Johannesburg Regional Chapter Meeting – 31 May 2016


Date: 31/05/2016
Time: 5:00 pm - 8:00 pm

Deloitte, Auditorium in Building 3



17h00 – 17h30

Registration, tea and coffee

17h30 – 17h35

Welcome and introduction

17h35 – 19h15

“Prevention, detection, response – the eye of providence for security?” by Evert Smith (Lead – Deloitte Cyber Intelligence Centre)

The information security landscape has changed so drastically over the last 5 years that traditional methods of security have been found wanting. Or has it? Security is like an onion (with apologies to Shrek) – it consists of layers. Use them all and you might just have what you need to be more resilient. But not everybody has the expertise, money and resources to enforce all the possible layers of security. In this talk, we will attempt to demonstrate how a certain combination of managed services offerings can make inroads in making companies more resilient.

Evert Smith, CISSP has 20 years information technology and information security experience. Evert is a lead in the Deloitte Cyber Intelligence Centre where he spends his time stirring and examining bubbling cauldrons of dark web chatter, Silk Road specials and hash-tag twitter noise to identify relevant risk intelligence for his clients.

20160531 Pic Evert Smith

“Building a risk-based Information Security Management System (ISMS)”

by Patrick Ryan (Managing Director, Mobius Consulting)

An Information Security Management System (ISMS) is a way to protect and manage information within an organisation based on a risk based approach. The ISO 27001: 2013 standard provides the requirements for establishing, implementing, maintaining and continually improving an ISMS. The ISO 27001 standard can often be misunderstood and may not always be interpreted in the correct manner. Based on this, Mobius have developed a practical approach to implementing an ISMS. The objective of this presentation will be to provide:

  • An overview of the ISO27001 standard;
  • a practical approach as well as guidelines to consider when implementing an ISMS; and
  • an overview of key artefacts to consider when developing an ISMS.

Patrick Ryan, CISM, CISA, CRISC, ITIL has 18 years of IT management consulting experience which has provided insight into a multitude of industries, business practices and technologies. Prior to starting Mobius Consulting, Patrick headed KPMG’s global methodology development for IT governance and sourcing and was the partner in charge of the KPMG Cape Town IT Advisory practice.

Patrick’s practical approach helps clients resolve their IT risk and compliance problems and “actualise change”. Patrick’s key focus areas are information security and IT governance.

20160531 Patrick Ryan

19h15 – 20h00:

Cocktail and networking

Remember that attendance at chapter meetings counts towards CPE hours.

Please remember that attendance at ISACA events have cost implications for the chapter. We respectfully ask members not to arrive at events unless you have confirmed your attendance by the due date. Likewise, if you have confirmed your attendance, please endeavour to attend the event.

NOTE: By attending this event, the registrant grants permission to be photographed/audio-taped/video-recorded during the event. The resulting photographs/audios/videos may be used by ISACA SA for future promotion of ISACA SA’s educational events on ISACA SA’s website, social media pages and/or in printed promotional materials. By attending this event, the registrant consents to any such use. The registrant understands any use of the photographs/audios/videos will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs/audios/videos now or in the future.


Bookings are closed for this event.