The Download
November 5, 2007 The Quarterly Newsletter of the Nashville ISACA Chapter
In This Issue Presidents Message Highlights of the President’s Message October chapter meeting with ISSA and Infraguard <<>> Next Chapter Event: IP3 Security Best Regards, Workshop Clint Jennings ISACA on the Radio President, Middle Tennessee ISACA Chapter [email protected] Events by other organizations Other News <
Chapter Officers Links Tom Buss, Director of Information Security for Deloitte Services LP Bill Dieringer, Director of Information System Security for Vanguard Health Click the links below to contact the board Systems members Graeme Payne, Security Practice Partner for Ernst & Young Clint Jennings, The panelists President
Charlie Eadler, Vice President Damon Work, Secretary Next Chapter Event David Ford, Treasurer Please mark your calendars for the upcoming IP3 Security Workshop that Jennifer Ditmer, will address: Programs Chair Cryptography Firewalls Jessica Miller, IPS's / IDS's Authentication Mechanisms Certifications Director Vulnerabilities and Exploits Regulatory & Compliance Issues - Sarbanes-Oxley - GLBA - HIPAA - FISMA - SB1386 James Hlavati, Membership Director The Workshop will be held on Monday and Tuesday, December 11-12, Page 1 of 7 2007. Ryan Rayborn, WebMaster Location: Building 1 Auditorium - HCA Time: 8:30AM – 4:30PM each day Cost: $150 ($595 includes 30 gb iPod) Registration: http://www.ip3seminars.com/security/register-isaca.php Registration Code: ISACA150 CPE credits: 14 Each participant will receive a security tools CD and a 300-page workbook. Chapter Website: www.isacanashville.org ISACA on the Radio
The local ISACA chapter was recently donated some air time for commercials and
Events by other organizations
itSMF USA Nashville LIG chapter interest meetings
November 15, 2007 Meeting: Ken Turbitt, Global Best Practice Director at BMC
For more information on these and other itSMF events, see http://www.itsmfusa.org/mc/page.do?sitePageId=29777
Atlanta ISACA Chapter " Geek Week" Seminar
Topics include: • CISA & CISM Review Courses • Importance of Privacy Audits • COBIT Methodology • SAS 70 Evaluations • Implementing IT Governance Audits • IT Strategic Planning • Continuous Auditing & Monitoring • ITIL Implementation • PCI Data Security Standards • Wireless Security • Computer Forensics • IT Outsourcing Issues & Considerations • SOX & Sustainable Control • Document Management & Retention • Metrics for Measuring Audit's Effectiveness
Date: November 12-16 2007
More information: visit http://www.isaca-atlanta.org/geekweek.htm
Page 2 of 7 The Information Systems Control Journal is a bimonthly publication of ISACA. The Journal provides professional development information to those spearheading IT governance and those involved with information systems audit, control and security. This leading industry publication Test your is read by more than 50,000 professionals in over 140 knowledge: countries around the world. Which of the following disaster recovery – continuity plan components provides the GREATEST Other news: assurance of recovery after a disaster?
A. The alternate Member Benefit of the Month… facility will be available until K-NET: the original 1: An online knowledge base consisting of more than 6,000 peer- information reviewed electronic resources, processing organized by professional topic facility is category and accessible by members only. Push technology allows restored. members to be advised via e-mail B. User mgmt is when new content is added to their selected areas of professional involved in the interest. identification of 2: Available at www.isaca.org/knet critical systems and associated ISACA Member recovery times. Benefits: C. Copies of the plan are kept at the homes of Working together, more than 170 local chapters and the International association key decision have developed an exceptional package of products and services for members. making personnel. Specific features include (also see membership benefits page): Complimentary download of COBIT 4.0 and related products. D. Feedback is Discounted subscription and complimentary baseline functionality of COBIT provided to Online management assuring them Discounts on CISA and CISM examination fees and study materials that the Discounts on leading-edge technical and managerial conferences and business workshops continuity plans Subscription to the bimonthly Information Systems Control Journal, which are indeed features articles on current and future practices and technology, and Global workable and Communiqué, a member publication the procedures Full access to K-NET, a global IT governance knowledge resource are current. Discounts on research publications and convenient access to peer-reviewed Bookstore publications The correct answer is Documents and presentations from the IT Governance Institute on various on the last page. aspects of IT governance Standards, statements and guidelines for information systems audit and control professionals Online access to member-only material, which includes a variety of professional resources, such as internal control questionnaires (ICQs) and Page 3 of 7 audit programs Discount on annual subscriptions for Protiviti’s KnowledgeLeader site. Leadership and networking opportunities through participation on ISACA boards/committees that are making a positive impact on the IT profession
Benefits from Local Chapters include: Access to affordable continuing education programs, research and publications Information exchange opportunities through regular chapter meetings Opportunities to participate in local events, publications or research projects Subscriptions to chapter communications (in most areas) that inform of local events and opportunities Leadership experience on local boards and committees and the opportunity to make a positive impact on the local business community
Certification Update:
June 2007 Exam Registration Registration for the June 2007 Certified Information Systems Auditor™ (CISA®) and Certified Information Security Manager® (CISM®) exams continues. The final registration deadline is 11 April 2007. Candidates will find additional exam details in the CISA or CISM Bulletin of Information for the June 2007 exams, which are available at www.isaca.org/cisaboi and www.isaca.org/cismboi.
June 2007 Exam Cancellations The last day to request an exam cancellation for the June 2007 exam and receive a refund is 20 April. The request form is available online at www.isaca.org/examdefer. Page 4 of 7 Any questions should be directed to the certification department by e-mail at [email protected] or by phone at +1.847.253.1545, ext. 772.
Page 5 of 7 Page 6 of 7 The correct answer to the CISA exam question is:
A. The alternate facility should be made available until the original site is restored to provide the greatest assurance of recovery after a disaster. Without this assurance, the plan will not be successful. All other choices ensure prioritization or the execution of the plan.
Sample question obtained from the 2006 CISA Review Questions, Answers & Explanations Manual.
Page 7 of 7