december 2016 - isaca.org.hk · online career survey for the cyber security, it ... mid-december...

15B, Yam Tze Commercial Building, 23 Thomson Road, Wanchai, Hong Kong, China www.isaca.org.hk [email protected]

23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE 04 December 2016

Contents

3

5

7

9

Message from the President/

Chapter News

IT Governance Achievement Awards - Press

Conference

Annual Dinner 2016

2017 Board of Directors

Membership News

Highlights Workshop in Hong Kong

Highlights - Workshop in Shanghai

Highlights Joint Hiking with IIA HK

11

12

13

14

18

19

Other Chapter Events in Oct Dec

2016

Upcoming Events in Jan Mar 2017

External Events / News

Technical Article

Quiz of Chapter Newsletter

ISACA International and Chapter

Contacts


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 2


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 3

Message from the President Dear Members and Friends,

As the year of 2017 begins, I am delighted to share with you important news on our certifications. 4 of our certifications,

including CISA, CISM, CRISC and Cybersecurity Nexus CSX (fundamental & practitioner) have been recognized by the Hong Kong

Monetary Authority (HKMA), along with some other professional qualifications, as the prerequisite qualifications for the role

ofAssessorwithin the Cyber Resilience Assessment Framework (CRAF). This reflects the high regard on ISACA and its

certification programs, and holders of these certificates will definitely benefit from better professional and industrial recognition.

As a continuation of what we did in past years, we will continue to serve the community with our professional services and

activities. With the support from OGCIO, ASTRI, Cyberport and HKSTP, we are introducing the first-ever IT Governance

Achievement Awards in Hong Kong. The aim of the Award is to foster public awareness on IT Governance and to recognize the

achievements of forerunning organizations. Details of the awards were unveiled at a press conference held on 1 December

2016 and are also detailed in this newsletter. Also, we have commissioned the City University of Hong Kong to conduct an

online career survey for the Cyber Security, IT Risk and IT Audit industry in Hong Kong. The survey was completed in

mid-December 2016 with overwhelming response from the member community. The result will be formally released in Q1 with

a view to letting the IT and related domains have a better understanding of the recent IT security job market and the job

prospect of the practitioners in the industry in Hong Kong. We ourselves will also have a clearer picture on the value of ISACA

membership and certifications to memberscareer development. I would like to take this opportunity to thank you all for your

participation.

Commencing in 2012, our 6th Annual Conference will be held on 16 March 2017 at the Regal Hong Kong Hotel in Causeway Bay.

This years theme is Inspiration and Challenges of IT Governance vs Cybersecurity - 2017 and Beyond. We have invited a

number of seasoned cyber security professionals from around the world. The conference, together with the pre- and

post-conference workshops, is an event that every member should join to gain insights into how to secure the cyber space from

the IT Governance perspective. It is also a good networking opportunity for our professional practitioners. It is not to be missed

by any member. Hope to see you all there!

The Chapter will continue to organize various activities and seminars so as to help members keep abreast of the latest

developments in the field and create more networking opportunities with peers in the industry. As the New Year commences, I

wish you all a Healthy and Prosperous year of the Rooster.

Regards,

Simon Chan

President, ISACA China HK Chapter


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 4

4 ( CISACISMCRISC

Cybersecurity Nexus CSX)()

(Cyber Resilience Assessment Framework)

OGCIO

ASTRICyberportHKSTPIT

2016 12 1

2016 12

2017 3 16 6

()


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 5

Chapter News

IT Governance Achievement Awards - Press Conference

ISACA China Hong Kong Chapter is now organizing the first-ever IT Governance Achievement Awards in Hong

Kong, to foster the public awareness of IT Governance and to recognize the achievements of forerunning

organizations in leading Hong Kong to be one of the worlds most reliable IT hubs.

A press conference was held on 1 December 2016 at the Craigengower Cricket Club to introduce the background

and procdures of the Awards to the medias as well as announcing the Awards will begin on that day. Since it is the

first time to have this Awards organising in Hong Kong, it was our great honor to invited Dr. Franklin Tong, CEO of

ASTRI, Mr. Herman Lam, CEO of Cyberport and Mr. Jeffrey Chan, the President of CPA Australia - Greater China to

join us on that evening and participated during the ribbon cutting ceremony.

Since it is the first time to have this Awards organising in Hong Kong, it was our great honor to invited Dr. Franklin

Tong, CEO of ASTRI, Mr. Herman Lam, CEO of Cyberport and Mr. Jeffrey Chan, the President of CPA Australia -

Greater China to join us on that evening and participated during the ribbon cutting ceremony.


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 6

The aim of the award is to increase the public awareness of IT Governance, and to recognize the outstanding

achievements of organizations in both public and private sector in contributing in the promotion and

adoption of IT Governance practices. For that, it is our pleasure to have OGCIO, ASTRI, Cyberport and HKSTP

as the supporting organisations of this award.

The nomination period is from 1 December 2016 to 1 February 2017 and the judging committee will

evaluate the nominees' information and decide the winner for each of the two categories which are IT

Governance Achievement Award in Public Sector and IT Governance Achievement Award in Private Sector. A

winning organization will be selected from each category and the results will be announced in March 2017.

For more information about the awards, please go to http://www.isaca.org.hk/awards/.

We look forward to your active participation!

http://www.isaca.org.hk/awards/


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 7

Chapter News

Annual Dinner 2016

The ISACA China HK Chapter Annual Dinner lights up the evening of 12th November, as a signature

moment in 2016, thanks to all the honorable guests, generous sponsors, contributors and attendees. At

the AGM, Mr. Simon Chan, the President of ISACA China Hong Kong Chapter, reported the events and the

achievements of the Chapter in 2016.

The annual dinner was well attended by distinguished guests from various sectors including government

officials, Legislative Council members, officers from statutory bodies, president and chairman from IT

associations and our chapter members.

The gala celebration opened by an encouraging speech from Mr. Simon Chan. There were two exciting

programs brought full house laughter and happiness was the dance performance and the beer

competition. The program ended, yet the pleasure remains to the coming New Year.


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 8

Chapter News

2017 Board of Directors

Position Name

President Mr. Simon Chan

Secretary Mr. Kenneth Wong

Vice-President, Professional Development, Treasurer Mr. Leroy Yau

Vice-President, Membership and Programs Mr. Ernest Chan

Vice-President, China South Mr. Keith Yuen

Vice-President, China North Mr. Samuel Sinn

Immediate Past President Mr. Michael Yung

Program Director Mr. Raymond Chan

Program Director Mr. Harry Ngai

Membership Director Mr. Richard Lam

Academic & Student Members Relations Director Mr. Luke Ma

Certification Director Mr. Welland Chu

Professional Development Director Mr. Henry Shek

Professional Development Director Mr. Sean Lin

Research Director Mr. Epsilon Ip

Social Media Director Mr. Tony Diao

China South Director Mr. Terence Tang


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 9

Highlights Workshop in Hong Kong Topic: Auditing Business Continuity Management

On 24 October 2016, ISACA China Hong Kong Chapter organized a one-day workshop on the topic of Auditing

Business Continuity Management. Mr. Ken Doughty (CISA, CRISC, CBCP, CRMA, CPRM) was invited to be share his

experiences and knowledge to the participants. This workshop was aimed to assist the participants to understand

the business continuity process and how to perform an audit of the business continuity management from crisis

management through to business continuity plan.

Highlights Workshop in Shanghai

Topic: Auditing IT Projects

On 27 October 2016, Mr. Ken Doughty also conducted a one-day workshop in Shanghai for the Chapter

Members in Shanghai. The topic was Auditing IT Projects which gave an overview of Project

Management Framework (with reference to PMBoK) and an overview of Project Governance (with reference

to AS8016 Corporate Governance of IT Projects).

Membership News


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 10

Membership News

Highlights Joint Hiking with IIA HK

On 6 November 2016, ISACA China HK Chapter and IIA HK co-organized a social networking event Joint

Hiking. All participants gathered at Shau Kei Wan at 9am that morning and started the route all the way to

Cape D Aguilar. It has definitely provided us with a relaxing morning to meet new friends as well as enhancing

the friendships with existing ones.


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 11

Other Chapter Events in Oct Dec 2016

Date Type of Event

20 October CPD Seminar (Hong Kong)

Topic: ISO27001:2013 Information Security Management System - Overview

24 October Workshop (Hong Kong)

Topic Auditing Business Continuity Management

27 October Workshop (Shanghai)

Topic Auditing Business Continuity Management

29 October CISA Review Course (Beijing)

29 October CISA Review Course (Shenzhen)

6 November Joint Hiking with IIA HK

12 & 19

November CISM Review Course (Hong Kong)

24 November CPD Seminar (Hong Kong)

Topic: Privacy law compliance in the big data era

26 November CRISC Review Course (Hong Kong)

26 November CISA Review Course (Shanghai)

1 December ISACA China Hong Kong Chapter Annual Dinner 2016

1 December IT Governance Achievement Awards Press Conference


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 12

Upcoming Events in Jan Mar 2017

Date Type of Event

18 January CPD Seminar (Hong Kong)

Topic: Managing SaaS-specific risks for cloud customers

15 February One Day Worskhop

Topic: SAP Security Fundamental

21 February CISA & CISM Briefing Seminar (Hong Kong)

23 February CPD Seminar (Hong Kong)

Topic: Artificial Intelligence for Anti-Fraud

15 March One Day Worskhop

Topic: Cyber Crime & Fraud One step forward, two steps back?

16 March Annual Conference

Topic: Inspiration and Challenges of IT Governance vs Cybersecurity - 2017 and Beyond

17 March One Day Worskhop

Topic: Securing and Embracing the Digital Universe


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 13

External Events / News in Oct Dec 2016

Month Events Event Details

Oct

Hong Kong ICT Awards 2017: The 8th Best .hk Website Awards Supporting Organisation

Hong Kong ICT Awards 2017: Best Business Solution Award Supporting Organisation

ISACA Singapore Chapter - CSX 2016 Asia Pacific conference Supporting Organisation

Nov

Hang Seng Management College - HSMC Computing Cup Supporting Organisation

Internet Society Hong Kong - Asia Internet Symposium Hong Kong Supporting Organisation

Professional Information Security Association - How Mirai Botnet &

IoT took down the Internet? Supporting Organisation

Dec

Supporting Organisation

Technical seminar "Gazing Through the Crystal Ball: Cyber Security

2017 V Predicting The Good, The Bad and The Ugly" Supporting Organisation

2016 Supporting Organisation


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 14

Technical Article

Smart Sustainable Cities Need Well-governed Disruptive IT, Not Just IT

Writer: Graciela Braga, CGEIT, COBIT Foundation, CPA

Most people live in cities, so they enjoy or endure city attributes as part of their day-to-day lives. Because those lives

may be complicated and busy, people may see the impact and benefit of IT only when it is not there: failures, service

unavailability, loss of physical devices, low battery, natural disasters and so on.

When discussing the impact of IT on cities, some questions arise: How have cities been transformed by IT? Can this

transformation be measured? What are the benefits and risk factors of the transformation? Is this transformation a

necessity? Do people still desire life in a non-IT city?

Cities, Smart Cities and Smart Sustainable Cities

The definition of city has evolved and IT has been an enabler for that evolution. A city is defined as an urban

geographical area with one (or several) local government and planning authorities. A smart city is a new concept and

a new model that applies to the new generation of information technologies, such as the Internet of Things (IoT),

cloud computing, big data and space/geographical information integration, to facilitate the planning, construction,

management and smart services of cities.

A smart sustainable city is an innovative city that uses information and communication technologies (ICTs) and other

means to improve quality of life, efficiency of urban operation, and services and competitiveness, while ensuring

that it meets the needs of present and future generations with respect to economic, social, environmental and

cultural aspects.


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 15

If IT is an enabler for a smart sustainable city, four (or more) questions need to be answered:

1. How does a city get value from the use of IT?

2. How can a city best exploit new technology, such as cognitive technology, for new strategic

opportunities?

3. How does a city manage performance of IT?

4. Are end users/citizens satisfied with the quality of the IT service?

Read More please click HERE.

http://www.isaca.org/Journal/archives/2017/Volume-1/Pages/smart-sustainable-cities-need-well-governed-disruptive-it-not-just-it.aspx


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 16

Code of Professional Ethics

ISACA sets forth this Code of Professional Ethics to guide the professional and personal conduct of members of

the association and/or its certification holders.

Members and ISACA certification holders shall:

1. Support the implementation of, and encourage compliance with, appropriate standards and procedures

for the effective governance and management of enterprise information systems and technology,

including: audit, control, security and risk management.

2. Perform their duties with objectivity, due diligence and professional care, in accordance with professional

standards.

3. Serve in the interest of stakeholders in a lawful manner, while maintaining high standards of conduct and

character, and not discrediting the profession or the Association.

4. Maintain the privacy and confidentiality of information obtained in the course of their activities unless

disclosure is required by legal authority. Such information shall not be used for personal benefit or

released to inappropriate parties.

5. Maintain competency in their respective fields and agree to undertake only those activities they can

reasonably expect to complete with the necessary skills, knowledge and competence.

6. Inform appropriate parties of the results of work performed; revealing all significant facts known to them.

7. Support the professional education of stakeholders in enhancing their understanding of the governance

and management of enterprise information systems and technology, including: audit, control, security

and risk management.

Failure to comply with this Code of Professional Ethics can result in an investigation into a member's or

certification holder's conduct and, ultimately, in disciplinary measures.

From: http://www.isaca.org/Certification/Code-of-Professional-Ethics/Pages/default.aspx


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 17

ISACA

ISACA /

ISACA

1.

2.

3.

4.

5.

6.

7.

/

http://www.isaca.org/About-ISACA/History/Documents/ISACA-Code-of-Ethics-ChinaSimple.pdf

http://www.isaca.org/About-ISACA/History/Documents/ISACA-Code-of-Ethics-ChinaSimple.pdf


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 18

Quiz of Chapter Newsletter/

Question:

Please state the supporting organizations of the IT

Governance Achievement Awards.

If you know the answer to the above question, please email

your answers with your name, ISACA membership no., email

address and mobile phone number to [email protected]

before24 February 2017.

Three winners will receive a souvenir from ISACA China Hong

Kong Chapter and will be informed via email. A souvenir is

available on first-come-first -served basis.

:

IT .

2017 2

24 (ISACA

)

[email protected]

ISACA

3

http://www.eventbrite.com/org/420292597

http://www.facebook.com/isacachinahkchapter

http://www.flickr.com/photos/isacachinahk

http://hk.linkedin.com/in/isacachinahk

http://www.twitter.com/isacachina

http://weibo.com/isacachinahk

mailto:[email protected]:[email protected]://www.eventbrite.com/org/420292597http://www.facebook.com/isacachinahkchapterhttp://www.flickr.com/photos/isacachinahkhttp://hk.linkedin.com/in/isacachinahkhttp://www.twitter.com/isacachinahttp://weibo.com/isacachinahk


23 15B Tel: (+852) 8101 2801 Fax: (+852) 8101 2802

ISSUE

04 PAGE 19

ISACA International Contact

ISACA

Chapter Contact

ISACA China Hong Kong Chapter

15B, Yam Tze Commercial Building

23 Thomson Road

Wanchai, Hong Kong

Telephone: +852.8101.2801

Fax : +852.8101.2802

E-mail : [email protected]

Website : www.isaca.org.hk

Office Opening Hours:

Monday 09:00 18:00

Tuesday 09:00 18:00

Wednesday 09:00 18:00

Thursday 09:00 18:00

Friday 09:00 18:00

Saturday, Sunday & HK Public Holidays Closed

23

15 B

+852.8101.2801

+852.8101.2802

[email protected]

www.isaca.org.hk

:

09:00 18:00

09:00 18:00

09:00 18:00

09:00 18:00

09:00 18:00

Address:

3701 Algonquin Road, Suite 1010, Rolling Meadows,

IL, 60008 USA

Phone : +1.847.253.1545

Fax : +1.847.253.1443

Online Feedback Form:

www.isaca.org/About-ISACA/Contact-Us/Pages/Cont

act-Form.aspx

:

3701 Algonquin Road, Suite 1010, Rolling Meadows,

IL, 60008 USA

: +1.847.253.1545

: +1.847.253.1443

:

www.isaca.org/About-ISACA/Contact-Us/Pages/Cont

act-Form.aspx
mailto:[email protected]://www.isaca.org.hk/mailto:[email protected]://www.isaca.org.hk/http://www.isaca.org/About-ISACA/Contact-Us/Pages/Contact-Form.aspxhttp://www.isaca.org/About-ISACA/Contact-Us/Pages/Contact-Form.aspxhttp://www.isaca.org/About-ISACA/Contact-Us/Pages/Contact-Form.aspxhttp://www.isaca.org/About-ISACA/Contact-Us/Pages/Contact-Form.aspx