PRESIDENT VICE PRESIDENT TREASURER SECRETARY Michele Haroon CPA, CISA Sajay Rai CPA, CISSP, CISM Linda Kearney CISA Brad Barton CISA Federal-Mogul Corporation Securely Yours LLC Chrysler Group, LLC Lear Corporation

VOLUME 27 #5 REGION 4 CHAPTER 8

DATABYTEDATABYTE

DIRECTORS

Greg Boehmer, CISA, CIA, CFE, CGEIT, CISSP, CISM, CRISC, PMP Deloitte & Touche

313-394-5524

Derrick Buckingham, CISA, CISSP, CISM, CRISC CSC

248-853-4860 Juman Doleh-Alomary, MSc.E, CISA, CISM, CRISC

Wayne State University 313-577-6406 Michael A. Forrest, CISA, CGEIT

TCS

586-292-4740

Ryan Hodges, CISA Deloitte & Touche

248-953-1151

M. Siobhan Jordan 734-891-5082

Brenda Karl, CISA, CGEIT, CRISC, QSA Accretive Solutions

248-633-2347

D. Robert Okopny, PhD, CIA, CFE, CMA

Eastern Michigan University

734-487-0246

Rajesh Patel Plante & Moran PLLC

248-223-3428 Brandy Pfeiffer, CISA Federal-Mogul Corporation 248-354-2602

Carrie Schrader, CISA, CBM, CFE, CGEIT CRISC GE

734-727-5436 Jason Sist, CISA Cooper Standard Automotive 248-946-1771

Doug Wahr, CISA, CISSP Auto Club Group (AAA) 313-436-7277

James M. Watson, CISSP, CISA, CIA Ford Motor Company

313-594-0609

Susan A. Yamin, CPA Ally

734-619-8425 Manish Zaveri, CISA, CPA

Delphi Corporation 248-888-9090

Monthly MeetingMonthly MeetingMonthly Meeting Wednesday, February 20, 2013Wednesday, February 20, 2013Wednesday, February 20, 2013

Pre-Dinner Topic: Advanced Persistent Threat: Marketing Hype or Cause for Concern? Special Agent Adam Maddock

After-Dinner Topic: The Truth Series Continues: APT & ATP are they the same? Tim Bates, ITIL

Date: Wednesday, February 20, 2013

Time: 4:30 – 5:00 Registration & Networking

5:00 – 6:00 Pre-Dinner Presentation 6:00 – 6:45 Dinner 6:45 – 7:45 After-Dinner Presentation

Location: University of Michigan – Dearborn Fairlane Center North

Quad E Room, North Building. (It’s the 1st room to the right in the 1st aisle

past the reception desk. See map and directions on page 5.) 19000 Hubbard Dearborn MI 48126 313-583-6511

Cost: Advance Registration: $20.00 Members $30.00 Non-Members $10.00 Students and Retirees

Reservations can be made at www.isaca-det.org

Advance registration ends at midnight Saturday, February 16, 2013 Members & Non-Members making reservations after the reservation deadline will be charged an additional $10. Walk-ins, excluding Students and Retirees, are subject to the late charge.

2

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

A Word From the President Dear Detroit Chapter Members,

Greetings! I hope this note finds all of you well. Our January meeting was very well attended with 83 participants who enjoyed fascinating and engaging presentations by Daniel J. Lohrmann CSO, DTMB, CIP on ”Why Do Security Professionals Fail? Prag-matic Solutions to Help Succeed” and by Daimon Geopfert CISSP, CISM, CISA, GHIC on “Hackers Meet Auditors, a Love Story...” It was a great eve-ning! I also want to thank Juman Doleh-Alomary, Pro-

gram Chair, for engaging such informative speakers for all of our meetings! If you missed these presentations, make sure you mark your calendar for our next meeting on Wednesday, February 20! Have you registered for training yet? Classes are starting to fill for the 14th an-nual IIA/ISACA Spring Conference. I encourage you to take advantage of this local, low-cost training and support your IIA and ISACA Chapters. Sessions will be held March 11 - 13, 2013 at The University of Michigan - Dearborn Fairlane Center North. Find track information and detailed descriptions of each session in the Spring Conference Brochure at the link below. We have even secured a spe-cial rate at a DoubleTree Hotel; registration is simple. See the link below for the schedule of classes: h t t p : / / w w w . i s a c a . o r g / c h a p t e r s 7 / D e t r o i t / E v e n t s /Documents/2013_Spring_Conference_Brochure.pdf Also, by clicking the next link you can quickly and easily register. Don’t miss out! http://www.cvent.com/events/14th-annual-spring-conference/ invitat ion-770794b399254801aac8b486d9c6b5ec.aspx Have you renewed your membership yet? To continue enjoying the benefits of membership, securely renew online by logging into your account at www.isaca.org. As a professional membership association, ISACA’s greatest resource is our members—and, as a member of ISACA, your greatest resource is the knowl-edge, networking and professional development opportunities that we offer you. ISACA membership and certification programs are accepted and recog-nized on a global scale. ISACA members receive discounts off ISACA exam registration rates, study materials and study sessions. Renew your membership by logging on at member benefits: www.isaca.org to ensure that you will continue receiving your • ISACA members have access to exclusive information and materials. Through the Knowledge Center, ISACA members can access the latest research deliverables; explore nearly all ISACA/ITGI-published books and more than 425 third-party books at no cost in the ISACA eLibrary; and be the first to use COBIT 5. • ISACA membership provides opportunities to network and promote your-self in the field. Attend global, local and online events where you can meet with other professionals, make connections and earn CPEs. Post your résumé/curriculum vitae at no charge on the ISACA Career Centre and search career opportunities in your town or around the world. Also, stayed tuned for announcements regarding social events, another seminar, and much, much more! As always, I invite you to contact me if you have suggestions, thoughts, con-cerns, or ideas to serve you better. Sincerely, Michele M. Haroon ISACA Detroit Chapter President

ISACA Detroit Chapter December meeting . Photo courtesy of Michael Ross

January Speaker Dan Lorhmann with Juman Doley-Alomary,

ISACA Detroit Chapter Program Chair

January Speaker Daimon Geopfert with Juman Doleh-Alomary,

ISACA Detroit Chapter Program Chair

ISACA Detroit Chapter December meeting . Photo courtesy of Michael Ross

3

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

Before Dinner Topic

Advanced Persistent Threat: Marketing Hype or Cause for Con-cern? Much has been said in recent years about “the APT” or “APTs”, often in terms of marketing a product or service. Is this an overused buzz word or is there a real threat to be aware of?

Before Dinner Speaker

Special Agent Adam Maddock has been with the FBI for seven years

investigating cyber crime matters including computer intrusions and

crimes against children. SA Maddock has a degree in Computer Science and worked in the Information Technology field for approximately eight

years prior to entering the FBI.

After Dinner Topic

The Truth Series Continues: APT & ATP are they the same?

Over the past few years the definition of these two Security industry buzz

acronyms have become blurred. Come learn difference between Advance

Persistent Threats (APT) and Advance Threat Protection (ATP) and what solution providers aren't telling you.

After Dinner Speaker

Tim Bates, ITIL is an information security profes-sional with 20 years experience designing, planning and implementing security programs and systems aligned to help organizations meet their business goals.

Seasoned business manager with more than 18 years experience with practice development, strategic plan-

ning, operations, marketing, mentoring, training, and team leadership within several types of enterprises in both the private and public sec-tors. Led global teams as large as 60 members including senior man-agement level personnel.

CALL FOR PAPERS In an attempt to make the Databyte more meaningful, we would like to publish articles of interest to the membership. We need your help!!! Have

you written a paper, article, whitepaper, etc., for your company newsletter,

website, etc., that you can share? If so please submit it to me at

m_forrest@wowway.com for publication in a future Databyte.

Welcome New ISACA Detroit Chapter Members

Timothy Cobor Jamison See

Samantha Kleitsch Rodger Will

Maureen Niemied Linda Taylor

Damon Stokes Christopher Johnson

Michael Cherry Joseph Forney

Sakthi Kandasami Gabriela Nurida

Kayla Davis Colin Loomis

Douglas Rau Jennifer Trotta

Wilson Lee Kamleshkumar Sureshbhai

Melinda Griffith Mousumi Patro

Dr. Anbukumar Sivasubramanian

January Chapter Meeting Raffle Winners Vicki Riley Deborah Gore John Giampa

Henry Danowski Laurie Hepner Paul Haley

Malini Sarma Diane Baker Pamela Fisher

Donna Kischuk Shakthidharan Sivaramakrishnan

SENIOR AUDITOR – THE AUTO CLUB GROUP

The Auto Club Group (ACG) is the second largest AAA club in North America.

ACG and its affiliates provide membership, travel, insurance and financial services

offerings to approximately 8.5 million members across 11 states and two U.S.

territories including Florida, Georgia, Iowa, Michigan, Nebraska, North Dakota,

Wisconsin, Puerto Rico and the U.S. Virgin Islands; most of Illinois, Minnesota

and Tennessee; and a portion of Indiana. ACG belongs to the national AAA fed-

eration with nearly 53 million members in the United States and Canada and whose

mission includes protecting and advancing freedom of mobility and improving

traffic safety.

This is a full-time position at the Administrative Office Building in Dearborn,

Michigan.

Responsibilities:

This position is in the Corporate Audit department, which addresses control activi-

ties in core business areas such as financial reporting, cash processing, compensa-

tion and benefits, as well as ACG’s banking operations. Responsibilities include

audit planning and execution with a high level of autonomy, plus performing risk

assessments, consulting on internal controls, preparing audit reports and supporting

our external auditors. Audits of banking operations will be a major focus for the

candidate selected for this position.

Qualifications:

Bachelor's degree in Business Administration, Accounting, Finance, or

a related field

Certified Public Accountant/Certified Internal Auditor/Certified Fraud

Examiner/Certified Information Systems Auditor

Strong oral and written communication skills to include technical report

writing

Willingness to travel on a limited basis

Three year’s experience in planning and conducting financial and opera-

tional audits with a high level of independence and autonomy

Extensive skills with Microsoft office applications

Two or more years of auditing experience at a federally chartered bank.

Preferred:

Experience with ACL or other computer audit tools.

Please forward your resume to: ACG Staffing Dept, Email:

jobs@aaamichigan.com Reference job #998703

The Auto Club Group is an Equal Opportunity Employer

On Tuesday, February 12, 2013, the Detroit Chap-

ter of the IIA will be celebrating its 70th

year! We are extremely excited about this mile-

stone and we cordially invite you to attend this

event. The anniversary event will be held at

Vista Tech, Schoolcraft Community College in

Livonia, MI starting at 4:00PM. For registration

information, see www.detroitiia.org.

4

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

2012/13 ISACA-Detroit Chapter Committee Members

Committee Directors

Academic Relations

Sajay Rai (Chair)

Siobhan Jordan

Susan Yamin

Robert Okopny

Certification

James Watson (Chair)

Brad Baron

Derrick Buckingham

Brenda Karl

Michael Forrest

Facilities

Carrie Schrader (Chair)

Greg Boehmer

Ryan Hodges

Linda Kearney

Internet Brandy Pfeiffer (Chair)

Ryan Hodges

Membership

Michael Forrest (Chair)

Brenda Karl

Siobhan Jordan

Sajay Rai

Nominating & Audit Doug Wahr (Chair)

Siobhan Jordan

Programs

Juman Doleh-Alomary (Chair)

Raj Patel

Greg Boehmer

Sajay Rai

Robert Okopny

Spring Conference

Doug Wahr (Chair)

Susan Yamin

Jason Sist

Juman Doleh-Alomary

Seminars

Brad Barton (Chair)

Carrie Schrader

Manish Zaveri

Doug Wahr

Bylaws, Policies and Procedures

Sajay Rai (Chair)

Michael Forrest

Linda Kearney

Social Committee

Derrick Buckingham (Chair)

Susan Yamin

Greg Boehmer

Flora Du

Jason Sist

Ad Hoc Committees

Siobhan Jordan Research Director

Ryan Hodges Social Media

Linda Kearney Webcast Meetings

Brad Barton 3rd Party Coordinator

BCBSM is looking for highly qualified individual

to join the Blues team

Some of the areas where BCBSM provides exciting careers are:

Blue Cross Blue Shield of Michigan/Detroit/Michigan - Auditor II This position assists management with general supervision in mitigat-

ing corporate risk exposures by conducting corporate control assess-ments of, providing risk education and consulting services to

BCBSM, its subsidiaries, vendors, supplier and contractors of the

company. Candidate must be able to perform audits and reviews which include identifying risks and controls to mitigate risk, testing of

controls, writing audit reports and conducting exit conference meet-

ings. Financial audit experience, knowledge of data analytic tools (i.e. ACL, SAS) and continuous auditing is preferred. B.A. required

and advanced degree preferred. Four years related work experience required, which includes two years of auditing experience.

Blue Cross Blue Shield of Michigan/Detroit/Michigan - IT Auditor I

This position assists management with general supervision in mitigat-ing corporate risk exposures by conducting IT control audits and IT

advisory services. Candidate must be able to perform IT audits and

reviews on information security, applications, operating systems, net-works, and IT governance controls. Knowledge of data analytic tools

(i.e. ACL, SAS) and continuous auditing is preferred. Must have strong communication skills. Two years of experience in IT Auditing

or related IT experience required.

Blue Cross Blue Shield of Michigan/Detroit/Michigan – IT Auditor I and II, Project Risk and Advisory Services

These positions assists management with general supervision in miti-gating corporate risk exposures by conducting IT control and project

implementation assessments. Candidates must be able to function as

skilled project advisors able to identify, assess, and effectively com-municate risks affecting large corporate implementations and initia-

tives as well as provide recommendations for mitigation. Knowledge

of traditional IT audit, project management, and IT governance re-lated to large scale project system implementations is preferred. Must

have strong communication skills. Three plus years of related work experience preferred.

Blue Cross Blue Shield of Michigan/Detroit/ - IT Audit Manager

Functions as a highly skilled internal control consultant responsible for conducting, leading, and managing internal information technol-

ogy (IT) audits/reviews, providing risk education and project consult-

ing services on behalf of the corporation to mitigate risk and assess the control environment of each auditable unit. Directs and supervises

auditors. Plan and supervise the day-to-day audit function to ensure that work is aligned with the goal of improving the risk management

and control environment at BCBSM. Develop and maintain frame-

works/models/criteria for assessing proposed or existing controls, structures, or systems.

- Bachelor's Degree in Business Administration, Accounting, Finance,

Management Information Systems, or a closely related field required. - Five (5) to seven (7) years of business experience.

- Three (3) to four (4) years of IT audit and review experience evalu-ating compliance with CoBIT related goals and objectives.

Experience in governance risk and compliance implementations a

plus.

5

ADVERTISE IN YOUR DATABYTE NEWSLETTER

¼ Page - $50.00

½ Page - $100.00

Full Page - $200.00

Contact Geralyn Jarmoluk at administrator@isaca-det.org

or Mike Forrest at m_forrest@wowway.com

Dinner Menu February 20, 2013

Salads: Bean Salad, Michigan Salad

Entrees: Baked Salmon; Chicken Park Place; Mostaccioli with Meat Sauce

Side Dishes: Roasted Red Skins, Broccoli and Cauliflower

Optional Vegetarian Selection: Cheese Ravioli (available only with pre-registration)

Dessert: Cheesecake

All dinners include rolls, butter, relish tray and coffee.

One alcoholic drink limit (beer and wine only); no other liquor available.

The Chapter must provide the number of reservations by 8:00 a.m. on the Monday before the meeting. To ensure that we can accommodate those who wish to attend and the facility can provide the best service possible, please make your reservations prior to midnight Saturday, January 12, 2013. If you have made a reservation and cannot attend, please contact Geralyn Jarmoluk at Administrator@isaca-det.org, or 248-762-7421 prior to the above noted deadline for refunds. Your coopera-tion is greatly appreciated. We are very sorry, but reservations not cancelled prior to the above noted deadline (midnight Saturday prior to the meeting) cannot be refunded as we are committed to the caterer for the meals ordered.

DATABYTE

Geralyn Jarmoluk, Editor

P.O. Box 99385

Troy, MI 48099-9938

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

Attend up to 4 Chapter Meetings FREE. In these difficult times, the ISACA Detroit Chapter Board wants to help. If you are unemployed, laid-off, or are not currently receiving a pay-check, we have some good news. It’s during times such as these that maintaining a network of peers and maintaining your level of training is so very important. We are, therefore, offering to allow you to attend up to four (4) meetings FREE. You must register for each meeting through the Membership Chairman by sending an e-mail stating that you are currently out of work and wish to attend the meeting. The e-mail must be received prior to the meeting registration close for that meeting. Please send the e-mail to Mike Forrest at

Directions to University of Michigan – Dearborn-Fairlane Center North, Located at 19000 Hubbard, Dearborn MI 48126

From the West Take I-94 East to Southfield (M-39) North. Follow Southfield (North) to the Michigan Ave. (U.S. 12) exit. Stay on the Southfield Service Drive to Hubbard Drive and turn left. Follow Hubbard Drive and turn right into the Southern en-trance of the U-M Dearborn/Fairlane Center (the marquis will reflect the follow-ing: The University of Michigan-Dearborn/Fairlane Center). Follow the entrance road to the back and turn left at the stop sign; the North Building will be located on your left hand side. Parking is directly across from the North Building.

From the East Take I-94 West to Southfield (M-39) North. Follow Southfield (North) to the Michigan Ave. (U.S. 12) exit. Stay on the Southfield Service Drive to Hubbard Drive and turn left. Follow Hubbard Drive and turn right into the Southern en-trance of the U-M Dearborn/Fairlane Center (the marquis will reflect the follow-ing: The University of Michigan-Dearborn/Fairlane Center). Follow the entrance road to the back and turn left at the stop sign; the North Building will be located on your left hand side. Parking is directly across from the North Building.

From the South Take Southfield (M-39) North to the Michigan Avenue exit. Stay on the South-field Service Drive to Hubbard Drive and turn left. Follow Hubbard Drive and turn right into the Southern entrance of the U-M Dearborn/Fairlane Center (the marquis will reflect the Following: The University of Michigan-Dearborn/Fairlane Center). Follow the entrance road to the back and turn left at the stop sign; the North Building will be located on your left hand side. Parking is directly across from the North Building.

From the North Take Southfield (M-39) South to the Ford Road exit. Stay on the Ford Road Ser-vice Drive to Hubbard Drive and turn right. Follow Hubbard Drive and turn right into the Southern entrance of the U-M Dearborn/Fairlane Center (the marquis will reflect the following: The University of Michigan-Dearborn/Fairlane Center). Follow the entrance road to the back and turn left at the stop sign; the North Building will be located on your left hand side. Parking is directly across from the North Building.