databyte - information security · also, stayed tuned for announcements regarding social events,...
TRANSCRIPT
PRESIDENT VICE PRESIDENT TREASURER SECRETARY Michele Haroon CPA, CISA Sajay Rai CPA, CISSP, CISM Linda Kearney CISA Brad Barton CISA Federal-Mogul Corporation Securely Yours LLC Chrysler Group, LLC Lear Corporation
VOLUME 27 #5 REGION 4 CHAPTER 8
DATABYTEDATABYTE
DIRECTORS
Greg Boehmer, CISA, CIA, CFE, CGEIT, CISSP, CISM, CRISC, PMP Deloitte & Touche
313-394-5524
Derrick Buckingham, CISA, CISSP, CISM, CRISC CSC
248-853-4860 Juman Doleh-Alomary, MSc.E, CISA, CISM, CRISC
Wayne State University 313-577-6406 Michael A. Forrest, CISA, CGEIT
TCS
586-292-4740
Ryan Hodges, CISA Deloitte & Touche
248-953-1151
M. Siobhan Jordan 734-891-5082
Brenda Karl, CISA, CGEIT, CRISC, QSA Accretive Solutions
248-633-2347
D. Robert Okopny, PhD, CIA, CFE, CMA
Eastern Michigan University
734-487-0246
Rajesh Patel Plante & Moran PLLC
248-223-3428 Brandy Pfeiffer, CISA Federal-Mogul Corporation 248-354-2602
Carrie Schrader, CISA, CBM, CFE, CGEIT CRISC GE
734-727-5436 Jason Sist, CISA Cooper Standard Automotive 248-946-1771
Doug Wahr, CISA, CISSP Auto Club Group (AAA) 313-436-7277
James M. Watson, CISSP, CISA, CIA Ford Motor Company
313-594-0609
Susan A. Yamin, CPA Ally
734-619-8425 Manish Zaveri, CISA, CPA
Delphi Corporation 248-888-9090
Monthly MeetingMonthly MeetingMonthly Meeting Wednesday, February 20, 2013Wednesday, February 20, 2013Wednesday, February 20, 2013
Pre-Dinner Topic: Advanced Persistent Threat: Marketing Hype or Cause for Concern? Special Agent Adam Maddock
After-Dinner Topic: The Truth Series Continues: APT & ATP are they the same? Tim Bates, ITIL
Date: Wednesday, February 20, 2013
Time: 4:30 – 5:00 Registration & Networking
5:00 – 6:00 Pre-Dinner Presentation 6:00 – 6:45 Dinner 6:45 – 7:45 After-Dinner Presentation
Location: University of Michigan – Dearborn Fairlane Center North
Quad E Room, North Building. (It’s the 1st room to the right in the 1st aisle
past the reception desk. See map and directions on page 5.) 19000 Hubbard Dearborn MI 48126 313-583-6511
Cost: Advance Registration: $20.00 Members $30.00 Non-Members $10.00 Students and Retirees
Reservations can be made at www.isaca-det.org
Advance registration ends at midnight Saturday, February 16, 2013 Members & Non-Members making reservations after the reservation deadline will be charged an additional $10. Walk-ins, excluding Students and Retirees, are subject to the late charge.
2
DATABYTE
DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH
A Word From the President Dear Detroit Chapter Members,
Greetings! I hope this note finds all of you well. Our January meeting was very well attended with 83 participants who enjoyed fascinating and engaging presentations by Daniel J. Lohrmann CSO, DTMB, CIP on ”Why Do Security Professionals Fail? Prag-matic Solutions to Help Succeed” and by Daimon Geopfert CISSP, CISM, CISA, GHIC on “Hackers Meet Auditors, a Love Story...” It was a great eve-ning! I also want to thank Juman Doleh-Alomary, Pro-
gram Chair, for engaging such informative speakers for all of our meetings! If you missed these presentations, make sure you mark your calendar for our next meeting on Wednesday, February 20! Have you registered for training yet? Classes are starting to fill for the 14th an-nual IIA/ISACA Spring Conference. I encourage you to take advantage of this local, low-cost training and support your IIA and ISACA Chapters. Sessions will be held March 11 - 13, 2013 at The University of Michigan - Dearborn Fairlane Center North. Find track information and detailed descriptions of each session in the Spring Conference Brochure at the link below. We have even secured a spe-cial rate at a DoubleTree Hotel; registration is simple. See the link below for the schedule of classes: h t t p : / / w w w . i s a c a . o r g / c h a p t e r s 7 / D e t r o i t / E v e n t s /Documents/2013_Spring_Conference_Brochure.pdf Also, by clicking the next link you can quickly and easily register. Don’t miss out! http://www.cvent.com/events/14th-annual-spring-conference/ invitat ion-770794b399254801aac8b486d9c6b5ec.aspx Have you renewed your membership yet? To continue enjoying the benefits of membership, securely renew online by logging into your account at www.isaca.org. As a professional membership association, ISACA’s greatest resource is our members—and, as a member of ISACA, your greatest resource is the knowl-edge, networking and professional development opportunities that we offer you. ISACA membership and certification programs are accepted and recog-nized on a global scale. ISACA members receive discounts off ISACA exam registration rates, study materials and study sessions. Renew your membership by logging on at member benefits: www.isaca.org to ensure that you will continue receiving your • ISACA members have access to exclusive information and materials. Through the Knowledge Center, ISACA members can access the latest research deliverables; explore nearly all ISACA/ITGI-published books and more than 425 third-party books at no cost in the ISACA eLibrary; and be the first to use COBIT 5. • ISACA membership provides opportunities to network and promote your-self in the field. Attend global, local and online events where you can meet with other professionals, make connections and earn CPEs. Post your résumé/curriculum vitae at no charge on the ISACA Career Centre and search career opportunities in your town or around the world. Also, stayed tuned for announcements regarding social events, another seminar, and much, much more! As always, I invite you to contact me if you have suggestions, thoughts, con-cerns, or ideas to serve you better. Sincerely, Michele M. Haroon ISACA Detroit Chapter President
ISACA Detroit Chapter December meeting . Photo courtesy of Michael Ross
January Speaker Dan Lorhmann with Juman Doley-Alomary,
ISACA Detroit Chapter Program Chair
January Speaker Daimon Geopfert with Juman Doleh-Alomary,
ISACA Detroit Chapter Program Chair
ISACA Detroit Chapter December meeting . Photo courtesy of Michael Ross
3
DATABYTE
DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH
Before Dinner Topic
Advanced Persistent Threat: Marketing Hype or Cause for Con-cern? Much has been said in recent years about “the APT” or “APTs”, often in terms of marketing a product or service. Is this an overused buzz word or is there a real threat to be aware of?
Before Dinner Speaker
Special Agent Adam Maddock has been with the FBI for seven years
investigating cyber crime matters including computer intrusions and
crimes against children. SA Maddock has a degree in Computer Science and worked in the Information Technology field for approximately eight
years prior to entering the FBI.
After Dinner Topic
The Truth Series Continues: APT & ATP are they the same?
Over the past few years the definition of these two Security industry buzz
acronyms have become blurred. Come learn difference between Advance
Persistent Threats (APT) and Advance Threat Protection (ATP) and what solution providers aren't telling you.
After Dinner Speaker
Tim Bates, ITIL is an information security profes-sional with 20 years experience designing, planning and implementing security programs and systems aligned to help organizations meet their business goals.
Seasoned business manager with more than 18 years experience with practice development, strategic plan-
ning, operations, marketing, mentoring, training, and team leadership within several types of enterprises in both the private and public sec-tors. Led global teams as large as 60 members including senior man-agement level personnel.
CALL FOR PAPERS In an attempt to make the Databyte more meaningful, we would like to publish articles of interest to the membership. We need your help!!! Have
you written a paper, article, whitepaper, etc., for your company newsletter,
website, etc., that you can share? If so please submit it to me at
[email protected] for publication in a future Databyte.
Welcome New ISACA Detroit Chapter Members
Timothy Cobor Jamison See
Samantha Kleitsch Rodger Will
Maureen Niemied Linda Taylor
Damon Stokes Christopher Johnson
Michael Cherry Joseph Forney
Sakthi Kandasami Gabriela Nurida
Kayla Davis Colin Loomis
Douglas Rau Jennifer Trotta
Wilson Lee Kamleshkumar Sureshbhai
Melinda Griffith Mousumi Patro
Dr. Anbukumar Sivasubramanian
January Chapter Meeting Raffle Winners Vicki Riley Deborah Gore John Giampa
Henry Danowski Laurie Hepner Paul Haley
Malini Sarma Diane Baker Pamela Fisher
Donna Kischuk Shakthidharan Sivaramakrishnan
SENIOR AUDITOR – THE AUTO CLUB GROUP
The Auto Club Group (ACG) is the second largest AAA club in North America.
ACG and its affiliates provide membership, travel, insurance and financial services
offerings to approximately 8.5 million members across 11 states and two U.S.
territories including Florida, Georgia, Iowa, Michigan, Nebraska, North Dakota,
Wisconsin, Puerto Rico and the U.S. Virgin Islands; most of Illinois, Minnesota
and Tennessee; and a portion of Indiana. ACG belongs to the national AAA fed-
eration with nearly 53 million members in the United States and Canada and whose
mission includes protecting and advancing freedom of mobility and improving
traffic safety.
This is a full-time position at the Administrative Office Building in Dearborn,
Michigan.
Responsibilities:
This position is in the Corporate Audit department, which addresses control activi-
ties in core business areas such as financial reporting, cash processing, compensa-
tion and benefits, as well as ACG’s banking operations. Responsibilities include
audit planning and execution with a high level of autonomy, plus performing risk
assessments, consulting on internal controls, preparing audit reports and supporting
our external auditors. Audits of banking operations will be a major focus for the
candidate selected for this position.
Qualifications:
Bachelor's degree in Business Administration, Accounting, Finance, or
a related field
Certified Public Accountant/Certified Internal Auditor/Certified Fraud
Examiner/Certified Information Systems Auditor
Strong oral and written communication skills to include technical report
writing
Willingness to travel on a limited basis
Three year’s experience in planning and conducting financial and opera-
tional audits with a high level of independence and autonomy
Extensive skills with Microsoft office applications
Two or more years of auditing experience at a federally chartered bank.
Preferred:
Experience with ACL or other computer audit tools.
Please forward your resume to: ACG Staffing Dept, Email:
[email protected] Reference job #998703
The Auto Club Group is an Equal Opportunity Employer
On Tuesday, February 12, 2013, the Detroit Chap-
ter of the IIA will be celebrating its 70th
year! We are extremely excited about this mile-
stone and we cordially invite you to attend this
event. The anniversary event will be held at
Vista Tech, Schoolcraft Community College in
Livonia, MI starting at 4:00PM. For registration
information, see www.detroitiia.org.
4
DATABYTE
DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH
2012/13 ISACA-Detroit Chapter Committee Members
Committee Directors
Academic Relations
Sajay Rai (Chair)
Siobhan Jordan
Susan Yamin
Robert Okopny
Certification
James Watson (Chair)
Brad Baron
Derrick Buckingham
Brenda Karl
Michael Forrest
Facilities
Carrie Schrader (Chair)
Greg Boehmer
Ryan Hodges
Linda Kearney
Internet Brandy Pfeiffer (Chair)
Ryan Hodges
Membership
Michael Forrest (Chair)
Brenda Karl
Siobhan Jordan
Sajay Rai
Nominating & Audit Doug Wahr (Chair)
Siobhan Jordan
Programs
Juman Doleh-Alomary (Chair)
Raj Patel
Greg Boehmer
Sajay Rai
Robert Okopny
Spring Conference
Doug Wahr (Chair)
Susan Yamin
Jason Sist
Juman Doleh-Alomary
Seminars
Brad Barton (Chair)
Carrie Schrader
Manish Zaveri
Doug Wahr
Bylaws, Policies and Procedures
Sajay Rai (Chair)
Michael Forrest
Linda Kearney
Social Committee
Derrick Buckingham (Chair)
Susan Yamin
Greg Boehmer
Flora Du
Jason Sist
Ad Hoc Committees
Siobhan Jordan Research Director
Ryan Hodges Social Media
Linda Kearney Webcast Meetings
Brad Barton 3rd Party Coordinator
BCBSM is looking for highly qualified individual
to join the Blues team
Some of the areas where BCBSM provides exciting careers are:
Blue Cross Blue Shield of Michigan/Detroit/Michigan - Auditor II This position assists management with general supervision in mitigat-
ing corporate risk exposures by conducting corporate control assess-ments of, providing risk education and consulting services to
BCBSM, its subsidiaries, vendors, supplier and contractors of the
company. Candidate must be able to perform audits and reviews which include identifying risks and controls to mitigate risk, testing of
controls, writing audit reports and conducting exit conference meet-
ings. Financial audit experience, knowledge of data analytic tools (i.e. ACL, SAS) and continuous auditing is preferred. B.A. required
and advanced degree preferred. Four years related work experience required, which includes two years of auditing experience.
Blue Cross Blue Shield of Michigan/Detroit/Michigan - IT Auditor I
This position assists management with general supervision in mitigat-ing corporate risk exposures by conducting IT control audits and IT
advisory services. Candidate must be able to perform IT audits and
reviews on information security, applications, operating systems, net-works, and IT governance controls. Knowledge of data analytic tools
(i.e. ACL, SAS) and continuous auditing is preferred. Must have strong communication skills. Two years of experience in IT Auditing
or related IT experience required.
Blue Cross Blue Shield of Michigan/Detroit/Michigan – IT Auditor I and II, Project Risk and Advisory Services
These positions assists management with general supervision in miti-gating corporate risk exposures by conducting IT control and project
implementation assessments. Candidates must be able to function as
skilled project advisors able to identify, assess, and effectively com-municate risks affecting large corporate implementations and initia-
tives as well as provide recommendations for mitigation. Knowledge
of traditional IT audit, project management, and IT governance re-lated to large scale project system implementations is preferred. Must
have strong communication skills. Three plus years of related work experience preferred.
Blue Cross Blue Shield of Michigan/Detroit/ - IT Audit Manager
Functions as a highly skilled internal control consultant responsible for conducting, leading, and managing internal information technol-
ogy (IT) audits/reviews, providing risk education and project consult-
ing services on behalf of the corporation to mitigate risk and assess the control environment of each auditable unit. Directs and supervises
auditors. Plan and supervise the day-to-day audit function to ensure that work is aligned with the goal of improving the risk management
and control environment at BCBSM. Develop and maintain frame-
works/models/criteria for assessing proposed or existing controls, structures, or systems.
- Bachelor's Degree in Business Administration, Accounting, Finance,
Management Information Systems, or a closely related field required. - Five (5) to seven (7) years of business experience.
- Three (3) to four (4) years of IT audit and review experience evalu-ating compliance with CoBIT related goals and objectives.
Experience in governance risk and compliance implementations a
plus.
5
ADVERTISE IN YOUR DATABYTE NEWSLETTER
¼ Page - $50.00
½ Page - $100.00
Full Page - $200.00
Contact Geralyn Jarmoluk at [email protected]
or Mike Forrest at [email protected]
Dinner Menu February 20, 2013
Salads: Bean Salad, Michigan Salad
Entrees: Baked Salmon; Chicken Park Place; Mostaccioli with Meat Sauce
Side Dishes: Roasted Red Skins, Broccoli and Cauliflower
Optional Vegetarian Selection: Cheese Ravioli (available only with pre-registration)
Dessert: Cheesecake
All dinners include rolls, butter, relish tray and coffee.
One alcoholic drink limit (beer and wine only); no other liquor available.
The Chapter must provide the number of reservations by 8:00 a.m. on the Monday before the meeting. To ensure that we can accommodate those who wish to attend and the facility can provide the best service possible, please make your reservations prior to midnight Saturday, January 12, 2013. If you have made a reservation and cannot attend, please contact Geralyn Jarmoluk at [email protected], or 248-762-7421 prior to the above noted deadline for refunds. Your coopera-tion is greatly appreciated. We are very sorry, but reservations not cancelled prior to the above noted deadline (midnight Saturday prior to the meeting) cannot be refunded as we are committed to the caterer for the meals ordered.
DATABYTE
Geralyn Jarmoluk, Editor
P.O. Box 99385
Troy, MI 48099-9938
DATABYTE
DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH
Attend up to 4 Chapter Meetings FREE. In these difficult times, the ISACA Detroit Chapter Board wants to help. If you are unemployed, laid-off, or are not currently receiving a pay-check, we have some good news. It’s during times such as these that maintaining a network of peers and maintaining your level of training is so very important. We are, therefore, offering to allow you to attend up to four (4) meetings FREE. You must register for each meeting through the Membership Chairman by sending an e-mail stating that you are currently out of work and wish to attend the meeting. The e-mail must be received prior to the meeting registration close for that meeting. Please send the e-mail to Mike Forrest at
Directions to University of Michigan – Dearborn-Fairlane Center North, Located at 19000 Hubbard, Dearborn MI 48126
From the West Take I-94 East to Southfield (M-39) North. Follow Southfield (North) to the Michigan Ave. (U.S. 12) exit. Stay on the Southfield Service Drive to Hubbard Drive and turn left. Follow Hubbard Drive and turn right into the Southern en-trance of the U-M Dearborn/Fairlane Center (the marquis will reflect the follow-ing: The University of Michigan-Dearborn/Fairlane Center). Follow the entrance road to the back and turn left at the stop sign; the North Building will be located on your left hand side. Parking is directly across from the North Building.
From the East Take I-94 West to Southfield (M-39) North. Follow Southfield (North) to the Michigan Ave. (U.S. 12) exit. Stay on the Southfield Service Drive to Hubbard Drive and turn left. Follow Hubbard Drive and turn right into the Southern en-trance of the U-M Dearborn/Fairlane Center (the marquis will reflect the follow-ing: The University of Michigan-Dearborn/Fairlane Center). Follow the entrance road to the back and turn left at the stop sign; the North Building will be located on your left hand side. Parking is directly across from the North Building.
From the South Take Southfield (M-39) North to the Michigan Avenue exit. Stay on the South-field Service Drive to Hubbard Drive and turn left. Follow Hubbard Drive and turn right into the Southern entrance of the U-M Dearborn/Fairlane Center (the marquis will reflect the Following: The University of Michigan-Dearborn/Fairlane Center). Follow the entrance road to the back and turn left at the stop sign; the North Building will be located on your left hand side. Parking is directly across from the North Building.
From the North Take Southfield (M-39) South to the Ford Road exit. Stay on the Ford Road Ser-vice Drive to Hubbard Drive and turn right. Follow Hubbard Drive and turn right into the Southern entrance of the U-M Dearborn/Fairlane Center (the marquis will reflect the following: The University of Michigan-Dearborn/Fairlane Center). Follow the entrance road to the back and turn left at the stop sign; the North Building will be located on your left hand side. Parking is directly across from the North Building.