Professional Education for Internal Controls | Security | Audit | Governance | Risk
Submitted by Al Marcella on Thu, 08/22/2013 - 19:38
Training @ 50MSC provides the opportunity for you to receive high quality, expert-lead training, in addition to obtaining your annual Continuing Professional Education hours, which are necessary to sustain individual certifications.
Through the collaboration of our four partners, we are able to offer you a selection of timely and vital IT security and audit course topics ranging from one, and two-day intensive sessions to week-long CISA / CISM / CGEIT / CRISC examination Boot Camp programs.
Submitted by Al Marcella on Thu, 08/22/2013 - 10:04
I have been following the recent debate among my neighbors the past several weeks regarding a proposal to install surveillance cameras at strategic intersections throughout the neighborhood.
Given the recent uptick in the increased, individual awareness of exactly how much privacy we (at least we here in the good ol’ US of A) do not have, any movement to further encroach on an individual citizen’s privacy is bound to polarize a populous be it a neighborhood, city, State or nation.
Submitted by Craig McGuffin on Mon, 07/08/2013 - 00:38
In preparing for the CISA exam, one important area of review, which many auditors and exam takers find challenging is encryption. While no one knows exactly the concentration nor the number of questions in any exam, which may be dedicated to this subject, one can be very certain that questions on encryption, given the topic’s role in security and internal control, will be on the exam in some form.
Submitted by Al Marcella on Mon, 06/17/2013 - 16:54
For the first time, ISACA is offering a third exam session for those seeking the CISA and CISM designations. The sessions will be held on Saturday, 7 September 2013 at selected locations worldwide. Please see this link for more details. The deadline for final registration is Monday 22 July 2013.
Submitted by Craig McGuffin on Sun, 06/09/2013 - 23:32
I received the following email recently and the sender asks a very timely and important question, one that may be on the mind of many professionals, both within the audit/IT audit profession and those in tangential yet closely related and aligned professions.
Your thoughts and comments, and further suggestions to the "sender" are always welcomed.
I am contemplating pursuing a new profession in management of cyber security. I would like to obtain my CISA designation and shortly thereafter apply for CISSP certification.
Submitted by Craig McGuffin on Sat, 06/01/2013 - 23:24
This past Saturday (8 June 2013) was a big day for many people who wrote a 200-question, four-hour exams on the path to seeking one of the professional qualifications of CISA, CISM, CGEIT or CRISC, offered by ISACA.
Submitted by Craig McGuffin on Mon, 05/27/2013 - 08:24
Jennifer Boyce of Deloitte & Touche (Hi Jen!) used to do a great job serving as the Toronto ISACA Chapter’s “Director, Certifications” (a role now very admirably and ably filled by Laureen Ellis). One of Jennifer’s traditions was to attend the final session of our preparation courses and give her Exam Day Tips.
When she left Toronto, she was kind enough to leave me a copy of the tips (Thanks Jen!). Here are some important items to keep in mind when you find yourself sitting in that exam room on the big day, along with some of my comments:
Submitted by Al Marcella on Sun, 05/26/2013 - 14:37
Many of you writing the CISA or CISM exam may have a great deal of real-world expertise in particular subject areas...securing systems, writing policies, managing projects, responding to incidents. If that’s the case, you will no doubt find instances where you strongly disagree with an answer to one of the practice questions, based on your own direct experience.
Frustration and the odd profanity typically ensue. How should you deal with this?
Submitted by Al Marcella on Mon, 05/06/2013 - 09:53
Sometime along September 2004 (see exhibit 1), I penned some thoughts on technology and the idea of binary-based malware infecting carbon-based life forms. The original piece was titled “Pacemakers and Malware Properities.”
"Mathias Thurman,” a real security manager, whose name and employer has been disguised for obvious reasons, wrote in the May 21st (2012) edition of Computerworld that an administrator, during a training session with an employee, on how to manage the organization’s antivirus infrastructure, while reviewing the reports of machines with infected files, spotted what appeared to be a very suspicious .mov file.