Facilitated CISA Study Session 21/4/2015 : Chapter 3 Part 2 to be broadcast via Google Hangouts

Posted on April 21, 2015

This evening we are discussing Chapter 3 of the study material. We will had an overview last week so if you didn’t catch that please go back and look at last week’s recording. This afternoon we are discussing specific challenges participants may have and also questions from any of the sources that they may have got wrong or are having difficulty understanding.

The sessions from the last few weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try to do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

You can download a copy of tonight’s slides here : ITSec CISA Prep June 2015 session 7 21st April 2015 Chapter 3 pt2

Facilitated CISA Study Session 14/4/2015 : Chapter 3 Part 1 to be broadcast via Google Hangouts

Posted on April 14, 2015

This evening we are discussing Chapter 3 of the study material. We will have an overview of the content of the chapter and then discuss specific challenges participants may have and also questions from any of the sources that they may have got wrong or are having difficulty understanding.

The sessions from the last few weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try and do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

You can download a copy of tonight’s slides here : ITSec CISA Prep June 2015 session 6 14th April 2015 Chapter 3 pt1.

Facilitated CISA Study Session 7/4/2015 : Chapter 2 Part 2 to be broadcast via Google Hangouts

Posted on April 07, 2015

This evening we are discussing Chapter 2 of the study material. Refer back to last week’s broadcast for an overview of the chapter content. This week we are discussing specific challenges participants may have and also questions from any of the sources that they may have got wrong or are having difficulty understanding.

The sessions from the last two weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try and do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

Download the slides from the session here.  ITSec CISA Prep June 2015 session 5 7th April 2015 Chapter 2 pt2

Working with SQL Server error logs in Log Parser Studio

Posted on April 05, 2015

Microsoft Log Parser Studio (LPS) has become one of my favourite (free) tools whenever it comes time to work with log files of any significant size. In the past I have always used one of the pre-define log type formats when working with log files. Recently I needed to work with SQL Server error logs and was a little concerned initially that there was no pre-defined format for these logs and trying one of the standard log types didn’t give me the output I expected (or needed).

With a little bit of effort I managed to figure out what was required, it turned out to be fairly simple. The trick was using the TSV format and then customising the settings.

LPS - select TSVLOG

 

Read the rest of this entry »

The new Nespresso Limited Edition Monsoon Malabar is available

Posted on March 31, 2015

 

 

 

 

Nespresso Monsoon Malabar

 

The new Nespresso Monsoon Malabar is available to try. It’s an Indian coffee of a fairly high (8) intensity that is ideally enjoyed as an espresso. Time to head on down to the Nespresso shop and grab some to try.

Will report back once have had a chance to sip on some.

 

Slides for Facilitated CISA Study Sessions 24/3/2015 & 31/3/2015 : Chapter 1 Part 2 & Chapter 2 Part 1

Posted on March 31, 2015

Last week we held the third of the CISA facilitated study sessions at the ITSec offices.  The number of attendees is still growing and we have an increasingly diverse group of attendees which is greatly beneficial to all participating.  The last two sessions were broadcast on Google Hangouts on Air.  Our listener count was up to two :)  The benefit of doing the broadcast is that it is recorded and now available for anybody to watch / listen to. Check it out (links in post below) and let us know if it is useful.

This evening’s session beings in about two hours. Please feel free to join us.

Attached below are the slides from the session of 24/3/2014 as well as tonight’s session (they are also in the recorded hangout).

ITSec CISA Prep June 2015 session 3 24th March 2015 Chapter 1 pt 2

ITSec CISA Prep June 2015 session 4 31st March 2015 Chapter 2 pt 1

Facilitated CISA Study Session 31/3/2015 : Chapter 2 Part 1 to be broadcast via Google Hangouts

Posted on March 31, 2015

The sessions from the last two weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try and do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

Hangouts are limited to a maximum of 10 people participating via video / audio and many more who can watch the video feed and participate in the chat. First come first serve.

Facilitated CISA Study Session 24/3/2015 : Chapter 1 Part 2 to be broadcast via Google Hangouts

Posted on March 19, 2015

Last week’s session seemed to work reasonably well on Google Hangouts On Air so we will try and do the same for the next session. If you have missed it the recording is available. If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

Hangouts are limited to a maximum of 10 people participating via video / audio and many more who can watch the video feed and participate in the chat. First come first serve.

 

 

Slides for Facilitated CISA Study Session 17/3/2015 : Chapter 1 Part 1

Posted on March 18, 2015

Last night we held the second of the CISA facilitated study sessions at the ITSec offices.  The number of attendees is growing and we have an increasingly diverse group of attendees which is greatly beneficial to all participating.  We also broadcast the session on Google Hangouts on Air.  We had a total of zero :) live listeners to the event. The benefit of doing the broadcast is that it is recorded and now available for anybody to watch / listen to. Check it out (links in post below) and let us know if it is useful. I encourage anybody who would like to join the live session next week to listen to this week’s session and just leave a comment here or pop me a mail / message on twitter to let me know you will be joining.

Attached below are the slides from last night for your reference (they are also in the recorded hangout).

ITSec CISA Prep June 2015 session 17th March 2015 Chapte 01 part 1

Solution to CISA 2014 Self-Assessment

Posted on March 18, 2015

A number of the participants in our weekly CISA study session asked for the solution to the 2014 CISA self assessment hosted on the ISACA website.

Summary

Summary

Below is a PDF print of the answers. Please use responsibly and goodluck with your studies.

CISA Self-Assessment – all answers (all correct)

Facilitated CISA Study Session 17/3/2015 : Chapter 1 Part 1 to be broadcast via Google Hangouts

Posted on March 16, 2015

ITSec is hosting CISA Exam Preparation facilitated study sessions at our offices in West Riding, Durban. Last week we had the kickoff session where we just did some introductions, discussed expectations of the participants for the exam and for the study sessions, spoke a bit about the structure of the exam and the five practice domains,  spoke through Geroge Pajari’s Ten Steps to acing the exam, agreed and approach to the studies and set some objectives and pre-work for the next study session (to be held on Tuesday 17th March 2015).

If you are based in KZN you are welcome to join us for these sessions. Take a look on the ITSec website for directions to our offices (a map is included in the presentation pack).

On Tuesday 17th March at 4:45pm South Africa time (GMT+2) we will be covering Chapter 1 of the study guide. Participants were asked to do the self assessment on the ISACA website, read Chapter 1, note down area of concern, do some of the sample questions and come with a list of questions that went wrong.

For those not close enough to join us for the sessions, download the slides, read through and see if you can find some useful tips in there. You can also use the study schedule, customise it for your use, and then have a structured plan for your exam prep. Having a structure to assist in your study discipline is always a good idea.

We are going to try and set up a Google hangout for the session Tuesday afternoon. I am not sure how that will work out, we don’t have professional equipment to broadcoast the session, so it will be done off a reasonable webcam. Feel free to join us.

Google Hangout event link

Youtube link

 

 

Download a copy of the introductory presentation from last week.

ITSec CISA Prep June 2015 session 1 10th March 2015 with slides for Prep 17th March

 

 

 

Checking a sample of South African ID Numbers in Excel

Posted on March 11, 2015

All South African Identity numbers have built in validation digits. The formula to check these isn’t a secret. This afternoon I needed to check a list of ID numbers to ensure they were all valid and was most grateful to Robert MacLean (and Riaan Pretorius) for their work in putting together (and sharing) an excel sheet which can validate the numbers. Just copy and paste in your sample.

Find a copy of this useful spreadsheet here : ID Number checker

Cross posted on ITSec’s blog.

 

CISA, CGEIT, CRISC. What is a good score in an ISACA exam?

Posted on March 11, 2015

Please note these are all my own opinions and comments, based on my experiences and results. This is not an official ISACA post in any way.

There is not a lot of information available on ISACA exam scores and what would constitute a “good” score. After I received my exam results from the most recent CISA exam (and before receiving confirmation of a placing), I thought I had done quite well and wanted an idea of just how good a score this was. I looked around and really couldn’t find much.

Many years ago ISACA used to score their exams with a simple percentage score. 75 was required to pass the exam. A number of years ago they switched to a new system, where the results are provided on a scaled score with the maximum score of 800. A scaled score of 450 or higher is required to pass, which represents the minimum consistent standard of knowledge as established by ISACA’s Exam Certification Committee (there is one for each qualification). The score represents a conversion of individually weighted raw scores based on a common scale. As such you cannot  apply a simple arithmetic mean to convert area scores to your total scaled score. (Wording from various ISACA sources).

A comment on one site that a score of over 700 was a tremendous achievement was the best I could see.  I had written two other ISACA exams over the last few years so went back and looked at those scores and I could see I had done quite a bit better this time, although I had done well in those exams too.

So for those interested, I publish my results from the last three exams.  The information below is edited from results emails received from ISACA after each of the exams in question. I am fairly sure that a “good” score would be exam dependent and vary from exam to exam and year to year. Nonetheless, take this for what it is, set yourself a lofty goal, and good luck with your studies towards achieving one of ISACA’s globally recognised and universally accepted qualifications in the space of Risk, Security, Governance and Compliance.

If you happen to be based in Durban and are planning to write the CISA exam (or one of the others), we are hosting a facilitated study group at the ITSec offices in Durban. This is a no-cost endeavour for the good of the community. Come along and join us. We had a planning session last night and will be meeting weekly from next Tuesday. Studying with a diverse bunch of your peers is a whole lot better than doing it alone. More details here : ITSec facilitated study group.

Justin J Williams

CA(SA), CISSP, MBA (UKZN), CISA(pend), CGEIT(pend),CRISC(pend)

Director, ITSec.

 

Exam Results : December 2014 CISA exam

We are pleased to inform you that you successfully PASSED the exam with a total scaled score of 727.Your score was in the top 5 percent of those testing. For your information, your exam results by area are provided below.

SCALED SCORES OF YOUR PERFORMANCE BY AREA:

  • The Process of Auditing Information Systems: 800
  • Governance and Management of IT: 714
  • Information Systems Acquisition, Development and Implementation: 767
  • Information Systems Operations, Maintenance and Support: 615
  • Protection of Information Assets: 759

This score of 727 was ranked 1st in the World for the December 2014 CISA exam. 

As an aside, this is not the first time I had written the ISACA exam. I wrote and passed it back in 1996 with a score of 83% under the old scoring system. Why would I write it again? A little “oopsie” with CPE credits along the way meant I lost the certification at some point. Based on a new position I took late last year my new employer asked me to write the exam again.

Exam Results : June 2013 CGEIT exam

We are pleased to inform you that you successfully PASSED the exam with a total scaled score of 644.Your score was in the top 5 percent of those testing. For your information, your exam results by area are provided below.

SCALED SCORES OF YOUR PERFORMANCE BY AREA:

  •  Framework for the Governance of Enterprise IT: 722
  • Strategic Management: 702
  • Benefits Realization: 615
  • Risk Optimization: 598
  • Resource Optimization: 540

This score of 644 was ranked 1st in South Africa for the June 2013 CGEIT exam. 

 

Exam Results: December 2012 CRISC exam

We are pleased to inform you that you successfully PASSED the exam with a total scaled score of 634. For your information, your exam results by area are provided below.
SCALED SCORES OF YOUR PERFORMANCE BY AREA:

  • Risk Identification, Assessment and Evaluation: 534
  • Risk Response: 688
  • Risk Monitoring: 650
  • Information Systems Control Design and Implementation: 650
  • Information Systems Control Monitoring and Maintenance: 727

Again, congratulations on passing the CRISC exam, we look forward to having you join the more than 16,000 professionals worldwide who have earned the CRISC credential.

This score of 634 was ranked 3rd in South Africa for the December 2012 CRISC exam. 

Work Update (overdue)

Posted on February 09, 2015

Just a quick note to let everyone (who doesn’t already know) that from 1 December 2014 my (almost) three years at Transnet came to an end, I relinquished my position as head of Information Security for the Group and took up a new challenge at a small IT Audit and Information Security consulting firm in Durban by the name of ITSec. You can find out more about ITSec and its services at the website : www.itsec.org.za

The reason for the delay in announcement? I guess that leaving behind what I had worked so hard to achieve and leaving behind the team that I built and that was so good to me was a very difficult thing to do. It has taken a while to come to terms with all of that. Thanks guys, you made it the amazing experience that it was.

 

MS Image Composite Editor updated to Version 2.0

Posted on February 09, 2015

My favourite free photography tool of all time, Microsoft Image Composite Editor (related to Microsoft Photosynth on mobile devices), has been updated with significant updates.

ICE was first released in 2008 and has been updated a few times since, before entering what seemed to be a hibernation period. I am truly delighted that this update has been made.

There are a number of new key features, including :

  • Automatic image completion, where gaps that would otherwise leave black spaces in your final image, or force you to crop it closer than you would like, can now be “auto completed” using some smart new algorithms. You can see this in action in the demo video and it really is cool
  • The application is now more forgiving, select the wrong option or decide you don’t like what you have selected and you don’t have to start it all over. Just press back and give it another go.
  • The video to panorama feature introduced last time around has been improved. You can now select key frames from the video and have them stitched together to give you wonderful panoramas with the person in the video appearing across your final image. Looks great for action sports.
  • A new series of lenses (projections) have been added providing for a number of different effects such as fish-eye, spherical, orthographic or stereographic amongst others.
  • 32 bit and 64 bit versions available (hopefully no more running out of RAM)

Your final images can still be exported in a number of different formats including JPEG, TIFF and Photoshop PSD/PSB as well as special multi-resolution tiled formats used by HD View and Deep Zoom. You can also still upload your panoramas for 3D viewing on the Photosynth website.

You can download the new MS Ice here : Project ICE

 

%d bloggers like this: