ISACA Scandinavian Conference 2010
The conference is dedicated to topics and educational streams within Security, Governance and Assurance, all with a unique perspective. Each stream will have a blend of technical and managerial topics that will enhance the learning experience and actively motivate and challenge a new way of work.
Who should attend:
IT Audit professionals, IT Governance professionals, Information security managers, Information security professionals, Assurance professionals, IT professionals, Senior and executive managers, CIOs, CISOs and other members of the C-suite.
Among leading key-speakers: Per Thorsheim, Security coordinator, EDB Business Partner
Biography:
Per Thorsheim is currently working as a security coordinator in the corporate security section of EDB Business Partner, working with security controls, 
incident response handling and internal consulting. Prior to this he has worked for Telenor and PricewaterhouseCoopers (PwC). At PwChe performed penetration testing, security consulting and audits/controls in Norway and abroad.
Per currently holds the CISA and CISM certifications from ISACA, and CISSP-ISSAP from ISC(2). He is also a member of the American Society for Industrial Security (ASIS).
Presentation title:
Top level security
Presentation outline:
For any publicly listed companies there are corporate governance rules for the handling of inside information, and any trading based on such information is forbidden. Laws and regulations usually refer to handling such information with “due care”, but the interpretation of this is left to each company and sometimes single entities within the company. How do you control access to such information?
This presentation will talk about common mistakes in this area, how misunderstandings occur between executive, legal, audit and technical staff, and how auditors themselves are commonly part of the problem. Real-life examples as well as recommendations will be provided.
