Agenda

  • Friday, October 11, 2019
  •  
    10:30 AM  -  11:20 AM
    The Emperor's New Cybersecurity Audit Clothes

    Presenter:  Andrew Turner, Executive Director, Enterprise Technology Audit JPMC

    Description:  In the famous Hans Christian Andersen tale of The Emperor's New Clothes, everyone was made to believe there were shiny new clothes protecting their leader when in fact it was just an illusion. Don't let your audit coverage of cybersecurity be an illusion. In this session we will discuss the principles of building and operating a world class cybersecurity audit function.

    Speaker Bio:  Andrew recently took up the newly created role of Technology Audit SME and Emerging Technology Risk Lead for the JPMC IT Audit Department. Prior to that, Andrew was responsible for establishing and leading a global audit team of approximately 30 staff focused on cybersecurity and techno logy controls and represented Audit on the various senior cybersecurity governance forums across the firm. During his 20 years in the firm in both the US and UK, Andrew has lead IT Audit coverage across a range of areas within Retail and Wholesale lines of business and IT Infrastructure. Andrew is a member of the USSS Electronic Crimes Task Force, FBI lnfraguard, FS-ISAC, and has been a guest lecturer at the University of Delaware in both graduate Cybersecurity and IT Audit programs. Prior to JPMC, Andrew was Global Head of IT Audit at Prudential UK after spending 10 years in IT and Management Consultancy. Andrew holds a Bachelor's degree in Mathematics and Physics from the University of Manchester, is a Member of ISACA and the British Computer Society, and holds a Certified Ethical Hacker (CEH) qualification.

    Learning Objectives:

    • How to create a world class Cybersecurity Audit Team
    • Ensuring cybersecurity audit coverage is thorough and comprehensive
    • Preparing for the Regulators
    • Ensuring the Cybersecurity Audit Team is always audit-ready
    • Looking for the next big threat


    Presentation Method:
    Group-Live
    Program Level: Basic
    Category: Specialized Knowledge & Applications
    Prerequisites/Advance Preparation: None
    Recommended CPE Hours: 1

    12:30 PM  -  1:20 PM
    Agile Auditing
    Presenter:  Gemma Cook, Executive Director, Enterprise Technology Audit at JPMC

    Description: Audit departments are probably the last place you expect to find agile teams. Popularized in start-ups and application development, agile has been identified as the most effective and efficient framework for managing programs and projects. In this session, we explore how agile can be leveraged within audit team, obtain unexpected benefits, and become the new way of doing audits.

    Speaker Bio: Gemma is the Senior Audit Practices Director for the Technology Audit team at JP Morgan Chase and is currently leading a series of programs to transform the audit team to increase collaboration and digitization.

    Gemma holds an Executive MBA, a BS from Aston University. Gemma also holds certificates from Harvard, Dartmouth, and Cornell. Gemma has her CISA, and CISM certifications, is a Six Sigma Master Black Belt, an accredited Scrum Master, Agile Coach, Agile Trainer, and is a founding members of the Americas 'Agile in Audit' industry group.

    Learning Objectives: 

    • Review common misconceptions and 'Myths' of Agile
    • Understand the differences between 'waterfall' and 'Agile' Audits
    • How Agile Audits work
    • Agile team structure, tools and overcoming scaling challenges
    • Setting Expectations and Measuring Success

    Presentation Method: Group-Live
    Program Level:
    Basic
    Category:
    Specialized Knowledge & Applications
    Prerequisites/Advance Preparation:
    None
    Recommended CPE Hours:
    1



    1:30 PM  -  2:20 PM
    Auditing the Cloud

    Presenter: Mario Figueroa, Managing Director, Enterprise Technology Audit at JPMC and Duy Nguyen, Executive Director, Enterprise Technology Audit at JPMC


    Description
    : Cloud has become an important technology driving change within many organizations and across industries. Internal Audit Departments should understand the various cloud operating models, benefits and risks associated with the cloud and key cloud vendors. Additionally, we will discuss and review several of the key cloud vendor.


    Speaker Bio
    :

    Duy is an Executive Director within the Technology Audit at JPMC and is a team lead within the Global Technology Audit team. Duy is responsible for coverage of Platform Services which consist of technologies such as Hadoop, Grid Computing, Cloud Foundry and Amazon Web Services.

    Duy is responsible for the cloud audit strategy and works across the various audit teams to ensure overall coverage. Prior to JPMC, Duy worked in consulting, information security, and information technology. Additionally, Duy is a graduate of Louisiana State University and its Center of Internal Audit program.


    Learning Objectives:

    • Overview of cloud
    • Operating Models
    • Key Cloud Vendors
    • Key Controls and Processes

    Presentation Method: Group-Live
    Program Level: Basic
    Category: Specialized Knowledge & Applications
    Prerequisites/Advance Preparation: None
    Recommended CPE Hours: 1

Top