiar with using Windows and using CSV files.\n	Advance Preparation: The instructor will provide materials in advance of the course that should be saved to the student’s computer. Students can follow along with the instructor in executing PowerShell commands during the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-fall-seminar-auditing-powershell-p1/
LOCATION:Virtual Event
CATEGORIES:Special Seminars
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221013T083000
DTEND;TZID=America/New_York:20221013T123000
DTSTAMP:20221120T130614Z
CREATED:20221006T214024Z
LAST-MODIFIED:20221120T130614Z
UID:29607-1665649800-1665664200@isaca-gwdc.org
SUMMARY:2022 Cybersecurity Conference
DESCRIPTION:The ISACA Greater Washington DC (GWDC) is proud to host the 2022 Cybersecurity conference. This seminar is part of our monthly sessions and is centered around the various important Cybersecurity topics such as\, Zero Trust\, Ransomware\, Hunting threats in Active Directory and Auditing Cybersecurity. \nBusiness leaders and managers\, executives\, technologists\, professionals\,  and students\, interested in staying current in the field of cybersecurity should attend this conference. \nRegistration closed on October 12\, 2022 @ 5pm. Participants can use the link below to access CPE Certificates\, feedback survey\, and presentations. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nConference Details \nAgenda \n8:30 – 9:30 Implement Zero Trust Principles in your Architecture \nPresenter: Adam Hesch (Amazon Web Services) \nZero trust has become a new industry buzzword\, but how do you actually implement it in your existing architecture today? In this session\, discover common architectural patterns for applications deployed on AWS and see how you can implement zero trust principles within them to improve your security outcomes. These examples will draw from common zero trust use cases (user\, device\, and system authentication and authorization) and technologies (software defined networks\, micro-segmentation\, policy enforcement points\, visibility\, and orchestration) to bring zero trust into your existing and future environments. \n  \n9:30 – 10:30 Threat Hunting with Windows Event Forwarding & MITRE ATTACK Framework \nPresenter: Gurvinder Singh \nIn this talk\, you will gain an overview of using Windows Event Forwarding (WEF) for incident detection\, with configuration and management workflows guidance. The talk will also provide an introduction to the MITRE ATT&CK Framework. \n  \n10:30 – 11:30 Bringing Active Directory back from Hell \nPresenter: Guido Grillenmeier \nThis session will cover what it’s like when your first gate of protection has already been broken through and you are trying to survive. The intruders are already in your network and have even compromised your Active Directory forest. It’s the story from a real-live IR-situation of how we recovered a middle-east company from an in-progress cyber-attack\, after their AD was already fully compromised. \n  \n11:30 – 12:30 Cybersecurity for Internal Auditors \nPresenter: Doug Murray & Raj Sawhney (Focal Point Data Risk) \nIn this presentation Doug Murray and Raj Sawhney provide IT Auditors and other IT Risk professionals guidance on how to conduct an effective Cybersecurity Audit. The IT Audit’s perspective as well as the CISO’s perspective is offered\, giving the attendees an opportunity to drive collaboration at their respective organizations. Tangible takeaways include how to apply the methodologies for Cybersecurity\, lessons learned from prior Cybersecurity reviews and the common pitfalls to avoid. The presentation is relevant for IT Risk professionals with limited knowledge of Cybersecurity or those with many years of experience looking to improve from practical experience. \n  \nPresenters \nAdam Hesch\nPrincipal Solutions Architect\, Amazon Web Services \nAdam is a Principal Solutions Architect supporting Federal Systems Integrators and Department of Defense customers with their migration to the cloud. He has spent the last year and a half working with federal customers on how to begin their Zero Trust journey on AWS and is currently the lead for the “Zero Trust Liftoff” team within AWS focused on helping customers meet federal zero trust related executive orders. \n  \nGurvinder Singh\nCyber Security & Privacy Leader\nCISSP\, CISA\, ITIL v3 \nGurvinder Singh is a Cybrary Instructor with Global Fortune 500 and 21 years of diversified industry experience. Gurvinder understands best practices\, information security architecture\, risk management\, compliance\, policy issues\, business continuity\, disaster recovery\, privacy\, governance\, prevention\, and countermeasure. Gurvinder has successfully communicated\, advised and managed global\, corporate-wide security issues and improved business processes. \n  \nGuido Grillenmeier\nChief Technologist @ Semperis \nGuido Grillenmeier is the Chief Technologist of Semperis. Based in Germany\, Guido has been a Microsoft MVP for Directory Services for 12 years. He spent 20+ years at HP/HPE as Chief Engineer. A frequent presenter at technology conferences and contributor to technical journals\, Guido is the co-author of Microsoft Windows Security Fundamentals. He’s helped various customers secure their Active Directory environments and supported their transition to Windows 10/m365 and Azure cloud services. \n  \nDoug Murray \nChief Information Security Officer (CISO)\, Global Cybersecurity\, Privacy and IT Audit Leader\nCISSP\, CISM\, CISA\, CRISC\, CDPSE \nAn experienced\, driven\, and accomplished Chief Information Security Officer and Leader\, with a wealth of experience while working for high-profile companies. Has extensive experience in information security\, data privacy\, IT risk\, and business continuity\, and is experienced in balancing strategic and execution requirements of enterprise information security programs which ensure confidentiality\, integrity\, and availability of data. A proven track record of success in transforming and maturing global information security organizations. \n  \nRaj Sawhney\nManaging Director\, IT and Internal Audit\, Cybersecurity and Business Process @ Focal Point Data Risk\nMSA\, MBA\, CISA\, CFE\, CCSIC\, CDPSE\, CIST\, CIMP\, CRISC\, CEH\, CISSP \nRaj Sawhney is a Managing Director in Focal Point Data Risk’s IT Audit and Advisory practice providing a variety of advisory solutions to companies in the Southern California region. Raj has led Internal Audit\, IT Audit and Cybersecurity engagements for large multi-national corporations utilizing a variety of industry best practices and domain specific guidance. Raj has Big-4 experience with KPMG and Deloitte Consulting\, and his international audit experience spans Germany\, China\, Singapore and India. Raj also brings a tremendous breadth and depth of IT Audit experience\, including SAP\, Oracle\, NetSuite\, Mainframe\, AS400\, PeopleSoft\, FiServ\, Unix\, Linux\, AWS and other cloud hosted applications. Raj has guided management in the remediation of significant issues around business process and I.T. including development of impactful audit reports\, SOX compliance and SOC certification programs. Raj is a regular speaker at audit & security conferences and completed his Masters in Computer Science and his M.B.A in Finance from UC Irvine. Raj also holds a CISA (Information Systems)\, CRISC (Risk and Controls)\, CIST (Information Security)\, CDPSE (Data Privacy)\, CCSK (Cloud security)\, CFE (Financial Fraud)\, and recently became a certified Cybersecurity Auditor. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls\n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After this conference\, attendees will have a better understanding of current trends in cybersecurity such as Zero Trust\, Ransomware\, Identify hidden threats in Active Directory and risk and controls around cybersecurity.\n	Prerequisites: None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-cybersecurity-conference/
LOCATION:Virtual Event
CATEGORIES:Special Seminars
ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220924T083000
DTEND;TZID=America/New_York:20221015T170000
DTSTAMP:20230213T211237Z
CREATED:20220827T201807Z
LAST-MODIFIED:20230213T211237Z
UID:29389-1664008200-1665853200@isaca-gwdc.org
SUMMARY:CISA® Fall 2022 Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 4-day virtual review course for the Certified Information System Auditor® (CISA®) exam.  This review course will provide practical advice on preparing for the CISA exam and specific instruction regarding the job practice areas addressed by CISA as defined by ISACA® Global. The dates of this course are four (4) consecutive Saturdays: September 24\, October 1\, 8\, and 15\, 2022 from 8:30 am to 5 pm eastern. \nThis event is intended for anyone sitting for the CISA Exam. Students are expected to have prepared for the exam prior to attending the course. \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \nRegistration closed on September 23\, 2022 @ 5pm. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nCourse Details \nAgenda \nDay 1  \n\n	Module 1 – The Process of Auditing Information Systems\n	Module 2 – Governance and Management of IT\n\nDay 2 \n\n	Module 3 – Information Systems Acquisition\, Development\, and Implementation\n\nDay 3  \n\n	Module 4 – Information Systems Operations\, Maintenance\, and Support\n\nDay 4  \n\n	Module 5 – Protection of Information Assets\n\n  \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISA exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISA Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISA Review Manual and the CISA Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n	CISA Review Manual\n	CISA Review Questions\, Answers & Explanations Manual\n	CISA Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISA page as part of their study program.  \n  \nInstructors \n\n \n\n\nJim Wiggins\n \nJim has over 25 years direct experience in the design\, operations\, management\, and auditing of information technology systems\, with the past 20 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients. \nToday\, Jim is the founder and executive director of the Federal IT Security Institute (FITSI). FITSI is a 501c6 non-profit\, certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024. FITSI provides a role-based IT security certification program targeted at the federal workforce. \nJim is also the executive director of the FITSI Foundation. The FITSI Foundation is 501c3 public charity that runs the Wounded Warrior Cyber Combat Academy (W2CCA). \nAdditionally\, Jim provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Agency (CISA) inside of the Department of Homeland Security (DHS). \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make in the federal workforce. \nIn 2019\, FCW Named Jim to the “Federal 100” for his work to tirelessly promote cybersecurity education across all branches of the federal government. \nJim holds the following IA/IT security certifications: CISSP\,ISSEP\, CISM\, CISA\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n  \n\n\n \n\n\nTyler Harding \nSenior Manager\, Amazon Supply Chain \nCPA\, CISA\, CISM\, CISSP\, CAP\, GGEIT\, FITSP:A\, FITSP:M \nTyler Harding is a Senior Manager and leads a commercial and DoD compliance program at Amazon Supply Chain (supplychain.amazon.com). The Compliance team’s goal is to earn customer’s trust and maintain compliance with multiple information security certifications such as ISO 27001\, AICPA SOC 2\, HiTRUST\, and NIST SP 800-171. Prior to his role at Amazon Supply Chain\, Tyler was the DoD Security and Compliance Manager for AWS and led efforts to accredit AWS cloud services to Impact Levels 4 and 5 under DoD’s Cloud Computing Security Requirements Guide (CC SRG). \nBefore joining Amazon in 2019\, Tyler spent over 20+ years in public accounting firms such as PWC\, KPMG\, and Kearney & Company in their respective IT audit practices and led engagement teams through many SOC 1\, FISMA\, and financial statement audits. \nAs a recovering IT auditor\, Tyler now enjoys his Summers and Falls swimming\, cycling\, and playing an occasional round of golf! Tyler has also supported the ISACA Greater Washington D.C. Chapter for over 20 years by teaching CISA\, CISM\, and CGEIT review courses. \n\n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented virtually.  \n	The instructor will email students prior to the event with instructions and additional information. \n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 32 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing the course\, students will be prepared to sit for the CISA exam.\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/cisa-fall-2022-review-course/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220922T083000
DTEND;TZID=America/New_York:20220922T123000
DTSTAMP:20221120T131736Z
CREATED:20220916T145238Z
LAST-MODIFIED:20221120T131736Z
UID:29481-1663835400-1663849800@isaca-gwdc.org
SUMMARY:2022 Cloud Implementation and Security Conference
DESCRIPTION:The ISACA Greater Washington DC (GWDC) is proud to host the Cloud Implementation and Security virtual conference. This conference is part of our monthly events and is centered around the introduction of Cloud auditing\, security in the Cloud\, implementing Cloud Center of Excellence\, and introduction to the latest Cloud audit certification. \nCloud security and enablement professionals\, IT advisory or audit professionals\, business executives\, cybersecurity professionals\, students or professionals interested in learning more about cloud in the public sector space should attend this conference. \nRegistration closed on September 21\, 2022 @ 5pm. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nConference Details \nAgenda \n8:30 – 9:30 Cloud Security Overview and Best Practices \nPresenter: Don Mann (Arctic Wolf) \nThis presentation will provide an overview of Cloud Security. We will discuss some of the unique considerations of Cloud Security when moving from on-premises. We will review some core best practices and some consumable tips on how to evaluate or improve your cloud security. \n  \n9:30 – 10:30 Introduction to the Certificate of Cloud Auditing Knowledge (CCAK) \nPresenter: Sushila Nair (NTT DATA) \nThe Certificate of Cloud Auditing Knowledge (CCAK) is the first-ever\, technical\, vendor-neutral credential for cloud auditing. This certificate fills a gap in the industry for competent technical professionals who can help organizations mitigate risks and optimize ROI in the cloud. \n  \n10:30 – 11:30 Implementation of Cloud Center of Excellence \nPresenter: Aimee Bechtle (Amazon Web Services) \nCloud Centers of Excellence (CCoE) are critical to successful\, sustained cloud adoptions at-scale. In this talk Aimee Bechtle will describe why and when a CCoE is needed and the mechanisms that maximize and amplify a cloud adoption. \n  \n11:30 – 12:30 The Problem of Siloed Identities for Security and Compliance \nPresenter: Garret Grajek (YouAttest) \nThis presentation will overview how a proper access review should be conducted including the challenges and best practices to tying the “Siloed Resources” to the IS0R (identity store of record). The key is to map identified siloed resources to the DEFINED and managed:groups/roles” in the ISoR. \n  \nPresenters \nDon Mann\nSenior Systems Engineer\, Arctic Wolf \nDon has been in the IT industry for over 25 years. He worked as an IT professional in the USAF as well as biotech\, and then spent time consulting with customers at a technology reseller. Most recently he spent the last 3 years working for Amazon Web Services before joining Arctic Wolf\, a security operations cloud provider. \n  \nSushila Nair\nVice President\, Security Portfolio @ NTT DATA Services\, NTT DATA\, Inc.\nCISSP CISM CRISC CISA \nSushila Nair specializes in cybersecurity\, risk\, and audit services. Sushila Nair is the Vice President of the Greater Washington\, D.C. ISACA Chapter and has presented at CACS\, BrightTALK\, Seguruinfo and many other international events.  She has taught several review courses\, including the CCAK review course\, for the GWDC chapter and ISACA Global.  \n  \nAimee Bechtle\nSolutions Architecture Leader \, Amazon Web Services  \nAimee leads AWS Solutions Architecture for Enterprise Engaged customers in the Mid-Atlantic and Carolinas. Her experience is in leading large organizations to adopt agile\, DevOps\, product and the public cloud. She specializes in building high performing product teams using modern application architectures and technical practices. Aimee has been at AWS since December of 2020. Prior to joining AWS Aimee spent 16 years as a Software Systems Engineer at The MITRE Corporation\, 4 years leading DevOps transformations and cloud adoption at Capital One\, and 1 year as the Head of DevOps and Cloud Centers of Excellence at S&P Global in the Market Intelligence division. Aimee has her B.S. in Management Science – Decision Support Systems from Virginia Tech and a M.S. in Systems Engineering from Johns Hopkins University. She lives in Vienna\, VA with her husband\, four children and two dogs. \n  \nGarret Grajek\nChief Executive Officer\, YouAttest\nCEH\, CISSP \nGarret Grajek is a certified security engineer and product builder. Garret has 25+ years of IT Security product creation. He has 13 U.S. patents for information security products (focus: Application SSO\, 2FA\, Identity Assurance\, Continuous Authentication\, AI and Blockchain). Garret has specialized in creating secureIT products for markets in the Financial\, Health Care\, Federal\, State\, Education and other regulated arenas. Products Garret has created resulted in multiple awards\, Gartner ranking\, and sold to over 500 customers resulting in $200M+ in revenue. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls\n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org. \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After this conference\, attendees will have a better understanding of the the process of implementing Cloud Center of Excellence and securing and audit Cloud environment in their organization.\n	Prerequisites: None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-cloud-conference/
LOCATION:Virtual Event
CATEGORIES:Special Seminars
ORGANIZER;CN="Avneet Sabharwal":MAILTO:programs@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220910T083000
DTEND;TZID=America/New_York:20220924T163000
DTSTAMP:20230213T211323Z
CREATED:20220827T103531Z
LAST-MODIFIED:20230213T211323Z
UID:29320-1662798600-1664037000@isaca-gwdc.org
SUMMARY:CISM® Fall 2022 Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 3-day virtual review course for the Certified Information Security Manager® (CISM) Exam. The CISM® review course will provide practical advice on preparing for the CISM exam and specific instruction regarding the job practice areas addressed by CISM as defined by ISACA® Global. The dates of this course are three (3) consecutive Saturdays from September 10\, 17\, and 24\, 2022 from 8:30 am to 4:30pm Eastern. \nThis event is intended for anyone sitting for the CISM Exam. Students are expected to have prepared for the exam prior to attending the course. \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \nRegistration closed on September 9 @ 5pm. Participants can use the link below to access CPE Certificates\, feedback survey\, and presentations. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nCourse Details \nAgenda \nDay 1  \n\n	Module 1 – Information Security Governance\n	Module 2 – Information Security Risk Management\n\nDay 2 \n\n	Module 3 – Information Security Program\n	Module 4 – Incident Management\n\nDay 3  \n\n	Module 5 – Exam Preparation Strategies\n\n  \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISM exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISM Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISM Review Manual and the CISM Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n	CISM Review Manual\n	CISM Review Questions\, Answers & Explanations Manual\n	CISM Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISM page as part of their study program.  \n  \nInstructor \n \nJim Wiggins\n \nJim has over 25 years direct experience in the design\, operations\, management\, and auditing of information technology systems\, with the past 20 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients. \nToday\, Jim is the founder and executive director of the Federal IT Security Institute (FITSI). FITSI is a 501c6 non-profit\, certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024. FITSI provides a role-based IT security certification program targeted at the federal workforce. \nJim is also the executive director of the FITSI Foundation. The FITSI Foundation is 501c3 public charity that runs the Wounded Warrior Cyber Combat Academy (W2CCA). \nAdditionally\, Jim provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Agency (CISA) inside of the Department of Homeland Security (DHS). \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make in the federal workforce. \nIn 2019\, FCW Named Jim to the “Federal 100” for his work to tirelessly promote cybersecurity education across all branches of the federal government. \nJim holds the following IA/IT security certifications: CISSP\,ISSEP\, CISM\, CISA\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented online through Microsoft Teams.  \n	The instructor will email students prior to the event with instructions and additional information. \n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 24 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing the course\, students will be prepared to sit for the CISM exam.\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-cism-fall-review/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220818T083000
DTEND;TZID=America/New_York:20220818T123000
DTSTAMP:20221226T142522Z
CREATED:20220701T100158Z
LAST-MODIFIED:20221226T142522Z
UID:29242-1660811400-1660825800@isaca-gwdc.org
SUMMARY:Summer Seminar - Shifting to High Value Work Through Technology
DESCRIPTION:    \nTechnology continues to evolve advancing operational efficiency by enabling personnel to focus on high value work and deliver outputs of higher quality and in a more expedient manner.  Join ISACA Greater Washington DC and Guidehouse for its summer seminar on Shifting to High Value Work Through Technology. \nIT program managers and professionals\, information system functional users and business owners\, business executives\, students or professionals interested in adopting emerging technologies to enhance operational efficiencies of organizations should attend this event. \nRegistration closed on August 17th @ 5PM. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nConference Details \nAgenda \n08:30 – 9:30 – Machine Learning Adoption to Fight Financial Crime \nPresenters: Salvatore LaScala and Tim Mueller (Guidehouse) \n“The adoption of machine learning (ML) in fighting financial crime will likely explode as technology solutions become more effective and efficient-driven by work-stream prioritization\, product maturity\, and refinement of implementation processes.” \nThis was the key takeaway from a global survey conducted in 2020\, “The Evolving Role of ML in Fighting Financial Crime\,” conducted by Guidehouse and Compliance Week\, in partnership with the International Compliance Association. While survey responses demonstrated similarities between US and Europe (UK/EU) organisations\, our analysis also identified notable differences among participants in both regions. This article examines key areas where European survey responses deviated from those by US or global participants. This should be of particular interest to European organisations wishing to benchmark maturity against both global and European peers. \n  \n 09:30 – 10:30 – Leading Practices: Agency Acquisition Policies Could Better Implement Key Product Development Principles \nPresenters: Chris Durbin and Brian Smith (Government Accountability Office) \nLeading commercial companies\, such as Amazon and SpaceX\, take a disciplined approach to develop innovative products that satisfy their customers’ needs. This approach allows leading companies to deliver their products to market on time and within planned costs.\nUnlike private companies\, federal agencies don’t have to focus on profit margins and return on investments. But\, they are charged with ensuring that taxpayers get the best return on their dollars. And despite environmental differences\, GAO has long found that agencies can still benefit from leading companies’ disciplined approaches to developing and delivering products.\nIn a new report\, GAO looked at how some of the federal government’s biggest spenders-the Departments of Defense and Homeland Security and NASA-invest billions of dollars to buy things like stealth jets\, silent subs\, and lunar rovers\, all with complex software. \n  \n10:30 – 11:30 – GovTech Maturity Index \nPresenter: Cem Dener and Kimberly Johns (World Bank) \nGovernments have been using technology to modernize the public sector for decades. The World Bank Group (WBG) has been a partner in this process\, providing both financing and technical assistance to facilitate countries’ digital transformation journeys since the 1980s. The WBG launched the GovTech Initiative in 2019 to support the latest generation of these reforms. Over the past five years\, developing countries have increasingly requested WBG support to design even more advanced digital transformation programs. These programs will help to increase government efficiency and improve the access to and the quality-of-service delivery\, provide more government-to-citizen and government-to-business communications\, enhance transparency and reduce corruption\, improve governance and oversight\, and modernize core government operations. The GovTech Initiative appropriately responds to this growing demand. The GovTech Maturity Index (GTMI) measures the key aspects of four GovTech focus areas-supporting core government systems\, enhancing service delivery\, mainstreaming citizen engagement\, and fostering GovTech enablers-and assists advisers and practitioners in the design of new digital transformation projects. \n  \n11:30 – 12:00 – Process Automation: An Untapped Opportunity for Government Agencies  \nPresenter: Caitlin McGurn and Ranyah Salous (Guidehouse) \nGovernment and public sector organizations today are under constant pressure to generate more value\, enhance their operational efficiencies\, and attract and retain skilled employees-all while facing increasing levels of risk and public scrutiny. \nWithin such a dynamic environment\, leveraging automation is key to transforming an organization’s operating model. The challenge is that implementing and monitoring controlled\, automated processes can be complex\, costly\, and require specialized resources. Many organizations perceive developing automated processes as “a moving target” requiring constant improvements and new emerging technologies. \nConversely\, this presents the opportunity for organizations to apply custom\, targeted solutions focused solely on their needs with the help of a team experienced in implementing such bespoke solutions. \nIn 2020\, FedScoop surveyed federal and state government IT\, business\, and program executives on their organization’s automation environment maturity. A large majority of respondents to this survey foresee considerable value in using automation-with 48% of respondents reporting already-implemented tools have saved them 5\,000 to 100\,000+ hours of work\, allowing their staff to focus on higher-impact efforts. \n  \n12:00 – 12:30 – General Services Administration (GSA) Robotic Process Automation Program  \nPresenters: Anthony Cavallo and Brian Mooers (General Services Administration) \nThe GSA established a centralized RPA program and have deployed automations in nearly all business lines and mission support offices including real estate\, acquisition\, finance\, HR\, IT\, and administrative services. Within three years of program initiation\, GSA RPA PMO deployed 101 cumulative bots using a streamlined RPA Factory approach. By the end of FY 21\, the GSA RPA PMO delivered over 300\,000 annualized hours of capacity\, averaging over 3\,000 hours per bot. The PMO trained\, developed\, and redeployed existing CFO employees in RPA development and integrated process redesign and improvement capabilities including process mapping\, reengineering\, future state planning\, and performance measurement into RPA projects. \n  \nPresenters \nSalvatore LaScala\nHead of Global Investigations and Compliance Practice\, Guidehouse \nSalvatore LaScala is a partner and head of Guidehouse’s Global Investigations and Compliance practice. Possessing a broad range of subject matter knowledge and expertise\, Salvatore applies his 20+ years of hands-on experience to conduct investigations and compliance reviews on behalf of financial institution clients responding to regulatory or law enforcement matters concerning anti-money laundering (AML)\, Bank Secrecy Act (BSA)\, USA PATRIOT Act and Office of Foreign Assets Control (OFAC). \n  \nTim Mueller\nPartner\, Guidehouse \nTim Mueller\, with extensive experience in process transformation and technology implementation is the Financial Services (FS) Segment Technology Leader. In addition to Tim’s broad FS leadership role\, he is also a member of the Financial Crimes practice. He leads the technology and data analytics team which focuses on assisting clients with selection\, implementation and review of fraud\, anti-money laundering (AML) and sanctions screening technology platforms. His team works with clients to: incorporate machine learning and artificial intelligence into current financial crime platforms; evaluate systems governance; review risk coverage for transaction monitoring detection scenarios and sanctions name matching algorithms; perform system tuning to maximize effectiveness while minimizing false positives; perform model validation projects; and\, support data handling and analytics for large scale file and transaction reviews. Recent projects have involved assisting both regulators and financial institutions with providing the information technology functionality necessary to identify potential financial crime\, and to comply with BSA/AML requirements. \n  \nChris Durbin\nAssistant Director\, Government Accountability Office \nChris Durbin is an assistant director in the U.S. Government Accountability Office’s (GAO) Contracting and National Security Acquisitions team. He has 19 years of experience evaluating Department of Defense (DOD) acquisition programs\, policies\, and culture. He has previously overseen GAO’s annual assessments of execution risks and performance in over 80 major weapons acquisition programs. He has also overseen defense science and technology reviews on topics that included leading practices in innovation investments and management\, laboratory governance\, and industry independent research and development. Currently\, he is overseeing new work evaluating DOD’s middle tier of acquisition pathway as well as follow-on work related to his team’s March 2022 report on key principles for product development. \n  \nBrian Smith\nSenior Analyst\, Government Accountability Office \nBrian Smith is a senior analyst in the U.S. Government Accountability Office’s (GAO) Contracting and National Security Acquisitions team. For the last six years\, he has worked on reviews related to the Department of Defense’s science & technology efforts\, including best practices in innovation investments and management\, laboratory governance\, and industry independent research and development\, as well as GAO’s efforts to refresh its leading practices methodology used to assess DOD\, DHS\, and NASA acquisitions. \n  \nCem Dener\nLead Governance Specialist\, Information Systems & Chair\, FMIS Community of Practice\, Governance\, World Bank \nCem Dener is currently the Chair of Financial Management Information Systems Community of Practice (FMIS CoP) in the Governance Global Practice (GGP) of the World Bank. Dr. Dener made significant\, original contributions to Public Financial Management (PFM) and e-Government reform programs in more than 40 countries over the past two decades by providing strategic advisory and hands on support for building effective and transparent digital solutions. He led the establishment of the FMIS CoP in 2010 to exchange knowledge and experiences and disseminate good practices\, and develop leading edge knowledge products based on new datasets. He has extensive system design and application development experience gained in private and public sector projects\, as well as in academic studies\, prior to the World Bank. \n  \nKimberly Johns\nSenior Public Sector Specialist\, World Bank \nKimberly Johns is a senior public sector specialist and global lead for Govtech in the World Bank’s Governance Global Practice. Her work focuses on whole of government digital transformation\, digital governance\, service delivery and citizen engagement. She has over 15 years of experience working on topics of technology and solutions development\, institutional and policy reform in Africa\, Europe\, and the Middle East and has contributed to a number of reports targeting governance issues including administrative burden\, accountability and corruption. Kimberly holds a Ph.D. in Public Administration (specializing in Science\, Technology and Information Policy and Research Methods) from the University of Illinois at Chicago and a Master of Science in Public Service Management from DePaul University. \n  \nCaitlin McGurn\nPartner\, Guidehouse \nCaitlin McGurn is a partner focusing on financial management\, risk management\, strategic planning\, project management\, business transformation and asset management and disposition. At Guidehouse\, Caitlin works on clients in the area of financial services\, including the U.S. Department of Education\, National Credit Union Administration and the U.S. Department of Treasury. Caitlin has more than 15 years of experience and joined PwC as an assurance intern in Boston. She has worked in multiple areas\, including commercial assurance\, systems and process assurance and advisory consulting. Caitlin has supported clients in an advisory capacity across both the commercial and public sectors. \n  \nAnthony Cavallo\nRobotic Process Automation Program Director\, General Services Administration \nAnthony Cavallo is the lead robotic process automation (RPA) developer for the Robotic Process Automation Division in the GSA Office of the Chief Financial Officer\, which has launched more than 50 automations. No stranger to automation\, Anthony has been automating processes throughout his career\, primarily through financial reporting. Anthony has created and managed key business intelligence tools within OCFO that are used to automate reports\, dashboards\, and visualizations. \n  \nBrian Mooers\nSenior Analyst\, General Services Administration \nBrian Mooers is a full-time Lean Six Sigma Black Belt and is currently a member of the General Services Administration’s Robotics Process Automation Project Management Office (PMO). As a senior analyst\, he works with customers to identify processes for automation and then helps document and optimize the processes before moving projects to the development stage. Brian holds a master’s degree in information technology\, specializing in database systems from the University of Maryland\, College Park\, and is currently working on his master’s in business administration from Virginia Tech. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented through Zoom.  Each registrant will receive a personalized Zoom link by email prior to the event.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nPresentations \nAny presentations made available by the presenters will be emailed to the event participants.   \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event and respond to polling questions to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing this event\, students will have a better understanding of the latest trends and current topics for adopting emerging technologies to enhance operational efficiencies of organizations.\n	Prerequisites:  None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Group-Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-summer-seminar-shifting-to-high-value-work-through-technology/
LOCATION:Virtual Event
ORGANIZER;CN="Jose Torres":MAILTO:programs@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220721T083000
DTEND;TZID=America/New_York:20220721T123000
DTSTAMP:20221122T190105Z
CREATED:20220701T100135Z
LAST-MODIFIED:20221122T190105Z
UID:29238-1658392200-1658406600@isaca-gwdc.org
SUMMARY:Summer Seminar - Hardening IT Security Posture
DESCRIPTION:    \nOrganizations face complex security challenges and need to prepare in addressing current and future technology risks\, protect their operations and sensitive data\, and comply with regulatory requirements. Join ISACA Greater Washington DC and Guidehouse for its summer seminar on Hardening IT Security Posture.  \nIT program managers\, cybersecurity professionals\, IT audit professionals\, business executives\, students or professionals interested in learning about enhancing IT security posture of organizations should attend this event. \nRegistration closed on July 20th @ 5PM. Participants can use the link below to access CPE Certificates\, feedback survey\, and presentations (if available). Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nConference Details \nSessions \nAdopting Zero Trust to Align with Cybersecurity Executive Order \nPresenters: Amanda Kane and Christine Owen (Guidehouse) \nRecent cybersecurity breaches are evidence of the need for contextual authentication and authorization to protect mission-critical technology components. Zero Trust Architecture (ZTA) meets this need by unifying security tools from multiple security domains to create an active security posture within a network’s perimeter. \nThe integration of strong identity and access management (IAM) principles is the underlying foundation that must be present for a well-built ZTA. Agencies are in different stages of migrating to ZTA-from researching to preparing their systems to remove the traditional perimeter. However\, agencies have found difficulty with procurement and deployment of the right tools due to a variety of issues\, including lack of funding\, reliance on legacy systems\, or even inability to properly staff migration projects. These setbacks are slowing the necessary preparation for emerging cyber threats and accruing technical debt in the process. \n  \nFedRAMP Strategic Initiatives \nPresenter:  Brian Conrad (GSA FedRAMP) \nFedRAMP has seen an incredible increase in the adoption of the program\, which is marked by both an increase in agency participation and reuse of authorizations. Brian Conrad\, FedRAMP’s Acting Director\, will highlight FedRAMP’s growth and the program’s FY21 focus on strategic initiatives – like automation and a threat-based authorization approach – to transform FedRAMP\, with a focus on continued partnerships with stakeholders.   In addition\, Brian will also touch on the high-level updates that were made to the draft Authorization Boundary Guidance which is currently open for public comment. \n  \nCybersecurity Maturity Model Certification (CMMC) Updates \nPresenter:  Stacy Bostjanick (Department of Defense) \nThe Department of Defense migrated to its new Cybersecurity Maturity Model Certification (CMMC) framework to assess and enhance the cybersecurity posture of the Defense Industrial Base. The CMMC will encompass multiple maturity levels that ranges from “Basic Cybersecurity Hygiene” to Advanced/Progressive”. The intent is to incorporate CMMC into Defense Federal Acquisition Regulation Supplement (DFARS) and use it as a requirement for contract award. Ms. Stacy Bostjanick of Under Secretary of Defense (OUSD) for Acquisition and Sustainment (A&S) will provide greater insights on CMMC and how it furthers secure the DoD Supply Chain. \n  \nRansomware in Healthcare \nPresenter:  Phil Boone (Guidehouse) \nData has shown ransomware attacks targeting healthcare organizations have skyrocketed amid the pandemic and will only increase due to a myriad of factors. Guidehouse has delivered cybersecurity solutions to federal agencies including CMS\, NIH\, and CDC to proactively mitigate risks that could be exploited to install ransomware. This session will provide examples of how healthcare organizations have implemented cybersecurity measures to decrease the likelihood of becoming a ransomware victim. \n  \nSecuring Healthcare Data in the Cloud \nPresenter:  Sarah Groves (Guidehouse) \nAs more and more healthcare organizations transition to the cloud\, attackers are finding it increasingly valuable to target and exploit Cloud Service Providers (CSPs) to access sensitive information\, such as Protected Health Information (PHI) . Organizations may think most of their security responsibility is transferred to the CSP once they have transitioned to the cloud\, but their work is just beginning.  This session will provide examples of how organizations can help prevent an attack and remain compliant once they have migrated their healthcare systems to the cloud and how Guidehouse has delivered solutions to clients that have helped defend them from cloud attacks. \n  \nPresenters \nAmanda Kane\nCybersecurity Director\, Guidehouse \nAmanda Kane leads the Identity and Access Management (IAM) offering within the Advanced Solutions Cybersecurity Solutions Team. Amanda works with clients so that the right people\, have the right access\, to the right resources\, for the right reasons. By taking an identity-centric approach\, Amanda works supports clients in establishing IAM strategies\, creating IAM solution roadmaps\, and implementing IAM technical solutions in the areas of: identity governance\, credentialing solutions\, privileged access management\, logical access control systems\, and physical access control systems. \n  \nChristine Owen\nCybersecurity Director\, Guidehouse \nChristine is a recovering attorney who found solace in identity and access management (IAM) consulting. She is interested in securing people\, things\, applications\, devices\, and the cloud using IAM principles. Christine is one of the leaders of the Identity and Access Management Team within the Cybersecurity Team at Guidehouse. She currently oversees and manages a substantial (20+) team comprised of multiple companies and contracts to provide enterprise IAM solutions to a large Federal agency. \n  \nBrian Conrad\nActing Director and Program Manager for Cybersecurity\, GSA FedRAMP \nBrian Conrad joined the FedRAMP team in December 2018\, bringing with him a wealth of technical knowledge and leadership experience. Prior to joining GSA\, Brian served for 21 years in the United States Marine Corps\, gaining experience in leadership\, telecommunications/IT\, government acquisition\, and project management. At GSA\, Brian leads efforts associated with formulating and facilitating FedRAMP’s overall strategic initiatives and future goals. Additionally\, Brian works hand-in-hand with government and industry\, developing an understanding of emerging technology and innovation. Finally\, in the short term\, Brian will be supporting Joint Authorization Board efforts by leading on-going assessment and authorization activities. Brian holds an M.S. in Information Technology Management from the U.S. Naval Postgraduate School\, a B.A. in History with a minor in Economics from the University of Memphis\, and various industry certifications. \n  \nStacy Bostjanick\nDirector of Cybersecurity Maturity Model Certification Policy\, DoD OUSD A&S \nStacy Bostjanick is currently serving as the OUSD A&S\, Director of Cybersecurity Maturity Model Certification (CMMC) Policy. In this role\, she is responsible for managing the initiation of the CMMC program and is responsible for establishing all Policy and Procedures regarding the CMMC. Previously\, she served as the DIA\, Head of Contracting Activity in which she was responsible for planning\, managing\, directing\, and accomplishing the total DIA procurement program. Ms. Bostjanick has also worked as a Senior Contracting Officer for the Missile Defense Agency on the Standard Missile 3 Block IA and IB development and production program. She was responsible for cradle-to-grave execution of over $5 billion of highly-complex\, cutting-edge contracts for our nation’s missile defense systems. \n  \nPhil Boone\nManaging Consultant\, Guidehouse \nPhil Boone is a Managing Consultant at Guidehouse and has more than twelve years of experience providing cybersecurity and risk management consulting services to Federal government\, healthcare\, and state and local government clients. His areas of expertise include security assessments\, technical assurance\, and security program development. Prior to joining Guidehouse\, Phil provided M&A cyber due diligence services to large health systems in the U.S. He holds a Bachelor of Science degree in Business Information Technology from the Virginia Polytechnic Institute and State University – Pamplin College of Business and is a Certified Information Systems Auditor (CISA). \n  \nSarah Groves\nAssociate Director\, Guidehouse \nSarah Groves is an Associate Director at Guidehouse with more than ten years of experience providing cybersecurity consulting services to both public and private sector clients. Her range of experience includes advising clients on cyber audit preparation and remediation\, cybersecurity strategy\, and cloud security. Ms. Groves has led and managed teams providing large-scale security control reviews and remediation advisory support. She holds her Masters in Information Management Systems from Harvard University Extension School and her Bachelors in Computer Information Systems from James Madison University. \n  \nAdditional Details \nVirtual Event Information \n\n	This event will be presented through Zoom.  Each registrant will receive a personalized Zoom link by email prior to the event.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	The ISACA Greater Washington\, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.\n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 4 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing this event\, students will have a better understanding of the latest risks and current topics on hardening an organization’s IT security posture.\n	Prerequisites:  None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Group-Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-summer-seminar-hardening-it-security-posture/
LOCATION:Virtual Event
ORGANIZER;CN="Jose Torres":MAILTO:programs@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220615T083000
DTEND;TZID=America/New_York:20220615T163000
DTSTAMP:20221122T200805Z
CREATED:20220515T192445Z
LAST-MODIFIED:20221122T200805Z
UID:29141-1655281800-1655310600@isaca-gwdc.org
SUMMARY:2022 Annual Meeting
DESCRIPTION:The ISACA® GWDC Annual Meeting is the Chapter’s premium event for the year. The AGM provides training and networking opportunities for all attendees and the opportunity for GWDC members to learn about the Chapter’s health\, achievements\, plans\, and other important matters. Presentations and panels focus on emerging technologies\, risk vectors\, mitigation strategies\, and governance trends. Topics are aimed equally at participants focused on the Government and Private sectors. All our sessions are designed to increase your understanding of current topics and hone your professional skills by learning directly from leading practitioner in their fields.  \nFor 2022\, we have a great program at a great venue since we are again at a point where in-person events are possible. For the convenience of all our members\, we will make the Chapter’s business session\, the Annual General Meeting (AGM) of the Membership\, available to them on-line.  \nIT advisory and audit professionals serving the Government and Private sectors\, particularly practitioners credentialed in technology risk management\, governance\, audit\, cloud\, architecture\, cybersecurity\, and privacy should attend this event. \nA networking social immediately follows the Annual Meeting at the same location.  No separate registration is required. \n  \nRegistration \nIn-Person Registration \nThe GWDC Annual Meeting is being held in-person this year.  Please use the link below to register for the full-day\, in-person conference. \nRegistration ended on June 14\, 2022 at 6PM. Participants can use the link below to access CPE Certificates\, feedback survey\, and presentations. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nOnline Registration for AGM Session \nWe’ve listened to feedback from membership who have expressed interest in attending the annual meeting but could not commit to an entire day for the conference. We are pleased to offer the business session of the meeting\, the Annual General Meeting (AGM) of the Membership\, free to all GWDC members on Zoom.  During this session\, the Chapter President will cover changes to GWDC Bylaws\, introduction of new GWDC Officers\, and presentation of the 2022 V. Lee Conyers Award. \nThe AGM Zoom will be held from 10:15 AM to 11:00 AM.  The Zoom is only available to GWDC members who cannot attend the conference.  The Zoom does not include the conference presentations. \nPlease note: Only one registration is required.  If you attend in-person\, you do not need to separately register for the AGM. \nRegistration has closed for this session. \n  \nLocation Information \nVenue \nThe Annual Meeting will be held at the: \nHyatt Regency Washington on Capitol Hill\nColumbia A&B\n400 New Jersey Avenue\nNW Washington D.C. 20001  \n  \nParking and Metro \nMetro:  The nearest Metro station is Union Station. \nParking: Parking is available at the hotel and in various adjacent parking garages. Street parking is very limited. \n  \nConference Details \nAgenda \n8:15 AM – 8:25 AM – Opening Remarks \n  \n8:30 AM – 9:20 AM – Session 1: Making Your Job Easier and Your Organization More Secure \nPresenter: Brian Barnier (CyberTheory Institute) \nIs cybersecurity a linear stable system or a complex dynamic and adversarial system? This session draws upon a century’s worth of proven and practical methods – much funded by the U.S. government – in war and peace. These methods come from critical\, systems\, and industrial strength/design disciplines. The same methods that have powered American innovation — railroad system\, telephone system\, automobile assembly lines\, WWI logistics\, aviation safety\, consumer electronics\, Covid logistics\, and kinetic warfare. Unlocking that “profound knowledge” will lead us to greater security with far less time and effort. \n  \n9:25 AM- 10:15 AM – Session 2: Fireside chat – Innovating in government with critical thinking\, systems thinking and design thinking \nPresenters: Brian Barnier (CyberTheory Institute) and Mark A. Forman (OMB) \nInnovation brings us products and experiences that delight and amaze us. In government\, wide ranging applications of critical\, systems and design thinking are innovating from military special forces to Education to FBI to DHS to FEMA to National Institutes of Health to NASA to Labor to Veterans Health Affairs to NIST to NTSB to CSB to EPA to Agriculture to CDC to CISA. Yet of the innovative thinking in so many agencies – including cyber security and warfare — why are agencies rarely successful in delivering such initiatives? What are the barriers and how can those barriers to removed or at least lowered? Join in our conversation to advance cybersecurity in government and improve your own career satisfaction and work-life balance. \n  \n10:15 AM – 11:00 AM – AGM Session: Annual General Meeting of the Chapter Membership \nPresenter: Alok Kakker\, ISACA Greater Washington D.C. Chapter President \nThe Chapter President will give an update on the chapter’s Strategy\, Goals\, Financials\, Membership and key milestones. Also\, the President will provide changes to GWDC Bylaws\, recognizing the current board of directors and an introduction of new GWDC Officers. In the end there will be a presentation of the Chapter Awards.  \n  \n11:05 AM – 11:55 AM – Session 3: K-12 Cybersecurity Overview \nPresenter: VJ Rao (Fairfax County Public Schools) \nUnderstanding the school system\, the data used and protected and Cybersecurity challenges and overview.  \n  \n12:00 PM – 1:00 PM – Lunch \n  \n1:00 PM – 1:50 PM – Session 4: The Power of Collaboration to Improve Safety and Productivity \nPresenter: Christopher A. Hart (Hart Solutions) \nMany potentially hazardous industries involve systems that consist of a complex array of coupled and interconnected subsystems that must work together effectively in order for the entire system to perform successfully. One of the major challenges in improving safety and reliability in such systems is that\, because the subsystems are coupled\, changes in any one subsystem can affect some or all of the other subsystems\, often in ways that are not linear or predictable\, which can generate unintended consequences. “System Think” refers to an awareness of the impacts throughout a complex dynamic system of changes in any of its subsystems. \nThe commercial aviation industry is using a voluntary government/industry collaborative approach known as CAST\, the Commercial Aviation Safety Team\, to accomplish System Think – bringing all of the key participants of the industry to the table together to work collaboratively to identify and address potential airline operational safety risks. \nThe CAST collaborative approach has been enormously successful. When the previously declining fatal accident rate had begun to “plateau” in the early 1990s\, at a rate that many safety experts thought could not be improved much\, CAST generated a reduction of more than 80% in the rate in less than 10 years. CAST outcomes were not only much more effective and efficient than regulations\, they were implemented much more rapidly\, with everyone in fundamental agreement\, and most significantly\, the focus was on improving safety rather than obtaining mere regulatory compliance. \nThe result was that the US airline industry suffered only one passenger fatality in nearly ten years. CAST also demonstrated that\, contrary to conventional wisdom that safety improvements usually hurt productivity\, safety improvements that result from a collaborative approach can simultaneously improve productivity and reduce cost. Improving productivity and reducing cost are important because safety improvements that hurt the bottom line are not generally sustainable. This presentation shows two commercial aviation examples of successful collaboration and one example of inadequate collaboration. \nAlthough one size may not fit all\, in theory the CAST success story should be transferable to help improve safety and reliability not only in other potentially hazardous industries\, but also in professional disciplines that target intentional wrongdoing\, such as cybersecurity. \n  \n1:50 PM – 2:10 PM – Break \n  \n2:10 PM – 3:00 PM – Session 5: Driving Innovation to Strengthen Oversight Capacity \nPresenter: Taka Ariga (GAO) \nAs technologies advance at a rapid pace\, it is paramount for the oversight community to understand key IT accountability challenges while also looking for ways to adapt new IT capabilities. The Innovation Lab at the Government Accountability Office is addressing this duality in a systematic and sustainable way that enable GAO to better serve evidence-based policy making. \n  \n3:05 PM – 3:55 PM – Session 6: NIST Security and Privacy Standards and Guidelines – 2022 Update \nPresenters: Victoria Yan Pillitteri (NIST) and  Cherilyn E. Pascoe (NIST) \nNIST continues to update and issue new key cybersecurity and privacy publications addressing risk management\, assessment\, systems security engineering and cyber resiliency. This presentation will provide a deep dive into recent NIST publication updates\, new and ongoing efforts such as the Cybersecurity Framework update\, the Artificial Intelligence Risk Management Framework\, as well as cover what’s ahead for NIST SP 800-53\, Security and Privacy Controls for Information Systems and Organizations. \n  \n4:00 PM – 4:15 PM – Closing Remarks \nNetworking mixer immediately follows the close of the Annual Meeting \n  \nPresenters \n\n \n\n\nBrian Barnier\nDecision Analyst and Co-Founder CyberTheory Institute \nBrian Barnier is head of decision science and analytics at ValueBridge Advisors\, co-founder of CyberTheory Institute\, and co-founder of Think.Design.Cyber. Brian pioneered life-like scenario analysis\, industrial-strength design thinking and organization transformation in cybersecurity and a leader in systems thinking and math in cyber\, authored 200+ cybersecurity articles\, and has received prestigious honors that include the 2021 Joseph J. Wasserman Award from ISACA NYM and the 2015 V. Lee Conyers Award from ISACA GWDC. He also participated in the creation of ISACA’s Risk IT and COBIT5. \nAt Nokia/Lucent Bell Labs & AT&T he led teams to 9 patents – 6 heavily used during COVID. At AT&T he led a groundbreaking internal security initiative to enable new product sales. At IBM he launched the first secure distributed messaging software\, created the “security as a process” solution team. \nBrian is the author of The Operational Risk Handbook(Harriman House\, Great Britain\, 2011)\, a contributor to Risk Management in Finance (Wiley\, 2009) and Risk and Performance Management: A Guide for Government Decision Makers (Wiley\, 2014). He teaches a graduate seminar in decision science and data analytics at City University of New York and is a guest cybersecurity lecturer. \n\n\n \n\n\nMark A. Forman\nExecutive Vice President\, Enterprise Optimization Dynamic Integrated Services LLC\, CVE verified Service-Disabled Veteran-Owned Small Business\nFormer Administrator\, Office of E-Government\, OMB\n \nMr. Forman leads the Enterprise Optimization Services practice\, working with U.S. federal government clients to improve their mission outcomes through innovations related to organizational and digital transformation approaches. He has been recognized for modernizing government and improving customer focus through his work spanning a variety of government and industry positions. His team addresses core agency performance challenges in defining modernization initiatives\, taking advantage of technologies to simplify business processes and turning data insights into actions that achieve better results. With certifications in Business Transformation\, Prosci Change Management\, and Objectives and Key Results (OKR) Coaching\, he and his team ensure solutions address holistic\, end-to-end organizational needs including IT\, process simplification\, change management\, human capital\, and strategy. \nMr. Forman has a long record of results in government management reforms\, spanning a variety of government and industry positions. Mark Forman is an accomplished Executive with more than 30 years of professional work experience\, including a Presidential appointment to be the first U.S. Administrator for E-Government and Information Technology\, the Federal Government’s Chief Information Officer As a government executive\, he managed and led more than 2000 people working on 25 large multi-agency Presidential initiatives relating interactions between the federal government and businesses\, federal and state governments\, federal government and individuals\, and shared services across agencies. As an industry executive\, he built and led teams of consultants and program delivery for governments around the world while working at IBM\, Unisys\, KPMG\, and SAIC. Mr. Forman excels at team building to define and achieve strategic programs and transformation initiatives. \nMr. Forman is a former fellow of the National Academy of Public Administration and CIO Sage. He is a member of the Industry Advisory Council’s Presidential Transition team. He has given well over 100 speeches on federal IT management\, E-Government\, business transformation and information technology to a wide variety of industry groups and government officials from around the world. Mr. Forman has testified before the U.S. Congress\, Australia Senate\, and several State Houses on information policy and management reform issues. He is a frequent guest on radio\, television\, and social media interviews related to government modernization\, and published numerous papers and articles on government reform. Mr. Forman is also served on the Social Security Administration Advisory Board IT Panel reviewing SSA Modernization and the NASA IT Advisory Board reviewing NASA IT governance. \n\n\n \n\n\nVJ Rao \nCISO\, Fairfax County Public Schools (FCPS) \nVJ Rao currently oversees information security for Fairfax County Public Schools. He also served as the Chief Information Security Officer for the 2016 and 2020 Presidential and Vice-Presidential Debates and has over 20 years of experience as a cybersecurity leader. \n  \n\n\n \n\n\nAlok Kakker\nCRISC\, CISA\, CDPSE\nISACA Greater Washington D.C. Chapter President\nCEO/President\, Annuk Inc. \nMr. Kakker leads a team of highly skilled and experienced SME’s across Cyber Security\, Technology Integration\, Risk Management\, Critical Infrastructure Security\, and Program management. Mr. Kakker has 22+ years of Governance\, Corporate Compliance\, Technology Risk Management\, Project Management and IT Implementations experience. Mr. Kakker is C-suite consultant and SME on PCI DSS\, COBIT\, ITIL and SSAE16 SOC engagements. In his capacity as current President and long-time Board of Directors member\, Mr. Kakker contributed to making ISACA GWDC the largest ISACA Chapter world-wide\, earning innovation and excellence awards\, and communicating the ISACA Values to the IT and audit communities in the Washington DC metropolitan region. \n\n\n \n\n\nChristopher A. Hart\nHart Solutions LLC\nFormer Chairman of the National Transportation Safety Board \nChristopher A. Hart is the founder of Hart Solutions LLP\, which specializes in improving safety in a variety of contexts\, including the safety of automation in motor vehicles\, workplace safety\, and process safety in potentially hazardous industries. \nMr. Hart is also Chairman of the Washington Metrorail Safety Commission\, a three-jurisdictional agency (MD\, VA\, DC) that was created in 2019 to oversee the safety of the Washington area subway system. In addition\, in 2019 he was asked by the Federal Aviation Administration to lead the Joint Authorities Technical Review that was created bring together the certification authorities of 10 countries\, as well as NASA\, to review the robustness of the FAA certification of the flight control systems of the Boeing 737 MAX and make recommendations as needed to improve the certification process. Also\, in 2021 he was asked to join the Board of the Joint Commission on Accreditation of Healthcare Organizations\, the non-government organization that accredits hospitals\, to help improve healthcare safety. He was also invited in 2021 to be on the FAA Management Advisory Council. After an Uber test vehicle struck and killed a pedestrian in Tempe\, AZ\, in 2018\, and Uber terminated such tests on public streets\, Mr. Hart was included in the team of experts that Uber engaged to recommend how to safely resume street testing\, which it has done. \nFrom 2009 until 2018 Mr. Hart was Chairman\, Vice Chairman\, and a Member of the National Transportation Safety Board (NTSB)\, having been nominated by President Obama and confirmed by the Senate. The NTSB investigates major transportation accidents in all modes of transportation\, determines the probable causes of the accidents\, and makes recommendations to prevent recurrences. He was previously a Member of the NTSB in 1990\, having been nominated by (the first) President Bush. \nMr. Hart has a law degree from Harvard Law School and a Master’s Degree and a Bachelor’s Degree (magna cum laude) in Aerospace Engineering from Princeton University. He is a member of the District of Columbia Bar and the Lawyer-Pilots Bar Association\, and he is a pilot with commercial\, multi-engine\, and instrument ratings as well as a Cessna Citation SIC Type Rating. \n\n\n \n\n\nTaka Ariga\nChief Data Scientist and Director of Innovation Lab\, U.S. Government Accountability Office \nTaka is the first Chief Data Scientist appointed by the Comptroller General of the United States for the Government Accountability Office. He also leads GAO’s Innovation Lab in driving problem-centric experiments across oversight\, insight\, and foresight work through data science and emerging technologies. As a member of the federal Senior Executive Service\, Taka is responsible for working with GAO stakeholders to adopt prospective views on impacts of emerging capabilities such as AI\, cloud computing\, blockchains\, RPA\, extended reality\, and IoT. \nTaka is a seasoned data science executive with over 22 years of experience helping private and public sector organizations make sense of hidden correlations\, behaviors\, relationships\, patterns\, and anomalies. He is passionate about fostering a data-informed culture\, using data science as a catalyst to address complex regulatory\, risk\, operational\, and business intelligence challenges. \nTaka is natively fluent in both Japanese and Mandarin Chinese. In his spare time\, he is also a serious classical chamber musician and a competitive tennis player. \n\n\n \n\n\nVictoria Yan Pillitteri\, CISSP\nSenior Computer Scientist\, National Institute of Standards and Technology \nVictoria Yan Pillitteri is a senior computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST). Ms. Pillitteri is the team lead of the Federal Information Security Modernization Act (FISMA) Implementation Project. She supervises a team of technical research and administrative staff that are responsible for conducting the research and development of the suite of risk management guidance used for managing information security risk in the federal government\, and associated stakeholder outreach and public-private coordination/collaboration efforts. In addition to her role as supervisor\, she leads a research portfolio focused on security and privacy risk management\, and frequently hosts and speaks at conferences and workshops on these topics. \nMs. Pillitteri previously worked on the Cybersecurity Framework\, led the NIST Smart Grid and Cyber Physical Systems Cybersecurity Research Programs\, served on the board of directors of the Smart Grid Interoperability Panel\, served as Chair of the Federal Computer Security Managers’ Forum\, and completed a detail in the office of the NIST Director as an IT policy advisor. She has co-authored a number of NIST Special Publications (SPs) and Interagency Reports (IRs) on information security\, including SP 800-12\, 800-37\, 800-53\, 800-82\, 800-171\, 800-171A\, 800-171B\, 800-137A\, 1108 and IR 7628. \nVictoria holds a B.S. in Electrical Engineering from the University of Maryland\, a M.S in Computer Science\, with a concentration in Information Assurance\, from the George Washington University\, and is a Certified Information Systems Security Professional (CISSP). \n\n\n \n\n\nCherilyn E. Pascoe\nSenior Technology Policy Advisor\, NIST \nCherilyn Pascoe is Senior Technology Policy Advisor at the National Institute of Standards and Technology (NIST)\, U.S. Department of Commerce. She advises NIST leadership on technology policy and strategy\, including cybersecurity\, privacy\, and artificial intelligence. She also leads the NIST Cybersecurity Framework program and is active in the NIST AI Risk Management Framework development. Prior to joining NIST\, she served more than a decade in staff leadership roles on the U.S. Senate Committee on Commerce\, Science\, and Transportation working for former Senator Hutchison (R-TX)\, Senator Thune (R-SD)\, and current Ranking Member Wicker (R-MS). Most recently\, she served as Deputy Policy Director managing the Committee’s Space and Science Subcommittee\, which has legislative and oversight jurisdiction over science\, technology\, standards\, and civil space policy. During her time on the Hill\, she led efforts to develop and advance several notable pieces of legislation\, including the U.S. Innovation and Competition Act\, the AV Start Act\, as well as three surface transportation reauthorization laws and ten cybersecurity laws. Pascoe received her M.A. in International Science and Technology Policy from the George Washington University and her B.S. Chem. with Highest Honors in Chemistry from the University of Michigan. \n\nAdditional Details \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nPresentations \nAny presentations made available by the presenters will be emailed to the event participants.   \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing this conference\, students will have a better understanding of latest trends and current topics affecting IT audit\, assurance\, compliance\, security\, and risk management.\n	Prerequisites:  None\n	Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Live\, in-person\n	Field of Study:  Specialized Knowledge – Information Technology
URL:https://isaca-gwdc.org/event/2022-annual-meeting/
LOCATION:Hyatt Regency Washington on Capitol Hill\, 400 New Jersey Avenue\, NW\, Washington\, DC\, 20001\, United States
ORGANIZER;CN="Noel Nazario":MAILTO:SpecialEvents@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220610T093000
DTEND;TZID=America/New_York:20220610T163000
DTSTAMP:20221226T144822Z
CREATED:20220515T151108Z
LAST-MODIFIED:20221226T144822Z
UID:29125-1654853400-1654878600@isaca-gwdc.org
SUMMARY:Seminar - Introduction to Auditing with PowerShell®
DESCRIPTION:Today’s auditors need data from a variety of sources and formats to execute their audits.  This data could be in basic files such as CSVs\, spreadsheets\, and documents.  Other data is located in applications\, such as Active Directory and Azure.  Auditors need tools to aide them in obtaining data from these and other sources and preparing them for analysis and work paper documentation.  Microsoft’s PowerShell is a platform that can be used to perform these and many\, many more tasks.  While PowerShell is designed to aide administrators in managing their Windows systems\, it has an extensive array of capabilities that auditors can use in their audits. \nThis one-day virtual class is designed for students who want to learn different ways that PowerShell can be used in performing audits.  Students will learn the basics of PowerShell\, including commands to import\, view\, summarize\, and export data.  Students will also be taught how PowerShell can be used to obtain data from Windows Event Logs\, Active Directory\, Azure Active Directory\, and other data sources.  There will be hands-on exercises as well to reinforce basic concepts and provide students with a good start in using the PowerShell platform. \nThis seminar is for IT Audit and Cybersecurity professionals or anyone else looking to incorporate PowerShell into their toolkits for accomplishing audits and projects. \nRegistration closed on June 8\, 2022 @ 5pm. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nCourse Details \nSeminar Outline \n\n	Overview of PowerShell\n	Basics of Using PowerShell Commands\n	PowerShell Commands to Import\, Summarize\, View\, and Export Data\n	Overview of Using PowerShell to Import Data from XML and Text Files\n	Overview of Using PowerShell to Import Data from Windows Event Logs\n	Overview of Using PowerShell to Import Data Word and Excel Files\n	Overview of Using PowerShell to Import Data from Active Directory and Azure Active Directory\n	Excercises for importing\, manipulating\, summarizing\, and exporting CSV files\n	Resources and Recap\n\n  \nInstructor \n\n \n\n\nMike Howard\nCISA\, MBA \nMike Howard is an experienced IT auditor with over 27 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies\, including mainframes\, Unix environments\, Active Directory\, databases\, Cisco devices\, and Windows computers. Mike embraces innovative technologies to accomplish his audits\, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell\, he’s written over 300 PowerShell scripts. \nMike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 16+ years\, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development\, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties\, including creating web pages\, calculating CPE credits\, and updating membership rosters. \nMike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University. \n\n  \nAdditional Details \nZoom Instructions \n\n	Group Internet-Based. Zoom link delivered prior to the event.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	ISACA Greater Washington\, D.C. will not be responsible for the participant’s inability to respond to the polls.\n\nPresentations \nThe instructor will distribute all class materials \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 7 Continuing Professional Education (CPE)credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day and respond to polling questions to receive full CPE credit. \n  \nLearning Objective \nAfter completing this seminar\, students will have skills to use PowerShell to import\, summarize\, and output data.  Students will also have an awareness of potential data sources that PowerShell can be used with. \n  \nCPE-Related Details \n\n	Prerequisites:  Students should be familiar with using Windows and using CSV files\n	Advance Preparation: Students should have access to a Windows computer where the PowerShell command line can be used.  User rights are all that’s necessary; administrative rights are not required.  Students will be provided exercise files in advance that should be downloaded to the computer.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet based\n	Field of Study:  Specialized Knowledge – Information Technology
URL:https://isaca-gwdc.org/event/2022-intro-to-auditing-with-powershell/
LOCATION:Virtual Event
ORGANIZER;CN="Mike Howard":MAILTO:itadmin2@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220604T093000
DTEND;TZID=America/New_York:20220611T143000
DTSTAMP:20240911T150804Z
CREATED:20220208T215338Z
LAST-MODIFIED:20240911T150804Z
UID:28850-1654335000-1654957800@isaca-gwdc.org
SUMMARY:Certified in Emerging Technology (CET) - Cloud Fundamentals
DESCRIPTION:The GWDC is sponsoring an intensive 2-day course for the Certified in Emerging Technology™ (CET)- Cloud Fundamentals Certificate.  The dates of this course are: June 4 and 11\, 2022 from 9:30 am to 2:30 PM Eastern.   \nThis course covers characteristics\, components\, deployment models\, risks\, and business drivers of cloud computing. Learners gain insight into the principles and concepts of cloud computing\, services models\, cloud governance\, and an overview of critical cloud service considerations. \nThe interactive\, self-guided format blends both knowledge and performance-based training components to provide a truly unique and dynamic learning experience that builds and reinforces the critical skills required to perform real-world technical tasks. \nIndividuals with little to zero years’ experience in cloud and those seeking to increase their knowledge and skills in Emerging Technology Topics should attend this event.  It’s also intended for anyone preparing for the CET Cloud fundamentals certificate exam. \nRegistration closed on June 1. Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nCourse Details \nAgenda \nModule 1 – Cloud Computing Models \n\n	Cloud Components\n	Cloud Service Implementation Considerations\n	Cloud Deployment Models\n\nModule 2-Cloud Service Models \n\n	Software as a Service\n	Platform as a Service\n	Solution Stacks\n	Infrastructure as a Service\n\nModule 3-Cloud Governance \n\n	Business Drivers to Cloud \n	Risks Associated with cloud solutions\n	Cloud Vendor Selection and Management\n	Portability of Services\n\nModule 4-Cloud Service supports \n\n	Distinguish between service implementation and support in the cloud\n	Describe the testing and validation requirements for post-cloud implementation\n	Articulate the special role that configuration management plays in cloud computing\n	Identify resource management challenges with cloud computing implementations\n\n  \nCET Cloud Fundamentals Certificate Exam \nThe exam will be offered via Computer-Based Testing (CBT). \nRegistration for the exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on CET Cloud Fundamentals Certificate and Exam Registration \n  \nExam Preparation \nFor students who wish to take the CET- Cloud fundamentals exam\, it is highly recommended that the prospective candidates should purchase the official study guide and labs here as the exam includes hands on elements. \n  \nInstructor \n\n \n\n\nSushila Nair\nVice President\, Security Portfolio @ NTT DATA Services\, NTT DATA\, Inc.\nCISSP CISM CRISC CISA \nSushila Nair specializes in cybersecurity\, risk\, and audit services. Sushila Nair is a former Member of the Board of Directors for the Greater Washington\, D.C. ISACA Chapter and has presented at CACS\, BrightTALK\, Seguruinfo and many other international events.  She has taught several review courses for the GWDC chapter and ISACA Global. \n\nAdditional Details \nVirtual Event Information \n\n	Group Internet-Based. Zoom link delivered with registration.\n	Prior to the event\, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.\n	Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.\n	ISACA Greater Washington\, D.C. will not be responsible for the participant’s inability to respond to the polls.\n\n  \nRegistration Questions \nIf you have any registration questions about this event\, please contact the chapter using the Registration Contact Form. \nIf you have CPE questions after the event has concluded\, please contact the chapter using the CPE Contact Form. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nCPE Information \nEarn up to 10 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day and respond to polling questions to receive full CPE credit. \n  \nLearning Objectives \n\n	Identify characteristics\, benefits\, deployments\, and components of cloud computing\n	Evaluate cloud delivery models\, including SaaS\, PaaS\, and IaaS\n	Define governance needs\, business drivers\, strategic value\, and risks associated with cloud computing\n	Understand business model considerations for cloud computing\, including testing\, resource management\, data availability\, and business continuity\n\n  \nCPE-Related Details \n\n	Prerequisites and Advance Preparation: None\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet based\n	Field of Study:  Information Technology – Technical\n\n 
URL:https://isaca-gwdc.org/event/cet-cloud-2022-spring/
LOCATION:Virtual Event
CATEGORIES:Review Courses
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220604T083000
DTEND;TZID=America/New_York:20220625T170000
DTSTAMP:20230213T211237Z
CREATED:20220409T152252Z
LAST-MODIFIED:20230213T211237Z
UID:29008-1654331400-1656176400@isaca-gwdc.org
SUMMARY:CISA Summer 2022 Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 4-day review course for the Certified Information System Auditor® (CISA®) exam.  This review course will provide practical advice on preparing for the CISA exam and specific instruction regarding the job practice areas addressed by CISA as defined by ISACA® Global. The dates of this course are four (4) consecutive Saturdays: June 4\, 11\, 18 and 25\, 2022 from 8:30 am to 5 pm eastern. \nThis event is intended for anyone sitting for the CISA Exam. Students are expected to have prepared for the exam prior to attending the course. \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details.   \nRegistration closed on June 2\, 2022.  Participants can use the link below to access CPE Certificates and the feedback survey. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nPlease note\, registration for the CISA exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on the Certification and Exam Registration \n  \nCourse Details \nAgenda \nDay 1  \n\n	Module 1 – The Process of Auditing Information Systems\n	Module 2 – Governance and Management of IT\n\nDay 2 \n\n	Module 3 – Information Systems Acquisition\, Development\, and Implementation\n\nDay 3  \n\n	Module 4 – Information Systems Operations\, Maintenance\, and Support\n\nDay 4  \n\n	Module 5 – Protection of Information Assets\n\n  \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISA exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISA Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISA Review Manual and the CISA Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n	CISA Review Manual\n	CISA Review Questions\, Answers & Explanations Manual\n	CISA Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISA page as part of their study program.  \n  \nInstructor \n\n \n\n\nJim Wiggins\n \nJim has over 25 years direct experience in the design\, operations\, management\, and auditing of information technology systems\, with the past 20 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients. \nToday\, Jim is the founder and executive director of the Federal IT Security Institute (FITSI). FITSI is a 501c6 non-profit\, certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024. FITSI provides a role-based IT security certification program targeted at the federal workforce. \nJim is also the executive director of the FITSI Foundation. The FITSI Foundation is 501c3 public charity that runs the Wounded Warrior Cyber Combat Academy (W2CCA). \nAdditionally\, Jim provides education and training support for the National Risk Management Center (NRMC) at the Cybersecurity and Infrastructure Agency (CISA) inside of the Department of Homeland Security (DHS). \nIn 2011\, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he continues to make in the federal workforce. \nIn 2019\, FCW Named Jim to the “Federal 100” for his work to tirelessly promote cybersecurity education across all branches of the federal government. \nJim holds the following IA/IT security certifications: CISSP\,ISSEP\, CISM\, CISA\, CySA+\, SCNA\, SCNP\, CAP\, IAM\, IEM\, SSCP\, CEH\, ECSA\, CHFI\, LPT\, TICSA\, CIWSA\, Security+\, and MCSE: Security and FITSP-M. \n\n  \nAdditional Details \nVirtual Event Information \nThe course will be held online using Zoom. An email with the Zoom link will be sent to registrants prior to the start of the course. \nPrior to the event\, registrants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The ISACA Greater Washington\, D.C. will not be responsible for the participant’s inability to respond to the polls. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 32 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day and respond to polling questions to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing the course\, students will be prepared to sit for the CISA exam.\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-cisa-summer-review/
LOCATION:Virtual Event
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220602T083000
DTEND;TZID=America/New_York:20220604T163000
DTSTAMP:20230213T211323Z
CREATED:20220409T215108Z
LAST-MODIFIED:20230213T211323Z
UID:29015-1654158600-1654360200@isaca-gwdc.org
SUMMARY:CISM Summer 2022 Review Course
DESCRIPTION:The GWDC is sponsoring an intensive 3-day review course for the Certified Information Security Manager® (CISM) Exam. The CISM® review course will provide practical advice on preparing for the CISM exam and specific instruction regarding the job practice areas addressed by CISM as defined by ISACA® Global. The dates of this course are June 2 – 4\, 2022 from 8:30 am to 4:30 PM Eastern. \nThis event is intended for anyone sitting for the CISM Exam. Students are expected to have prepared for the exam prior to attending the course. \nStudents who take this GWDC review class and do not pass the corresponding Exam are eligible for a one-time 50% discount on the next review class offered by the GWDC for the exam. Please read the chapter event policy for discount details. \nRegistration closed on May 31. Participants can use the link below to access CPE Certificates\, feedback survey\, and presentations. Instructions on how to access these resources are located on the Access Your CPE Certificate page. \nView Registration Site \n  \nPlease note\, registration for the CISM exam is administered by ISACA®\, not the GWDC. Registering for this review course does not register you for the exam. \n» Details on the Certification and Exam Registration \n  \nCourse Details \nAgenda \nDay 1  \n\n	Module 1 – Information Security Governance\n	Module 2 – Information Security Risk Management\n\nDay 2 \n\n	Module 3 – Information Security Program\n	Module 4 – Incident Management\n\nDay 3  \n\n	Module 5 – Exam Preparation Strategies\n\n  \nMaterials Provided During the Course \nParticipants receive a Study Guide to help them prepare for the CISM exam. The Study Guide contains a presentation\, a case study\, and 20 quiz questions for each domain in the official CISM Review Manual. The Study Guide contains additional material such as suggested study approach\, exam taking tips\, list of “must know” vocabulary terms\, and other suggested readings to aid participants in their exam preparation. \n  \nStudy Materials \nThe instructor highly recommends that students purchase the CISM Review Manual and the CISM Review Questions\, Answers\, and Explanations Database – 12 Month. Below are the study materials available for purchase from the ISACA Bookstore: \n\n	CISM Review Manual\n	CISM Review Questions\, Answers & Explanations Manual\n	CISM Review Questions\, Answers & Explanation Database – 12 month subscription\n\n**It is highly recommended to order these at the earliest opportunity to avoid any possible delays in their availability for the start of the program. \n  \nAdditional Study Resources \nCandidates should review the Exam Candidate Guide and other resources on the ISACA CISM page as part of their study program.  \n  \nInstructor \n\n \n\n\nNoel Nazario \nNoel A. Nazario is a technology and business leader that brings a wealth of technical and leadership experience to help clients assess risk\, develop risk mitigation strategies\, envision and realize coherent technology environments\, improve Cybersecurity Program maturity\, establish Incident Response strategy\, and improve IT/OT integration with business strategy. His experience includes business development\, C-level training\, financial systems audit\, technology risk management\, cybersecurity programs and operations\, enterprise architecture\, IT operations and services integration\, cloud management\, and IT governance. Noel’s professional background enables him to work with leaders with diverse perspectives and backgrounds. \nNoel A. Nazario is a Certified Information Security Manager (CISM) and an ISACA Accredited trainer. Noel was the recipient of the GWDC’s 2018 V. Lee Conyers Award. He participates in multiple industry groups and is a frequent conference host and speaker. Noel started his technology career as an Electronics Engineer for the National Institute of Standards and Technology (NIST) Computer Security Division. He transitioned to the private sector to work for KPMG\, EY\, and Grant Thornton in roles that ranged from Senior Associate to Senior Manager and Director. He later started a consulting firm and is now a Senior Director at Annuk Inc\, where he leads the IT Architecture Review Board for the Washington Metropolitan Area Transit Authority and supports other clients. \n\nAdditional Details \nVirtual Event Information \nThe course will be held online using Zoom. An email with the Zoom link will be sent to registrants prior to the start of the course. \nPrior to the event\, registrants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits. \nParticipants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits. The ISACA Greater Washington\, D.C. will not be responsible for the participant’s inability to respond to the polls. \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form. \n  \nCPE Information \nEarn up to 24 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington\, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org \n  \nCPE Distribution and Evaluation Survey \nCPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day and respond to polling questions to receive full CPE credit. \n  \nCPE-Related Details \n\n	Learning Objective: After completing the course\, students will be prepared to sit for the CISM exam.\n	Prerequisites and Advance Preparation: Students are expected to have prepared for the exam prior to attending the course.\n	Program Knowledge Level: Basic\n	Delivery Method:  Group Internet Based\n	Field of Study:  Information Technology – Technical
URL:https://isaca-gwdc.org/event/2022-cism-summer-review/
LOCATION:Virtual Event
ORGANIZER;CN="Clifton Persaud (Certifications Program and Special Assistance Requests)":MAILTO:certifications@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220512T170000
DTEND;TZID=America/New_York:20220512T190000
DTSTAMP:20220503T092724Z
CREATED:20220408T002956Z
LAST-MODIFIED:20220503T092724Z
UID:28991-1652374800-1652382000@isaca-gwdc.org
SUMMARY:Post-Event Networking Mixer for the GWDC and CSA-DC Joint Conference
DESCRIPTION:The ISACA GWDC and the DC Chapter of the Cloud Security Alliance are hosting a post-event networking mixer immediately following the conference on Security and Compliance in a Cloud-Connected Enterprise.   \nAnyone can attend the networking mixer.  There is a capacity limit of 120 attendees\, so register early. \nPlease register for the mixer by May 10\, 2022.  A separate registration is needed for the conference. \nRegister today! \n  \nEvent Details \nLocation Details \nVenue Location\nMarymount University\, Ballston Campus\n2nd Floor Conference Center\n1000 N. Glebe Road\, Arlington\, VA 22201\n(Corner of Fairfax Drive and Glebe Rd.)\n  \nParking and Metro \nThere is parking on Wakefield Street in the back of the Ballston Campus building. Attendees must take a ticket and pay on exit. \nThe nearest Metro station is Ballston-MU. Exit the station through the “Ballston Station” exit and walk approximately 4 blocks west to the Campus building. \n  \nEvent Questions \nIf you have any questions about this event\, please contact the event organizer\, Adnan Sijercic. \n  \nCancellation Policy \nCancellation for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services.
URL:https://isaca-gwdc.org/event/2022-post-event-networking-mixer/
LOCATION:Marymount University\, 1000 N Glebe Rd\, Arlington\, VA\, 22203\, United States
ORGANIZER;CN="Adnan Sijercic":MAILTO:outreach@isaca-gwdc.org
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220512T130000
DTEND;TZID=America/New_York:20220512T170000
DTSTAMP:20220611T193945Z
CREATED:20220312T145943Z
LAST-MODIFIED:20220611T193945Z
UID:28945-1652360400-1652374800@isaca-gwdc.org
SUMMARY:GWDC and CSA-DC Joint Event: Security and Compliance in a Cloud-Connected Enterprise
DESCRIPTION:  \nPlease Note:  If you came to this page looking for the 2022 Annual Meeting\, please vist https://isaca-gwdc.org/event/2022-annual-meeting/. \n  \nThe ISACA GWDC and the DC Chapter of the Cloud Security Alliance are hosting a conference on Security and Compliance in a Cloud-Connected Enterprise.  Organizations need to modernize their technology investments to move at the speed of business.  As such\, new cloud-based applications are being both developed and integrated into heavily regulated environments.  This mix of on-premise infrastructure which is wholly owned by the enterprise coupled with cloud-based applications presents unique security and compliance challenges that need to be addressed head on.  Come to this joint ISACA-GWDC & CSA-DC event to learn from thought leaders in cloud security and auditing around best practices to architect and deliver security and compliance in your cloud-connected enterprise.  \nA networking mixer will be held immediately after the conference.  A separate registration is needed to attend the mixer.  \nPlease register by May 10\, 2022. \nRegister today! \n	Event Details \nHybrid Event \nThis event will be held in-person and online (Zoom). \nThere is a capacity limit of 120 registrants for in-person attendance\, so register early! \n  \nPricing \nThe cost this event (both in-person and online (Zoom)):  \n●  ISACA GWDC and CSA DC Members: $65 \n●  Non-members: $105 \n  \nIn-Person Location Details \nVenue Location\nMarymount University\, Ballston Campus\n2nd Floor Conference Center\n1000 N. Glebe Road\, Arlington\, VA 22201\n(Corner of Fairfax Drive and Glebe Rd.)\n  \nParking and Metro \nThere is parking on Wakefield Street in the back of the Ballston Campus building. Attendees must take a ticket and pay on exit. \nThe nearest Metro station is Ballston-MU. Exit the station through the “Ballston Station” exit and walk approximately 4 blocks west to the Campus building. \n  \nCheck-in \nRegistrants will be able to check-in 30 minutes before the event. \n  \nOnline (Zoom) Details \nThe Zoom link will be included in the registration confirmation email and in the event reminder that is sent the day of the event.  \n  \nCPE \nCPE’s for all attendees will be self-certified. No certificates will be distributed. \n	Topics and Presenters \nWho Should Attend \nDetails will be posted soon. \n  \nLearning Objectives \nDetails will be posted soon. \n  \nAgenda \n\n\n\nTime\nTopic\nModerator/Speaker\n\n\n1:00 – 1:15\nWelcome & Introductions\n \n\n\n1:15 – 2:00\nCIO/CxO Keynote Speaker\nTravis Howerton \nCo-Founder and Chief Technology Officer (CTO)\, RegScale \nFormer Global Director of Digital Transformation\, Bechtel Corporation \nFormer Deputy Director for IT\, Oak Ridge National Laboratory \nFormer Chief Technology Officer\, National Nuclear Security Administration\n\n\n2:00 – 2:45\nPanel: Digital Transformation Challenges and Best Practices\n\nModerator\nAnil Karmel\, Co-Founder and CEO at RegScale\nPanelists\nBob Gourley\, OODA LLC\nSaif Rahman\, Quzara\n\n\n\n2:45 – 3:00\nCoffee Break\n \n\n\n3:00 – 3:50\nPanel: Cloud Security in a Zero Trust World\n\nModerator\nDr. Mari Spina\, Principal Cybersecurity Engineer/Cloud Security Capability Leader\, MITRE\nPanelists\nBrian McKenney\, MITRE\nPaul Deakin\, F5\nJyoti Wadhwa\, T-Rex Solutions\n\n\n\n3:50 – 4:45 \nPanel: Cloud Compliance and Auditing – Where do I Start?\nModerator/Speaker\nDr. Mari Spina\, Principal Cybersecurity Engineer/Cloud Security Capability Leader\, MITRE\nPanelists\nTravis Howerton\, RegScale\nAaron Lippold\, MITRE\nGreg Elin\, GovReady\n\n\n4:45 – 5:00\nEvent Wrap Up\n \n\n\n5:00 – 6:00\n\nNetworking Happy Hour \n\nSeparate registration required – visit networking mixer page for additional details\n\n\n\n  \nPresenters \n				\n	Travis Howerton\nCo-Founder and Chief Technology Officer (CTO)\, RegScale \nFormer Global Director of Digital Transformation\, Bechtel Corporation \nFormer Deputy Director for IT\, Oak Ridge National Laboratory \nFormer Chief Technology Officer\, National Nuclear Security Administration\n\nAs co-founder and chief technology officer of RegScale\, Travis Howerton is responsible for product development and R&D for our continuous compliance automation platform. RegScale is focused on eliminating paper and helping organizations achieve an always audit ready posture with real-time risk and compliance management. Prior to joining RegScale\, Howerton served as the global director for strategic programs within Bechtel Corporation and was the Bechtel lead for the merger\, cost savings and transformation programs at Consolidated Nuclear Security. Prior to joining Bechtel\, Howerton had a long and diverse career consisting of senior executive assignments throughout the U.S. Department of Energy. He served as the Deputy Director for the IT Services Division at Oak Ridge National Laboratory\, Chief Technology Officer for the National Nuclear Security Administration and as Chief Information Officer for Y-12. Howerton holds a Bachelor’s Degree in Organizational Management from Tusculum College and a Master’s Degree in Computer Information Systems from Boston University. He holds multiple certifications\, including the CISSP\, ITIL\, PMP\, Scrum Master\, Harvard Credential of Readiness and AWS Certified Developer. He is an accomplished public speaker\, has authored or been cited in over 50 publications and supports multiple non-profit associations and educational institutions by serving as a board member. \n				\n	Anil Karmel\nCo-Founder and CEO of RegScale\nPresident of the Cloud Security Alliance’s Washington DC Metro Area Chapter (CSA-DC)\nAnil Karmel is the Co-Founder and CEO of RegScale\, which delivers freedom from (digital) paper by helping organizations shift both security and compliance left via our RegScale continuous compliance automation platform. Formerly\, Anil served as the National Nuclear Security Administration (NNSA) Deputy Chief Technology Officer. \nKarmel has been in the IT Industry for over twenty years\, working with Fortune 500 companies and governments at the intersection of cloud\, cyber security\, and compliance. He and his team garnered industry and government accolades\, including the SANS National Cyber Security Innovators Award for Cloud Security\, InformationWeek 500 Top Government IT Innovators\, ACT/IAC Excellence.gov Award and the DOE Secretary’s Achievement Award. \nAnil currently serves as the President of the Cloud Security Alliance’s Washington DC Metro Area Chapter (CSA-DC) and as a member of the CSA’s CxO Trust Advisory Council. Karmel is a nationally recognized speaker and has been featured at numerous IT conferences and webinars. \n				\n	Bob Gourley\nCTO & Co-Founder at OODA LLC\nBob Gourley is an experienced enterprise CTO with extensive past performance in optimizing technology in support of global businesses. As CTO of OODA he leads engagements focused on improving the security and functionality of enterprise IT.  He also advises clients on technology due diligence and leads the technology research and reporting activities at OODAloop.com  Bob is the former CTO for the Defense Intelligence Agency. He has received the Infoworld top CTO award and was named one of the top 100 “Tech Titans” in DC by Washingtonian magazine.  \n				\n	Saif Rahman\nLeader – Cloud Security\, Application Security Risk at Quzara\nSaif is the co-founder of Quzara and has been involved in various aspects of cloud security and security operations centers throughout most of his career. Saif has been working very closely with Microsoft over the past decade on various initiatives such as FedRAMP readiness\, leading the CMMC acceleration program\, and other major clients for cybersecurity services. \n				\n	Dr. Mari Spina\, PMP\, CISSP-ISSEP-CCSP\nPrincipal Cybersecurity Engineer/Cloud Security Capability Leader at MITRE\nDr. Spina joined MITRE in 2014 and has been supporting a multitude of MITRE Federal sponsors including DHS\, DoD and the IC in the area of Cloud Security. At MITRE\, she is a Principle Cybersecurity Engineer\, leads the Cloud Security Capability Area\, and teaches Cloud Security for the MITRE Institute.  She has also taught many Information Technology courses for the George Washington University schools of engineering and business. Before joining MITRE\, she worked for government engineering firms including Hughes Aircraft\, SAIC\, ManTech\, NJVC\, and DMI since 1988 where she provided IT systems engineering to a variety of Federal agency missions including those of the Intelligence Community and the DoD. Mari holds a D.Sc. in Engineering Management from the George Washington University\, a MSEE from the University of Southern California\, and a BSME from California State University Northridge. She is also PMI PMP and ISC2 CISSP\, ISSEP\, CCSP certified. \n				\n	Brian McKenney\nSenior Principal Cybersecurity Architect at MITRE\nBrian McKenney is a Senior Principal Cybersecurity Architect in MITRE Labs’ Cyber Solutions Innovation Center. As Enterprise Security Architecture Capability Area Lead\, he provides consulting on the integration of cybersecurity (including zero trust) capabilities within evolving enterprise\, cloud\, and network security architectures.  Brian is co-author of Zero Trust Architectures: Are We There Yet? \n				\n	Paul Deakin\nPrincipal Solutions Engineer at F5 Government Solutions\nPaul Deakin is a Principal Solutions Engineer currently working with the DoD group primarily with USAF at F5\, a company focused on delivering industry-leading solutions for application delivery analytics and security. He has twenty years of experience in the technology industry\, with nine years in the security environment\, including leadership roles in directing large-scale projects;  and implementation of software/hardware in complex environments; exposure to a wide variety of businesses including insurance\, manufacturing\, government\, aerospace\, financial\, and healthcare. He holds a master’s degree in computer science and is an F5 Certified Solution Expert in security and Cloud. \n				\n	Jyoti Wadhwa\, MBA\, CISSP\, HCISPP\, ICP\, CCP\nDirector\, Solutions Architect Cybersecurity at T-Rex Solutions\, LLC\nJyoti is a cyber and digital leader with over 20 years of experience in public and private sectors.  Her strategic perspective and operational experience help teams advance their security initiatives in their modernization journeys.  Partnering with C-suite\, security and compliance teams as the Director of Cybersecurity Solutions Architect\, T-Rex Solutions\, she helps enterprises develop agile\, cloud security strategies that address the needs of today’s hybrid environments.  Her focus is on progressing industry’s adoption of modern cyber requirements including DevSecOps\, Active Cyber Defense\, Cyber Resilience and Zero Trust roadmaps.  As a trusted cyber adviser\, she contributes to industry programs\, such as being a lead author on Zero Trust with the Cloud Security Alliance Research Committee (DC) to uplift knowledge and collaboration in these emerging areas. Jyoti’s broad spectrum of cyber practices and passion for technology stems from prior roles such as\, Cyber and Digital Leader\, Booz Allen\, VP of Technology Marketing\, Trivalent (data protection)\, VP of Technology Marketing\, Arxan Technologies (application protection)\, Director\, Secure Software (application security)\, senior positions at Nortel\, SAP (Plateau Systems)\, and Zayo (AboveNet). \nJyoti is a passionate advocate of women in tech with contributions to associations such as Women in Tech\, mentoring Girls in Tech technology\, a EWF Lift mentor and member of Women’s Society of Cyberjitsu\, ISC 2 northern VA chapter. Jyoti is CISSP\, HCISPP ICP and AWS CCP certified\, holds a Bachelor’s of Commerce from the University of Calgary and a Masters’ of Business Administration in Information Systems from the University of British Columbia. \n	Additional Details \nEvent Questions \nIf you have any questions about this event\, please contact the event organizer\, Adnan Sijercic. \n  \nPresentations \nAny presentations made available by the presenters will be emailed to the event participants.   \n  \nCancellation and Refund Policy \nCancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details. \nIf ISACA GWDC cancels the event\, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided. \n  \nComplaint Policy \nThe GWDC welcomes your comments\, complaints\, suggestions\, questions\, and other feedback concerning our website information and services.
URL:https://isaca-gwdc.org/event/2022-security-cloud-enterprise/
LOCATION:Marymount University\, 1000 N Glebe Rd\, Arlington\, VA\, 22203\, United States
ORGANIZER;CN="Adnan Sijercic":MAILTO:outreach@isaca-gwdc.org
END:VEVENT
END:VCALENDAR