Event

2008 ISACA SA Conference and post Conference Workshop From 18 August 2008 To 20 August 2008 The ISACA® SA Chapter Proudly Invites you to the 2008 South Africa Annual Conference.   This unique event focuses on the latest strategies to address business, managerial,operational,auditing and security challenges associated with information technology and information systems.     Conference Dates: 18 & 19 August 2008   Location: Monte Casino Fourways   Post Conference Workshop:  20 August 2008   Location: to be advised   Registration: http://www.isaca.org.za/Downloads   Keynote Speaker: From Information Technology Governance to Enterprise Governance in Information Technology.   Professor, Doctor Wim Van Grembergen   Wim Van Grembergen is professor and Chair of the Information Systems Management Department at the Economics and Management Faculty of the University of Antwerp (UA) and executive professor at the University of Antwerp Management School (UAMS). From 1989 to 1995 he served as Academic Director of the MBA Program of UFSIA (now UA) and presently he is academic coordinator of an IT-audit master program and an E-business master program.  Professor Van Grembergen is engaged in the continuous development of CobiT, the leading framework for IT control and IT audit. He is also member of the Academic Relations Task Force of ISACA and is currently conducting research projects for ISACA on IT Governance. Dr. Van Grembergen is a frequent speaker at academic and professional meetings and conferences and has served in a consulting capacity to a number of firms. He is a member of the Board of Directors of IT companies including an IT consultancy firm and an IT firm servicing a Belgian financial group. Recently he established at UAMS the ITAG Research Institute that aims to contribute to the understanding of IT Alignment and Governance through research and dissemination of the knowledge via publications, conferences and seminars.     “This year we have included, as part of the conference, the following longer and more advanced topics, by an international speaker to cater for our more experienced membership needs.”     Network Penetration Tools and Techniques   A 180 minutes session by John Tannahill, CISM Partner J. Tannahill & Associates, Canada   The participant will learn more about: Effective use of hacking tools for ‘white hat’ purposes Current tools and techniques used for network penetration tests and vulnerability assessments Techniques and methods to identify network vulnerabilities Ways to effectively use exploit codes and tools against the vulnerabilities identified Leading-edge tools such as the Metasploit Framework Key areas of vulnerability including network perimeters, firewalls and web application environments    Computer Forensic Analysis and investigation   A 180-minutes session by John Tannahill, CISM, Partner J. Tannahill & Associates   This session will focus on computer forensics including a detailed discussion of data collection, analysis and investigation tools and techniques. It will discuss different types of computer and network security incidents and associated live response and forensic processes and procedures that need to be used. The session will discuss live response procedures to a compromised server that resulted in theft of confidential financial information and forensic investigation of an employee workstation (where the employee is suspected of using corporate resources to store pornographic images and other unsuitable content) to demonstrate areas of evidence handling, forensic data acquisition, and analysis and investigation techniques.   The participant will learn more about: Live response requirements and data collection techniques Key forensic investigation procedures and processes How to use Windows and UNIX-based forensic tools and toolkits Types of forensic investigation techniques Acquisition and analysis of forensic evidence Forensic investigation reporting  Other speakers and topics include, amongst others: -     The relationship between Corporate Governance, IT Governance and Information Security governance. Prof basie Von Solms -       Using Cobit 4.1 for Assurance Audits: Professor, Doctor Wim Van Grembergen -        Evolution of e-Crime: Yvette du Toit: Ernst and Young -   Continuous Auditing Gobodo -        Limited Corporate Liability in Cyberspace: Reynhard Buys     Post Conference Workshop   Database Security: Current Audit and Control Issues   by John Tannahill, CISM , Partner, of J. Tannahill & Associates, Canada   This workshop will focus on the audit, control and security issues related to the use of database management systems in today’s business environments. It will provide a comparison and discussion of key security and control features in common database environments including Oracle 9i/10G, DB2/UDB, Microsoft SQL Server 2000/2005, MySQL and PostgreSQL environments. The workshop will demonstrate practical approaches and techniques for evaluating the implementation of database security and control.   The participant will learn more about: Relational database concepts Database objects (tables, views, stored procedures, triggers) Database schemas, instances Database security architecture Database connections Identification and authentication Default accounts and passwords System and object privileges Audit trails and security logs Role of operating system security Known security vulnerabilities Security patches Audit testing approaches Invitation to Join ISACA   Not yet a member? Become a member at both the international and chapter level and enjoy all the benefits of membership. You can also save on the conference fees. For more information about ISACA membership, contact the membership department by e-mail at membership@isaca.org or visit the ISACA web site at www.isaca.org/membership.   Membership disclaimer: By applying for membership in ISACA, members agree to hold ISACA and the IT Governance Institute, their officers, directors, agents, trustees, members and employees harmless for all acts or failures to act whilst carrying out the purposes of ISACA and the institute as set forth in their respective bylaws, and certify that hey will abide by ISACA’s Code     Cost, Registration and General Information   ISACA is offering VERY attractive pricing on conference and training packages.   Cost (all prices is inclusive of VAT)   Conference only (ISACA Members) R   5 000 Conference only (Non ISACA Members) R   6 500 Conference and post conference workshop (ISACA Members) R   7 500 Conference and post conference workshop (Non ISACA Members) R   9 700 Post conference workshop only (ISACA Members) R   2 500 Post conference workshop (Non ISACA Members) R   3 250   Early bird discount 20%: deadline 20 June 2008   The entire registration fee amounts indicated must be received by ISACA before your registration will be considered paid in full.   To register please download the registration form at http://www.isaca.org.za/Downloads and forward the signed form to admin@isaca.org.za or fax it to 0866891792. (Please note that only signed registration forms will be accepted)   Space is limited - BOOK NOW TO AVOID DISAPPOINTMENT!!   We will be updating the website on a regular basis with new information as it becomes available.   Dress   Dress for all sessions is business casual.   Continuing Professional Education Credits   All participants are eligible to receive up to 14 continuing professional education (CPE) credit hours. In addition, those who attend an optional workshop are eligible to receive an additional seven (7) credit hours. These credit hours are recognized by ISACA for Certified Information Systems Auditor (CISA®) and CISM® CPE hours and, where appropriate, by other professional organizations. Credential holders are responsible for verifying eligibility.   Conference Disclaimer   The speakers, topics and events are correct at the time of publication. If unforeseen circumstances occur, ISACA reserves the right to alter or delete items from the programme. The presenters have prepared their material for the professional development of ISACA members and others in the IS audit, control and security community. Although they trust that it will be useful for this purpose, neither the presenters nor ISACA can warrant that the use of this material will be adequate to discharge the legal or professional liability of members in the conduct of their practices.   To download the registration form please click here Contact: Juanita Truter - admin@isaca.org.za