Risks and Controls in Cloud Computing: Updated ISACA Schedule

The 2011 SF ISACA Fall Conference schedule for next Tuesday has been updated.

T2 In-Depth Seminar Risks and Controls in Cloud Computing, which I wrote about earlier, has the following changes.

  1. The presenters will not be required to speak to NIST cloud audit guidance. Each is expected to present their own.
  2. Amazon will now open and close the seminar. The panel moderated by PwC at the end of the presentations has been replaced by the PCI DSS QSA firm for Amazon, IO Active. In between the AWS presentations will be salesforce.com and myself.

Presenters:

  • Chad Woolf, Compliance Leader, Amazon Web Services
  • Scott Gregory, Information Security Compliance Leader, Amazon Web Services
  • Robert Fly, Head of Product Security, salesforce.com
  • Crispen Maung, Sr. Director of Technology Audit and Compliance, salesforce.com
  • Davi Ottenheimer, President, flyingpenguin
  • Robert Zigweid, Principal Security Consultant, IO Active

Session Abstract:

Do you want to know where data resides in the cloud? How data is protected and secured in the cloud? Who has access to your data? What happens when your cloud provider dissolves? Is there a disaster recovery plan. Find the answers to these questions and the latest risks, controls and audit guidelines in the Cloud Computing environment in a one day track that will be presented by leading cloud providers and control experts. Each presentation is interactive and will include a Q&A session. You will find yourself confident about your understanding of the risks and controls in Cloud Computing after this daylong session.

This should be a spirited and detailed look at the current state of compliance in the cloud. Hope to see you there.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.