Symposium Agenda
The agenda, topics, speakers and time allotment is subject to changes without prior notification.
Andre Pitkowski |
Los Cambios que Ameritan los Tiempos en Nuestra Ejecución. - Governance - Information and Cyber Security - IT Audit/Assurance - IT Risk BE AN ACTIVE ENABLER OF TRANSFORMATION THAT LEADS TO OUR ONE COMMON FUTURE 204-205 - CASE STUDY
Case Study: The Experience of Generali Group in Implementing COBIT 5 After completing this session, you will be able to: Learn about the implementation of different framework and good practices in order to define the process framework focused on the enterprise goals
|
Pedwar Castillo |
202 - Auditoría Continua
Auditoría Continua: Tendencia Global de la Auditoría Al final de esta conferencia los participantes habrán comprendido los principios fundamentales que yacen en el concepto de la auditoría continua y por qué razón esta es la tendencia global de los departamentos de auditoría interna para planificar, ejecutar y emitir resultados oportunamente. BIO
Associate Partner CaseWave Analytics Pedwar Castillo es asesor en el área de Auditoría y Tecnología de la Información y es miembro de consejo directivo de NextPoint, Srl, empresa dedicada a la consultoría de negocios y tecnología. Graduado de Ingeniero en Sistemas y Computación en la Pontificia Universidad Católica Madre y Maestra (PUCMM), con un Magister en Administración Estratégica de la misma Universidad. Pedwar Castillo cuenta además con una Especialidad en Gerencia de la Calidad y Productividad del Instituto Tecnológico de Santo Domingo (INTEC). Adicionalmente posee una Certificación de Caseware Analytics y Auditoría Continua, Certificación COBIT 5 e ITIL Foundations, así como la ISO 31000 Risk ManagerITIL. Posee vasta experiencia en Gobierno Corporativo de TI basado en Normas como 38500, así como en COBIT; Dirección Ejecutiva y Planeación Estratégica; Gerencia y Administración de Proyectos; Evaluación de Riesgo de Tecnología de Información (práctica de Information Risk Management); Prácticas de Monitoreo y Auditoría Continua; Evaluación y selección de Plataformas Tecnológicas; Implementación de software en diversos sectores de la Industria, Análisis de productividad, análisis-rediseño y/o mejoras de procesos y estructura organizacional; Alineación y detección de brechas para cumplimiento de Riesgo Operacional, entre otras áreas. Ha sido Decano de la Facultad de Negocios de la PUCMM, así como profesor de la Escuela de Gestión Financiera y Auditoría de la misma Universidad. Ha desarrollado importantes proyectos a nivel de auditoría y asesoría para empresas y multinacionales a nivel de República Dominicana y diversos países de Latinoamerica en diferentes sectores de la Industria. Pedwar Castillo es miembro activo del Information Systems Audit and Control Association (ISACA), siendo en la actualidad Director de Mercadeo del Capítulo en República Dominicana. |
Dr. Ralph Otero |
302 - Fundamentos Preventivos contra el Fraude
Fundamentos Preventivos contra el Fraude: Una Mirada Multidisciplinaria BIO
Catedrático Universidad de Puerto Rico Dr. Ralph Otero is a Security Management Practitioner, Private Investigator, Guest Lecturer, and Academic Educator within the Security Management field in the Caribbean and Latin America Region for the past thirty (30) years. He has held Investigations and Security Management positions to include: Security Director with the Puerto Rico Ports Authority, AT&T Corporate Security (for the Caribbean & Latin America (CALA) Region; with offices in Atlanta, Georgia, Miami, Florida, Mexico City, Mexico and San Juan, Puerto Rico); Puerto Rico Telephone Company and Mitel Corporation; a Canadian based PBX Telecommunications Manufacturing Company. He served with the US Armed Forces where he was honorably discharged as an Infantry specialist. Otero has served as advisor to the Puerto Rico House of Representatives (Penal Judiciary Commission) on Telecommunications/Information Systems Security Issues as well as to the Pontifical Catholic University of Puerto Rico for the first Bachelor degree Program in Puerto Rico in Security Management. He presently serves as Editorial Board Member for two distinguished academic journals: the Journal of Applied Security Research Prevention and Response in Asset Protection Terrorism & Violence, Routledge Taylor & Francis Group, US & UK and the Journal for the Puerto Rico Forensic Association. He is the author of multiple articles and publications and is the author of three text publications: Security Issues of the 90’s in Corporate America: Federal Sentencing Guidelines for Organizations; Telecommunications & Computer Fraud 1996, ¿Misión Imposible? Los Espías de la Nueva Era Empresarial 2002, and Fundamentos de las Ciencias de Seguridad para el Siglo XXI 2009. Otero holds a Bachelor of Science in Criminal Justice degree from University of Central Texas, a Master of Arts in Criminal Justice degree from Interamerican University of Puerto Rico, a Graduate Certificate in Forensic Sciences from Universidad del Turabo in Caguas, PR and a Doctorate (Ph.D.) degree in Behavioral Sciences from Universidad Complutense of Madrid, Spain, European Union. Please visit www.DrRalphOtero.com |
Omar Sánchez |
304-305 - Conducting a Penetration Test on an Organization
Conducting a Penetration Test on an Organization: Live Simulation This presentation is intended to define the base criteria for penetration testing and risk assessment. It will provide a high level understanding of the items required within a report as well as a structure for the report to provide value to the audience. BIO
CIO/CISO Docutek Services He spent 18 years working in different areas of Information Technology. His beginnings as a cryptography operator and communications specialist.During his career he has been working in Consulting, Integration, Support and Training. He has been specialized on Hospital Electronic Data protection, HIPAA-HITECH Security Risk Assessment, penetration testing and security compliance. Also provide services to companies of all sizes nationwide and specialize in the IT services for Healthcare and Professional Services industries. He currently serves as CIO and CISO in the leading business and technology consulting company DocuTek. |
Olga M. Ortiz Ramírez |
206 - Cumplimiento Regulatorio de las Agencias
Cumplimiento con las Regulaciones de los Sistemas de Información en las Entidades Gubernamentales de Puerto Rico Orientación sobre los requerimientos de las leyes, políticas y otras regulaciones de los sistemas de información aplicables a las entidades gubernamentales de Puerto Rico. BIO
Gerente de Auditorías de Tecnología de Informacíon Oficina de la Contralora de Puerto Rico Olga M. Ortíz Ramírez es Gerente de Auditorías de Tecnología de Información de la División de Auditorías de Tecnología de Información de la Oficina del Contralor de Puerto Rico. Posee 18 años de experiencia en las auditorías de sistemas de información de las entidades gubernamentales.Graduada de Bachillerato en Administración de Empresas con concentración en Contabilidad y Administración de Recursos Humanos. Posee las certificaciones:
|
Larry Lliran Miranda |
306 - Vendor & Third Party Management Relationships
Vendor & Third Party Management Relationships With current trends such as Software as a Service (SaaS) and Cloud Computing, the volume of outsourced products and services has surged in recent years, so, too, have the risks associated with vendors and third-party providers. This is occurring in all the industries including financial services, healthcare, media, retail and others. Each day more organization are relying on third-party vendors to manage operations and processes. The urgency to address this risk is further driven by recent massive and highly publicized security breaches at several large companies, and the resulting public and regulatory scrutiny of the way personal data is managed in a global IT environment. On this presentation we will discuss from the basic Vendor Risk Management practices any organization should follow to new practices necessary to address emerging risks. BIO
IT and Operations Internal Audit Manager EVERTEC, Inc. Mr. Lliran is an Information Technology professional with over 14 years of managerial and hands-on experience in Information Security, IT Audit, IT Compliance, Data Center Operations, IT Risk, systems solutions design and implementation, project management, networking, service management and system support. He is a goal oriented professional with the capacity of managing multiple tasks and resolving complex issues while working in a fast paced high demanding environment. Larry has the ability of working with the business areas serving as a trusted advisor to establish strategic and tactical goals that better fits business needs. He currently holds the position of IT Internal Audit Manager for EVERTEC, Inc., holding company which provides merchant acquiring, payment processing and business process management services in Puerto Rico, Caribbean, Central America and South America. His responsibilities includes leading the EVERTEC’s information technology reviews including SOX ITGC Procedures, Disaster Recovery Tests, Information Security, Regulatory Reviews (PCI, VISA PIN, GLBA, others) and other information technology related audits. Prior to joining EVERTEC, Larry worked as Vendor Relationship Manager and Information Security Officer (ISO) for First Bancorp, publicly owned financial holding company and parent corporation of FirstBank Puerto Rico. His responsibilities included the development of the Information Security Policies, Information Security strategy development, evaluation and selection of security solutions, corporate IT compliance with federal and local regulations, the performance monitoring of IT related Third Parties, Technology Procurement and the corporate business continuity/contingency strategies. Additionally he has previous experience as consultant providing Information Technology advisory to clients in diverse industries and, devising and implementing systems solutions to enhance and secure their networks. Larry is former president of the Information Systems Audit and Control Association (ISACA) Puerto Rico chapter, former member of the ISACA International Membership Grown and Retention BOD Committee and active member of InfraGard (association between the FBI and the private sector dedicated to sharing information and intelligence to prevent hostile acts against the United States). |