|
New Chapter Members:
LaVelton L. Baldwin, CISA
Deanna Michele Kilgore
Lorie Leigh Anderson
Transferred in Members:
Betsy Davis Rice, CISA
Karin Lee Young
We want to sincerely extend everyone a WARM welcome to the Chapter
We are now at 224 members total - WOW!
|
New COBIT Resources Available
The following COBIT 5 products have been released recently:
- COBIT 5 for Risk creates an information risk view of COBIT 5, which serves as the information-risk-specific guidance related to COBIT 5 for ISACA's information risk constituents. The guide should be considered the risk-focused equivalent of COBIT 5 for Information Security within the COBIT 5 family of products.
- Configuration Management: Using COBIT 5 provides practical guidance about implementing and managing configuration management using COBIT 5 as a foundation. It describes the most common risk, threats, controls and best practices to maximize benefits and reduce associated risk. A good portion of the book is dedicated to the configuration management database concept, including how to build an effective database, interaction with other IT processes, configuration item life-cycle management and security controls.
Information on current research projects is posted on the Current Projects page of the ISACA web site. |
ISACA International Webinars, Events, and Deadlines
|
November | |
1 November |
Deadline for changes to December certification exam registrations (US $50 processing fee applies) | |
6-8 November |
North America Information Security and Risk Management (ISRM) Conference, Las Vegas, Nevada, USA | |
11-14 November |
Training Week: Taking the Next Step: Advancing Your IT Auditing Skills, Dallas, Texas, USA | |
27 November |
Final deadline to defer December CISA, CISM, CGEIT and CRISC exam fees (US $100 processing fee applies) | |
December
| |
4 December |
Virtual Conference:
Cloud Maturity-How to Solve Your Cloud Security Challenges | |
7-8 December |
CISA Cram Course, Atlanta, Georgia, USA; Dallas, Texas, USA; Chicago, Illinois, USA; New York, New York, USA; and San Jose, California, USA | |
9-12 December |
Training Week: COBIT: Strategies for Implementing IT Governance, Fundamentals of IT Audit and Assurance, Governance of Enterprise IT Information Security Management, IT Risk Management, Taking the Next Step: Advancing Your IT Auditing Skills, Las Vegas, Nevada, USA | |
14 December |
CISA, CISM, CGEIT and CRISC exam administration | |
January
| |
15 January |
Membership and Certification renewal deadline. To renew, log in and click on the Renew link from the ISACA home page |
|
|
JOB OPPORTUNITIES
FIRST FINANCIAL HOLDINGS, INC.
IT Audit Manager Position
Description
We are seeking an IT Audit professional who will be a key member of Internal Audit's management team. Reporting to the Director of Internal Audit, the IT Audit Manager will be Internal Audit's primary point-of-contact and relationship manager for all of the Bank's IT functions and auditable units. The Audit Manager will oversee the planning, execution, and reporting of IT audits including leading multiple audits simultaneously while managing one or more auditors. This individual will also provide primary input to the risk assessment and audit planning process for IT audit functions and will be responsible for managing this component of the audit plan and providing periodic progress reports. As the primary point-of-contact for his or her areas of responsibility, the Audit Manager's performance will be impacted by his or her ability to build strong relationships with key management in these areas, identify and address their most critical risk and control issues, and add value as a key source of internal control and risk management best practices. Location Columbia, SC
Requirements
The ideal candidate will have a Bachelor's degree in IT, accounting, finance or a related business field and more than 10 years of IT or IT Audit experience with financial institution experience highly preferred. Advanced degree and professional certification preferred. Candidates must have exceptional analytical and interpersonal skills, solid communication skills, people management experience, and ability to multi-task in a fast paced environment.
IT Audit Supervisor Position
Description
Reporting to the IT Audit Manager, the IT Audit Supervisor will have two primary areas of responsibility which include Internal Audit's technology and IT audits.
- Technology: Working with the IT Audit Manager and Director of Internal Audit, the IT Audit Supervisor will be responsible for the initial design and implementation of an automated workpaper system. The IT Audit Supervisor will also be responsible for daily operation and maintenance of the system as well as the associated reporting for the Audit Committee, Director of Internal Audit, Management, and other stakeholders. The IT Audit Supervisor will also assist the Internal Audit Department with technology needs to facilitate execution of audits across the teams.
- IT Audits: The IT Audit Supervisor will be responsible for planning, execution, and reporting of assigned IT audits including coordination with any outsourced resources and mentoring any junior staff and performing first-level review of workpapers to ensure compliance with established requirements. Location Columbia, SC
Requirements
The ideal candidate will have a Bachelor's degree in IT, accounting, finance or a related business field and at least 7 years of IT Audit experience with financial institution experience highly preferred. Experience with automated workpaper system implementation and maintenance is preferred. Advanced degree and professional certification preferred. Candidates must have exceptional analytical and interpersonal skills, solid communication skills, and ability to multi-task in a fast paced environment.
Audit Manager Position
Description
We are seeking an Audit professional who will be a key member of Internal Audit's management team. Reporting to the Director of Internal Audit, the Audit Manager will be Internal Audit's primary point-of-contact and relationship manager for assigned areas of responsibility. For assigned areas, the Audit Manager will oversee the planning, execution, and reporting of audits including leading multiple audits simultaneously while managing a team of two or more auditors, including any outsourced providers. This individual will also provide primary input to the risk assessment and audit planning process for audits within their assigned areas of responsibility and will be responsible for managing this component of the audit plan and providing periodic progress reports. As the primary point-of-contact for his or her areas of responsibility, the Audit Manager's performance will be impacted by his or her ability to build strong relationships with key management in these areas, identify and address their most critical risk and control issues, and add value as a key source of internal control and risk management best practices. Location Columbia, SC
Requirements
The ideal candidate will have a Bachelor's degree in accounting, finance or a related business field and more than 10 years of Audit experience with financial institution experience highly preferred. Advanced degree and professional certification preferred. Candidates must have exceptional analytical and interpersonal skills, solid communication skills, people management experience, and ability to multi-task in a fast paced environment
Audit Supervisor Positions
Description
Reporting to the Audit Manager, Audit Supervisors will have primary responsibility for in-charging audits which includes the planning, execution, and reporting of assigned audits. Audit Supervisors will coordinate and provide supervision to team members during audit execution. Audit Supervisors will perform first-level reviews of the work of others, including any external and junior staff, to ensure compliance with established requirements. Audit Supervisors will also be responsible for building strong relationships with Bank management and staff within assigned areas of responsibility. Location Columbia, SC
Requirements
The ideal candidate will have a Bachelor's degree in accounting, finance or a related business field and at least 7 years of Audit experience with financial institution experience highly preferred. Professional certification preferred. Candidates must have exceptional analytical and interpersonal skills, solid communication skills, and ability to multi-task in a fast paced environment
Contact
Resumes should be provided to Anita O'Dell at 700 Gervais Street, Columbia, SC 29201 or via email at Anita.ODell@scbtonline.com . |
|
Monthly Puzzle
Password Security
|
Y |
F |
I |
T |
N |
I |
O |
P |
E |
R |
A |
H |
S |
B |
E |
E |
J |
V |
H |
Y |
T | |
E |
Q |
Y |
A |
S |
Q |
Z |
U |
S |
S |
S |
A |
L |
L |
M |
M |
V |
Z |
U |
E |
Y | |
B |
Z |
Q |
O |
Q |
A |
U |
T |
H |
E |
N |
T |
I |
C |
A |
T |
I |
O |
N |
S |
G | |
M |
V |
M |
M |
U |
Y |
W |
T |
G |
G |
R |
U |
L |
S |
N |
W |
I |
V |
E |
K |
X | |
Y |
C |
O |
F |
W |
A |
E |
I |
E |
C |
Y |
E |
E |
K |
R |
W |
Z |
D |
S |
D |
I | |
R |
U |
H |
Y |
P |
F |
R |
M |
V |
O |
G |
L |
K |
I |
E |
K |
A |
E |
X |
H |
R | |
W |
M |
Y |
F |
R |
L |
C |
E |
R |
T |
F |
U |
O |
D |
S |
L |
D |
V |
M |
L |
E | |
I |
W |
J |
I |
E |
F |
E |
H |
I |
S |
P |
Y |
E |
A |
U |
E |
P |
M |
F |
O |
S | |
N |
Y |
Z |
R |
U |
O |
B |
H |
E |
N |
B |
Z |
M |
S |
C |
I |
R |
J |
Z |
C |
E | |
D |
Q |
K |
E |
Y |
Z |
D |
R |
F |
F |
C |
L |
A |
I |
S |
I |
B |
E |
H |
K |
T | |
O |
L |
H |
V |
B |
C |
V |
Z |
X |
L |
R |
O |
V |
W |
F |
I |
K |
Q |
S |
E |
H | |
W |
P |
T |
P |
N |
I |
Q |
L |
M |
J |
E |
R |
N |
N |
M |
U |
N |
Z |
D |
D |
P | |
S |
S |
D |
W |
C |
R |
O |
U |
Q |
X |
E |
S |
O |
T |
A |
N |
W |
G |
E |
O |
U | |
P |
L |
J |
E |
P |
W |
R |
K |
H |
S |
O |
C |
F |
A |
R |
L |
X |
B |
A |
U |
S | |
A |
F |
O |
R |
G |
O |
T |
P |
A |
S |
S |
W |
O |
R |
D |
O |
G |
R |
G |
T |
U | |
S |
J |
G |
N |
A |
V |
Q |
K |
G |
M |
L |
I |
L |
G |
V |
C |
L |
C |
H |
S |
G | |
S |
B |
T |
W |
D |
C |
F |
L |
X |
M |
X |
X |
Q |
P |
L |
K |
Y |
O |
R |
S |
I | |
W |
G |
Z |
M |
V |
C |
S |
K |
A |
W |
X |
Z |
B |
K |
P |
E |
G |
O |
V |
P |
K | |
O |
Y |
U |
I |
P |
X |
A |
K |
G |
T |
H |
B |
L |
R |
B |
D |
L |
U |
N |
F |
H | |
R |
V |
C |
H |
T |
A |
G |
S |
V |
S |
P |
B |
I |
L |
V |
F |
F |
Z |
T |
A |
N | |
D |
G |
K |
F |
I |
R |
W |
D |
A |
P |
L |
L |
Q |
P |
Z |
S |
H |
Y |
K |
Q |
R |
|
AUTHENTICATION |
RESET |
UNLOCKED | |
CONFIRM |
SELF HELP |
USER NAME | |
FORGOT PASSWORD |
SELF SERVICE |
VERIFY | |
GUESSING |
SERVICE DESK |
WINDOWS PASSWORD | |
LOCKED OUT |
SHAREPOINT |
YOU ARE IN CONTROL |
|
 |
|
|
From the President
There is still time to sign up and attend our Nov. 15th class. The speaker is Danny Goldberg, whom we had back in January and was extremely engaging and knowledgeable. The topic this time is Optimized Interviewing: A one-day course on Optimizing the Effectiveness of Your Process Interviews.
The December class will be held on the 13th and will cover Data Breaches within the Health care arena and Health Care fraud. The announcement is on our website, so register now if you haven't already and we look forward to closing out the calendar year with this topic. We are also planning a COBIT 5 Foundations class to be held early next year (possibly February) so be on lookout for that.
Recruit 5 new members and get an iPad mini free. For each new member recruited, you are entered into a monthly drawing, but recruit 5 and you are guaranteed the prize. See the ISACA website for further details. Individuals joining ISACA now will pay the same rate but get 14 months of membership through 31 December 2014.
According to the latest IT Skills and Certifications Pay Index™ (ITSCPI) report from Foote Partners LLC, individuals who have attained ISACA certification ranked among the highest on its pay performance index. The average pay premiums for 289 IT certifications were surveyed and CISM and CGEIT tied with other certifications as the fourth highest-paying certification for the second quarter of 2013. CISA and CRISC tied as the fifth highest-paying certification. In addition, CGEIT's market value increased by 10 percent during the quarter ending 1 July 2013.
For our chapter, we are implementing a new approach to the management of our seminars and monthly events. During this transition, Sue Rusher will provide oversight to an education committee. She will train each of these individuals in a more narrow set of tasks. Additionally, each of the committee members will be cross-trained in the main efforts needed to run an event; finding and contracting the speaker, logistics of the facility, meal planning, advertising, and class follow-up. Please contact Sue or myself if you are interested in being part of this exciting and important committee.
Tom Hart
2013 - 2014 President |
|
SC Midlands ISACA presents:
"Optimized Interviewing: A One Day course on Optimizing the Effectiveness of Your Process Interviews"
Speaker: Danny Goldberg, CPA, CIA, CISA, CGEIT, CCSA
8 CPEs
DATE: Friday, November 15, 2013
LOCATION: BCBSSC Tower Auditorium
2501 Faraway Drive, Columbia, SC 29223
Free Parking in White Spaces Only!
TIME:
Registration and Breakfast 7:30 am
Class: 8:00 am to noon
Lunch: Noon to 1:00 pm
Class 1:00 pm to 4:00 pm
Pre-Registration and payment required at http://www.scisaca.org/ Click on future events, and locate this date. Checks and credit cards accepted for pre-registration and payment.
Pricing:
Regular Registration: October 21, 2013 - November 8, 2013
$150 - SC Midlands ISACA Members
$175 - Non-Members
Late Registration: November 9, 2013 - November 14, 2013
$175 - SC Midlands ISACA Members
$200 - Non-Members
What you will learn:
Interviewing is a very important skill in any discovery process. To effectively communicate and ease the concerns of the customer is as an important as an effective process. This one-day course will take attendees through the entire interview process, learning best practices for each step and how to manage different personality types.
Objectives
- Overview of best practices in process interviewing, including personality types and interview preparation.
- Learn the step-by-step interview process and learn best practices for each step.
- Learn how to listen actively and read physical cues.
Agenda
Introductions
Stories and Background
Types of Information Obtained from Process Interviews
- What an Interview is Not
- Direct versus Indirect Information
- What are We Looking for
Planning/Preparing for an Audit Interview
- Objectives
- Questions and Information Requests
- Participants
- Meeting
- Location
- Time
- Handouts
Conducting and Controlling Audit Interviews
- Types of Questions to Ask
- Physical Settings
- Small Talk and Knowing the Room
- Interview Tone
Managing Different Personality Types
Handling Challenging Interviewees
Active Listening
Physical Listening
Danny M. Goldberg leads the Professional Development Practice at Sunera. Prior to joining Sunera in January 2011, Danny founded SOFT GRC, an advisory services and professional development firm. Danny has over 15 years of audit experience, including five as a CAE/Audit Director at two diverse companies.
Prior to founding SOFT GRC, Danny was the Director of SOX Compliance and Corporate Audit at Dr Pepper Snapple Group, where he led the Year-One SOX Compliance efforts. Prior to his tenure at Dr Pepper, Danny was the Chief Audit Executive at Tyler Technologies, a publicly traded technology company, where he built the internal audit function from the ground up.
Danny has also served on the board of directors of a non-profit organization and the audit committee of the Dallas Independent School District. Danny currently serves as the Chairman of the North Texas Leadership Council of the American Lung Association and is the IIA Dallas Chapter Programs Committee Co-Chairman for the 2011-2012 year.
Danny is accredited as the professional commentator on the publication BNA Tax and Accounting Portfolio, Internal Auditing: Fundamental Principles (Accounting Policy and Practice Series), which is authored by renowned audit scholars Curtis C. Verschoor and Mort A. Dittenhofer - co-author of Sawyer's Internal Auditing.
He has also published numerous articles in trade magazines in 2011, including:
* The Audit Report (Executive Search, Winter 2011)
* ISACA Journal (General Auditing for the IT Auditor: An Overview, May 2011)
* The Audit Report (11 Hot Topics for 2011, March 2011)
* Dallas Business Journal (The Yes Man Phenomenon, January 2011)
Danny is a well-known speaker across the nation at numerous IIA and ISACA sponsored events. He has been recognized as a top speaker at several events during 2011-2013, including:
- Sixth Best Speaker out of 116 at 2013 IIA International Conference
- Eighth rated speaker out of 120 - 2012 IIA International Conference
- "Top Rated" (Excellent/Outstanding) Speaker - 20th Annual American Society for Quality (ASQ) Audit Division Conference (out of 44 presenters)
- Top 10 Presentation - 2011 IIA Midwest Regional (36 total concurrent sessions, 3.75 overall rating out of 4.0)
- Top 3 Ranked Speaker - Michigan CPA's Healthcare Conference 2011 (29 total speakers)
- Top 3 Ranked Speaker - ArkSarBen IIA 2011 District Conference (24 total sessions)
- * 3.58/4.00 Rating - 2011 ACFE Annual North American Conference
|
|
SC Midlands Chapter of ISACA Presents:
Data Breaches in Healthcare
Presented by Ryan Boggs, CISA, CRISC, Dixon Hughes Goodman LLP
Health Care Fraud & Compliance
Presented by Tommy Mills, ACFE, BlueCross BlueShield of South Carolina
DATE: Friday, December 13, 2013
LOCATION: BCBSSC Tower Auditorium
2501 Faraway Drive, Columbia, SC 29223
Free Parking in white spaces only!
CPEs: 3
TIME:
Registration: 8:30 am (Breakfast served)
Seminar: 9:00 - 12 noon
Pre-Registration and payment required at http://www.scisaca.org/Click on future events, and locate this date. Checks and credit cards accepted for pre-registration.
Pricing*:
Early Bird: now until November 22, 2013
Member - $45
Non-Member - $55
Regular Registration: November 23, 2013 - December 6, 2013
Member - $55
Non-Member - $65
Late Registration: December 7, 2013 - December 12, 2013
Member - $65
Non-Member - $75
What you will learn:
Data Breaches in Healthcare
Presented by Ryan Boggs, CISA, CRISC
, Dixon Hughes Goodman LLP
As an experienced provider of HIPAA/HITECH and Meaningful Use consulting services, Dixon Hughes Goodman has assisted healthcare organizations of all sizes complete IT risk assessments, conduct network penetration tests and vulnerability assessments, and develop IT controls designed to ensure the protection of patient privacy. Their presentation will focus on conveying to conference attendees the most common issues they see within IT departments that lead to the breach of patient ePHI data. They have taken significant efforts to identify the most common issues they discover in healthcare IT departments and continue to enhance their consulting services to addresses these problems first.
Data breaches continue to occur regularly, in spite of increased awareness and investment by healthcare IT departments. Yet, research into the causalities of these breaches does not indicate complex or highly sophisticated attacks. Instead, the most damaging breaches of data privacy are caused by simple activities that exploit common, and often easily remediated, vulnerabilities surrounding user awareness, IT governance, and data access. After briefly describing the differences between compliance and effective data security, they intend to leverage their experience in providing IT personnel in attendance with concrete ideas for IT governance and network security that can be incorporated into their environment. They plan to present the issues in a "Top 10" format and provide printed materials that can be consulted in the future.
Health Care Fraud & Compliance
Presented by Tommy Mills, CFE, AHFI, Director of Corporate Compliance and Special Investigations Unit, BlueCross BlueShield of South Carolina
Tommy's presentation is an overview of the process of fighting healthcare fraud in an ever changing environment. He'll discuss the challenges and motivation the Special Investigations Unit faces in fulfilling the responsibilities of preventing, detecting and investigating fraud. His presentation outlines the tools and methods the SIU utilizes in this endeavor. It will also reveal how fraud fighting has evolved into a comprehensive effort incorporating other disciplines in the organization to maximize available resources. Tommy will emphasize the importance of training employees to be vigilant at all times. The corporate culture is of vital importance for an ethical environment, but senior management's commitment to support and sustain it is necessary.
Ryan Boggs is a manager within the IT Advisory Group of Dixon Hughes Goodman LLP, which provides technology-related risk and advisory services to clients across the Southern U.S. Based in Greenville, SC, Ryan works with numerous healthcare organizations to implement and assess HIPAA, HITECH, and Meaningful Use compliance. His experience includes providing assistance to internal audit functions, performing technology risk and controls assessments, assessing compliance requirements of Sarbanes-Oxley, the Gramm-Leach-Bliley Act, and the Health Insurance Portability and Accountability Act (HIPAA), business process analysis, Service Organization Controls (SOC) reporting, and assisting clients with managing risk associated with large IT systems and infrastructure transformations. Ryan is a graduate of The Citadel and holds the Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Control (CRISC) certifications.
Tommy Mills is the Director of Corporate Compliance and Special Investigations Unit (SIU) at BlueCross BlueShield of South Carolina (BCBSSC). He started his career at BCBSSC almost twenty five years ago as Manager of Investigations. He is certified by the Association of Certified Fraud Examiners (ACFE) and accredited by the National Healthcare Anti-Fraud Association. His responsibilities include preventing, detecting and investigation fraud perpetrated against BCBSSC by providers, members, vendors and employees across all commercial lines of business including State, FEHBP and Medicare Advantage; coordinating and investigating all internal investigations for the corporation; administering compliance and ethics training for the corporation; conflict of interest reviews and investigations; OFAC review and tracking. Tommy has developed relationships with SIU management at the BCBS Association, other BlueCross BlueShield plans, other companies, federal, state and local law enforcement and prosecutors; insurance regulators.
Prior to his BCBSSC career, Tommy was a Forensic Investigator with the Richland County, SC Sheriff's Department. During his eight year law enforcement career he was a fingerprint expert, photographer, crime scene technician, narcotics analyst, arson investigator, expert witness, sniper/spotter as a Special Operations Response Team (SORT) team member. Tommy graduated from the University of South Carolina with a BS Criminal Justice degree.
|
|
|
