j-j.co.za
Sharing thoughts and ideas on business, security and photographyISACA SA Annual Conference 2014 : 25/26 August 2014
Posted on June 03, 2014Just some advanced notice that the ISACA South African Chapter Annual conference for 2014 has been announced.
The conference is taking place from 25 August 2014 To 26 August 2014 at Emperors Palace. Visit the conference page for details and online bookings or contact: Nadine Schreiber – admin@isaca.org.za
ISACA is also still looking for speakers so if you have something interesting to share please contact Nadine.
The Heartbleed bug : a short presentation given at the Kzn ISACA Chapter Meeting
Posted on June 03, 2014I was honoured to be asked to make a (short) presentation at the May 2014 KZN ISACA Chapter meeting. The meeting went down well with probably around 25 people attending.
Attached is the PDF of the presentation.
I hope that some of the members present found it useful and that you, my readers, do too.
Feedback as always most welcome.
The Heartbleed Bug ISACA presentation v3
ISACA 2012 conference happening from 10-12 September 2012, registrations open soon
Posted on June 17, 2012
The ISACA South Africa 2012 conference is happening from the 10-12 September. Diarise the dates, get those purchase requisitions in. If you are wanting to present at the conference then mail Nadine (admin@isaca.org.za) – the speaker lineup is being finalised shortly so hurry up to make sure you don’t miss out.
The conference is being held at the Wanderer’s Club in Illovo. It’s right next door to the Protea hotel if you need accommodation, and is also served by the Gautrain and their buses, with a bus stopping right outside the hotel gates.
Hope to see you all there.
Bring your own device (BYOD) : workplace mobility presentation
Posted on May 24, 2012I was privileged to speak at this month’s ISACA KZN Chapter meeting held last Monday at KPMG’s offices in Durban. Thanks to Terence (the local chapter leader) for the invite.
My topic was around workplace mobility, focusing on implementation challenges and leanings experienced within the workplace. For this presentation I tried something a little different, using Keynote on the iPad to develop and present the talk. This resulted in a slide deck that looks a bit different from my normal style, with far fewer words, more pictures and I hope a smoother flowing more natural presentation. At the same time, it’s probably a bit more difficult for somebody who wasn’t at the presentation to get a lot of value out of the slide deck. If you download it and have questions, please go ahead and ask. It is presented below as a PDF since so few have Keynote.
Presentation here : BYOD workplace mobility v2 (download the PDF)
Tomorrow’s Leaders Convention 2012 : My tweet timeline recorded #in
Posted on March 17, 2012
On Tuesday 13 March 2012 I had the pleasure and privilege of attending the Tomorrow’s Leaders Convention 2012 (link here) at the Sandton Convention centre as a guest of the conference organisers, representing the ISACA South Africa Chapter. The conference was really impressive and the speakers just got better as the day went on.
I tweeted quite a lot during the course of the day, capturing some of the essence of what the speakers had to say. For those of you who weren’t there, or who were and just wish to be reminded of what some of the excellent speakers had to say, below is a combination of the timelines of the @ISACAZA and @JJZA accounts I used to tweet from the day.
The theme of the convention was around ethical leadership and sustainable leadership. This lead to some really interesting presentations.
I hope this is useful to some of you.
Enjoy
Justin
| 2012/03/13 09:21 | Isacaza: Thanks to the organisers of the Tomorrow’s Leaders Convention 2012 for inviting Isaca South Africa to be part of the event. |
| 2012/03/13 09:22 | Isacaza: Keynote speaker : Adv Thulisile Madonsela, our Public Protecter #tlc2012 |
| 2012/03/13 09:25 | Isacaza: True leaders don’t need a title, they step up and lead. Those with titles may not be leaders, but just title holders #tlc2012 |
| 2012/03/13 09:32 | Isacaza: Is ethical leadership in the corporate world an oxymoron? It is key to sustainable leadership. #tlc |
| 2012/03/13 09:33 | Isacaza: In ethical leadership the end does not justify the means. You must do the right thing the right way. Must not break the rules! #tlc2012 |
| 2012/03/13 09:36 | Isacaza: Public protector often approached by shareholders where the directors have manipulated the system for self enrichment. #tlc2012 |
| 2012/03/13 09:37 | Isacaza: Ethics has become a requirement for an organisation to be a market leader. Clear link between ethics and sustainable performance #tlc2012 |
| 2012/03/13 09:40 | Isacaza: RT @RaeleneRorke: Ethical leadership-at the core of the conference-loving the freshness of this theme.At last we make it cool to be an h … |
| 2012/03/13 09:47 | Isacaza: Protection of information bill in current state would have a negative impact on public protector and others in ethics space #tlc2012 |
| 2012/03/13 09:48 | Isacaza: RT @gradidgec: #TLC2012 Adv T Madonsela: ‘the most common challenge I come across is abuse of power’ |
| 2012/03/13 09:50 | Isacaza: Quietly spoken, but thoughtful, confident and powerful. Our public protector. Adv Thulisile Madonsela #tlc2012 Great choice for keynote. |
| 2012/03/13 10:07 | Michael from Vodacom up on stage
Isacaza: By 2020 there will be no shortage of talent in South Africa, problem will be employability. Shortage in developed world #tlc2012 #dhl |
| 2012/03/13 10:20 | Isacaza: Mobility is creating challenges for organisations instead of solving them #tlc2012 #vodacom |
| 2012/03/13 10:21 | jjza: RT @MarkJLamberti: Excellent meeting with Minister Manuel & others. What have you done to understand & respond to the work of the Nation … |
| 2012/03/13 10:24 | Isacaza: In Tanzania Malaria has almost been eradicated through use of SMS technology to identify and contain outbreaks #tlc2012 #vodacom |
| 2012/03/13 10:29 | Isacaza: RT @STNxumalo: Abuse of power is as bad as the waste thereof: You’re in a powerful position, but you do nothing! -Michael Allschwang # … |
| 2012/03/13 10:31 | Isacaza: Leadership without title is the most powerful. Leave titles behind. #vodacom #tlc2012 |
| 2012/03/13 10:31 | jjza: RT @khanyisile: The five bases of power: position, reward, skill, knowledge and relationship power (trust, respect from other people etc … |
| 2012/03/13 10:34 | jjza: RT @NeilBierbaum: Vodacom presentation #TLC2012 about power. Power over others is implied; power over oneself is missing. Self-awareness … |
| 2012/03/13 10:36 | Isacaza: Execution with excellence sets you apart from others #vodacom #tlc2012 |
| 2012/03/13 10:40 | jjza: Nobuzwe Mangcu from #mercedes up on stage talking about our future #tlc2012 without doing things together there is no future |
| 2012/03/13 11:53
|
Sakie Macozoma takes to the stage
Isacaza: What will tomorrow’s leaders inherit from today’s leaders? #sustainable leadership #tlc2012 Sakie Macozoma, Chairman Liberty Group |
| 2012/03/13 11:54 | jjza: RT @JeremyK_za: #tlc2012. Great speakers >> Agreed |
| 2012/03/13 11:57 | Isacaza: Should we be measuring Gross National Happiness instead of Gross National Product? #tlc2012 #macozoma |
| 2012/03/13 11:59 | Isacaza: Largest population of retirees ever, depending on heavily indebited governments #europe #tlc2012 Europe will be in the doldrums for a while |
| 2012/03/13 12:03 | jjza: Do we have political leaders who understand the importance of funding of research ? #tlc2012 we need sustainable technologies |
| 2012/03/13 12:04 | jjza: RT @egoligal: Wow! Saki talking about #cradle2cradle design & #biomimicry as the way of the future! #Yes – taking direction from #Mo … |
| 2012/03/13 12:08 | Simone Zanetti takes to the stage
Isacaza: Is training killing knowledge? #tlc2012 the future of people’s performance |
| 2012/03/13 12:13 | jjza: @sikimgabadeli great, please share when you get the link. |
| 2012/03/13 12:19 | jjza: Split between structured and unstructured learning? Average 80% unstructured. Information is changing rapidly. #tlc2012 |
| 2012/03/13 12:21 | jjza: We need to be learning faster, and in more unstructured ways. Average company in SA spends R30000/employee per year #tlc2012 |
| 2012/03/13 12:23 | jjza: RT @egoligal: Forcefeeding information to employees a waste of time! Data shifting & increasing so rapidly that info based training … |
| 2012/03/13 12:24 | jjza: Take away artificial ways of doing business and try to let them work in a way that brings out the best in people. #tlc2012 |
| 2012/03/13 12:25 | jjza: RT @KMathelela: There is more information in a newspaper 2day than wat a middle-aged man wud learn in his entire life #TLC2012 |
| 2012/03/13 12:26 | jjza: Less than 15% of what people are trained on is retained. #tlc2012 |
| 2012/03/13 12:28 | Isacaza: The more you train the less people remember, and they won’t remember if what they remember is correct. Future is instant knowledge #tlc2012 |
| 2012/03/13 12:30 | jjza: Natural language social knowledge systems the way of enhancing productivity in the future? #tlc2012 |
| 2012/03/13 12:31 | jjza: RT @msalili: Train people how to FIND the correct info, rather than REMEMBER the correct info. #TLC2012 |
| 2012/03/13 12:34 | jjza: Self learning predictive knowledge tools provide instant knowledge. Not just a nice theory. Works for Standard Bank. #tlc2012 |
| 2012/03/13 12:35 | jjza: RT @msalili: Eish, opening these bloody water bottles is a mission. Fire the supplier! #TLC2012 |
| 2012/03/13 12:45 | jjza: RT @taraturk1: @KMathelela: Simone Zanetti, awesome speaker #TLC2012 > agree! >> most passionate of the day so far |
| 2012/03/13 12:47 | jjza: Think big and bold, but don’t lose sight of the problem and solution. Embrace partnerships. Don’t be afraid to fail. #tlc2012 |
|
2012/03/13 12:49 |
Thebe Ikalafeng takes to the stage jjza: People are brands and can be branded. In 1997 Fortune said the only differentiator in the 21st century will be branding #tlc2012 |
| 2012/03/13 12:51 | Isacaza: A brand is not what you say, it’s what others say #tlc2012 A brand is a storehouse of trust. |
| 2012/03/13 12:51 | jjza: A brand is not what you say, it’s what others say #tlc2012 A brand is a storehouse of trust. |
| 2012/03/13 12:56 | jjza: Great brands are : focused, distinctive, emotionally connected, evolve, build their country #tlc2012 |
| 2012/03/13 13:00 | jjza: Age of mass individualisation. Innervation. What makes you distinctive? What is your brand? #TLC2012 |
| 2012/03/13 13:02 | jjza: Run your career like a business. You are the CEO of You Inc. If you can’t triumph with talent, triumph with effort #TLC2012 |
| 2012/03/13 13:05 | jjza: Understand your context. Self examination. Listen to the gossip. When people talk about you it is an opportunity to reflect. #TLC2012 |
| 2012/03/13 13:08 | jjza: Clarity. Clarify who you are, position yourself, create a vision of where you headed. What is the thing you are willing to die for? #TLC2012 |
| 2012/03/13 13:15 | jjza: You don’t want to merely be the best of the best, you want to be the only one who does what you do. #TLC2012 |
| 2012/03/13 13:16 | jjza: Competence. You need some skills. The only real security is a reserve of knowledge, experience and ability. #TLC2012 |
| 2012/03/13 13:18 | jjza: Cover. Package your thing. 55% of conclusions people make are visual. 38% vocal. 7% content. Packaging is everything. #TLC2012 |
| 2012/03/13 13:20 | jjza: Community. If the house is on fire, forget the china, silver, wedding gifts. Grab the Rolodex. Contacts, access. The right people? #TLC2012 |
| 2012/03/13 13:21 | jjza: Who is in your network? Who do you need to fire? Fire those who diminish your brand. Six steps of separation. You know somebody. #TLC2012 |
| 2012/03/13 13:23 | jjza: Constancy. Create presence. Be out there. Get the brand out there. Define yourself, don’t let others do it. Must be authentic. #TLC2012 |
| 2012/03/13 13:25 | jjza: Congruence. The most important. Personal branding is a way of life. Not a word. A promise that gets fulfilled every day. 24×7. #TLC2012 |
| 2012/03/13 13:26 | jjza: There can be no happiness if the things we believe in are different from what we do. Brand inside equals brand inside. Authentic #TLC2012 |
| 2012/03/13 13:28 | jjza: Personal value proposition resonate with Customer value proposition and Employer value proposition. Work together, no “other side” #TLC2012 |
| 2012/03/13 13:30 | jjza: Performance is impacted if you are not true to yourself. Work life alignment, not balance. Cannot be a fake. #TLC2012 |
| 2012/03/13 13:31 | jjza: It takes 20 years to build a reputation and just 5 to destroy it. Pursue a vision of excellence whatever you do, work or play. #TLC2012 |
| 2012/03/13 13:32 | jjza: Commercialise. How do you make money off the brand? Know which companies to go to and grow with. |
| 2012/03/13 13:35 | jjza: Chutzpah. We have all been rejected. How you react is what makes or breaks you. #TLC2012 |
| 2012/03/13 13:37 | jjza: Closure. Everything comes to an end. Have you lived your brand at the end of your day? How will you be remembered? #TLC2012 |
| 2012/03/13 13:38 | jjza: Fix your programme before it happens. All you leave behind is your name. Protect it. Did you do what you needed to? Others agree #TLC2012 |
| 2012/03/13 13:40 | jjza: Nobody should ever have to retire from what they love. You can’t retire from breathing. Do your thing out there. Keep doing it. #TLC2012 |
| 2012/03/13 13:43 | jjza: @thebelkalafeng Amazing, introspective, inspirational presentation. This is leadership, something for all of us to think about. 10q #TLC2012 |
| 2012/03/13 14:29 | jjza: @AkiKalliatakis a pity that so many miss out on the “giving them what they want” part of that. |
| 2012/03/13 14:33 | Afternoon breakaway session : Transport and Logistics
jjza: Transportation and logistics breakaway session about to begin at #TLC2012. Very few people in the venue yet. Been great convention so far. |
| 2012/03/13 14:46 | Isacaza: RT @sikimgabadeli: Saki’s speech will be posted on website http://t.co/E5TWxFoe #TLC2012 >> great, thanks |
| 2012/03/13 14:55 | jjza: @SeanReuben72 you should have been at #TLC2012 Been some really great presentations here. Diarise for next year. |
| 2012/03/13 14:56 | jjza: @fjlandman please keep the tweets coming, hard to choose between the sessions. |
| 2012/03/13 14:59 | jjza: The debate is not whether roads are good for the country, we need them throughout the country. Tolling is a funding issue. #TLC2012 |
| 2012/03/13 15:01 | jjza: More economists disagree with SANRAL studies than agree with them. There are cheaper and more equitable ways to fund roads. #TLC2012 |
| 2012/03/13 15:02 | jjza: >50% of tolls collected will be spent on collection. Fuel levy be a far more cost effective way to collect the money #TLC2012 |
| 2012/03/13 15:03 | jjza: Shortage of skills and cost of employment too high because of labour legislation encourages labour broking and off shoring #TLC2012 |
| 2012/03/13 15:06 | jjza: Walmart could use SA as gateway into Africa but uncompetitive revenue env means more likely go direct. Opp lost with no free ports. #TLC2012 |
| 2012/03/13 15:07 | jjza: The government via rail will be a competitor to road freight. They need to improve efficiencies to compete with gov. Need be fair. #TLC2012 |
| 2012/03/13 15:08 | jjza: Planting bamboo on unused land instead of buying carbon credits. #innovation #green #TLC2012 |
| 2012/03/13 15:14 | jjza: Don’t expect government policy to be proactive. It can take five years from recognition of gap to passing of legislation. #TLC2012 |
| 2012/03/13 15:14 | jjza: Disconnect between levels of government, national provincial and local all implementing different things #transport #TLC2012 |
| 2012/03/13 15:16 | jjza: Taking shots at Transnet, turnaround strategy being called perpetual turnaround strategy. #transport #TLC2012 |
| 2012/03/13 15:17 | jjza: Lack of consultation between government and industry players, lack of looking at other governments, leaves SA trailing #transport #TLC2012 |
| 2012/03/13 15:19 | jjza: Entities like BUSA should be engaging more with government to give view of private sector to government. #TLC2012 |
| 2012/03/13 15:20 | jjza: Singapore being highlighted as model of efficiency and case study of how things could be done. Service delivery excellence. #TLC2012 |
| 2012/03/13 15:22 | jjza: No sense to carry coal or manganese by road. Would destroy roads. Rail must operate more efficiently for low value/ton commodities #TLC2012 |
| 2012/03/13 15:24 | jjza: We need slow speed freight rail, not high speed passenger lines. Road infrastructure and ports must improve. Heavy goods off roads. #TLC2012 |
| 2012/03/13 15:26 | jjza: China has built effective rail and port network in less than 30 years, SA gov must invest in right places. SA can lose in Africa. #TLC2012 |
| 2012/03/13 15:27 | jjza: @egoligal nobody here disagrees even the road freight crowd. They fill a gap where no railways and recognise not optimal #TLC2012 |
| 2012/03/13 15:29 | jjza: Whilst we bicker over immaterial items we fall behind. Give parastatals 3 years to get fixed or privatise them. #transport #TLC2012 |
| 2012/03/13 15:30 | jjza: South Africa is less efficient than all our trading partners when it comes to trade. We are the weakest link. #worldbank #transport #TLC2012 |
| 2012/03/13 15:31 | jjza: Sort out road vs rail and carbon emissions are sorted for next 10 years. Rail went to road because of inefficiencies. #tlc2012 |
| 2012/03/13 15:32 | jjza: 30% of the value of a car made in SA is made of transport costs. This is way too high globally. High cost low efficiencies. #TLC2012 |
| 2012/03/13 15:35 | jjza: Take politicians out of Transnet and put back the technical people and we have potential to get rail back to number 3 in the world #TLC2012 |
| 2012/03/13 15:36 | jjza: @leenelson as a Transnet employee feeling a bit battered here  |
| 2012/03/13 15:38 | jjza: SA companies have recognised opportunities to trade with other African countries and force out previous colonial masters #TLC2012 |
| 2012/03/13 15:38 | jjza: @leenelson great event and branding for you guys. |
| 2012/03/13 15:40 | jjza: SA should take the lead in opening up trade in Africa. No visas required in Europe yet need lots in Africa. Potential to sort out. #TLC2012 |
| 2012/03/13 15:43 | Isacaza: SA needs to engage with neighbours and create framework more conducive for regional trade. #TLC2012 |
| 2012/03/13 15:47 | jjza: Young black talent is a commodity going to the highest bidder. DHL is trying to get young individuals who associate with the brand #TLC2012 |
| 2012/03/13 15:48 | Isacaza: RT @ThebeIkalafeng: RT @RSAPatriot: #TLC2012 @ThebeIkalafeng absolutely on fire! >> the further you spread your message the better off SA is |
| 2012/03/13 15:50 | jjza: SA arrogant in dealing with Africa. We need to provide a value proposition not assume Africa will deal with us because we African. #TLC2012 |
| 2012/03/13 15:52 | jjza: My Twitter coverage of #TLC2012 will end soon. iPad battery dying shortly. It’s been most interesting. Thanks to the organisers. |
| 2012/03/13 16:00 | jjza: There needs to be a marrying of minds between Government and Industry to attract the right skills into tertiary education. #TLC2012 |
| 2012/03/13 16:03 | jjza: SMEs and business is more agile than government, need less government and more private business. Need SMEs to thrive. #TLC2012 |
| Battery finally died, thanks again to the organisers for inviting @ISACAZA to attend the convention. |
I will add links to some of the presentations at a later stage (when the organisers put them up). Check back then, just want to get this up for now.
Daniel Cuthbert presenting at ISACA KZN Chapter meeting at Deloitte on 15 July 2011
Posted on June 28, 2011The next meeting of the ISACA KZN Chapter will be held on Friday 15th July at Deloitte’s offices on La Lucia Ridge. Please spread the word and make every effort to attend.
KZN regional chapter meeting
- Date : 15 July 2011
- Venue : Deloitte’s offices on La Lucia Ridge
- Speaker : Daniel Cuthbert
- Topic : “Doing it for the Lulz : Why Lulzsec has shown us to be an ineffective industry.”
- Daniel will be talking on current activities in information security, web hacking and how to protect yourselves.
- ISACA Website link : http://isaca.org.za/other.asp?page=Event&eId=188
Confirmation of attendance
As always, please confirm your attendance with Nadine on 011-803 0803 or admin@isaca.org.za a few days ahead of time.
New ISACA audit programs: Cloud computing, Crisis mgt, Infosec mgt, Active Directory, Oracle eBusiness #in
Posted on September 02, 2010ISACA has recently made 5 new audit programs available, 4 in August and one in July, bringing the total number of available programs to 31.
These new audit programs cover :
- Cloud Computing Management Audit/Assurance Program (Aug 2010)
- Crisis Management Audit/Assurance Program (Aug 2010)
- Information Security Management Audit/Assurance Program (Aug 2010)
- Windows Active Directory Audit Program (20 Aug 2010)
- Security, Audit and Control Features Oracle E-Business Suite, 3rd Edition – Audit programs and ICQs (July 2010)
They are all available for download on the ISACA knowledge centre website.
ISACA makes the material available at no cost as a benefit of ISACA membership. Anybody wanting to contribute material to share with fellow professionals can send it to ISACA via research@isaca.org.
ISACA Annual Conference 2010
Posted on August 30, 2010Dates: 13 to 15 September 2010
Venue: Indaba Conference Centre, Fourways/Johannesburg
Over the last few years the ISACA SA Conference (#isaca2010) has drawn between 230 – 260 delegates. High profile local and international speakers provide delegates with insight into the latest developments in the IT, security and governance. The 2010 conference has 3 streams of presentations and focuses on the latest strategies to address business, managerial, operational, auditing and security challenges associated with information technology and information systems. The conference topics are applicable to a wide range of attendees from CEO’s and CIO’s through security, audit, risk and IT professionals.
Follow @isacaza on twitter for #isaca2010 conference news and updates
Attendance
Should you be interested in attending the conference use the online booking facility at the ISACA website or contact Nadine on admin@isaca.org.za.
See you there for another great conference.
Howto : Small Business IT Governance Implementation #in
Posted on August 25, 2010One of the key challenges of IT governance is how to break it up and make it understandable and implementable for small businesses. Cost/benefit is always a key challenge and unless there is a practical sensible way that adds value to the business then IT governance is not going to work in small business.
ISACA have released a nicely put together article in their J-Online section of the website. Small Business IT Governance Implementation by Janeane Leyer and Katelyn Quigley provides useful practical advice on how to implement. In doing so the article provides three key questions in a simple framework and discusses six critical success factors for the implementation.
Abstract
The largest risks to businesses today are failure to align information technology to real business needs and failure to use information technology to create value for the business. Effectively managed IT can provide small businesses with a competitive advantage, whereas ineffective management can impair the business as a whole. With recent increases in demand for cost reduction, the need for small businesses to actively manage their IT resources has never been greater.
This article will provide an overview of IT governance, discuss the benefits to small businesses, suggest a framework for implementation in small businesses and discuss critical success factors.
ISACA Whitepaper “Securing Mobile Devices” #in
Posted on August 25, 2010ISACA have released a whitepaper on the securing of mobile devices. This is the first in a series of documents which will eventually include audit/assurance programs for such devices. The overview of these documents can be found here.
Abstract of white paper
Mobile computing devices have become a critical tool in today’s networked world. Enterprises and individuals alike rely on mobile devices to remain reachable when away from the office or home. While mobile devices such as smartphones, laptops, personal digital assistants (PDAs) and Universal Serial Bus (USB) memory sticks have facilitated increased convenience for individuals as well as the potential for increased productivity in the workplace, these benefits are not without risks. Mobile devices have been, and continue to be, a source of various types of security incidents. These stem from issues such as device loss, malware and external breaches. As the availability of human resources and systems continues to be critical to society and business operations, it stands to reason that mobile device usage will continue to escalate as will the features that these devices offer. It is therefore imperative that proper risk management be applied and security controls implemented to maximize the benefits while minimizing the risks associated with such devices.
Securitysearch.co.uk writeup on the whitepaper here.
ISACA SA Chapter meetings in October (Dbn, Jhb, Pta) #in
Posted on August 25, 2010Three of the ISACA chapters are having meetings in October. Details are below and will be updated as confirmation of speakers is obtained. Don’t forget the #isaca2010 conference in September.
KZN regional chapter meeting
- Date : 7 October 2010
- Venue : PKF Offices in Umhlanga
- Topic : To be confirmed
Pretoria regional chapter meeting
- Date : 14 October 2010
- Venue : To be confirmed
- Topic : To be confirmed
Johannesburg regional chapter meeting
- Date : 26 October 2010
- Venue : To be confirmed
- Topic : To be confirmed
Confirmation of attendance
As always, please confirm your attendance with Nadine on 011-803 0803 or admin@isaca.org.za a few days ahead of time.
Upcoming ISACA chapter meetings in East London and Jhb #in
Posted on August 13, 2010There are two chapter meetings coming up in East London and Johannesburg in the next few days. Hope to see lots of people there. I personally hope to attend the Jhb meeting, travel plans allowing.
Date: 18 August 2010 at 2:30 pm
Venue: PricewaterhouseCoopers , Palm Square office park , Acacia House , Bonza Bay Rd , Beacon Bay
1) Andrew William Mpofu will be presenting: “Information Security as a strategic business asset”
2) Chris Knox will be presenting: “Information Security Risk Assessment methodologies”
3) Networking & Refreshments
Date : 24 August 2010 5pm Registration with the event starting at 5:30pm
Venue : PriceWaterhouseCoopers offices in Sunninghill, Johannesburg
1) Jason Gottschalk will be presenting on “Access Governance – The precursor to Identity and Access Management”.
2) Gerhard Hechter, PKF will be presenting on “Taking risks cleverly / Business intelligence”
Attendance
To confirm attendance to either of these meetings please contact Nadine on 011-8030803 or admin@isaca.org.za
Congratulations
Lastly, congratulations to all those who wrote and passed CISA, CISM and CISSP. I believe results for all 3 were released today.
Feedback on ISACA KZN chapter meeting control frameworks presentation
Posted on August 07, 2010On Thursday evening (5th August) I presented at the ISACA KZN Chapter meeting. As Chapter coordinator I have the privilege of finding speakers and venues, and from time to time an arranged speaker has other commitments and so is unable to make the presentation. I always try and keep a “backup” presentation of my own and this time around it was my (our) “Tale of two cities – or control frameworks” presentation that was first presented at the IT Web security summit earlier in the year. This time I did the presentation without the assistance of my colleague from Jhb, David Volschenk, as he had other work commitments which prevented him traveling to Durban for the day.
It IT Web we had 45m for the presentation and Q&A so where fairly time constrained and did not have much time at all for discussion or questions. At the Chapter meeting we had much more time to go through the presentation at a leisurely place, have discussion around certain aspects and make it a much more interaction (and fun) session.
There were about 20 people present, representing the consulting firms (EY, PKF, Deloitte), public sector and private sector.
Off the top of my head (I was presenting rather than taking notes 
the main areas of discussion were around :
- Getting executive buy in for the project
- Getting adequate funding
- Instilling change in an organisation where the maturity level is low and the corporate culture is such that the environment is generally poorly controlled
- What the drivers are for the implementation of a control framework, and particularly King 3 and how it is changing perspectives (creating the fire)
- The implications of King 3, and how they will drive change from the top (rather then it being left to middle management to drive failed projects)
- The apparent lack of understanding of King 3 on the part of directors, and how negative statements having to be made in the Annual Financials with respect to King 3 compliance could affect their reputations and those of the organisations they represent (or what happens if they “lie” and put in statements of compliance when they aren’t compliant). Company directors really do need to start taking notice of this.
- The implementation of control frameworks is a long term process, not a quick fix. Deciding 6 months ahead of the King 3 implementation deadline that the organisation needs to be compliant may be an impossible task
In “off the record” discussions after the presentation a number of consultants wanted to know if the failed company (Company B) was actually Company XYZ or Company ABC. The answer each time was know, it wasn’t that company, Company B was a combination of failed projects. That said, the names of companies mentioned by the other parties in each case also were not one of the companies involved in the combined “Company B”. It seems there are a lot of failed control framework and security framework implementations out there.
I really enjoyed the presentation and the discussions that went with it. Thanks to all who attended for your attendance and participation. If you are interested in having further discussions around this, or have me meet with your directors to discuss further, please contact me. j-j (at) worldonline (dot) co (dot) za or on Twitter.
Thanks to Ernst & Young for hosting the chapter meeting.
See you next time at PKF.
Justin
You can find a copy of the presentation in the original article or directly here. More on King 3 here. And get a copy of the King 3 report from the IOD website.
What people say
Close block