Resources
Downloads
Download a new research paper submitted by
chapter member Milton Lee of Wells Fargo Bank.
Network Infrastructure Security
Presentations From Events:
Get presentations from the 2008 Fall Conference Here
Get presentations from the 2009 Fall Conference Here
Get presentations from the 2010 Fall Conference Here
MARCH 23, 2007 - IAPP PRIVACY PANEL PRESENTATIONS
Alex Fowler - How privacy Affects the Auditor and Security Manager
Barbara Lawler - Privacy Overview (IAPP)
Doron Rotman - Conducting Privacy Audits - an Overview
Rena Mears, D&T - 2007 Privacy Panel
MAY 4, 5 and 6, 2006 - End User and Network/Application Security - FULL DAY
Send In The Clones - The Fact and Fiction of Identity Theft, and What The Difference Can Mean for Your Organization
When things go wrong - Real examples of the results of losing your common sense online
Windows Server 2003 security
Application (Oracle) Controls
April 20, 2006 - Integrating COBIT DOMAINS into the IT Audit Process - Lance Turcato, CPA, CISA, CISM
Integrating COBIT Domains into the IT Audit Process.pdf
COBIT Audit Report Template.doc
COBIT Audit Universe Mapping Detailed.doc
COBIT Audit Universe Mapping HighLevel.DOC
COBIT Control Assessment Questionnaire Template.DOC
COBIT Joint Risk Assessment Report to Management template.doc
COBIT Questionnaire Template General.doc
COBIT Questionnaire Template Security.DOC
COBIT v3 to FFIEC Mapping.doc
Metrics Evaluation Template .doc
Sample Engagement Memo .doc
March 16, 2006 - Project Management - Jan Bono, Partner, Ernst & Young Click Here
November 17, 2005 - Change Management - Salil Durani, Director of IT Operations, Siebel Systems Click Here
October 20, 2005 - IT and Security Standards - A Practical Approach to Implementation, Mark Lundin, Senior Manager, KPMG LLP Click Here
2005 SF ISACA Fall Conference - Topics, Speaker Bios, Presentations
September 26 - 28, 2005 Click Here
2004 SF ISACA Fall Conference - Topics, Speaker Bios, Presentations
October 2-4, 2004
2003 SF ISACA Fall Conference - Presentations NOT on Conference Proceedings CD - September 22-24, 2003
-
C2 - Auditing Applications
Speaker: Maria Shaw - Deloitte & Touche
-
C3 - Introduction to Security Auditing
Speaker: Carey Carpenter - Deloitte & Touche
-
C5 - IT Architecture
Speaker: San Sri - Deloitte & Touche
-
C8 - IT Risk Assessments
Speaker: Kevin Fried - Deloitte & Touche
-
C10 - Business Continuity Management
Speaker: Rob Yewell & Neville Morcom - Deloitte & Touche
-
L2 - Laws of Vulnerabilities
Speaker: Gerhard Eschelbeck, CTO & VP Engineering - Qualys
-
S5 - Monitoring Risk and Control of Business Initiatives
Speaker: Tim Stephens, Tom Magee, & Jan Bono - Ernst & Young
-
S6 - Privacy - SB1386 - Cybersecurity
Speaker: Scott Pink, Deputy Chair of the American Bar Association's Cybersecurity Task Force and Special Counsel- Gray Cary
May 20, 2003
COBIT As An Audit & Risk Management Tool (CACS Conference)
Speaker: Lance M. Turcato, Charles Schwab & Co., Inc.
Joint Risk Assessment Report Template
Control Assessment Questionnaire
Engagement Memorandum Template
January 16, 2003
Network Firewall Security
Speaker: Kurt Kruse and Brett Anderson, Wells Fargo
Checkpoint Firewall Audit Program
Network Firewall Security Presentation
April 3, 2001
Establishing Effective Audit Control Objectives for UNIX
Speaker: Rick Allen- Deloitte & Touche
Morning Session
Afternoon Session
December 12, 2000
Audit, Control & Security of Oracle RDBMS
Speaker: Mary Ann Davidson
Luncheon Presentation
October 17, 2000
Wells Fargo Audit Services
Speaker: Randy Melby, Charles Hughes, and Tim Stapleton
Luncheon Presentation
Afternoon Seminar Presentation
[Top]
March 21, 2000
Secure Network Communications
Speaker: Deloitte & Touche, LLP
Luncheon Presentation
Afternoon Seminar Presentation
July 20, 1999
An Overview of Trends in Network Security & Controls
Speaker: Kathleen Macina, Charles Schwab & Co., Inc.
Audit, Control & Security of TCP/IP
Speaker: Edmund Lam, University of California--Office of the President
March 16, 1999
Project Management For IS Auditors & Security Professionals
Speaker: Brenda Bernal, Charles Schwab & Co., Inc.
Security Awareness: What Every Auditor Should Know About Information Security
Speaker: Lance Turcato, Charles Schwab & Co., Inc.
Speaker: James O'Neil, Ernst & Young, LLP.
Speaker: Patrick Heim, Ernst & Young, LLP.
February 16, 1999
Legal and Regulatory Developments Related to Cyberspace
Speaker: Kevin O'neil, KPMG.
December 15, 1998
Internet Resources For IS Auditors & Security Professionals
Speaker: David Fong, Charles Schwab & Co., Inc.
November 17, 1998
Auditing The Development of Web-Based Applications
Speaker: Jian Zhen, Charles Schwab & Co., Inc.
Web Site Design & Development
Speaker: Brian Goldston, Information Architect Consultant
October 20, 1998
Auditing Web & Firewall Technologies For Electronic Commerce Web Sites
Speaker: Ed Ehrgott, Charles Schwab & Co., Inc.
Audit / Evaluation Tools & Utilities
NOTE: Prior to installing/executing any software, the code should be carefully reviewed and tested prior to use on any production or mission critical machines. This reduces the risk of any malicious code that may have been embedded into the software.
Computer Oracle and Password System (COPS) - Computer Oracle and Password System is a free set of programs that checks UNIX systems for security problems.
Internet Security Scanner(ISS)
SATAN
Tripwire
Isof - Lists any open files.
TCP_Wrapper Program - Permits additional control on access to hosts on the system and provides tracking logs.