Viewing 0 current events matching “Audit” by Date.

Sort By: Date Event Name, Location , Default
No events were found.

Viewing 11 past events matching “Audit” by Date.

Sort By: Date Event Name, Location , Default
Nov 8, 2017
2017 ISACA SALEM Cyber Security Symposium
Chemeketa Center for Business and Industry in Salem, OR

Collection of timely and relevant presentations to address Cyber Security Trends

8 CPE, 4 Sessions

Session 1: Complex Adaptive Systems: How real life interactions translate into loosely coupled systems design Presenter: Michael Adsitt, VP at Duff & Phelps

Session 2: Security Panel: Building and Navigating a Career in Information Security, Privacy and Compliance disciplines Presenters: Jayashree Srinivasan, Oregon Dept. of Revenue; Jeremy Lyon, ODS; Madeline Zamoyski, New Relic; Paul Speed, Columbia Sportswear

Session 3: GDPR Compliance: Preparing an Approach Presenter: Madeline Zamoyski, Product & Privacy Attorney, New Relic

Session 4: DOX’ing Yourself: How Hackers Find Personal Information about You Presenter: Paul Speed, Information Security Engineer, Columbia Sportswear

PRICING: Earlybird: Through 10/27/17 ISACA Members: $75 Non-Members: $125

After: 10/27/17 ISACA Members: $100 Non-Members: $150

November 2017 ISACA Luncheon - Security Containerization

ISACA Luncheon Event: Security Container Adoption in Enterprise Environments

Across the world, organizations are using containerization technologies such as Docker and Kubernetes as a security boundary without a strong understanding of the underlying design. These technologies are often misconfigured, which can provide attackers with a means to gain a foothold within an organization, elevate privileges, or spread laterally throughout a modern enterprise network. During this presentation, we will analyze common use cases for a containerization environment and demonstrate tools these technologies provide to protect the host from an attacker within the container. We will discuss in detail the common threats facing these environments, as well as technical and administrative controls to detect and protect against attacks on containerization infrastructure.

Speaker: Lucas Rosvar, NCC Group Lucas Rosevear has been a Security Consultant at NCC Group since September, 2015, working from NCC's Seattle, WA office. Through projects at NCC Group, Lucas has performed a range of testing, including: - Network Penetration Testing - Web Application Penetration Testing - Blackbox and Config-assisted Container Reviews - AWS Config Reviews

Prior to NCC Group, Lucas became an OSCP and a member of the Phi Theta Kappa Honor Society.

Cost: ISACA Members: $25.00 Guests and Non-Members: $30.00

We expect this event to sell out. Attendance will be limited to the first 70 registrations. Do not delay, and register today!

Feb 8, 2018
ISACA Luncheon Event: "Building and Sustaining a Threat Intelligence program"

Speaker: Chris Nolke, CISO, Portland General Electric (PGE)

Chris is an experienced information security leader with experience building and operating threat intelligence programs at Nike and more recently at SureID prior to joining Portland General in October.

With a passion for engineering and sports cars, Chris will share his lessons and perspectives on building and operating threat intelligence programs that are engineered for success without having to worry about changing the oil frequently.

Apr 18, 2018
Incident Response and Vulnerability Management Seminar
Oregon Department of Fish & Wildlife

Join ISACA and the Salem IIA on April 18, 2018 as we present an in-depth seminar on Incident Response and Vulnerability Management


Two industry practitioners, Russ McRee from Microsoft and Ousàma Lakhdar-Ghazal from Umqua Bank, will be sharing their experiences and best practices for prevention, detection and responding to critical incidents, as well as discussing managing vulnerabilities.

Russ McRee is the principal security group program manager of the Blue Team for Microsoft’s Windows & Devices Group. He writes toolsmith, a monthly column for information security practitioners, and has written for other publications including Information Security, (IN)SECURE, SysAdmin, and Linux Magazine. Russ has spoken at events such as DEFCON, Derby Con, BlueHat, Black Hat, SANSFIRE, RSA, and is a SANS Internet Storm Center handler. He serves as a joint forces operator and planner on behalf of Washington Military Department’s cyber and emergency management missions. Russ advocates for a holistic approach to the practice of information assurance as represented by

Ousama Lakhdar-Ghazal is currently the technology risk officer for Umpqua Bank, managing risk and coordinating risk coverage for technology. Prior to joining Umpqua, Ousama was a compliance manager for Nike Inc., and prior to that a manager at Deloitte in their Cyber Risk Services group.

Pricing: $45 members (ISACA or IIA) $55 non-members and guests

Details: Afternoon Refreshments will be provided. Parking: Free Parking at the venue. No pass required.

May 10, 2018
ISACA Luncheon - "Executing a Security Strategy for a High Transaction Digital Environment

May 10, 2018 ISACA Luncheon - "Executing a Security Strategy for a High Transaction Digital Environment: Lessons from the Trenches"

Speaker: LJ Johnson, NIKE Information Security Sr. Director (Retired)

With a career spanning more than three decades, LJ Johnson is a well known security industry leader within the local Portland community. For the past 20 years, LJ has held several roles within NIKE’s Information Security organization as well as holding leadership positions in Business Operations, Organizational Change Management, and Global Supply Change Management. LJ’s more recent experience was building an Information Security Program for NIKE’s digital commerce organization.

Having a holistic background in both business operations and technology delivery provided LJ with the credibility and experience to create an information security service designed for high transaction activities and emerging technologies. Come listen to LJ as she shares lessons from the trenches in building an adaptable and sustainable information security program from a digital commerce perspective.

May 21, 2018
2018 Spring Training: IT Security and Audit Symposium
through Clackamas Community College - Wilsonville

Spring Training

Day 1:

1) Keynote: Blockchain: More that Cryptocurrency: Michael Reed (Intel)

Presentation on the origin of blockchain technologies and its evolution to a key technology in pursuit of increased efficiencies and new business models. Is your enterprise ready for blockchain?

2) Micro Segmentation and Cloud-A blueprint for protecting your golden egg: Tyler Hardison (RedHawk Security) (EVENT SPONSOR)

3) Benefiting from PCI – Even if Compliance is Not Required: Bowe Hoy (Sword&Shield) and Mike Griffin (Circle K Stores, Inc.)

The Payment Card Industry Data Security Standard (PCI DSS) can be beneficial to your organization, even if compliance to it is not a requirement. PCI DSS features a number of valuable guidelines to help your organization improve its security posture, technology auditing, and business operations. This session will help you understand the key components of PCI DSS and how your organization can benefit from implementing it. You will receive practical lessons through case studies about organizations that have successfully implemented PCI DSS. Whether these organizations were required to comply with PCI DSS, or chose to adopt it – they became a better organization because of it. And you can learn how to do the same for your organization.

4) Certificate Security and Frameworks for a Public CA: Derek Thomas and Scott Perry

As the ubiquity of on-line shopping continues to amplify our digital environment, ensuring a trusted on-line transaction becomes critical to building the brand loyalty and experience once relished within the physical brick and mortar retailer. The ability to ensure a trusted and secure transaction is not new, however the scrutiny placed on that trust is at an all time high with significant changes in the issuing community and the scrutiny ensuing from the browser community for secure and reliable trusted certificates.

In this presentation, Scott Perry, Partner and Derek Thomas, Managing Director, of Scott Perry CPA, one of six licensed CPA firms performing Certificate Authority audits, will discuss the changing landscape of on-line transactional trust and the requirements of Certificate Authorities. The presentation will include a discussion and overview of an established but less known framework for evaluating and auditing the performance of Certificate Authority practices and considerations applied to evaluating the security of your on-line transactions.

Day 2: 5 Sessions: Various Presenters

5) Current Economics of Cyber: David Hobbs: Radware

Often we discuss the changing threat landscape from a pure technical or vulnerability picture, however this does an injustice to element of ease, cost and access to attacks. This presentation will provide attendees with an up-to-date picture of the rapidly changing landscape of attack tools and services, the buying criteria and locations for these the tools and ease of use. In addition, the presentation will provide an understanding of how the combination of the proliferation of these tools and their corresponding use has dramatically changed the dynamics of the return on defense strategies. This presentation will provide unique insight into the world of the Darknet, specific customer attack stories, new economic models of measuring security deployments and a refreshed look at how controls should be deployed going forward.

6) Cyber War Chronicles - Stories From the Virtual Trenches (ERT Report 2017): David Hobbs: Radware

From information shared by over 1250 companies on their top concerns, we talk about what happened in 2017 and predict the top trends of 2018 in cyber security. The first half of 2017 saw a continuation of some cyber-security threats, as well as the emergence of some attack types and trends. Ransom attacks, political hacks, and new dynamics around the accessibility and capability of attack tools have added even more challenges to security. This session will explore some of the latest evolutions of the threat landscape, through a combination of market intelligence, real-world case studies, and direct insights from those on the front lines of cyber-security.

7) OWASP Updated Top10: Alex Ivkin (ISACA Board)

 A detailed technical review of the OWASP top 10.

8) The Value of Cyber Certifications: Alex Ivkin (ISACA Board)

9) Fraud Audit in a Digital Environment: Sarah Dalton: E&Y



Regular Pricing: On or After 4/20/18:

ISACA or IIA Member: $185

Non-Member: $225

We hope to see you there!

Sep 26, 2018
Join us at ISACA Willamette Valley Chapter Networking Event
BridgePort Brewing Company

We are REALLY excited about this upcoming program year and would like to kick-off the season with our annual mixer.

Come learn about our 2018-2019 Program Year, our new Academic Outreach Program, and network with other IT, Security and Audit professionals in our area and enjoy a cold beverage.

Once again there will be an array of appetizers and a full hosted bar.

Networking activities, information about certifications and select door prizes will be part of the evening events.

Please take this opportunity to bring along a guest and showcase the value of ISACA membership and Certifications.

COST: The event is FREE, however, parking is not covered.

Oct 23, 2018
Audit Lightning Talk & Social: 4-5 Speakers From Local Professional Organizations
Simple 120 SE Clay St Floor 2, Portland, OR 97214


LIGHTNING TALK: 6:00pm – 7:00pm

NETWORKING: 7:00pm – 7:30pm

[Pizza, salad and beer/cider will be provided]

[Public parking on the street]

PRICING: FREE (We will have a waitlist available, so if unable to come, please cancel your registration so others can attend)

The IIA Portland and ISACA Chapters are proud to present our first ever audit lightning talk event. Think TEDTalk! The goal of lightning talks is to articulate a topic in a quick, insightful, and clear manner. We will have a variety of presenters that will share their ideas a topic of their choice for 10 minutes with some additional time for questions. You will hear a lot of interesting information and hear unique viewpoints. Topics correlate to audit, information security, risk, fraud, or professional development. Please join us for this one-of-a kind event! Plus, the event is free and dinner and an adult beverage are included! How can you go wrong?

Speaker Topics:

Motorcycles and the art of risk-taking as an Auditor: Navigating the twists and turns of your career can be both crushing, dizzying, and yes beautiful. Make bad choices and you could deal with years of regret. Accepting unplanned route changes can be very tough, hard on the ego, and downright scary. The trek of the last 10 years or so took my family through losing loved ones, a layoff from a bailout company (yes one of the ones who went to DC in a private jet to ask for money), income reductions, grad school, and being open to interesting opportunities that have taken me around the world. Luckily, I have the support of my wife and partner and together we've worked through many challenges in our lives together, as a team. Through relentless support and sometimes brute force, we've navigated bumps in the road and found balance by getting more comfortable with ambiguity and risk. I'd love to share a few minutes of ideas about my journey, how it changed several times without my consent, and offer some ways to think ahead about personal risk taking.

The Recipe to an Auditor’s Success: Lauren and Taylor will give their perspective of what clients can do to avoid common pitfalls during audit engagements and ways to help your favorite auditors succeed.

Keys to a Successful Robotic Process Automation (RPA) Implementation: Implement the foundational elements to accelerate business performance. RPA is the application of technology that allows employees in a company to configure computer software or a ‘robot’ to capture and interpret existing applications for processing a transaction, manipulating data, triggering responses and communicating with other digital systems.

More topics to come!

SPEAKER BIOS: Eric Jenkins is a leader with experience in Enterprise Risk and Audit. He's worked for an interesting mix of companies, including America Online, GMAC, and Deutsche Bank, and has landed in the beautiful Northwest. He helps great companies work through financial crime and technology problems. In his free time he loves riding motorcycles and playing music whenever he can. Eric is a MBA, CAMS, CISA, and CRISC.

Lauren Overton: Started her career with Moss Adams in 2013. Her client experience ranges over various industries with a focus in manufacturing and distribution, construction, and healthcare in both the private and public sectors. Lauren’s favorite part of her job is the ability to gain an understanding of how different companies operate; whether that be discussing future projections with the CFO or reviewing a control process with a staff accountant. Outside of the normal work week, Lauren enjoys taking advantage of the Portland “foodie scene”, fostering rescue animals, spoiling her own pooch and going to see live music with her husband.

Taylor Schimbke joined public accounting in 2014 and provides accounting, auditing, and consulting services to a wide variety of clients, with a passionate focus in the construction, forest products, and distribution industries. Recently, Taylor undertook a job rotation with the IT Assurance group at Moss Adams and is primarily focused on IT SOX compliance. She is helping to lead the firm’s initiative to develop skilled IT auditors and encourage collaboration and synergy across the assurance practice. In her free time, Taylor is a novice gardener and loves spending time outdoors with her golden retriever, Kobe.

Zefren Edior is alumni of California State University Polytechnic Institute of Pomona, and he volunteers and spends time engaging youth in technology training and awareness, and engages HS and collegiate students through technology competitions and general outreach on professional development. He joined the Bank in December 2016, by way of Kaiser Permanente (Information & Web Application Security Engineering), EY (Advisory, Information Risk Management), Crowe Horwath (Advisory, Technology Risk Management, Silicon Valley), and KPMG (Advisory, GRC & Integration). Zefren is a thought leader in Data, Technology, and Information Security, and Risk Management, and he executes and delivers.

Nov 9, 2018
ISACA event - Applied Information Security: Your Best Offense is a Solid Defense
Oregon Department of Fish & Wildlife, Salem, OR

Applied Information Security: Your Best Offense is a Solid Defense

Hear from the Director of Cybersecurity from PGE discuss approaches to building an effective security function using inputs from within the organization, and the CEO and Founder of Verification Labs, on how threat actors utilize available information to map your environment and create a network security attack. Learn how automation techniques can be applied to enhance your defenses and the steps necessary in building an improved incident response.

Where: Oregon Department of Fish & Wildlife 4034 Fairview Industrial Dr SE, Salem, OR 97302


Cost: $20 ISACA Members

$25 Guest/Non-Member


Time: 8:30 am- 10:15 am

Chris Nolke, PGE Cybersecurity Director Topic: Building an Efficient Cybersecurity Organization

Come hear the Director of Cybersecurity from PGE discuss approaches to building an effective security function using inputs from within the organization, and results from risk assessments to inform levels of resources required in developing an efficient security organization tooled for and ready to support the evolving business direction of a utility organization.

In this session you will learn:

  • industry and marketplace considerations useful in searching for the right candidates
  • practices in aligning the organization security requirements to strategic areas with the business
  • methods for engaging broad stakeholders for support of investment levels required for information security function

Break: 10:15 am - 10:30 am Time: 10:30 am - 12:15 pm

Trey Blalock, CEO Verification Labs Topic: Network detection and mapping-Using Automation to Build an Effective Security Response Strategy

Come listen to the CEO and Founder of Verification Labs walk us through a two part session focusing initially on how security threats map and obtain information about your network to identify vulnerabilities for exploit. We will cover how new automation approaches are allowing security professionals to create improved response in addressing these issues.

In this session you will learn:

  • what information bots and other security threats collect in identifying attack vectors
  • what your network reveals about your organization
  • emerging approaches to robust incident management programs leveraging automation rather than resources to enhance response.

We hope to see you there!

Apr 25, 2019
ISACA Session: Identification, Pursuit and Prosecution of a Cyber Criminal
Port of Portland Headquarters - Port Board Room

Identification, Pursuit and Prosecution of a Cyber Criminal: Inside Perspectives from the Oregon FBI and Oregon District Attorney

ISACA has brought together our top law and legal enforcement arms, the Oregon FBI and the Oregon State Attorney to highlight the skills, tools, and techniques used in the identification, pursuit, and prosecution of cyber crime within and beyond the borders of Oregon.

As cyber crime continues to grow at pace faster than businesses can address, effective partnering with our State law and legal teams is required in effectively utilizing limited resources and funds to address this risk.

Join the top experts in our State as they discuss the personnel, process, and technology approaches used to combat this growing epidemic and understand how business and individuals can partner effectively with the FBI and our top law enforcement teams in identifying, pursuing, and prosecuting cyber criminals.


George Chamberlin FBI, Assistant Special Agent in Charge, Portland Field Office

Bill Williams U.S. State Attorney and Chief Federal Law Enforcement, Portland Field Office

Scott Bradford Assistant U.S. Attorney, US Department of Justice, Portland Office

Quinn Harrington Assistant U.S. Attorney, US Department of Justice, Portland Office


8:30am - 9:00am: Registration and Check-In

9:00am - 12:00 pm Presentations

Please note that lunch will not be provided. We will provide coffee and refreshments.


Cost: Early bird before 3/31: ISACA Members: $45.00 Non Members $65.00

After 3/31: ISACA Members: $60.00 Non Members $80.00

Parking will be validated by the Port of Portland. Event is in the Port Board Room.

May 22, 2019
2019 ISACA Spring Training: IT Audit and Security Climate Change
through Wilsonville-Clackamas Community College

2019 ISACA Spring Training

IT Audit and Security Climate Change: The Risks of Shifting Technologies and a Political Landscape

Advancements in emerging technologies have accelerated significantly with the reality of automated intelligence (AI), robotics and now Blockchain technologies. Only a few years ago, companies were wrestling with the emergence of social media and integration of mobile strategies for retail. Fast forward and mobile delivery with social presence is now the norm, and retail is fundamentally digital. The next wave of emerging technologies promise bigger shifts than the last wave; however several of these technologies will need to move beyond proof of concept use cases for companies to successfully embrace.

Will the political environment be helpful or hurtful to industry and business in 2019? Will cutting edge technologies shift into mainstream reality and create broader adoption beneficial in reigniting the markets? Will employees remain optimistic within a generally low unemployment environment?

Come attend ISACA’s Spring Training Event and find out what industry leaders are thinking and doing to maximize the benefits of emerging technologies amid the shifting quicksand of the political and technology environment.

When: Wednesday 5/22/19 - Thursday 5/23/19 9:00 am - 5:00 pm each day. (Registration 8:00 am-9:00 am)

Where: Wilsonville-Clackamas Community College Room W108-B

29353 SW Town Center Loop East. Wilsonville, OR 97070


Cost: Early bird pricing: Through 4/21/19

Member: $175

Non-Member: $225

Regular pricing: 4/22/19-5/13/19

ISACA Member: $200

Non-Member: $250


Day 1: Multiple Sessions: Various Presenters

Michael Hanna, Director, PDX Municipal Broadband - Building a Community Network

Tom Cornelius, Sr. Partner, Compliance Forge - A Consolidated Governance Approach to Security

Tyler Hardinson, Chief Technology Officer, RedHawk Security - Penetration Testing for IoT

Susan Ford, Partner, Res Nova Law - Intellectual Property Protections

Jennifer Birk, Consultant, Propeller, Inc. - Change Management for Emerging Tech

Day 2: Multiple Sessions: Various Presenters

Bruce Carpenter, VP Internal Audit, NVIDIA - Keynote, Auditing amid Shifting Technology

Dorian Cougias, Compliance Scientist, Unified Compliance - A Unified Compliance Approach

Speaker TBD, NETWRIX - Topic TBD

Leila Annen, Sr. Manager, Moss Adams - PCAOB and Emerging Regulatory Audit Trends

Fred Pond, Former (Ret.) CIO, Columbia Sportswear - Security from the CIO Lens: Stewarding a Breach Event

  • Speaker order subject to change without notice

We hope to see you there!