o chair communication - isaca® karachi chapter · chair communication & publications, isaca...
TRANSCRIPT
This bimonthly newsletter focuses on ISACA Karachi Chapter’s activities, achievements & announcements.
It also highlights major news events happening in the IT/IS/Telecom/eBusiness/GRC & related sectors of Pakistan.
The President’s Message 3
Official CISA/CISM Review Course in Karachi 5
ISACA Karachi Chapter Tenure at a glance 2012:2013 6
ISACA Karachi Chapter Presentation Report 7
Virtual Conference on 18th March 2014 12
Two-Days Workshop in Karachi Offered 10% Discount 13
ISACA International News & Alerts 14 o Rehan Earned CGEIT Highest Score in the World o Certification Recognition o CPE Policy Update for 2014 o COBIT-5 Enabling Information o 2014 Renewals o Candidate’s guide and Bulletin of Information o Webinar 13-March-2014
ISACA International News & Alerts 15 o New Venue for upcoming Review Courses o Finalization of CoBIT Accredited Trainers o Injection of new Board Director
North America CACS 2014 16
ISACA Book Store Update 17
Country Highlights 18 o Pakistani IT Expert won int’l Cyber Drill o Pakistan Cyber Crime Bill Ready
ISACA Conference / Training Week Calendar [Mar - Apr] 19
Contacts of ISACA Karachi Chapter Board Members 20
Editor Absar Khan
For Suggestions
& Feedback
Absar Khan Chair Communication &
Publications, ISACA Karachi
Table of Content
Dear Members,
I am pleased to share your Chapter’s activities and some important news
that may be interest to you.
Chapter Presentation on 27-Nov-2013 Your chapter conducted a presentation on Business Continuity
Management – Key Concepts & Best Practices on 27th
November 2013 in
Marriott Hotel Karachi
To conduct this presentation, we invited renowned industry specialist
Mr.Sohail Khimani Head of BCM & Information Security at KASB Bank
Pakistan
It was held in the Marriott Hotel Karachi. It was a Free Event for chapter
members and offered 2 CPE Hrs.
A large number of audiences which included ISACA Karachi Chapter
Members and IT Expert / professionals from leading organization attended
the event.
You can get brief information of the event in our newsletter.
Upcoming Chapter Event:
I am pleased to inform you that in the month of March your chapter is
planning to hold Chapter AGM. The event will be held in Marriott Hotel
Karachi and will be a free event for Chapter Members.
Chapter endorsed event in the city:
Your chapter has endorsed two days hands on training session which is
conducting by Risk Associates in collaboration with Security Experts.
The event will be held on 24-25 March 2014 in Marriott Hotel Karachi.
I am glad to share you that the event organizers have agreed to offer 10%
discount exclusively to members of ISACA Karachi Chapter.
Free Virtual Conference & Webinar:
Please mark your calendar for following free events of ISACA:
Webinar : 13th
March 2014
Virtual Conference : 18th
March 2014
Continue . . .
President’s Message
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 3 of 20
President’s Message
Online COBIT Foundation Course:
ISACA is offering online COBIT Foundation Course version 5. The
course will offer 8 CPE Hrs and will cost USD $ 400 for members and
USD $ 550 for nonmembers. You could find its detail in the newsletter.
We are committed to make ISACA Karachi Chapter as one of the leading
chapters of Asia.
Last but not the least; I would like to thank you for supporting your
chapter.
Thank you.
Zain Ansari President, ISACA Karachi Chapter.
March 2014
ISACA Certified Members Can
Earn Over 70 FREE CPE Credits
Certified members have
numerous options in order to
obtain their FREE continuing
professional education credits
through:
Journal quizzes
Monthly eSymposia quizzes
Local Chapter volunteer
activities
Mentoring
Learn more about FREE CPE http://isaca.informz.net/z/cjUucD9ta
T0xNjA0NjY3JnA9MSZ1PTEwMj
AwOTA1OTgmbGk9NzE2ODg3M
g/index.html
Earn Over 70 FREE CPE
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 4 of 20
Day # CISA Content Coverage DATE
1 Domain 1 - The Process of Auditing Information Systems Saturday, 05 April 2014
2 Domain 2 - Governance and Management of IT Saturday, 12 April 2014
3 Domain 3 - Information Systems Acquisition, Development and Implementation Saturday, 19 April 2014
4 Domain 4 - Information Systems Operations, Maintenance and Support Saturday, 26 April 2014
5 Domain 4 - Information Systems Operations, Maintenance and Support Saturday, 03 May 2014
6 Domain 5 - Protection of Information Assets Saturday, 10 May 2014
7 Domain 5 - Protection of Information Assets Saturday, 17 May 2014
8 CISA Preparatory Test + Solution Saturday, 24 May 2014
Exam Date Saturday, 14 June 2014
Day # CISM Content Coverage DATE
1 Domain 1 - Information Security Governance Saturday, 05 April 2014
2 Domain 1 - Information Security Governance Saturday, 12 April 2014
3 Domain 2 - Information Risk Management and Compliance Saturday, 19 April 2014
4 Domain 2 - Information Risk Management and Compliance Saturday, 26 April 2014
5 Domain 3 - Information Security Program Development and Management Saturday, 03 May 2014
6 Domain 3 - Information Security Program Development and Management Saturday, 10 May 2014
7 Domain 4 - Incident Management and Response Saturday, 17 May 2014
8 CISM Preparatory Test + Solution Saturday, 24 May 2014
Exam Date Saturday, 14 June 2014
Events Endorsed / Partnered by Chapter
Course / Workshop Conducted by Hold on Discount CPE
Pakistan CIO Summit & Expo 2013 Partnered with
PISA & CSA
21-22
May-2013 20% 14
CPE
Securing large scale Internet services
against hackers & threats
Partnered with Google
Developer's Group (GDG)
15th April 2013 2 CPE
Hrs.
13th
ITCN Asia 2013 Int'l Exhibition &
Conferences
Partnered with ITCN ASIA 8-10 Oct-2013 Free
Invitation
for
Members &
‘C’ Level
Executives
2nd
Annual CISO Asia Summit Partnered with MIS
Training Institute,
Malaysia
12 Nov-2013 1 Free Seat
and
15% for all
Members
Events Conducted by Chapter
Event Venue Hold on CPE
Enhancements in Identity, Access & Security Capabilities Avari Towers 13th
March 2013 2 CPE
Chapter AGM & Elections ICAP 28th
March 2013 2 CPE
Ahead of threat with Security Intelligence Marriot Hotel Marriot Hotel 13th
June 2013 2 CPE
Managing Risk & Ensuring Compliance Marriot Hotel 2nd
October 2013 2 CPE
Official CISA/CISM Review Course ICAP 12th
October 2013
Business Continuity Management Marriot Hotel 27th
November 2013 2 CPE
Tenure at a glance during board term 2012-2013
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 6 of 20
Mr.Zain Ansari – President ISACA Karachi Chapter presenting souvenir to Mr. Sohail Khimani
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 7 of 20
ISACA Karachi Chapter Conducted a Presentation on Business Continuity Management – Key Concepts & Best Practices
27th November 2013 - Marriott Hotel Karachi
ISACA Karachi Chapter conducted a presentation on Business Continuity Management – Key Concepts & Best Practices
27th November 2013 Marriott Hotel Karachi
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 8 of 20
ISACA Karachi Chapter conducted a presentation on Business Continuity Management – Key Concepts & Best Practices
27th November 2013 Marriott Hotel Karachi
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 10 of 20
18th March 2014 Virtual Conference Cyber-security
Up to 5 CPE credits will be awarded for participation in the 18 March 2014 Virtual Conference. Each educational session will be worth 1.25 CPE. Educational sessions include:
Session #1: Global Cybersecurity: New and proposed rules, regulations facing modern industry
Session #2: The Other Advanced Attacks: DDoS, DNS, API, ETC
Session #3: “Industrial Cybersecurity: Is There a Cyber-Tsunami in Waiting?
Session #4: Cybersecurity and Malware: A review of Checkerboard Strategies against a Global threat, what are the options?
To earn 5 CPE credits, attendees must participate in all 4 of the above educational sessions, live or via archive. A CPE Certificate will be awarded to participants by following the steps listed below:
1. Go to the CPE tab located within the Virtual Conference environment.
2. Complete a short post-event survey.
3. At the end of survey, you will be guided to a form where you will need to enter your name and indicate which sessions you attended.
4. Upon completion of the form, you will be able to download a CPE Certificate.
Attention Internet Explorer 10 Users: A browser setting change is required before accessing your CPE Certificate.
Click here to read more.
5. Please save and/or print a copy of your CPE Certificate for your records in the case of an audit.
Viewing this event in the archive
The 18 March Virtual Conference archive will stay open for 30 days following the event. You can access the archive via the ISACA website:
https://presentations.inxpo.com/Shows/TechTarget/03-18-14_CyberSecurity/140318_ISACA_LandingPage.html?AffiliateKey=21444&AffiliateData=ISACA-ORG
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 12 of 20
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 13 of 20
ISACA International
News & Alerts
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 14 of 20
Rehan earned CGEIT
highest score in the world
2014 Renewals
2014 renewals are still open.
Renewing one’s certifications is a 2-
step process and requires paying an
annual maintenance fee and reporting
certified professional education (CPE)
hours.
ISACA Members Earn Free CPE
Date: Thursday, 13 March 2014
Time: 12PM (EST) / 11:00AM (CST)
/ 9:00AM (PST) 17:00 (UTC)
DETAILS:-
TITLE Next-Generation Firewall
Migration. Key ROI Considerations
You Can’t Miss
PRESENTER:
Randy Perry, VP, International Data
Corporation (IDC) & Jeff Anderson,
Stonesoft, VP Marketing
SCHEDULED TIME
Mar 13 2014 4:00 pm
DURATION: 60 mins
CPE policy update for 2014
As of 1 January 2014, twice the number
of continuing professional education
(CPE) hours are earned for each
examination hour when a passing score
is achieved on a related professional
examination. (Previously only one CPE
hour was earned for each examination
hour.) For example, if a certified
individual passes a related professional
examination that is 4 hours in length, 8
CPE hours are earned. This change in
CPE policy does not change what is
meant by “related professional
examination.” CISA®, CISM®,
CGEIT® and CRISC™ CPE policies
are being updated to reflect this change.
In addition to other honors, CISA and
CISM have been recognized as among
the prerequisites, in addition to relevant
secondary and tertiary education and
baseline security clearance, needed to
qualify for the Information Security
Registered Assessors Program (IRAP)
training and examinations in Australia.
http://www.asd.gov.au/infosec/irap.htm
Certification Recognition
Beginning in 2014, the candidate’s
guide and bulletin of information for
each ISACA® certification program
have been combined into one
document, the ISACA Exam
Candidate Information Guide—2014.
This combined guide includes
information about exam registration,
dates and deadlines as well as key
details on exam-day administration.
Individuals unable to register online
can do so via hard-copy using the
CISA, CISM, CGEIT or CRISC
registration form. Please note that
hardcopy (paper) registrations will
incur a US $75 fee in addition to the
normal online registration fees.
http://www.isaca.org/Certification/Pag
es/Candidates-Guide-for-June-2014-
Exam.aspx
Candidate’s guide and
bulletin of information
COBIT® 5: Enabling
Information
COBIT® 5: Enabling Information is a
detailed reference guide for the
information enabler for the governance
and management of enterprise IT
(GEIT). This guide further explains the
information model (based on the
COBIT® 5 generic enabler model) and
provides examples of fully elaborated
information entities. COBIT 5:
Enabling Information.
http://www.isaca.org/COBIT/Pages/def
ault.aspx
Webinar
on 13 March 2014
ISACA Karachi Chapter member
Mr.Muhammad Rehan Qadri, Head of
IT - UBL Fund Manager, earned the
highest (tied) score in the world on the
June 2013 CGEIT examination.
ISACA International has offered
Mr.Rehan a complimentary registration
to attend Asia-Pacific CACS in Tokyo
on May 30-31, 2014 where he will be
honoured and receive his award.
Furthermore, ISACA will share this
news in its global e-newsletter as well as
in other marketing and related materials.
ISACA International
News & Alerts
Injection of new Board
Director
After carefully reviewing candidates’
profiles, conducting interviews and
evaluating their presentation skills we
have unanimously selected two below
mentioned applicants whose names are
being forwarded to ISACA International
to be trained as CoBIT Accredited
Trainers.
1. Attaullah Memon - Deputy Director,
Inspections Department - State Bank of
Pakistan
2. Muhammad Rehan Qadri Head of IT –
UBL Funds Managers
The board congratulates Mr.Attaullah and
Mr. Rehan on their selection.
Finalization of CoBIT
Accredited Trainers
New Venue for upcoming
Review Courses
As Karachi Chapter of ISACA is the only accredited body, authorized by ISACA to conduct the Official Review Courses in Karachi. The board always try to provide best services to chapter members / non-members, exam entrants and other IT professionals who are interested in Review Courses. As previously the chapter board conducted official review courses in SBS, ICAP, SKANS & FRSH Training Center. But due to the continuous long time critical situation of the city & traffic jams, it was a demand of previous course participants and a large number of existing chapter members to conduct Review courses in any other venue which is easily reachable and located in the heart of city. In this scenario, this time the chapter has made an agreement with M/s KASBIT (KASB Institute of Technology), to provide their venue to conduct the ISACA Review Courses under the supervision and on behalf of ISACA KARACHI Chapter. This main campus is located at Nursary,Shahra-e-Faisal. The review course will be comprised of Orientation Class, Preparation Classes and Mock Test. Preparation classes will tentatively take place on Saturdays only from 9am to 6pm. This outsourcing agreement will be very beneficial for the course participants. KASBIT as a service provider will provide: a. Two separate class rooms for the participants for courses to run at their premises. b. Clear Display / Directions of class room for course participants.
c.Drinking water. d.Multimedia Projector. e.White Board, Board-Markers and duster. f.Back-up power. g.Host ISACA mock exams.
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 15 of 20
Strategic Partnership with
2nd Pakistan CIO Summit and
Expo 2014
ISACA Karachi Chapter Board has
signed an Strategic Partnership
agreement with the organizers of 2nd
Pakistan CIO Summit and Expo 2014.
This milestone will not only enable
ISACA Karachi Chapter board to
promote role of ISACA but also helpful
for Chapter Members to be a part of this
mega event of the country with no
charges.
Following are the few benefits:
1. 10x10 ft stall in the expo will be
provided to chapter.
3. Two seats will be reserved in the
summit for ISACA board members to
attend
4. ISACA representative to be a part in
the panel discussion on the session on 'IT
Security'
5. ISACA Karachi Chapter will
distribute Visitor Passes of the Expo to
its members
6. Enable members to become a private
networking forum for CIOs, IT Heads,
IT Managers, influencers, decision
makers, academia, professionals and
industry representatives in the IT sector.
The objectives of Pakistan CIO Forum
will be to network, share experience,
learn and develop human capacity of the
players involved. The forum is being
formed with the objective to bridge the
networking gap between all the
stakeholders in the industry and create a
platform for them to work together for
the benefit of the industry.
The memberships of the Pakistan CIO
Forum will be open for corporates,
professionals and students in the IT
sector only.
ISACA Karachi Chapter member can
join Pakistan CIO Forum. Membership is
free of cost
Mr.Umair Ismail has filled the board
position which fell vacant after the
resignation of Aamir Jamil. Umair
works as Head of IT Infrastructure at
Engro and holds CISM, CISM and
CRISC certifications.
The matter was discussed and
unanimously decided in the board
meeting held on January 15, 2014.
This happens to be second induction
during the period of a year. The first
induction being of Mr. Hussein Haji
after the departure of Mr. Zahir
Questawalla.
We welcome Mr. Umair Ismail as a
Director which will strengthen our
chapter board to serve the members
more effectively and efficiently.
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 16 of 20
The ISACA Bookstore offers new tools for preparing for
ISACA’s 2014 certification exams
CISA ® Review Manual 2013 CISM ® Review Manual 2013 CGEIT ® Review Manual 2013 CRISC ® Review Manual 2013 2013 Candidates’ Guide to the CISA Exam & Certification 2013 Candidates’ Guide to the CISM Exam & Certification 2013 Candidates’ Guide to the CGEIT Exam & Certification 2013 Candidates’ Guide to the CRISC Exam & Certification CISA ® Practice Question Database, CD-ROM or download CISM ® Practice Question Database, CD-ROM or download CISA ® Review Questions, Answers & Explanations Manual CISM ® Review Questions, Answers & Explanations Manual CGEIT ® Review Questions, Answers & Explanations Manual CRISC ® Review Questions, Answers & Explanations Manual COBIT 5: Implementation COBIT 5: Enabling Processes COBIT 5 for Assurance COBIT 5 for Information Security
Ways to Order these books Online: Order online at www.isaca.org/bookstore
Mail: Mail your completed order form with payment to:
ISACA 1055 Paysphere Circle Chicago, IL 60674 USA
Fax: Fax completed order form with credit card # & Expiration date to
+1.847.253.1443. Phone: Call +1.847.660.5650
Monday–Friday: 8:00 a.m.–5:00 p.m. Central Time (Chicago, Illinois, USA)
ISACA Book Store Update
Search the Bookstore online
For the complete descriptions by
product title or category.
www.isaca.org/bookstore
Contact ISACA Bookstore [email protected]
or +1.847.660.5650.
ISACA e-Library https://www.isaca.org/Knowledge-
Center/Pages/eLibrary.aspx
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 17 of 20
Country Highlights IT, IS, Telecom & related sectors
Pakistani IT experts won int’l
Cyber Drill
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 18 of 20
An eight member team of Pakistani
computer experts has participated in
an international cyber drill and won
the competition held in Kuala
Lumpur Malaysia, where 25 teams
of experts from 20 countries
participated.
The Pakistani team comprised four
members of Pakistan Information
Security Association and four
students of National University of
Science and Technology.
The event was organized by the
Asia Pacific Computer Emergency
Response Team (APCERT).
The annual drill was held to test the
response capability of leading
Computer Security Incident
Response Teams from Asia Pacific
economies.
It was the first time that APCERT
involved the participation from the
Organization of the Islamic
Cooperation– Computer Emergency
Response Team (OIC-CERT) in the
annual drill, following a
Memorandum of Understanding on
collaboration signed in Sept, 2011.
The drill was participated by 22
CSIRT teams from Australia,
Bangladesh, Brunei Darussalam,
People’s Republic of China,
Chinese Taipei, Hong Kong, India,
Indonesia, Japan, Korea, Macao,
Malaysia, Myanmar, Singapore, Sri
Lanka, Thailand, Vietnam, Tunisia,
Egypt and Pakistan.
Pakistan Cyber Crime Bill
Ready
Ministry of Law and Justice has
vetted and endorsed the
comprehensive draft of Cyber Crime
Bill which now be tabled before
cabinet.
Minister of State for Information
Technology & Telecommunications,
Mrs. Anusha Rehman said on part
of her Ministry, it is a great
achievement.
Anusha Rehman said through this
cyber crime legislation, the crimes
such as illegal access of data,
hacking, interference with personal
data and information systems,
electronic forgery, e-frauds, cyber
terrorism and e-crime against
woman would also be effectively
addressed and abuse of technology
would be checked appropriately.
The bill further adds that no person
whether it is a police officer or
investigation officer, other than an
investigating officer of the special
investigation agency, has the
authority to investigate the offence
under this Act.
E-Crime bill has suggested
following punishments for cyber/E-
crimes: (few-excerpts)
As per draft regulation, a person
accessing an information system –
any device that has processing
power, operates electronically and
stores sensitive and private data –
without authorization may face
imprisonment for up to six months
and a fine of up to Rs. 100,000 or
both. Changing content of
information system may result into
imprisonment of up to nine months
or a fine of up to Rs. 200,000.
Unauthorized destruction/deletion
of data may result into
imprisonment of up to three years or
a fine of up to Rs. 500,000 or both.
Accessing an information system
to spread panic/fear or if such access
is rated as severe cyber terrorism
then punishment can extent to
imprisonment for up to fourteen
years or a fine of up to Rs. 50
million or both.
Electronic forgery will be
punished with imprisonment of up
to two years or a fine of up to Rs.
200,000 or both.
If electronic fraud is found and
proved then guilty can face an
imprisonment of up to 5 years or a
fine of up to Rs. 10 million or both.
If someone is found guilty of
posing another person’s identity
then he/she may face imprisonment
of three months of a fine of Rs.
50,000 or both
Unauthorized interception of
private data (for example hacking
emails) can result into imprisonment
of two years or a fine up to Rs.
500,000 or both
Special protection for women: If
someone is found publicly spreading
any content (video/pictures/audio)
that may harm the reputation of
women then he/she may face
imprisonment for one year or a fine
up to Rs. 1 million or both.
ISACA International
Up Coming International Conference / Training Week Calendar
Mar – Apr 2014
Virtual
Conference
Cyber Security
Training
Week
Network Security Auditing
Training
Week
Cloud Computing:
Seeing Through the
Clouds—What the IT
Auditor Needs to Know
Training
Week
Information Security
Essentials for IT Auditors
Global
Leadership Conference
North
America CACS
Date
18th
March 2014
17-20 March 2014
14-17 April 2014
21-24 April 2014
26-27 April 2014
28-30 April 2014
Location
Online
Miami, Florida,
USA
Houston,
Texas, USA
New York, USA
Las Vegas,
Nevada, USA
Las Vegas,
Nevada, USA
New 2014 ISACA conference and educational event dates have been released. For the latest information, please visit www.isaca.org/conferences
ISACA Karachi Newsletter Jan – Feb 2014 Edition Page 19 of 20
Zain A. Ansari President
Kashif Alam Khan Vice President
M Asif Riaz Secretary
Muhammad Maad Treasurer
Umair Ismail Chair IT Governance/COBIT/CGEIT Coordinator
Abdul Rasool Hoodbhoy Chair Special Projects [email protected]
Absar Khan
Chair Communications [email protected]
Faisal Abdullah Akhawala
CISA Coordinator [email protected]
Muhammad Kamran
Chair of Academic Relations [email protected]
Muhammad Sami ul Hassan
Chair Membership [email protected]
Zainab Hameed Chair Marketing
Waqar Ahmed Khan Immediate Past President
List of Board Members, ISACA Karachi Chapter