Feedback from Attendees

Upcoming  2015 Events

Oct 21, 2015
IT Leadership Strategies

Info

Oct 28, 2015
Cloud Computing Strategies
Info

Nov 4-5, 2015
IT PMO/Portfolio Management
Info

Nov 19, 2015
Software Defined Networking (SDN)
Info

Dec 3, 2015
Business Intelligence/Big Data/Analytics
Info

Dec 10, 2015
Mobile/Cloud/IoT Security
Info

Upcoming  2016 Events

Feb 4, 2016
Enterprise Risk/Security Management
Info
Dallas, TX

Feb 18, 2016
Enterprise Risk/Security Management
Info
Chicago, IL

Feb 29-Mar 1, 2016
IT PMO/Portfolio Management
Info
Las Vegas, NV

March 10, 2016
IT Leadership Strategies
Info
Chicago, IL

March 17, 2016
IT Infrastructure/Operations Management (Data Center)
Info
Chicago, IL

April 20, 2016
Data Governance Strategies
Info
Chicago, IL

April 26, 2016
Mobile/Cloud/IoT Security
Info
Chicago, IL

May 19, 2016
Digital Workplace Strategies
Info
Chicago, IL

May 25, 2016
Software Defined Networking (SDN)
Chicago, IL
Info

June 2, 2016
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

June 9, 2016
Enterprise Risk/Security Management
Info
Chicago, IL

June 23-24, 2016
IT PMO/Portfolio Management
Info
Chicago, IL

Sep 15, 2016
IT Infrastructure/Operations Management (Data Center)
Info
Chicago, IL

Sep 22, 2016
Enterprise Risk/Security Management
Info
Dallas, TX

Oct 6 , 2016
Enterprise Risk/Security Management
Info
Chicago, IL

Oct 20, 2016
IT Leadership Strategies
Info
Chicago, IL

Oct 27, 2016
Data Governance Strategies
Info
Chicago, IL

Nov 2-3, 2016
IT PMO/Portfolio Management
Info
Dallas, TX

Nov 17, 2016
Software Defined Networking (SDN)
Chicago, IL
Info

Dec 1, 2016
Business Intelligence/Big Data/Analytics
Info
Chicago, IL

Dec 8, 2016
Mobile/Cloud/IoT Security
Info
Chicago, IL

 

(Click here to add any of our upcoming events to your calendar)

 

 

Conferences that solve current IT challenges

Enterprise Risk / Security Management - Governance / Risk / Compliance

Strategies for adopting a comprehensive IT GRC (Governance/Risk Management/Compliance) approach to managing information adhering to business needs

February 17, 2010

9:00am-5:00pm

7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded

Bio   

Conference location: Donald E. Stephens Convention Center Rosemont (O'Hare) Illinois

Overview

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.

With all of these challenges, how do you make this happen?

In this one day conference, attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.

What You Will Learn

In this one day conference attendees will learn:

  • How to take control of your Risk Management Program
  • How to drive Compliance issues instead of letting them drive you
  • How to leverage the core disciplines of Risk Management to design an effective framework
  • How to leverage Your Risk Management Program to reduce cost and risk through effective Prioritization and Processes
  • The convergence of various risk and compliance topics in the context of enterprise risk management
  • How to measure the success of your risk management approach through quantitative metrics
  • How to measure the dollar value of Security & Risk Management
  • How to articulate the value of Security & Risk Management in terms line executives can understand
  • Best practices for managing compliance, security, disaster recovery and high availability
  • How global governance and risk management trends are affecting corporate enterprises

Conference Program

8:00am - 9:00am - Registration and Continental Breakfast

Cody

9:00am-10:00am

How to Adopt a Comprehensive IT Governance, Risk Management and Compliance
Approach (IT GRC)

Drake Cody, Manager, Risk Management, Allstate

In the past IT Governance, Risk Management and Compliance have existed in different silos. Currently, many IT leaders view these areas as having commonalities and interdependencies. By having a unified approach IT leaders can increase efficiencies, decrease costs and lessen risk.
In this session attendees will learn:

  • How these three areas are interdependent
  • How to gain efficiencies, lessen risk and costs through a unified approach
  • How to prevent data loss through decreased compliance deficiencies
  • How to synthesize different views, business impact, and policy across the enterprise
  • How to create a framework that is flexible in adapting to dynamic risk management priorities
  • How to leverage this discipline to give the business a more competitive edge

10:00am -10:30am - Refreshment Break

Manthey

Gyurko

10:30am-11:30am

How to Manage Risk Through an Effective Identity Management Program

Kelly Manthey, Business Practice Partner, Solstice Consulting
Peter Gyurko, Senior Consultant, Solstice Consulting

Achieving compliance with auditor requirements and maintaining a secure environment remain a top priority in today's economy. Identity management solutions help companies implement sustainable processes that drive efficiency, establish accountability, and reduce risk.

This presentation explores Identity Management from three aspects – People, Process, and Technology. Identity Management is not a technology effort alone. Establishing your IdM business processes and determining roles and responsibilities prior to purchasing or building a custom solution are key success factors to an IdM effort.

You will learn:

  • An IdM Capability Maturity Model
  • How to identify where your organization fits on the capability maturity continuum
  • Practical tips for moving further along the continuum from a people, process, and technology perspective.
  • Real world case studies on IdM implementations and problems that were addressed
  • Identity Management best practices

Phinick

Troyer

Turner

Powell

11:30am-12:30pm

How to Demonstrate IT Security’s Strategic Value to the Enterprise

Moderator: Mark Phinick, Regional Manager, BigFix
Panelists:
Kurt Troyer, Information Security Officer, Illinois Tool Works
Bill Turner, Chief Security Officer, APS Healthcare
Jim Powell, CISO /CTO (ACofS G-2/6) at US Army Reserve – Arlington Hts., IL
and other enterprise IT management

Many organizations are realizing that compliance does not mean that they are secure. Rather than rushing just to meet compliance rules and obligations in a reactive way, IT executives need to take a proactive approach of long term planning that involves both compliance and security. This will help insure the organization is meeting today’s rules, tomorrow’s expected changes and at the same time making sure the IT security organization stays secure with respect to people, data, assets, etc.
In this session, attendees will learn:

  • How to build a roadmap for information security and potential new compliance requirements
  • How to train your team to take this approach
  • How to involve the business units early on so they understand the approach you are taking
  • How to avoid building solutions to just meet specific requirements
  • How to make sure your plan is adaptable to adhere to new requirements
  • How to make sure the compliance push does not take you off track in other areas of essential security

12:30pm - 1:30pm Luncheon

Susina

Alterson

Suarez

Sullivan

Gabriel

1:30pm-2:30pm

How to Get Executive Buy-In for Your Risk/Security Management Program (panel discussion of CISOs)

Panelists:
Moderator: Steve Susina, Director of Marketing, Laurus Technologies
Panelists:
Gary Alterson, Americas Lead for IT Compliance and Risk Strategy, Zurich Financial Services
Patti Suarez, CISSP, CIPP, Senior Manager - Information Security & Compliance,MARS Information Services
Steve Sullivan, Director, IT - Information Security Officer, Central DuPage Hospital
Michael Gabriel, CISO, Career Education Corporation

Since an effective Risk Management Plan is holistic in nature and affects many different areas of the company, there are therefore many different stakeholders that will be involved. Given all of the variables, what successful strategies should you use to obtain buy-in from other executives, stakeholders and business units? In this session attendees will learn how to involve the following areas for purposes of getting buy-in and lessening risk to the enterprise:

  • How to turn corporate threats into competitive advantage
  • Budgeting strategies to help get buy-in from the business side
  • How to help executives, management and staff perceive that changes will create improvements
  • How to establish tremendous commitment at the executive level for your cause
  • How to ensure key influencers are directly involved in all aspects of the project
  • How to overcome resistance
  • How to stay on track and adhere to well-defined schedule
  • How to design a plan for training on technologies that accompany changes

2:30pm - 3:00pm - Refreshment Break

Ozkan

3:00pm-4:00pm

How to Identify Which Technologies Can Best Support Your Risk/Security Policies

Yinal Ozkan, Principal Architect, Integralis

After you determine your policies that will be the foundation of your risk management program you can then focus on the technologies that will effectively support your program.
In this session, you will learn the pros and cons of the various technologies and which mix would be best for your organization. Topics for discussion will include:

  • Identity and access management
  • Security information and event management
  • Configuration auditing
  • Content monitoring
  • Database activity monitoring
  • IT governance risk and compliance

Harris

4:00pm-5:00pm

How to Measure the Success of Your IT Risk Management Program through Metrics

Danny Harris, Manager of Information Security Policy and Awareness, The Aon Corporation

In this discussion, a seasoned IT Risk professional will show you how you can prove the success of your company's risk management program through implementing metrics.
Topics that will be covered from both a strategic and tactical metrics perspective include:

  • Asset and impact classification
  • Vulnerabilities and threats
  • Relationship between assets, vulnerabilities, network threats and controls
  • Risk calculation factors

Conference price: $249 per person.


Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)˛, Inc.

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.