Topic:          Creating Predictive Scorecards
Speaker:      Forrest W. Breyfogle III, Quality Professional of the Year, Winner of the Crosby Medal,  Fellow of the ASQ, and CEO of Smarter
                    Solutions, Inc.    Mr. Forrest Breyfogle has established himself as a leading edge thinker, a prolific author, an innovative consultant,
                    a world-class educator, and a successful business executive.  He recently completed a  five-book set, Integrated Enterprise 
                    Excellence, which provides radical management advancements in the utilization and integration of scorecards, strategic planning, 
                    and process improvement.
Time:           11:30-1:00
Location:   Austin Womans Club

                    Measurements are meant  to provide a means for understanding product and/or process risks; however, many traditional performance reporting methodologies do not provide this insight and can be deceptive.  Traditional performance reporting assessments such as a table of numbers, stacked bar charts, pie charts, and red-yellow-green scorecards often lead to inappropriate, unhealthy, or even destructive behaviors, which can have unforeseen high risks.  During this session we will describe a predictive performance scorecard system that can be integrated into overall business management so that risks are minimized and the organization’s bottom line can be enhanced.   

Registration Information

Topic:        TBD
Speaker:    TBD
Time:         11:30-1:00

Location:      Austin Womans Club

Topic:          TBD
Speaker:      TBD
Time:           11:30-1:00

Location:      Austin Womans Club

December Half-Day Seminar & Luncheon 
Date:   Dec 13, 2011

Session 1: Purple Hair, Pocket Protectors and Paranoia: Inside the mind of the Geek, the Hacker and the IT Security Person.
Session 2: Schrodingers Cat: A Hacker Looks at Risk
At the end of the lecture and discussion, you will have more insight into how security people think, looking at the differing roles within IT and IT Security. We will then look at the concept of risk as seen by a hacker.

        - See the concept of risk from a technical perspective, how it might differ from policy and why it might differ.
        - See how the various roles within IT Security see their world, and howto get what you need from them with as little pain as possible.
        - During these lectures/discussions, we will look at how the many roles, look at IT, how they approach their duties, why they think the way they do, to look at things from their perspective. You will learn how to communicate with these folks, how to get your questions answered, find out how they communicate, and how they do not communicate.

Speaker: Chip Meadows, CISSP,CISA,CCSE
Chip Meadows joined Digital Defense, Inc. in May of 2009 and currently serves as a Senior Security Analyst on the Compliance Operations team. In this capacity he is a part of a team of professionals providing compliance services to DDI clients, such as penetration testing, architectural reviews, PCI compliance guidance, wireless assessments, system audits and other IT and Security related services. Cumulatively, Mr. Meadows has over 24 years experience in the information security, audit/compliance and information technology fields.  His experience spans 12 years in the financial services space and 12 years of hands on client support
 and consulting.
___________________________________________________________________________

Luncheon Topic:  Risk Assurance in the Cloud
This presentation will give attendees an understanding of the risks they face in utilizing cloud service providers, the controls that should be present to mitigate those risks and the methods available to gain assurance on those controls. Special attention will be given to the AICPAs new reporting standard (SOC 1, 2 & 3) as well as other standards such as PCI and ISO 27001.

Speaker:   Brian J. Thomas, CISA, CISSP and Partner in Advisory Services at Weaver, LLP 
Mr. Thomas has many years of experience in consulting; managing teams delivering IT-focused solutions such as SOX assistance, IT audits, project management, IT security assessments, implementation of enterprise systems, and SAS 70. Industries served: Technology, Energy, Manufacturing, and Service Providers including Data Centers. He earned a Master and a Bachelor of Science/Civil Engineering from The University of Texas at Austin. He is a member of: Project Management Institute, Institute of Internal Auditors, International Information Systems Security Certification Consortium, and Information Systems Audit and Control Association.


 Schedule: 7:15 am - 7:45 am: Seminar Check-In & Networking
               8:00 am - 11:00 am: Seminar Meeting
               11:15 am - 11:45 am: Luncheon Check-In & Networking
               11:45 am - 1:00 pm: Luncheon Meeting 
Price: 
        Seminar (Including Luncheon): $100 for ISACA and IIA members.  $125 for non-members
       Luncheon ONLY: $24 for ISACA and IIA members.  $28 for non-members.

Location:  Crowne Plaza Hotel
               6121 North IH-35
               Austin, Texas

___________________________________________________________________________________________________________________

The Austin Chapter of the Information Systems Audit and Control Association is now taking registrations for its highly successful CISA Review Course. The course offers up to 18 CPE's and high quality certified instructors.

Seminar Focus and Features
The objective of this course is to prepare participants to successfully sit for the 2011 CISA exam. The course is interactive, and participants are encouraged to actively participate in the presentation of CISA material. The course closely follows the CISA Review Manual.  We recommend that each CISA candidate obtain a copy of the CISA Review Manual to obtain full benefit from the course (to place an order please contact the ISACA Bookstore).

Each session will consist of review of key concepts of each domain and a practice exam at the end of each session.

Day 1 – Saturday, November 12th, 2011 

(8:30AM to 4:30PM)
- Introduction
- Chapter 1:  The Process of Auditing Information Systems
- Chapter 2: IT Governance and Management of IT

Day 2 – Saturday, November 19th, 2011

(8:30AM to 4:30PM)
- Chapter 3: Information Systems Acquisition, Development and Implementation
- Chapter 4: Information Systems Operations, Maintenance and Support

Day 3 – Saturday December 3rd, 2011

(8:30AM to 12:30PM)
 - Domain 5: Protection of Information Assets  
 - Summary/Review

Location: Orangewood Suites
                 935 La Posada, Austin, TX 78752
                 (512) 459-3335

Cost: $100 for members, $150 for non-members
CPE: Up to 18 hours
___________________________________________________________________________________________________________________

Time:           6:00-8:00pm (sign-in starts at 6:00pm)

Join us for the Annual Member Appreciation Dinner at County Line on the Lake. This get-together is intended to express our appreciation for our members that have supported the Austin Chapter throughout this year.  

Location:      County Line on the Lake
                       5204 Ranch Road 2222
                       Austin, TX 78731-6516
                       (512) 346-3664
                      For more information and directions go to http://www.countyline.com/CountyLineLake.html


Cost:           FREE for members, $30 for non-members

___________________________________________________________________________________________________________________

The Austin IIA & ISACA Chapters would like to invite you to our annual Spring Golf Outing!

Date: Friday, May 20, 2011
Location: Shadow Glen Golf Club (http://www.shadowglengolf.com)
12801 Lexington St.
Manor, TX 78653
512-278-1304

****** FOR PARTICIPATING IIA AND ISACA MEMBERS AND INVITED GUESTS ******

Entry Fee: $50/player (+tax) - includes greens fee, range balls, cart, and lunch!
Other: $1 mulligan/player/round available (can use on drives, approaches and putts!)

SCHEDULE OF EVENTS:
Lunch available - 12:00pm-1:00pm;
Registration & Range - 12:00pm
Tee times - 1:30pm (Shotgun start)

FORMAT:
4-person scramble; must use each team member's drive at least twice.

Deadline to Register: 5:00pm - Friday, May 6, 2011

Teams to be finalized and distributed via e-mail shortly thereafter.

PRIZES:
Closest to the Pin and Longest Drive

Remember, it’s an "outing" not a "tournament"

Other prizes include:

Most individual drives used; Shortest Drive; Most Balls LostSo remember to keep track of these - the idea is to have fun and interact!
___________________________________________________________________________________________________________________

Topic:          Putting the "Business" in Business Continuity
Speaker:      Shaun Williams, CEO, The Operati Group
Time:           11:30-1:00

This meeting will also serve as the Chapter's Annual General Membership Meeting, and we will be electing the 2011-2012 Chapter Officers.  Note that only members may vote in the election.

Location:      Austin Womans Club
                     (Location information)

This presentation will cover Business Continuity Planning and some of the standards such as the Federal Financial Institutions Examination Council (FFIEC)’s Business Continuity Planning Examination Handbook, and others.

For 15 years prior to joining The Operari Group, Shaun Williams delivered information solutions for some of the world’s largest companies, including: Citicorp, Harcourt, Teradata, SWBC, St. Mary’s University, The Defense Commissary Agency, Wellpoint, Clear Channel Communications, The Texas Workforce Commission, HP, Safeco Insurance, Texas A&M University, H-E-B Grocery, Williams-Sonoma, AAFES and Rohm & Haas.

___________________________________________________________________________________________________________________

Topic:          DNSSEC: What You Don't Know Will Hurt You
Speaker:      Dean Bushmiller, CISSP, ISSAP, CEH, CRISC, GSEC
Time:           11:30-1:00

Location:      Austin Womans Club

This presentation will cover an overview of DNS/DNSSEC/ DNS security.  After the presentation the attendee will will have a basic understanding of DNS/DNSSEC and will be able to describe the driving forces behind the move to DNSSEC, how deployment assumptions about past protocols can disrupt the availability of resolution for our customers, and why outsourcing DNSSEC to our ISPs is problematic.

Dean Bushmiller currently consults on information assurance, operational security, and penetration testing. He focuses on converting the business philosophy of "security is an obstacle" to "security is a money maker".  He has served on 6 beta testing teams, including the prestigious CISecurity.org. He is the subject matter expert on the 10 domains of the CISSP official curriculum. He has written 20 quizzing and video apps for the ipad and iphone and is about to release 5 more for the Certified Ethical Hacker exam. Dean has been teaching online for 7 years and face-to-face for 11.  As a non-military person, Dean Bushmiller is a proud recipient of 6 mission coins for preventing deer-in-headlights look.
___________________________________________________________________________________________________________________

Topic:          Penetration Testing As An Auditor's Tool
Speaker:      Jeremy Powell, Consultant, atsec Information Security
Time:           11:30-1:00

Location:      Austin Womans Club

Penetration testing is a valuable supplement to any security audit, as it provides empirical evidence that deployed security mechanisms work.  In this presentation, we will discuss different kinds of penetration testing, identify tools and methodologies that are used to perform such tests, and point out the ethical and legal considerations that must be addressed.

Jeremy Powell is a consultant with atsec information security. He is the lead penetration tester for the Austin atsec office, as well as an
evaluator for several security standards including the Common Criteria and FIPS 140-2.

Topic:          On the path to the state of Information Security, why compliance isn’t far enough
Speaker:      Brian Engle, CISA, CISSP, Chief Information Security Office and Director of Information Security, Temple-Inland
Time:           11:30-1:00

Location:      Austin Womans Club

Topic:          Logging, Monitoring and Alerting and the information behind why it is important and what to look for in an IT Audit
Speaker:      Michael Gough, Sr. Risk Analyst, Information Security Division, Comptroller
Time:           11:30-1:00

Location:      Austin Womans Club

 ____________________________________________________________________________________________________________________

Topic:          Hot off the presses: PCI DSS 2.0
Speaker:      Clint Garrison, IT Security Consultant, Dell
Time:           11:30-1:00

Location:      Austin Womans Club
___________________________________________________________________________________________________________________

Topic:          OWASP Top 10 – Web Application Vulnerabilities
Speaker:      Matt Tesauro, Security Analyst, Trustwave
Time:           11:30-1:00

Location:      Crowne Plaza Hotel - Austin, 6121 North IH-35, Austin, Texas  78752
___________________________________________________________________________________________________________________