ITAC19 1609x579 Lincoln v3

Post-Conference Workshops

W1 Coming soon!

Thursday July 26, 2018 
12:15 PM – 5:15 PM
Half-Day, 6 CPEs
Shawna Flanders, Director of Instructional Technology and Innovations and Senior Trainer, MISTI

Description coming soon!

W2 Understanding and Conducting Effective Digital Presence Audits

Thursday, July 18, 2019  
12:15 PM – 5:15 PM
Half-Day, 6 CPEs 
Shawna Flanders, Director of Instructional Technology and Innovations and Senior Trainer, MISTI

Marketing is continually improving to address changing customer expectations and demands. Today’s consumer / customer bases many purchase decisions on digital content, so enterprises must ensure their digital brand is appealing to today’s consumer.

In this half-day workshop we will describe the challenges facing enterprises today and what assurance activities are needed to assess the reasonable effectiveness of the controls that safeguard today’s digital presence.

By the end of this workshop attendees should have a better understanding of digital presence, the impacts of artificial intelligence and the role audit plays in assessing digital marketing efforts today and in the future.

In this workshop you will learn:

  • What is a digital presence: website; social media; email marketing; online advertising
  • What artificial intelligence has to do with digital marketing—what AI can predict
  • Features of common digital marketing platforms
  • What is adware and what does it do
  • How are marketing efforts influenced by current and changing privacy regulations
  • Social media risks
  • What is a part of a digital presence audit
    • Inventory of your digital presence (and your leading competitor)
    • Business model / return on investment (ROI) expectations and goals
    • Lead generation, outreach and closing deals
    • Website analytics, Google Analytics and search engine assessments
    • Paid advertising ROI
    • Content generation / marketing
    • Social media marketing
    • API’s and how they drive customers to or away from sites, I.e. “ease of use”
    • Company website security: registration, access, administration, content, encryption
    • Digital marketing cloud provider vendor assessment

W3 Understanding DevOps

Friday, July 27, 2018  
8:00 AM – 5:00 PM
One-Day, 8 CPEs 
Brad Coons, Risk & Compliance Manager, Atlassian
Guy Herbert, IT Risk & Compliance, Atlassian

Latest rage or future of software development? That is the question in software development shops today. Is DevOps just another passing fancy that will fade away in a few years? Or does its structure have the promise with withstand the test of time and be the gold standard in the years to come? In this workshop we will provide the basics about DevOps and why it is an important for IT auditors to develop a working understanding of DevOps no matter your company’s current state of deployment.

Learning Objectives:

  • Describe DevOps: What it is and how it works?
  • Understand why DevOps? Overview of current and historic trends including the transformation from Waterfall to Agile to DevOps
  • Learn the benefits of a DevOps approach: Lessons learned from the trenches
    • How DevOps aides in meeting software security obligations
    • How DevOps can improve SDLC
  • Gain insight into how DevOps can aide in compliance with industry standards and regulatory compliance
  • Explore an interactive simulation of a DevOps pipeline
  • Address DevOps and software development from an auditor’s perspective

W4 Ethical Hacking For Auditors  (Hands-On)

Friday, July 27, 2018
9:00 AM – 5:00 PM
One-Day, 8 CPEs
Lee Neely, Cybersecurity Expert, Lawrence Livermore National Lab

An Ethical Hacker exposes vulnerabilities in software to help business owners fix those security holes before a malicious hacker discovers them. In this workshop, you learn all about what Ethical Hacking is and how you, as an auditor, can use some of these tools to assess the effectiveness of your company’s controls. Your laptop and mobile device are recommended to get the most out of this workshop.

Learning Objectives:

  • Hacking Fundamentals
  • Common vulnerabilities and threats to computer networks and software applications
  • Common tools of the hacker’s trade
  • How to hack using social media
  • Fundamentals of password cracking
  • How they hack a wireless network; cell phone; website; and web server
  • How the use SQL Injections and Cross Site Scripting in hacks and prevention techniques

Level: Basic



  • July 16-18: Main Conference Program