ISACA Asia-Pacific CACS 2015 2015-03-24 CONFERENCE DAY 2 Keynote Speaker I Mr. Gregory T. Grocholski Vice President & Chief Audit Executive, Saudi Basic Industries Corporation (SABIC) Topic: The Journey to Sleeping Well at Night Synopsis: Sleeping well at night is the goal and it comes easier for those that plan for it; in their careers and in their daily life. Management has the same goal. So how do they prepare for it? Greg will discuss today’s challenges in the assurance world as his experience in Dow, SABIC, ISACA and life intersect in a unique way. ISACA Asia-Pacific CACS 2015 2015-03-24 CONFERENCE DAY 2 Mr. Douglas Lui Group General Manager, Audit & Risk Management, The Hongkong and Shanghai Hotels Limited Topic: Leveraging Technology to Manage Enterprise Risk Synopsis: In this increasingly complex and rapidly changing business environment, a robust and smart management tool is critical to effectively measure, monitor and mitigate risks. How do we capture data incident? How do we respond, rectify and report them to management and provide assurance to the Board? How is that filtered and factored into the business unit and the company’s overall risk profile? These are some of the fundamental requirements for an effective risk management model; without a tool this will be laborious and potentially inaccurate and incomplete process. In this session, we will explore an end-to-end journey from building a risk function, its maturity from integration, standardisation to finally automation. ISACA Asia-Pacific CACS 2015 2015-03-24 CONFERENCE DAY 2 Mr. Francis Chan Senior Superintendent of Police, Cyber Security and Technology Crime Bureau, Hong Kong Police Force Topic: Managing the Ever Changing Cybersecurity Ecosystem Synopsis: Cybersecurity is no longer a concern for IT personnel only. From social media scam, malware infiltration to cyber attack, it is a challenge to personal users, business sector and the community at large. The speaker will relate how the Hong Kong Police Force engages with stakeholders to form a partnership towards maintaining a safe cyberspace through its services rendered.in process, to enhance protection of personal information for data owners, CSP’s and customers. ISACA Asia-Pacific CACS 2015 2015-03-24 CONFERENCE DAY 2 Mr. Dale Johnstone Vice-Convenor, ISO/IEC JTC1 SC27 WG1 Topic: Information Privacy & Security Standards - New and Emerging Initiatives in International Standards (ISO) Development ISACA Asia-Pacific CACS 2015 2015-03-24 CONFERENCE DAY 2 Keynote Speaker II Mr. Allan Boardman Chair ISACA International's Audit Committee Topic: Strategies for effective partnership and collaboration of audit, risk and security functions Synopsis: This session will explore some of the practical difficulties and challenges that organisations face in getting their security, risk and audit departments working together in partnership, and will provide practical guidance and strategies for effective collaboration and partnership. ISACA Asia-Pacific CACS 2015 2015-03-24 CONFERENCE DAY 2 Mr. Michael Yung Head of eProduct and Technology Planning, Asia Miles Limited; Immediate Past President, ISACA China HK Chapter Topic: To Cloud or Not To Cloud Synopsis: Will cloud standards help cloud users to choose an appropriate cloud provider? Will the cloud be more secured under cloud standards? What is the significance of cloud security standard to the market development? This talk will answer those crucial questions. ISACA Asia-Pacific CACS 2015 2015-03-24 CONFERENCE DAY 2 Ms. Dorothy Chan Executive Manager, Enterprise Risk Management, Hong Kong Jockey Club Topic: Cyber risk – an Enterprise Wide Boardroom Priority Synopsis: Historically cybersecurity has been treated primarily as a technology oriented issue. However, several recent front-page-headline cyber-attacks are serving as a wake-up call and the C-suite is realising that cyber risk needs to be addressed in the boardroom and become a more mainstream part of enterprise risk management discussions. This section will explore the key elements of effective cyber risk oversight and governance – from integrating cyber risk into the overall risk management programme, developing and testing a robust cyber-incident response plan and moving towards a proactive and systematic approach to cyber risk management.
© Copyright 2024