2014 October - FULL Day Session

When: October 1, 2014 - 0800-1630
Where: RTP HQ
Registration: Website
ISACA-RTC Members - $50 (Log in to register)
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $75
All Others: $100

CPEs: Upto 8

Handouts: RCA And OAI

Session I Root Cause Analysis (0800-1200)
Have you ever communicated a recommendation only to discover the implemented recommendation didn’t resolve the problem? Do you feel like you identify symptoms of problems? Does your organization use the Band-Aid approach to correcting communicated audit findings? If you answered yes to any of these questions, this course is for you.

Root cause analysis is a process to identify and resolve the root cause behind problems to prevent recurring failures. As part of the audit process, root cause analysis is an essential element of communicating findings and determining the corrective actions.

While management should perform root cause analysis, they often don’t have the time and will simply implement a recommendation provided by the auditors. This means that auditors must complete a root cause analysis. However, identifying the root cause is hard and often overlooked by auditors. Moreover, the root cause may be politically sensitive when communicated by auditors.  Objectives include:

  • Develop the foundation for effectively root cause analysis
  • Understand and apply the root cause analysis methods to problem solving
  • Explore tools and techniques for analyzing causes

Session II Optimized Audit Interviewing (1300-1700)
Interviewing is a very important skill in the internal audit process.  To effectively communicate and ease the concerns of the auditee is as an important as an effective audit process.  This half-day course will take attendees through the entire interview process, learning best practices for each step and how to manage different personality types.  Objectives include:

  • Overview of best practices in audit interviewing, including personality types and interview preparation.
  • Learn the step-by-step audit interview process and learn best practices for each step.
  • Learn how to listen actively and read physical cues.

Speaker: Danny Goldberg
Danny M. Goldberg is the Founder of GOLDSRD (www.GOLDSRD.com), a leading provider of Staff Augmentation, Executive Recruiting and Professional Development services.  Previous, Danny led the Professional Development and Executive Recruiting Practices at Sunera.  Mr. Goldberg re-purchased his practice that he sold to Sunera in 2011. Prior to joining Sunera in January 2011, Danny founded SOFT GRC, an advisory services and professional development firm.  Danny has over 16 years of audit experience, including five as a CAE/Audit Director at two diverse companies.

October 16 2014 - InfoSeCon

The Triangle InfoSeCon is on October 16. 2014. This event is organized annually by the local ISSA chapter.

Get more info at www.triangleinfosecon.com.

Download the conference brochure

ISACA K. Wayne Snipes Award Honorable Mention

ISACA has recognized the Research Triangle Chapter with an honorable mention in our region for 2013. Honorable mentions are given to chapters who did not win the K. Wayne Snipes award, however, still excelled as a top chapter throughout the year.

2014 November - Building An Effective Partnership With IT Providers

When: November 6, 2014 - 1300-1630 (Please Note: This is a THURSDAY)

Where: RTP HQ

Registration: Website


ISACA-RTC Members - Free (Log in to register)

Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $25

All Others: $40

CPEs: Upto 3

Building An Effective Partnership With IT Providers For Audits, Risk Assessments and Compliance

Handout: Will be uploaded when available

Session Summary

Information Technology departments can appear to be complex organizations that are hard to understand and interface with; much less assess risk or compliance. Over the course of this discussion, we will explore ways to partner with IT units to better understand them and their compliance challenges. The presenter and audience will discuss methods to build effective measures of compliance, and create mutually beneficial programs that not only assess compliance, but help to reduce risk. This program is intended to be interactive and the audience will be encouraged to participate. The target audience is auditors and security professionals charged with understanding or assessing IT risks.

Speaker: Stan Waddell

Stan Waddell, a senior information technology specialist, joined the University of North Carolina at Chapel Hill as Executive Director and Information Security Officer on July 1, 2010.

Read more: 2014 November - Building An Effective Partnership With IT Providers

CPE Policy Updates

The following clarifications and changes to the ISACA certification CPE policies have been made.   These modifications were approved by the Credentialing and Career Management Board and went into effect 1 January 2013.  They are universal and apply equally to all ISACA certifications.

  1. Reconsideration and Appeal: Individuals whose certification has been revoked due to noncompliance with the CPE policy and who later appeal for reinstatement may incur an additional reinstatement fee of US $50. This reinstatement fee is effective for those reinstated after 1 January 2013 (when the revocation had been outstanding more than 60 days) and is in addition to any back or current certification maintenance fees needed to bring the certified individual in compliance with the CPE policy.
  2. Calculating CPE Hours: CPEs can be reported in quarter hour increments. One CPE hour is earned for each fifty (50) minutes of active participation (excluding lunches and breaks) for qualifying ISACA and non-ISACA professional educational activities and meetings. CPE hours can be earned in quarter hour increments and can also be reported in quarter hours (rounded to the nearest quarter hour).
  3. Exam question development and review (no limit): For those serving on an ISACA committee/task force that is responsible for exam question review, evidence of actual hours for the formal item review process will be provided.
  4. Contributions to the profession (20-hour annual limit): CPE hours are earned for the actual number of hours contributed.

For complete details, please visit the updated CPE policies at:

-CISA:  www.isaca.org/cisacpepolicy

-CISM:  www.isaca.org/cismcpepolicy

-CGEIT:  www.isaca.org/cgeitcpepolicy

-CRISC:  www.isaca.org/crisccpepolicy

Should you have any questions on any of these changes, feel free to contact the ISACA Certification Department at This email address is being protected from spambots. You need JavaScript enabled to view it. or +1.847.660.5660

2014 December - Cyber Threats And Trends

When: December 3, 2014 - 1300-1630

Where: RTP HQ

Registration: Website


ISACA-RTC Members - Free (Log in to register)

Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $25

All Others: $40

CPEs: Upto 3

Cyber Threats And Trends 2014

Handout: Will be uploaded when available

Session Summary

How do you ensure the security of your data is preserved in a way that stays one step ahead of the bad guys? Unfortunately, criminals - domestic and abroad - are relentless in searching for creative new ways to obtain money and/or intellectual property from companies and their clients. Today's cybercriminals are innovative and organized. This is your opportunity to hear the FBI share current case studies and offer tangible suggestions for what you can do to mitigate your cybersecurity risks to keep your company and clients from being victimized.



A representative from the Charlotte Division of the FBI will present.

More Articles...

  1. New CPE Reporting System
  2. Research Opportunities

Page 1 of 2

Loading feeds...

Affordable Custom Logo Design


The Source For IT Governance Professionals

This award-winning bimonthly publication delivers practical, professional knowledge through peer-reviewed articles focused on topics critical to IT audit, governance, security and risk professionals.

More Information


ISACA Research 

ISACA actively promotes research that results in the development of products that IT governance, control, assurance, risk and security professionals can use to add value to their enterprises. ISACA research also informs information technology management and users about IS controls and the critical role they play in their organizations.

More Information


ISACA Knowledge Center - Where Networking and knowledge intersect

ISACA's IT Professional Networking and Knowledge Center is a meeting place for IT professionals who share common professional interests. Participants can consume information, exchange expertise and experience, and build new understanding through collaboration. A wide range of disciplines and practices powers this global professional community, making it a truly unique and holistic resource.

More Information



Find the latest articles on the latest topics here.

More Information