Upcoming Events

WHY
* Stay on top of the ever changing field, with leading edge content from top notch speakers
* Get a fabulous lunch and snacks
* Earn 4-hrs CPE credits for certification maintenance
* Meet and network with other security professionals
* Win excellent door prizes!

WHO:
Guest Speakers
1. “Business Records to Digital Evidence”, Hoyt Kesterson, Terra Verde Services
2. “Wireless Security and BCP” – Douglas Haider, Xirrus
3 “Security Metrics – So What” – William Tang, Allgress
4. “VM Security”, Diane Barrett, University of Advancing Technology

WHAT:
Presenting ISSA Phoenix Quarterly Education Event
Limited space! Please RSVP your plan to attend NOW at
RSVP link

HOW:

$25 for guests at the PayPal Link ; walk-ins, by check or cash at the door
ISSA Members attend at no charge when they preregister

Register NOW, because space is limited!

WHERE:
ITT Technical Institute , 5005 S. Wendler Dr., Tempe, AZ 85282
(NW Corner, I-10 & Baseline, Across from Fry’s Electronics)
Directions: Exit Interstate 10 at Baseline Road in Tempe, and turn West. Go 1 block, and Turn North (Right) on Wendler, the 1st light and 1st street past the underpass. ITT Technical Institute is on the right side.

ISSA Phoenix Board
Debbie Christofferson, President
David Schlesinger, Vice President
Cheri Stucke, Secretary
Dee Ramon, Membership Director
Miriam Fernandez, Sponsorship Director
Jim Groark, Treasurer
Scott Davis, Web Director
Mark Williams, Program Director

To contact any board member, visit our web site at http://phoenix.issa.org

$$ Student Bonus $$

Student ISSA memberships:  Only $60/Yr.   Phoenix ISSA student members eat and learn on us at this low price.  Interested in the security field?  Get involved now-networking leads to the jobs.

SPONSOR OPPORTUNITIES

If your organization would like to help support Phoenix ISSA by sponsoring any of our events, contact us today.   Thank you for your kind support! 

Heading One

Heading Two

Heading Three

Heading Four

Heading Five

Heading Six

http://www.washingtonpost.com/wp-dyn/content/article/2009/12/15/AR2009121505075.html?referrer=emailarticle 

ISSA International President Howard Schmidt named Chief of Cybersecurity by President Obama

http://www.nytimes.com/2009/12/22/technology/internet/22cyber.html?_r=2

Announcing 4-day CISSP Exam Prep Class

November 4-7 (Thursday-Sunday)

We are offering this 4-day class for only $350 to ISSA paid members.    To Join ISSA by paper application or online, see ISSA Membership information.

Book Requirement: CISSP Certification All-in-One Exam Guide, 5th Ed. (All-in-One) (Hardcover), by Shon Harris:   This includes CBK updates not included in the 3^rd edition.

About the Instructor: Paul Maschack, CISSP, is an experienced security engineer and risk consultant previously with Wells Fargo and FreeScale.  He teaches the CISSP, using his own content, based on the Shon Harris book and other industry resources.

You should take this class if:

• You plan to sit for the CISSP exam in the near future
• You want to understand more of what the CISSP involves
• You want to enhance your knowledge of information security

The CISSP certification is administered by the ISC(2) (International Information Systems Security Certification Consortium) at www.isc2.org/

The 10 topic areas (domains):

• Access Control Systems and Methodology
• Telecommunications and Network Security
• Business Continuity Planning and Disaster Recovery Planning
• Security Management Practices
• Security Architecture and Models
• Law, Investigation, and Ethics
• Application and Systems Development Security
• Cryptography
• Computer Operations Security
• Physical Security

2010 President’s Letter

Welcome ISSA Members and Friends to another exciting year as we continue to evolve our chapter and profession!

Join us also in congratulating Mr. Howard Schmidt, ISSA’s International President, as the newly named US Cyber Security Czar.

Year in Review

• Hosted four ½ day education-focused events, two CISSP exam preparation workshops, a members-only event with ISACA, a Power resume forum, and a 10th anniversary year-end networking event. We invited ISC2 members to join us, and many did.
• Partnered for members to attend and staffed booths at the Data Connector’s Security Conference, SANS’ local security conference, Phoenix Technology Summit, and Interface 2009, and brought the IP3 security seminar back again at huge value and low cost.
• Awarded scholarships to four local academic institutions offering security programs, and recognized Member of the Year as Jim Groark, Treasurer.
• Surveyed for what our members desired and incorporated your feedback. Received consistently positive feedback.

2010 Plans

• Host four quarterly events, and at least two special events
• Co-host an ISSA-ISC2 1-day conference
• Partner and staff a booth at the IT Summit, Data Connector’s Security Conference, Phoenix Technology Summit, Interface 2009, and new-the 2010 Security World Conference.
• Elect a new board in October.
• Our web site gained a new face-with greater focus on job postings and chapter business.

Web Site

Our Web Director recently resigned due to competing work priorities, and Scott Davis, who has worked avidly on our new site, has stepped fully into the role. We want to thank Dave Bridgman for all his previous support, as our chapter and the web role grew. Every board member gives of their time and expertise, each one is valuable and we will miss Dave. http://phoenix.issa.org

Job Openings

Along with our new site, you will see advance postings of local security events, consistent job postings, speaker presentations, sponsors, and event announcements. We offer free postings to any recruiter or company with a job opening. Anyone is also free to view the postings, which do not require a login or membership. Send postings directly to Scott with full contact details and a brief job description or title and link. We post only for specific openings, not for generic job sites.

Volunteers

“Finding a place of passion and getting involved is the single biggest career, life and
business builder I know.”
- Debbie Christofferson, CISSP, CISM, ISSA Phoenix President, and ISSA International Board Director

Because so many of you wish to support our chapter as volunteers, we added a new Committee Chair for coordination and follow-up. Ms. Betty Mulcahey is leading volunteer effort. We have many opportunities you can support, for any place you want to step in, large or small. Drew Crook is initially populating and administering our new ISSA Connect Phoenix site at the www.issa.org -please visit and add your feedback or content.

Sponsorship

Sponsorship support has proved pivotal in our success. Vendor funding enables us to present quality meetings at low or no cost to you. Industry leaders have provided exceptional support with funding and door prizes for quarterly events, and for our 2007 and 2008 conferences. This year we recognized Sponsor of the Year, ITT Technical Institute, and four Platinum Sponsors: Executrain, Fishnet Security, NCC Networks, University of Advancing Technology.

There are dozens of other companies and we thank every one for their generosity and support. Security vendors have suffered greatly this year, with the world’s economic woes, and their continued investment in us has meant a lot.

Chapter Health and Leadership

Last year, we celebrated 10 years as a chapter, and we recognize Cindy Donaldson as our founder and original President. Serving on that first board as Secretary was Ed Vasko, as Treasurer, Drew Crook, and as Communications Director, Tom Schults.

We have attracted and built a very strong board, and special thanks are extended to our volunteer leadership team, who have helped make us such a great chapter.

ISSA Phoenix is a top 10 chapter in terms of size within ISSA International membership growth and numbers. Locally, we have enjoyed attendance in the past two years of 70-90, and it’s trending up. Sponsors also comment favorably on our chapter attendance and involvement.

2010 Elections

Board elections are coming up in October, for anyone wanting to run for a position. If you wish to help in a different way, contact Debbie or any current board member.

ISSA International

ISSA Connect: On the global front, ISSA has added a collaboration Forum, ISSA Connect. All members have been notified, and are invited to visit or contribute. Drew Crook is leading this for our chapter.

2010 Conference: Plan also to attend the inaugural ISSA security conference in Atlanta, GA, on Aug 16. It will be bookended across three days with a Congress for chapter leaders, and the Q3 CISO Executive Forum. ISSA will partner with the Atlanta chapter to offer a fantastic event that you won’t want to miss.

25 Years: ISSA celebrated our 25th Anniversary last year as a professional association. Los Angeles was our first chapter, and we hosted our celebration and annual meeting in Anaheim. Members are always welcome to attend the annual meeting, which includes awards and installation of new board officers.

Cheers to a great year ahead! We look forward to serving you and meeting the needs of our members.

Best Regards, Debbie Christofferson, CISSP, CISM
Phoenix ISSA President
http://phoenix.issa.org
480-988-4194
DebbieChristofferson@earthlink.net

International Auditing
Time: January 15, 2010, 12:00 PM - 3:00 PM EST

Credits: 3 Group Internet-Based CPEs

Fee: $395
Learning Level: Basic

Prerequisites: None

Advanced Preparation: None
************

Register Now!
************

Organizations are increasingly expanding globally and performing design, manufacturing, backroom operations, and sales and accounting functions (among many others). This is happening while technology increases the number and speed of transactions often leaving a limited paper trail. These dynamics present a real challenge for internal auditors, who must verify that processes are efficient and that internal controls are operating as intended.

In this three-hour webinar, you will gain the knowledge you need to improve your international audits.  Learn how to bridge the cultural gap and face the key challenges of working abroad so your audits and consulting projects are the most productive and rewarding. Prepare appropriately for your trip and avoid the typical mistakes auditors make in their planning, fieldwork and reporting.  

Agenda:
- Common mistakes that lead to the unrealistic planning of international deployments

- 10 tips for effective communications

- Mores and taboos - real and imaginary

- Identifying the key risks to the foreign operation

- How to work with an interpreter

- Winning actions that ensure the successful completion of your project

- Essential elements of personal safety

- Common project risk factors and how to avoid them

- Risks and benefits of having local auditors in foreign locations

- Ways to audit remotely when traveling is not an option

****************************************
Additional Webinars Taking Place in January…

Planning & Performing Integrated Audits

Time: January 14, 2010, 11:30 AM - 5:00 PM EST, includes a 30-minute break for lunch

Credits: 5 Group Internet-Based CPEs

Fee: $595
Learning Level: Basic

Prerequisites: None

Advanced Preparation: None
************

Register Now!
************

Audit departments have been trying for decades to implement integrated auditing objectives that fully integrate a focus on enterprise risks with IT risks.  This goal has evaded many organizations due primarily to a lack of adequate planning, scoping and execution of integrated audits.  In this pragmatic seminar you will review an integrated auditing methodology including valuable risk-based scoping and staffing considerations that will help ensure successful integrated audits. 

Agenda:

- What is Integrated Auditing?

- Roadblocks to Achieving Success

- Staffing for the Integrated Audit

- Planning and Scoping Integrated Audits

- Integrating Enterprise and IT Risks

- IT Control Components

- Determining Key Application and IT Controls

- Establishing Control Ownership

- Objectives of an Application Audit

- Top-Down, Risk-Based Audit Planning

- Audit Planning Using the Transaction Life Cycle

- Determining High-Risk Application Transactions

- Reviewing Business and Application Controls

- Addressing End-User Computing Risks

- Embedded vs. Configurable Application Controls

- Testing Application Controls

- Using CAAT Tools

- Documenting Application Controls

- User Access Controls and SOD

- Application Change Management

- Application Business Continuity Planning

- Auditing Key IT General Controls: OS, DBMS

- Integrated Auditing Resources and Audit Programs

****************************************

Introduction to Networks & Encryption
Time: January 21, 2010, 11:30 AM - 5:00 PM EST (includes a 30-minute break for lunch)

Credits: 5 Group Internet-Based CPEs

Fee: $595
Learning Level: Basic

Prerequisites: None

Advanced Preparation: None
************

Register Now!
************

Because today’s information processing environment requires networks to be operational and secure, it is important for all auditors to have at least a basic understanding of network risks.  In this webinar you will focus on understanding critical network components, terminology and associated risk. You will review the basic operating characteristics and risks associated with key network components, alternatives for securing network perimeters as well as obtain an understanding of encryption functionality.  This webinar is designed for financial and operational auditors as well as entry level IT Auditors who want an understanding of key network components and risks. 

Agenda:

- Network Terminology

- Network Security Risk Analysis

- Network Security Strategy

- OSI Model & TCP/IP Encapsulation

- Network Address Management - MAC & IP Addressing

- Network Service Ports

- LAN and WAN Protocols

- Physical Network Media

- Network Devices

- Network Perimeter Security Objectives

- Firewalls

- DMZ

- Intrusion Detection Systems (IDS)

- Virtual Private Network (VPN) Security

- Wireless Security

- Encryption

For more information about MIS Training Institute’s Webinar Series or inquiries about group rates, contact:

Email: abelge@misti.com

For a list of upcoming webinars, go to: http://misti.webex.com

FEBRUARY
Internal Audit University - 30 CPEs
February 8-11, 2010, Dallas, TX

Process Flow Auditing - 22 CPEs

February 22-24, 2010, Washington, DC

IFRS Boot Camp - 30 CPEs

February 23-26, 2010, New York, NY

Advanced Fraud Auditing - 30 CPEs - HANDS-0N

February 23-26, 2010, New York, NY

Consulting Skills for Auditors - 22 CPEs

February 24-26, 2010, Orlando, FL

MARCH

IT Auditing and Controls - 22 CPES

March 15-17, 2010, Atlanta, GA

Risk-Based Internal Auditing - 22 CPEs

March 15-17, 2010, Washington, DC

Six Sigma Skills for Auditors - 22 CPEs

March 22-24, 2010, Chicago, IL

Governance, Risk, and Compliance: Putting the Right Framework in Place - 22 CPEs

March 22-24, 2010, West Palm Beach, FL

Auditing for Utilities - 30 CPEs

March 22-25, 2010, New York, NY

Sarbanes-Oxley: A Road Map to Compliance - 15 CPEs

March 25-26, 2010, Washington, DC

Training Week Boston - Earn up to 37 CPEs

March 29-April 2, 2010, Boston, MA

Contract Auditing: From Risk to Recovery - 22 CPEs

March 31-April 2, 2010, San Francisco, CA

Live Webinars

MIS now offers live, interactive webinars covering a variety of topics for internal auditors, IT auditors, and information security professionals. For a schedule of upcoming webinars, CLICK HERE.

Mark your calendar and make your plans to attend one of these career-building programs today.

IMPORTANT: Your Registration Code is SEM10-EB1. Please refer to it when you register.