ISACA Asia-Pacific CACS 2015 2015-03

ISACA Asia-Pacific CACS 2015
2015-03-24 CONFERENCE DAY 2
Keynote Speaker I
Mr. Gregory T. Grocholski
Vice President & Chief Audit Executive,
Saudi Basic Industries Corporation (SABIC)
Topic:
The Journey to Sleeping Well at Night
Synopsis:
Sleeping well at night is the goal and it comes easier for those that plan for it; in their
careers and in their daily life. Management has the same goal. So how do they
prepare for it? Greg will discuss today’s challenges in the assurance world as his
experience in Dow, SABIC, ISACA and life intersect in a unique way.
ISACA Asia-Pacific CACS 2015
2015-03-24 CONFERENCE DAY 2
Mr. Douglas Lui
Group General Manager, Audit & Risk Management,
The Hongkong and Shanghai Hotels Limited
Topic:
Leveraging Technology to Manage Enterprise Risk
Synopsis:
In this increasingly complex and rapidly changing business environment, a robust and
smart management tool is critical to effectively measure, monitor and mitigate risks.
How do we capture data incident? How do we respond, rectify and report them to
management and provide assurance to the Board? How is that filtered and
factored into the business unit and the company’s overall risk profile? These are
some of the fundamental requirements for an effective risk management model;
without a tool this will be laborious and potentially inaccurate and incomplete
process. In this session, we will explore an end-to-end journey from building a risk
function, its maturity from integration, standardisation to finally automation.
ISACA Asia-Pacific CACS 2015
2015-03-24 CONFERENCE DAY 2
Mr. Francis Chan
Senior Superintendent of Police,
Cyber Security and Technology Crime Bureau,
Hong Kong Police Force
Topic:
Managing the Ever Changing Cybersecurity Ecosystem
Synopsis:
Cybersecurity is no longer a concern for IT personnel only. From social media scam,
malware infiltration to cyber attack, it is a challenge to personal users, business
sector and the community at large. The speaker will relate how the Hong Kong
Police Force engages with stakeholders to form a partnership towards maintaining a
safe cyberspace through its services rendered.in process, to enhance protection of
personal information for data owners, CSP’s
and customers.
ISACA Asia-Pacific CACS 2015
2015-03-24 CONFERENCE DAY 2
Mr. Dale Johnstone
Vice-Convenor, ISO/IEC JTC1 SC27 WG1
Topic:
Information Privacy & Security Standards - New and Emerging Initiatives in
International Standards (ISO) Development
ISACA Asia-Pacific CACS 2015
2015-03-24 CONFERENCE DAY 2
Keynote Speaker II
Mr. Allan Boardman
Chair
ISACA International's Audit Committee
Topic:
Strategies for effective partnership and collaboration of audit, risk and security
functions
Synopsis:
This session will explore some of the practical difficulties and challenges that
organisations face in getting their security, risk and audit departments working
together in partnership, and will provide practical guidance and strategies for
effective collaboration and partnership.
ISACA Asia-Pacific CACS 2015
2015-03-24 CONFERENCE DAY 2
Mr. Michael Yung
Head of eProduct and Technology Planning, Asia Miles Limited;
Immediate Past President, ISACA China HK Chapter
Topic:
To Cloud or Not To Cloud
Synopsis:
Will cloud standards help cloud users to choose an appropriate cloud provider? Will
the cloud be more secured under cloud standards? What is the significance of cloud
security standard to the market development? This talk will answer those crucial
questions.
ISACA Asia-Pacific CACS 2015
2015-03-24 CONFERENCE DAY 2
Ms. Dorothy Chan
Executive Manager, Enterprise Risk Management,
Hong Kong Jockey Club
Topic:
Cyber risk – an Enterprise Wide Boardroom Priority
Synopsis:
Historically cybersecurity has been treated primarily as a technology oriented
issue. However, several recent front-page-headline cyber-attacks are serving as a
wake-up call and the C-suite is realising that cyber risk needs to be addressed in the
boardroom and become a more mainstream part of enterprise risk management
discussions. This section will explore the key elements of effective cyber risk
oversight and governance – from integrating cyber risk into the overall risk
management programme, developing and testing a robust cyber-incident response
plan and moving towards a proactive and systematic approach to cyber risk
management.