BEGIN:VCALENDAR PRODID:-//Microsoft Corporation//Outlook 16.0 MIMEDIR//EN VERSION:2.0 METHOD:PUBLISH X-MS-OLK-FORCEINSPECTOROPEN:TRUE BEGIN:VTIMEZONE TZID:Mountain Standard Time BEGIN:STANDARD DTSTART:16011104T020000 RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11 TZOFFSETFROM:-0600 TZOFFSETTO:-0700 END:STANDARD BEGIN:DAYLIGHT DTSTART:16010311T020000 RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3 TZOFFSETFROM:-0700 TZOFFSETTO:-0600 END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT CLASS:PUBLIC CREATED:20171009T141549Z DESCRIPTION:\nJoint Meeting with ISSA at the Comedy Works - South (Landmark )\, in the Main Showroom\n\n\nAfternoon Presentation (2:10pm - 4:00pm) \nH appy Hour/Networking Social from 4:00pm - 5:30pm afterwards!!!\n\nCPE Cred its: up to 2.0 hours of CPE is available\nTopic: Re-Engineering IT and Con trols using ISACA control frameworks\, ITIL and ISO27001\nAfter a disastro us CRM deployment on Oct 31\, 2003\, AT&T Wireless lost between 100-350M i n one calendar quarter\, enough to put the industry leader in GSM mobile s ervice on the auction block. In the first year of accelerated filing for S OX 404\, AT&T Wireless had to reengineer IT and pass its first SOX audit w ith zero deficiencies - in 10 months. There was zero time to allow for tri al and error in our control design\, implementation\, testing\, and docume ntation: it had to be done right on the very first try or the merger with Cingular\, expected to be the largest cash acquisition in the history of t he US\, was off. \n\nThis presentation covers a case study of leadership u nder pressure\, using ISACA control frameworks\, with ITIL and ISO 27001 i n order to design and implement a control framework that all four audit fi rms called “a thing of beauty” and that prompted a six sigma study of our incident identification\, management\, and response processes. We will examine lessons learned about effective IT security and have time for Q&A . \n\nThe speaker\, Karen Worstell\, was the CISO and VP of IT Risk Manage ment for AT&T Wireless and led the successful SOX effort for the acquisiti on of AT&T Wireless by Cingular including all IT infrastructure controls a nd a total re-engineering of Disaster Recovery for AT&T Wirelesses data ce nters in a ten month period.\nLearning Points:\n* Leadership under pressur e\n* Use of ISACA control frameworks\, with ITIL and ISO 27001 to design a nd implement a control framework\n* Examine lessons learned about effectiv e IT security\n* Q&A\nAbout the Speaker: Karen Worstell began her cyber ca reer 30 years ago when her programming professor in grad school encrypted the final and unique code breaking tools were required to be used in order to decrypt and read each question. She provided cyber security support fo r programs like the Advanced Tactical Fighter prototype and B2 Bomber\, de veloped the first computer security manual for the Boeing Company\, and le d research in secure distributed computing for Boeing's Research and Techn ology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide \, SRI Consulting\, Bank of America\, AT&T Wireless\, Microsoft and Russel l Investments. She was the CEO for AtomicTangerine\, the SRI International spinoff focused on security that served international Fortune 100 compani es in security strategy and major technology implementations. She co-chair ed major security events for SRI International\, Forbes.com\, and Georgeto wn University Law Center. She held positions at NIST for OSI security arch itecture\, the security subcommittee of the Aerospace Industries Associati on\, US Department of Commerce Security and Privacy Advisory Board\, and t he security subcommittee of NSTAC and has been a featured speaker at event s for SecureWorld\, IIA\, ISSA\, ISACA\, AusCERT\, Security Conference Isr ael\, and RSA. She is the author of "Governance and Internal Controls for Cutting Edge IT" published by ITG\, the chapter "The Role of the CISO" in the Computer Security Handbook 5th and 6th editions (Wiley) and co-author of "Evaluating the E-Discovery Capabilities of Outside Law Firms" by Pike & Fisher. Her technical expertise spans Identity and Access Management\, I ntrusion Detection and Response\, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "not putting steel doors on grass shacks." Today she focuses on changing percep tions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyber talent in leaders hip roles for enterprises who are serious about cyber security. Karen twee ts at https://twitter.com/karenworstell and blogs at karenworstell.com .\nWho should attend\nIT Leaders (CIOs/CTOs/CSOs/CISOs )\, IT practitioners (Directors and Managers)\, IT Audit and Security prof essionals\, Internal and External Auditors.\nField of Study\nSecurity\, Go vernance\, Risk & Compliance\nInstructional delivery method\nGroup Live\n \nAgenda\n \n12:30 p.m. - 1:30 p.m. Registration & Networking\n2:00 p.m. - 2:10 p.m. ISACA and ISSA Chapter Announcements\n2:10 p.m. - 4:00 p.m. Pre sentation in the Main Showroom\n4:00 p.m. - 5:30 p.m. Social Event/ Happy Hour is in the Lila B. Lounge!\n \n \nFees\nISACA Denver Chapter Members:\ n \n$25\nNon-Members:\n \n$35\n \nThere is a $5.00 discount for credit car d payments.\nWalk-in non-members must pay by cash/check and will be charge d an additional $10.00 fee above the normal fee.\nWalk-ins may be turned a way if space is not available.\n \n \nLocation\nComedy Works - South (Land mark)\nCurtis Ballroom\n5345 Landmark Place\nGreenwood Village\, CO 80111\ n» See Map \n \n DTEND;TZID="Mountain Standard Time":20171214T173000 DTSTAMP:20161110T164949Z DTSTART;TZID="Mountain Standard Time":20171214T123000 LAST-MODIFIED:20171009T141549Z LOCATION:5345 Landmark Place\, Greenwood Village\, CO 80111 PRIORITY:5 SEQUENCE:0 SUMMARY;LANGUAGE=en-us:ISACA Denver Chapter Meeting\, Joint with ISSA TRANSP:OPAQUE UID:040000008200E00074C5B7101A82E0080000000070F262C7771DD201000000000000000 010000000C7346F70E4FBF74BB85FE26DAD739F74 X-ALT-DESC;FMTTYPE=text/html:

Joint Meeting with ISSA at the Comedy Works - So uth (Landmark)\, in the Main Showroom

Afternoon Presentation (2:10pm - 4:00pm) \;
Hap py Hour/Networking Social from 4:00pm - 5:30pm afterwards!!!

CPE Credits: u p to 2.0 hours of CPE is available

Topic: Re-Engineering IT and Controls using ISAC A control frameworks\, ITIL and ISO27001

Aft er a disastrous CRM deployment on Oct 31\, 2003\, AT&\;T Wireless lost between 100-350M in one calendar quarter\, enough to put the industry lead er in GSM mobile service on the auction block. In the first year of accele rated filing for SOX 404\, AT&\;T Wireless had to reengineer IT and pas s its first SOX audit with zero deficiencies - in 10 months. There was zer o time to allow for trial and error in our control design\, implementation \, testing\, and documentation: it had to be done right on the very first try or the merger with Cingular\, expected to be the largest cash acquisit ion in the history of the US\, was off. \;

This presentation covers a case study of leadership under pressure\, using ISACA control frameworks\, with ITIL and ISO 27001 in order to design and implement a control framework that all four audit f irms called “a thing of beauty” and that prompted a six sigma study of our incident identification\, management\, and response processes. We wil l examine lessons learned about effective IT security and have time for Q& amp\;A. \;

The speaker\, Karen Worstell\, was the CISO and VP of IT Risk Management for AT&\;T Wireless and led the successful SOX effort for th e acquisition of AT&\;T Wireless by Cingular including all IT infrastru cture controls and a total re-engineering of Disaster Recovery for AT&\ ;T Wirelesses data centers in a ten month period.

Learning Points:

  • Leadership under pressu re
  • Use of ISACA control frameworks\, with ITIL and I SO 27001 to design and implement a control framework
  • Examine lessons learned about effective IT security
  • Q&\;A

About the Speaker: Karen Worstell \;https://pbs.twimg.com/profile_imag
	es/908348502660440064/BE9KSgKH_400x400.jpgbegan her cyber career 30 years ago when her programming pro fessor in grad school encrypted the final and unique code breaking tools w ere required to be used in order to decrypt and read each question. She pr ovided cyber security support for programs like the Advanced Tactical Figh ter prototype and B2 Bomber\, developed the first computer security manual for the Boeing Company\, and led research in secure distributed computing for Boeing's Research and Technology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide\, SRI Consulting\, Bank of America\, AT&a mp\;T Wireless\, Microsoft and Russell Investments. She was the CEO for AtomicTangerine\, the SRI International spinoff fo cused on security that served international Fortune 100 companies in secur ity strategy and major technology implementations. She co-chaired major se curity events for SRI International\, Forbes.com\, and Georgetown Universi ty Law Center. She held positions at NIST for OSI security architecture\, the security subcommittee of the Aerospace Industries Association\, US Dep artment of Commerce Security and Privacy Advisory Board\, and the security subcommittee of NSTAC and has been a featured speaker at events for SecureWorld\, IIA\, ISSA\, ISACA\, AusCERT\, Security Conference Israel\, and RSA. She is the author of "\;Governance and Internal Controls for Cutting Edge IT"\; publ ished by ITG\, the chapter "\;The Role of the CISO"\; in the Compu ter Security Handbook 5th and 6th editions (Wiley) and co-author of "\ ;Evaluating the E-Discovery Capabilities of Outside Law Firms"\; by Pi ke &\; Fisher. Her technical expertise spans Identity and Access Manage ment\, Intrusion Detection and Response\, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "\;not putting steel doors on grass shacks."\; Today she focuse s on changing perceptions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyb er talent in leadership roles for enterprises who are serious about cyber security. Karen tweets at \;https://twitter.com/karenworstell and blogs at \;karenworstell.com.

W ho should attend
IT Leaders (CIOs/CTOs/CSOs/CISOs)\, IT practitioners (Directors and Managers)\, IT Audit and Security professiona ls\, Internal and External Auditors.

Field of Study
Sec urity\, Governance\, Risk &\; Compliance

Instructional delivery method
Group Live

 \;

Agenda

 \;

12:30 p.m. - 1:30 p.m. Registration &\; Networking
2:00 p.m. - 2:10 p.m. ISACA and ISSA Chapter Announce ments
2:10 p.m. - 4:00 p.m. Presentation in the Main Showroom
4:00 p .m. - 5:30 p.m. Social Event/ Happy Hour is in the Lila B. Lounge!

 \;< /p>

Fees

ISAC A Denver Chapter Members:

 \;

$25

Non-Members:

 \;

$35

 \;

There is a $5.00 discount for credit card payments.

Walk-in non-members m ust pay by cash/check and will be charged an additional $10.00 fee above t he normal fee.

< span style='font-size:9.0pt\;font-family:"Arial"\,sans-serif\;color:#31313 1'>Walk-ins may be turned away if space is not available.

 \;

Location

Comedy Works - Sout h (Landmark)
Curtis Ballroom
5345 Landmark Place
Greenwood Villag e\, CO 80111
» \;See Map

 \;

X-MICROSOFT-CDO-BUSYSTATUS:BUSY X-MICROSOFT-CDO-IMPORTANCE:1 X-MICROSOFT-DISALLOW-COUNTER:FALSE X-MS-OLK-AUTOFILLLOCATION:FALSE X-MS-OLK-CONFTYPE:0 END:VEVENT END:VCALENDAR