Complimentary webinar: Auditing your Information Security Program

Instructors: Yo Delmar, Dan Swanson
Product ID: 702942
  • Duration: 60 Min

recorded version

1x Person - Unlimited viewing for 6 Months
(For multiple locations contact Customer Care)
Recorded Link and Ref. material will be available in My CO Section

Customer Care

Fax: +1-650-963-2556


Read Frequently Asked Questions

Why Should You Attend:

Recent information security breaches have shown that even the most reputed organizations make fundamental mistakes when implementing their information security programs. While almost everyone patches network vulnerabilities, they often ignore application security, database encryption etc., which sometimes lead to catastrophic results.

A well-managed information security program (and/or unit) has robust plans, procedures, goals, objectives, trained staff, performance reporting, and ongoing improvement efforts. The security program must also specifically mitigate risks in satisfying key business objectives, and this traceability must be clear. Your information security audit should confirm that key risks to the organization are being identified, monitored, and controlled; that key controls are operating effectively and consistently; and that management and staff have the ability to recognize and respond to new threats and risks as they arise. In today's era of advanced persistent threats, it is critical to have an effective information security audit program.

Join this session with Dan Swanson, President and CEO of Dan Swanson and Associates and Yo Delmar, Vice President of GRC Solutions at MetricStream.

Key Discussion Points are:

  • GPlanning for Information Security Audits in a Constantly Evolving Threat Landscape
  • Audit Approach for Evaluating Organizations Information Security Program & Defense-in-Depth Strategy
  • Linking Information Security Audit to the Risk & Control Framework
  • Reporting Information Security Audit Findings to the Board
  • Issues to Watch Out For

Instructor Profile:

Dan Swanson, CMA, CIA, CISA, CISSP, CAP - President and CEO, Dan Swanson & Associates. Mr. Swanson is a 25-year internal audit veteran, who was the Director of Professional Practices at the Global Office of the Institute of Internal Auditors (IIA). Prior and subsequent to the IIA, Mr. Swanson was an independent management consultant for more than 15 years. He has completed audit projects for more than 30 different organizations, spending almost 10 years in government auditing, at the federal, provincial, and municipal levels, and the rest in the private sector, mainly in the financial services, transportation, and health sectors.

Mr. Swanson led the writing of the OCEG internal audit guide for use in auditing GRC programs and also participated in the SEC sponsored COSO small business task force efforts to provide guidance for small to medium public companies regarding internal control over financial reporting. The author of more than 200 articles on internal auditing and other management topics, Mr. Swanson is currently an independent management consultant and freelance author.

Yo Delmar, Vice President - GRC Solutions, MetricStream. Ms. Delmar comes to MetricStream with over 30 years of experience in Information Technology and Management, with a focus on Governance, Risk and Compliance over the past 10 years. Most recently, as Director, GRC, EMC Consulting, Ms. Delmar was responsible for launching GRC Advisory Services for the Security and Risk Management Practice of EMC's consulting division.

Prior to EMC, through her own company, Delmar Consulting, Ms. Delmar held interim executive positions at GRC and Security Risk Management companies and provided advisory services to F1000 on the implementation of GRC programs. Prior to Delmar Consulting, Ms. Delmar was President of SPL WorldGroup Americas, a mid-sized systems integration firm and the Senior Vice-President of Technology at SHL Systemhouse, managing 300 people through global operations of over 40 offices.

Ms. Delmar holds a B.Sc. (Honors) in Mathematics and Computer Science and an M.B.A. from Dalhousie University in Canada. She is also a Certified Management Consultant (CMC), Certified in Governance of Enterprise IT (CGEIT), and a Certified Information Security Manager (CISM).

Follow us :
ComplianceOnline Banking Summit 2016 | Risk Management and Data Security - 80390SEM
21 CFR Part 11 Compliance for SaaS/Cloud Applications - 80202SEM

Product Reviews

This product hasn't received any reviews yet. Be the first to review this product! Write review

Best Sellers
You Recently Viewed