Auditing Risks and Controls in Client/Server Environments

Monday and Tuesday

March 14 and March 15, 2005

Royal Crown Conference Center, 83 Garry Street (Winnipeg, Manitoba)

8:30 AM to 4:30 PM

Presented By:

WINNIPEG CHAPTER OF THE

For further information contact

John Graeb, Seminar Chair  - (204) 632-2194, John

Omena Babalola, co-chair – (204) 946-1451, Omena

Or visit the ISACA Winnipeg Chapter web site at  isaca-wpg.org

 

 

Schedule (each day)

Registration ............. 8:00 AM to  8:30 AM
Presentation ............ 8:30 AM to 10:15 AM
Coffee Break ..........10:15 AM to 10:30 AM
Presentation ............10:30 AM to 12:00 PM
Lunch .......................12:00 PM to   1:00 PM
Presentation ..............1:00 PM to   2:45 PM
Coffee Break ............2:45 AM to   3:00 PM
Presentation ..............3:00 PM to   4:30 PM

Speaker Information

John Tannahill, CA,CISM   John is an independent Information Security and Audit Services Consultant.  His current consulting work is focused on information security in large information systems environments and networks.  Particular areas of technical security expertise include:
          Windows 2000
          Including Solaris, AIX and HP-UX
          Oracle and Microsoft SQL server
          Network and Internet security

John is a frequent speaker in the United States and Europe on the subject of Information Security.  His prior speaking engagements include:
          Presented ISACA Chapter seminars in Toronto, Pittsburgh, Houston, Washington and Winnipeg
          Presented at ISACA Training Weeks in Toronto, Charlotte, Prague and Ottawa
          Presented at ISACA Network Security Conferences in Las Vegas and Milan
          Presented many in-house 1-day to 5-day seminars
          He has spoken at ISACA, IIA, ISSA, MIS, CA conferences

Session Overview 
Today's client server application systems environments are complex in terms of technologies and connectivity between components that support the application systems. Security and Control decisions are made at many layers of the environment. In addition, many application systems are now web-enabled which introduces key security and control issues that need to be addressed. The focus of the seminar is to understand client server architectures, how to identify components and how to perform an audit of security and control mechanisms in the client server architecture including operating systems, web servers, application servers, database servers and network security components. The seminar will include:
          Live client/server environment used for demonstration and discussion purposes
          Audit case studies
          Demonstration of audit tools and techniques
          Audit checklist

Areas covered include:

Part I Client/Server Systems Architecture Components
          Client tier components
          Application tier components
          Data tier components
          System Interfaces
          Application System Functional Security
          Network Security components
          How to identify, document and evaluate

Part II N-Tier Application System Architecture Example
          System Architecture Diagram
          Explanation of key security mechanisms
          Key audit questions
          Windows NT/2000 Security Controls
          Unix Security Controls
          Application Server security Controls
          Database Security Controls

Part III Web Application Systems Architecture Example
          System Architecture Diagram
          Explanation of key security mechanisms
          Key audit questions
          Operating system security controls
          Web server controls
          Application server security controls
          Database security controls
          Network and firewall security controls

Learning Level: Advanced

Who should attend: Systems Administrators; IT and technical Operational Auditors; Information Security professionals.

Registrants will be provided with a free promotional USB storage device with course materials.

Event Costs (all prices include GST)
          Member .............................$ 730.00 (ISACA or CGA Members only)
          Non-Member ......................$ 830.00
        Group rate for 5 or more ....$ 780.00 per person

  $100.00 Early Registration discount can be deducted from the above prices if registration is received by February 1, 2005 and payment by February 7, 2005

Register ONLINE  

Event Policies

If we must cancel a course for any reason, our liability is limited to the registration fee only.

Advance Registration and Payment is greatly appreciated and Substitutions are allowed.

Cancellation Deadline: February 28, 2005.

Please refer to Chapter Cancellation & Substitution Policy   and   Privacy Policy

The speakers, topics and events are correct at the time of publishing and if unforeseen circumstances occur, ISACA reserves the right to alter or delete items from the program.   The presenters have prepared this material for the professional development of ISACA members and others.   Although they trust that it will be useful for this purpose, neither the presenters, nor ISACA can warrant the use of this material would be adequate to discharge the legal or professional liability of members in the conduct of their practices.

For ISACA Winnipeg Chapter information contact the President  or for Membership information contact the Membership Director

_________________________________________________________________________

For information about this website or to report a problem contact The Webmaster.

© 2001-2008 ISACA Winnipeg Chapter, Inc. All rights reserved.
ISACA^®, CISA^®, CISM^®, COBIT^®, ITGI^® and KNET^® are registered trademarks of the Information Systems Audit and Control Association^®.

Please read the Legal Disclaimer and our Privacy Policy