Topic: Re-Engineering IT and Controls using ISACA control frameworks, ITIL and ISO 27001
12:30 pm - 1:30 pm Registration & Networking
2:00 pm - 2:10 pm ISACA and ISSA Chapter Announcements
2:10 pm - 4:00 pm Presentation in the Main Showroom
4:00 pm - 5:30 pm Social Event/ Happy Hour (Lila B. Lounge)
After a disastrous CRM deployment on Oct 31, 2003, AT&T Wireless lost between 100-350M in one calendar quarter, enough to put the industry leader in GSM mobile service on the auction block. In the first year of accelerated filing for SOX 404, AT&T Wireless had to reengineer IT and pass its first SOX audit with zero deficiencies - in 10 months. There was zero time to allow for trial and error in our control design, implementation, testing, and documentation: it had to be done right on the very first try or the merger with Cingular, expected to be the largest cash acquisition in the history of the US, was off.
This presentation covers a case study of leadership under pressure, using ISACA control frameworks, with ITIL and ISO 27001 in order to design and implement a control framework that all four audit firms called “a thing of beauty” and that prompted a six sigma study of our incident identification, management, and response processes. We will examine lessons learned about effective IT security and have time for Q&A.
The speaker, Karen Worstell, was the CISO and VP of IT Risk Management for AT&T Wireless and led the successful SOX effort for the acquisition of AT&T Wireless by Cingular including all IT infrastructure controls and a total re-engineering of Disaster Recovery for AT&T Wirelesses data centers in a ten month period.
Thursday, 14. December 2017 - 14:00 till 17:30