Home | About Us | Meetings & Seminars | Newsletters | Contacts | Membership Info | Links | Area Jobs | Reference | more...

Meeting and Seminar Schedule

Mark the following dates on your calendar for the meetings of the Kentuckiana Chapter. See individual meeting notice for location.  Note:  Past meetings are listed for reference purposes.

PayPal payment now accepted
(See more PayPal information below list of meetings):

Date	Speaker and Topic	CPEs
	2007-2008:
July 9-11, 2008 This course is now full, but you may contact Matt Smith (matthew_smith@b-f.com) if you are interested in getting on a standby list in the event of cancellations Cost: $800	"Defending and Testing Your Internet DMZ" by MIS Training Institute (MISTI) Time: 8 am to 5 pm each day Speaker/Instructor: Ken Cutler, CISSP, CISM, CISA Agenda: Sizing Up the Attacks and the Risks DMZ Architectures Network Firewall Policies and Configuration Router Security VPN and Remote Access Security Intrusion Detection / Intrusion Prevention Systems (IDS / IPS) Remote Vulnerability Testing of Your Perimeter Security / DMZ For all three days of this seminar, lunch is included and will be provided to you. In addition, you will receive an 800-page course manual to keep and a CPE certificate of completion to evidence your attendance. Detailed Course Description: Today's Internet connections are typically shielded by a Demilitarized Zone (DMZ), a critical security buffer between your organization's internal network and the outside world. Firewalls, proxy servers, and filtering routers play a major role in regulating and restricting traffic flowing to and from the Internet; however, the DMZ is also an attractive target to hackers and other intruders, especially if it houses your organization's externally accessible Web-enabled applications. As a result, the DMZ must also support specialized web application security safeguards and an incident response capability through the effective use of intrusion detection systems. Failure to properly configure, maintain, and monitor a secure and efficient DMZ increases the risk of your organization being attacked by external intruders. Faulty DMZ security can also increases corporate legal liability and potentially, material audit findings by failing to demonstrate effective governance and due care with respect to industry best practices, such as the ISO 17799 security standards and regulatory requirements related to Sarbanes-Oxley, FISMA, HIPAA, Gramm-Leach-Bliley, and most significantly to the Payment Card Industry Data Security Standard (PCI DSS). This intensive three-day seminar is designed to equip you to better protect and audit your network's perimeter through a blend of practical, up-to-the minute knowledge transfer and meaningful analytical exercises. You will cover typical hacker attacks and how to protect against them, explore the pros and cons of major DMZ connection points and firewall architectures, work through firewall, router, and VPN configuration exercises, and gain proven tips on testing and documenting your entire perimeter security configuration. Cancellation Policy: No refunds will be offered for cancellations received after June 13, 2008. To cancel, you must notify Kentuckiana ISACA in writing in advance. Any cancellation before June 14, 2008 is entitled to a full refund and will not incur any fee or penalty. In addition, the Kentuckiana ISACA Chapter reserves the right to cancel this course at anytime. In the event the Kentuckiana ISACA Chapter cancels the course, the Chapter is only obligated to refund the course registration fee. About Ken: Ken Cutler is the Vice President of Information Security at MIS Training Institute, where his responsibilities include directing MIS' infosecurity public training programs. In addition, he sets strategy for MIS' information security certificate programs. He is also the principal consultant for Ken Cutler & Associates (KCA), an independent information security consulting firm. Previously, Mr. Cutler headed up companywide information security programs for American Express Travel Related Services and Martin Marietta Data Systems. His responsibilities at these major corporations included developing security policies and standards, creating awareness programs, conducting security risk assessments, providing consulting services, and guiding security technology selection on a worldwide basis. Mr. Cutler has over 25 years of experience in information security, auditing, quality assurance, and information services. His industry experience includes insurance and financial services, natural resources, manufacturing, government contracting, consulting and training. Mr. Cutler frequently lectures and provides hands-on consulting services in the areas of information security management and architecture, network vulnerability testing, UNIX and Windows-based systems, Internet/Web security, dial up/remote access security, wireless security, and local area network security. Mr. Cutler is frequently quoted in popular trade publications such as Computerworld, Information Security, CIO Bulletin, Healthcare Information Security Newsletter, InfoWorld, InformationWeek, HP Professional, and Bank Systems and Technology. Questions: For any questions regarding this event, please e-mail matthew_smith@b-f.com. Alternatively, you may contact Matt Smith at 502.774.7236 Location: Hyatt Regency Louisville 320 West Jefferson Street Louisville, KY 40202 Phone: 502.581.1234)	22
May 30, 2008 Cost: $20 Student Cost: $5	ISACA Chapter Meeting Time: 11:30 sign-in and networking; 12:00-1:00 Lunch and presentation Speaker: Scott Kiefer The Oliver Group (http://www.olivergroup.com/) Topic: Using Predictive Index (PI) assessments to enhance recruiting, career planning and workplace performance About our speaker: Scott holds a Bachelor’s degree from James Madison University in Virginia and a Master’s degree in business from the University of Louisville. He brings to clients a diverse professional background that includes leadership positions in the military, higher education, andbusiness. He spent 10 years as an Army officer including assignments in the Cold War capital of Berlin, Germany where he trained new Army soldiers as an Infantry Company Commander. At the same time, he also served asAssistant Professor of Military Science where he evaluated and developed new Army officers. Scott is a graduate of the most challenging combat leadership course in the military, the United States Army Ranger School. Scott’s business experience is from two of the world’s largest manufacturing companies, Frito-Lay and Exxon Mobil. Before coming to The Oliver Group, he led the supply chain organization at MytexPolymers, an Exxon Mobil Chemical joint venture, a leading supplier of petrochemical products to the demanding U.S. automotive industry. He also has coached both individuals and teams in the military and led team development programs for competitive college sports teams. At The Oliver Group, Scott oversees client services and internally manages consultants to deliver customized solutions to a widevariety of client needs. Scott consults on executive and management levelsto implement the Predictive Index tool and works with leaders to create performance improvement strategies. RSVP and Menu: Please RSVP with menu choice by close of business on 05/28/08 to kyisaca@isauditor.net - Lunch Buffet Location:  The Jefferson Club 2900 PNC Plaza Louisville, KY 40202 (502) 584-1177	1
April 25, 2008 Cost: $20 Student Cost: $5	ISACA Chapter Meeting Time: 11:30 sign-in and networking; 12:00-1:00 Lunch and presentation Speaker: Rob Randell, CISSP VMWare (vmware.com) Topic: Server Virtualization (Presentation) Security design considerations Business continuity/disaster recovery Virtualization roles in the enterprise About our speaker: Rob Randell, CISSP, is a VMWare, Senior Systems Engineer specializing in security. He is a frequent presenter on VMWare security issues. VMWare is the global leader in virtualization solutions from the desktop to the datacenter. Customers of all sizes rely on VMWare to reduce capital and operating expenses, ensure business continuity, strengthen security and go green. With 2007 revenues of $1.3 billion, more than 100,000 customers and more than 10,000 partners, VMWare is one of the fastest growing public software companies. VMWare is headquartered in Palo Alto, California and on the web at www.vmware.com@ RSVP and Menu: Please RSVP with menu choice by close of business on 04/24/08 to kyisaca@isauditor.net - Lunch Buffet Location:  The Jefferson Club 2900 PNC Plaza Louisville, KY 40202 (502) 584-1177	1
March 28 , 2008 Cost: $20 Student Cost: $5	ISACA Chapter Meeting Time: 11:30 sign-in and networking; 12:00-1:00 Lunch and presentation Speaker: Michael Dahn, Founder/CTO The Aegenis Group (aeginis.com) Topic: Overview of Payment Card Industry Data Security Standard (PCI-DSS) About our speaker: Mr. Dahn is an experienced information security professional and PCI expert. Mr. Dahn has performed hundreds of PCI security assessments for merchants, service providers, acquirers, and payment application vendors. He worked with Visa and MasterCard on the continued development of the PCI DSS and PABP standards. Most recently he developed and delivered training of all PCI qualified security assessors (QSA) globally in the US, UK/Europe, Asia-Pacific, and Latin America. In addition to performing the first PABP assessment, he has also delivered training on PCI DSS to merchants, acquirers, and payment application vendors in the UK, Australia, Japan, and Korea. Prior to this work he led the internal rollout of the Discover Information Security Compliance (DISC) program for Discover Network. Mr. Dahn has given numerous speaking engagements for a variety of security and commercial associations such as the FDIC and NCUA, and information security groups on topics including compliance, auditing and network security, and hackers and forensic investigation. Mr. Dahn holds the CISSP certification, membership in the High Technology Crime Investigation Association (HTCIA), is on the Board of Directors for the National InfraGard Members Alliance, and has a Masters in Information Assurance and a BS in Computer Science. RSVP and Menu: Please RSVP with menu choice by close of business on 03/27/08 to kyisaca@isauditor.net - Steeplechase Chicken Salad with Honey Mustard - Muffaletta with Turkey, Ham and Swiss/Havarti - Theresa’s Sweet Chili Linguini with Grilled Chicken Location:  Bristol Bar and Grille 614 West Main Street Louisville, KY 40202 (502) 582-1995	1
February 29, 2008 Cost: $20 Student Cost: $5	ISACA Chapter Meeting Time: 11:30 sign-in and networking; 12:00-1:00 Lunch and presentation Speaker: Douglas Torline, PricewaterhouseCoopers Topic: FBI: Cybersecurity and White Collar Crime RSVP and Menu: Please RSVP with menu choice by close of business on 02/26/2008 to kyisaca@isauditor.net - Steeplechase Chicken Salad - Crab Cake Sandwich - Pork Dijonnaise Location:  Bristol Bar and Grille 614 West Main Street Louisville, KY 40202 (502) 582-1995	1
October 29, 2007  ISACA Member Cost: $265 Non-ISACA Member Cost: $315 ISACA Student Cost: $215	Computer and Communications Technology for Auditors - Review Seminar General: There are 300 plus distinct disciplines of Information Technology. An IT practitioner specializes in no more than 2 or 3 and may be sometimes in 5 or 6 areas. Such practicing professionals usually have in depth knowledge of such subject matters in which they specialize. However, there are two distinct job areas of IT (a CIO and an IT Auditor) where a professional has to know a little bit of all of such 300 disciplines. Although IT auditors also specialize in two or three other areas (e.g., firewall penetration test, Z-OS audit, access controls etc), due to high interactivity amongst computer and communications systems, an auditor has to look at the broad picture as well as the area specifically being audited under the audit plan. Focus of this course: This 8-hour seminar will look at the forest of IT rather than individual trees. Almost all of the 300 distinct areas of IT will be covered in this 480-minute presentation. Interactivity and interdependence amongst such areas will also be discussed. At the conclusion of the seminar, the attendees will come out with an overall picture of the realm of IT and how its various components interact with each other. Wherever possible, different control objectives for such areas will also be discussed. Since the domains of IT change on a frequent basis, there will be no handouts for this class. Class will be highly interactive. Emphasis will be on the breadth rather than depth. As they say, the contents would be one mile wide and one foot thick. At the conclusion of the seminar, attendees would understand almost all there is to know about the breadth of computers and communications components. This seminar will be useful for CISA, CISM, CBCP, and CISSP exam candidates and practicing IT Auditors. Class Size: Since most of the material will be new for the attendees, the classes will be highly interactive and there will be many opportunities for student initiated questions. The class size will be limited to 20 students. Students are expected to bring lots of note pads to write on. Audience for this class: IT auditors who would like to have a global picture of IT and communications CISA, CISM, and CBCP exam candidates Financial auditors (e.g. CIAs) who would like to prepare for CISA exam but have little or no IT background IT management who never had the opportunity to keep up with technology Instructor: Jay Ranade, CISA, CISM, CISSP, CBCP Jay is an internationally renowned expert on computers, communications, disaster recovery, IT Security, and IT controls. He has written and published more than 35 IT-related books on various subjects ranging from networks, security, operating systems, languages, and systems. He also has an imprint with McGraw-Hill with more than 300 books called "Jay Ranade Series". He has written and published articles for various computer magazines such as Byte, LAN Magazine, and Enterprise Systems Journal. The New York Times critically acclaimed his book called the "Best of Byte". He is currently working on a number of books on various subjects such as IT Audit, IT Security, Business Continuity, and IT Risk Management. Jay has consulted and worked for Global and Fortune 500 companies in the US and abroad including American International Group, Time Life, Merrill Lynch, Dreyfus/Mellon Bank, Johnson and Johnson, Unisys, McGraw-Hill, Mobiltel Bulgaria, and Credit Suisse. He is a member of the ISACA International's Publications Committee. Jay teaches this CISA class for the New York Metropolitan Chapter of ISACA and graduate-level 3 credit Information Security Management course for New York University. He has also taught CISSP at St. John's University. Location: Hyatt Regency Louisville 320 West Jefferson Louisville, KY 40202 Phone: (502) 581 1234 Registration: Payment for seminar can be via PayPal or by check. Please contact Melissa Perry for an invoice to pay by check. Fees: Members: $265 US Non-Members: $315 US Students: $215 US for full-time students This seminar includes lunch and validated parking at the Hyatt garage only. CANCELLATION POLICY No refunds will be offered for cancellations received on or after October 5. However, your fee can be rolled over to a future event by the chapter or to another individual. To cancel, you must notify Kentuckiana ISACA in writing in advance. Any cancellation before or on October 4, 2007 is entitled to a full refund and will not incur any fee or penalty. Questions? For any questions regarding this event, please e-mail kyisaca@isauditor.net. Alternatively, you may contact Melissa Perry at melissaperrycpa@yahoo.com	8
October 27-28, 2007 On or before September 26 early bird fees:  ISACA Member Cost: $375 Non-ISACA Member Cost: $425 ISACA Student Cost: $200	CISM Examination Weekend Session Time: 9:00 am to 6:00 pm both days To support the development of new certified professionals, the Kentuckian Chapter is sponsoring a CISM review course. This is a weekend "cram" style format on Saturday, October 27 and Sunday October 28 from 9 am to 6 pm both days. The course will use ISACA provided materials in hard copy to the students. The instructor recommends that students also purchase the following materials available from the ISACA bookstore Certified Information Security Manager (CISM) Review Manual 2007 English Edition CISM Practice Question Database v7 English Edition (web site download) or CISM Practice Question Database v7 English Edition (CD-ROM) These materials are available through the ISACA International Bookstore at www.isaca.org Although the instructor will not be using these manuals extensively, it will definitely help students with the material. The instructor recommends purchasing the practice questions to help the students understand the type of questions asked in the exam. The instructor will also provide his own copyrighted material which consists of 1200 one-line CISA exam Axioms which greatly enhance success rate for the exam. Instructor: Jay Ranade, CISA, CISM, CISSP, CBCP Jay is an internationally renowned expert on computers, communications, disaster recovery, IT Security, and IT controls. He has written and published more than 35 IT-related books on various subjects ranging from networks, security, operating systems, languages, and systems. He also has an imprint with McGraw-Hill with more than 300 books called "Jay Ranade Series". He has written and published articles for various computer magazines such as Byte, LAN Magazine, and Enterprise Systems Journal. The New York Times critically acclaimed his book called the "Best of Byte". He is currently working on a number of books on various subjects such as IT Audit, IT Security, Business Continuity, and IT Risk Management. Jay has consulted and worked for Global and Fortune 500 companies in the US and abroad including American International Group, Time Life, Merrill Lynch, Dreyfus/Mellon Bank, Johnson and Johnson, Unisys, McGraw-Hill, Mobiltel Bulgaria, and Credit Suisse. He is a member of the ISACA International's Publications Committee. Jay teaches this CISA class for the New York Metropolitan Chapter of ISACA and graduate-level 3 credit Information Security Management course for New York University. He has also taught CISSP at St. John's University. Location: Hyatt Regency Louisville 320 West Jefferson Louisville, KY 40202 Phone: (502) 581 1234 Registration: Payment for seminar can be via PayPal or by check. Please contact Melissa Perry for an invoice to pay by check. Early registration fees have been discounted by $50. Fees on or before September 26 2007: Members: $375 US Non-Members: $425 US Students: $200 US for full-time students Fees on or after September 27, if space available: Members: $425 US Non-Members: $475 US Students: $250 US for full-time students This weekend fee includes morning drinks, lunch and afternoon snack and validated parking at the Hyatt garage only. CANCELLATION POLICY No refunds will be offered for cancellations received on or after October 5. However, your fee can be rolled over to a future event by the chapter or to another individual. To cancel, you must notify Kentuckiana ISACA in writing in advance. Any cancellation before or on October 4, 2007 is entitled to a full refund and will not incur any fee or penalty. Questions? For any questions regarding this event, please e-mail kyisaca@isauditor.net. Alternatively, you may contact Melissa Perry at melissaperrycpa@yahoo.com	16
September 13, 2007 Cost: $20 Student Cost: $5	ISACA Chapter Meeting Time: 11:30 sign-in and networking; 12:00-1:00 Lunch and presentation Speaker: Doug Berryhill, CompasSoft Topic: Spreadsheet Compliance: Discovery, Validation and Controls Doug Berryhill, Director Spreadsheet Compliance, with Compassoft, Inc. will discuss the issue of spreadsheet compliance, Offering tips based on real-world experience to help you reduce the risks and costs of spreadsheet management.Sarbanes-Oxley legislation and the risks of noncompliance are powerful motivators for internal auditors and financial professionals to take the time to educate themselves about the far-reaching consequences of spreadsheet errors and to learn about best practices in spreadsheet management and control. In this informative briefing, you will learn: • How to recognize what the risks are • How to discover, validate and establish strong controls on business critical spreadsheets • How to dramatically improve productivity wherever spreadsheets are used in your organization About the Speaker: Doug Berryhill, brings over 25 years of successful management and consulting experience to Compassoft from enterprise software and systems consulting firms. Prior to Compassoft Doug was the sales manager for the eastern United States with The SAS Institute for 6 years, Divisional Vice President at Computer Associates for 5 years, and Consulting Services Manager at Cap Gemini for 9 years. RSVP and Menu: Please RSVP by close of business on 9/12/2007 to kyisaca@isauditor.net - Tortellini Buddeke - Cobb Salad - Chicken Continentale Location: Vicenzo's Restaurant 150 S. Fifth St. Louisville, KY 40202 (502) 580-1350	1
August 24, 2007 Cost: FREE Thank you CA!	Joint ISACA / ISSA Chapter Meeting Time: 11:30 sign-in and networking; 12:00-1:00 Lunch and presentation Speaker: Matthew Mullinix from CA Topic: Computer Operations "Asset Lifecycle" management Location: University of Louisville iTRC Free Panera Bread lunch, compliments of CA	1

Click here to see prior year meetings
(maintained for historical purposes)

PayPal payment now accepted

Click the "pay now" button for the meeting you wish to pay for. If you already have a "PayPal" account, simply verify the amount; enter your log-in and password. If you don't already have a "PayPal" account, you will need to fill in the information for new members (similar to other e-commerce web sites such as Amazon). Once you have completed the transaction, you will be sent an e-mail receipt by PayPal and be returned to the Kenticukiana ISACA web site. The local chapter also receives an e-mail that tells us you have paid. All information is exchanged via HTTPS protocol (secure and encrypted) and remains with PayPal.

The Paypal Payment ID is PaypalISACA@ISAuditor.net ("Paypal" and "ISACA" run together) if you pay directly from your PayPal account (bypassing the payment buttons provided on this page).

Last updated May 21, 2008
You are visitor since September 23, 2004