board of directors 2006 - 2007

Mike is currently president of SecureNet Technologies; a consulting firm that focuses on information systems security practices defined by NIST for the US Federal Government and required under the Federal Information Security Management Act (FISMA).  Mike has over 23 years of experience in the Information Technology arena and has extensive experience in data communications architectures and security - from planning through deployment. He has held positions leading application development and support in both the mainframe and client/server environments. Mike has served as the SF Chapter’s Communications Chair, Second VP, First VP and is an active contributor to the Fall Conference Planning Committee.  He has represented the chapter at numerous ISACA International and Western Region Conferences.  Mike holds a Bachelors Degree in Communications Studies from California State University, Sacramento and an MBA from the University of Phoenix. He is a graduate of the Duke University Fuqua School of Business Executive Management Program with an emphasis on Telecommunications Management. He is a Certified Information Security Manager (CISM), a Certified Information System Auditor (CISA) and a Certification and Accreditation Professional (CAP). He is certified at the Foundation Level in the Information Technology Infrastructure Library (ITIL).  Mike also belongs to the Information System Security Association (ISSA) and is a Certified Information Systems Security Professional (CISSP).

Kevin is currently serving as the 1st Vice President for the San Francisco ISACA Chapter, and has been a member of the organization since 1995. Kevin has participated on the board and in a variety of chapter committees during his membership with the SF Chapter. Kevin is a Partner within Deloitte & Touche's Enterprise Risk Services practice in San Francisco. In this capacity, Kevin leads the delivery of a variety of Information Technology consulting and audit services to numerous companies throughout the Bay Area. Kevin has more than fourteen years to Information Technology consulting and audit experience in a variety of industries. Kevin has a BS in Information Systems Management and Accounting from California State Polytechnic University, Pomona.

Kevin looks forward to working with Chapter members and leadership to expand the Chapter's contribution to the IT Audit profession and accelerate the careers of Chapter members.

Conny is currently 2nd Vice President for the San Francisco ISACA Chapter. Previously she served as Director, Chapter Secretary and on the 2003 Fall Conference Committee. Conny is a Manager in Deloitte & Touche's San Francisco office Enterprise Risk Services Practice. An integrated audit professional, Conny has extensive experience in both financial audits and information technology audits. She currently specializes in COSO Internal Control Framework implementation, SAS 70 reviews, information technology internal audits, financial industry network security compliance for PIN and key management reviews. She has served prominent clients including Visa, Intel, Cisco, Calpine, Oracle and McKesson. Conny has earned a BS degree in Business Administration with concentration on accounting from Walter Haas School of Business, University of California, Berkeley. Conny is a Certified Public Accountant (CPA), Certified Information Systems Auditor (CISA) and Certified Fraud Examiner (CFE).
 

Ashok Kumar works at KPMG within their Advisory Services Practice focusing on Information Risk Management and SAP based ERP Applications. He has over the years participated as a consultant and provided leadership to various information systems integration and implementation projects. He also has extensive experience assessing and reviewing internal controls for SAP R/3 financial system. He has performed both external and internal audit assessment and review of SAP application, security and general controls as part of SOX compliance attestation process. He has advised companies to achieve compliance with the Capability Maturity Model (CMM) and on Project Management and Control methodologies. He has been a member of ISACA for the last 3 years and has regularly volunteered for the organizations programs and events. He looks forward to contributing to the growth and development of the chapter and encourages further participation of the members and the IT audit industry. He has earned his CISA and PMP Certifications. Ashok also holds a Masters Degree in Computer Science and a Bachelors Degree in Biomedical Engineering.
 

Sandy is currently Senior Internal Auditor for PG&E Corporation’s Information Technology Audit group. Sandy has been an internal auditor at PG&E Corporation for over 8 years. During that time, Sandy has performed reviews of systems under development, web infrastructure security, disaster recovery, and various other areas to assess the efficiency and integrity of financial systems.  Sandy has served as past Associate Trustee and Membership Chairperson for the San Francisco Chapter of the Institute of Internal Auditors.  Sandy holds a BS degree from the University of California, Berkeley and is a CPA and CIA.  Sandy also recently earned the CISA designation. 

Mike is the immediate past President and current Fall Conference Co-Chair for the SF-ISACA Chapter. Mike is Vice President & Technology Risk Manager for Wells Fargo Services responsible for IT Regulatory Compliance. Previously, he was responsible for Sarbanes-Oxley 404 systems testing, technology compliance, audit liaison services, and controls effectiveness testing. He has over 25 years of Information Systems security and IT audit experience. Mike was previously a partner at Ernst & Young and Arthur Andersen over their information systems security and audit groups over a span of nine years. He has managed several IT Internal Audit departments for two large California banking institutions. He has focused on IT audits and security of mainframe and enterprise environments providing professional consulting services to Fortune 1000 companies across all industries. Having just moved to the Bay Area in July 2002, he became involved with the SF ISACA Chapter right away. He also served for two years as Vice President on the Board of Directors for ISACA International. Mike is a Certified Information Systems Auditor (CISA) and a Certified Information Systems Security Professional (CISSP).
 

Christina is a Director for SF-ISACA. She was the President in 2003/2004 and 1st Vice President and the Communications Committee Chair in 2002/2003. She also has served as Treasurer for two years and was on the Communications Committee in 1999 and 2000. Christina is a Senior Manager for Audit & Enterprise Risk Services at Deloitte & Touche. She earned her BS degree in Business Administration from the University of California, Berkeley with concentrations in Accounting, Finance and Economic Analysis. Christina is a CISA,  CISSP and a SSCP. She also holds the certificates in Information Systems Management and Network Management from the University of California Santa Cruz (UCSC) Extension. Christina is a CTM (Competent Toastmaster) and a soloist in Chinese Classical Dance. She looks forward to working with the other outstanding members of the Board to bring new value-added services to our members.
 

Beverly is the current VP and Manager of Information Services Audit at the Federal Home Loan Bank of San Francisco (FHLBSF).  Prior to joining FHLBSF, Beverly worked for Bank of America as an Audit Consultant in Technology Audit.  She has over 30 years of professional experience with assignments in management, internal audit, operations, training, construction management, and community services.  A graduate of Golden Gate University, she has BS Degree in Finance and a MBA in Information Systems.  We welcome Beverly’s support to assist the chapter with facilitating the membership growth and reward opportunities.
 

Todd is currently serving as a Director for the San Francisco ISACA Chapter, and has been an active volunteer with the chapter for several years including the most recent two years as Chair of the Education Committee. As Lander International’s Regional Recruiting Director for the Western United States, Todd enjoys visiting audit, information security, and consulting departments throughout Northern California, and he is in daily contact with Directors, Managers and staff level professionals from around the region. Todd strives to extend the role of executive recruiter to be a true career counselor, and in June 1999 he was honored by the California Association of Personnel Consultants with its coveted "Consultant of the Year" award. Before entering the field of Executive Recruitment, Todd worked for several years for a local Big 5 public accounting firm. He is a graduate of UC Berkeley. He is also a professional classical musician, having spent four years performing with the Philharmonic Orchestra of Santiago, Chile and more recently performing with a number of Bay Area ensembles including the San Francisco Symphony.

Todd looks forward the challenge of leading the chapter during a year in which we are hosting the CACS conference. In addition to hosting CACS, Todd's goals for the chapter will focus on outstanding execution in providing quality educational programming, communications and the CISA Review course. He will also seek to expand our base of volunteers to offer more members the rewarding experience of volunteering to support chapter activities.

Lisa is currently serving as Director for the SF ISACA Chapter.  She has been an active ISACA Board member for the past six years serving various elected positions including past president.  Lisa is the manager for the Enterprise Risk Management program at California State Automobile Association (CSAA).  Prior to CSAA, Lisa has worked at Washington Mutual (formerly Providian) in both audit and risk management functions.  Lisa managed the risk and controls process documentation efforts in the credit card services area (i.e. what was Providian), facilitating and training business owners enterprise-wide in the risk and controls process. Lisa's other experience includes her role as a senior information systems auditor at then-Providian and thirteen years at the Department of Justice, where she worked in audit-related areas.  Lisa has a Masters in Public Administration from San Francisco State University and a Bachelors degree from UC-Santa Barbara.
 

Bill was last year's Secretary of the Chapter. He has served the Chapter in various capacities since 1983, including Director, Secretary, Treasurer, 2nd Vice President, and President (1988/89). He has also chaired the Chapter's Membership and Program Committees. Bill has been an information systems auditor since 1973, first with Fireman's Fund, and currently retired from Bay Area Rapid Transit. He is a CISA (having passed the first exam in 1981 with the third highest score) and also holds the CFE and CGFM certifications. Bill is a graduate of UC Berkeley and also earned an MBA at Northwestern University.
 

Tim Stapleton is currently a member of the Education Committee. He has worked on past Fall Conferences by organizing the volunteers and assembling conference materials. Tim is a CISA, and holds a CCSA certificate. Tim is a Risk Management Consultant with Wells Fargo Bank. Earlier at Wells, he was an auditor covering special business initiatives and emerging technologies. Prior to Wells, he worked at Bank of America (Y2K), Citibank (ATM and internet project management) and the Federal Reserve Bank of San Francisco (EDP Auditor). Tim holds a Masters degree in Accounting and a Bachelors degree in Philosophy.

Michele Ling is currently a member of the Education Committee and will be serving her first year as a Director on the Board.  She has volunteered at past Fall Conferences and continues to play an active role in the ISACA community.  Michele is a Manager in the PricewaterhouseCoopers Security practice, specializing in information security and risk management.  Michele has experience in delivering security services to a variety of clients in financial services, public utilities, manufacturing, and other industries.  She is a CISA and holds a Bachelor of Science degree in Computer Science from Georgetown University.

Angie is currently a Manager in the Technology Risk Practice at Protiviti.  Prior to joining Protiviti, Angie was a consultant in Arthur Andersen's Risk Consulting practice in Chicago.  Over the last few years she has been working primarily on IT Audits as well as Sarbanes-Oxley Compliance and Business Continuity engagements.  A graduate of Northern Illinois University, she has a BS in Operations Management.  Angie is new to ISACA and is joining this year as the Volunteer Committee Chair.  She looks forward to many continued years of service with the Chapter. 

Jim is the Operations Risk Manager for Consumer Credit Group Strategic Marketing at Wells Fargo.  His responsibilities include risk management, compliance & privacy issues, vendor management oversight, and audit liaison services.  Jim has over ten years of professional experience in financial, operational, and IT auditing.  He has also lead system development projects at major corporations. As a consultant, he has provided information security consulting, built e-commerce web sites, and installed local area networks. Jim is a Certified Information Systems Auditor (CISA).

Vikram Panjwani is a manager with the Systems and Process Assurance practice of PricewaterhouseCoopers at San Francisco. He is responsible for controls assurance in the financial services industry. Vikram has over six years of diverse experience on various cross-functional cross-industry assignments in the areas of BS 7799 security controls design, review and implementation, ERP Process Controls and Security reviews, Business Process Integration and Improvement, Functional reviews and procedures designing in both Finance and Operational areas, Operational Risk Assessment, Design and Documentation of business processes (manuals for procedures and MIS/reporting controls), Applications and Procedural Controls Review, Systems Studies, Operational Audits and Internal Audits. Vikram is a Chartered Accountant, CISA and a CISSP

Brian Alfaro has over three years of experience that spans the areas of information technology controls assessment, network security, and information privacy analysis. Brian is a Consultant in the Audit & Enterprise Risk Services (AERS) practice at Deloitte. Brian also obtained experiences prior to joining Deloitte in 2002. Most recently, Brian has focused on providing risk and control analysis for clients that utilize Enterprise Resource Planning (ERP) systems regarding application security and business process controls. Brian has served SFISACA in various Director roles in the past three years.

Jason is currently a Senior Consultant with Deloitte’s Security & Privacy Services group.  Prior to joining Deloitte, he was a VP/Information Security & Privacy Officer with Merrill Lynch where he performed progressive roles with a focus on technical compliance and IT risk management.  He graduated from the University of Western Ontario with a BA in Administrative & Commercial Studies.  In addition to the CISA, he also has obtained the CISSP, CIA, Certified Information Privacy Professional (CIPP) and NASD Series 7.  He has previously assisted the local ISACA chapter with the CISM review course.