ISACA Melbourne Chapter
Auxiliary PD Session – Sep 2017



2.30 pm – Registration open and sign-in – required to receive applicable CPE credits

3:00 pm – Welcome, agenda and introductions

3:10 pm – Panel discussion

3:50 pm – Questions from the floor to the panel

4:05 pm – The Soapbox – Chapter updates, announcements and issues of interest to members

4:15 pm – Networking opportunity


Topic Outline

Are you pondering how to take your cyber risk management program to the next level, or are you wondering if you have started with the right steps? Perhaps you are leading an program and along the way have lost synergies or resources, and need to refresh your plans?

Yet the risk landscape continues to change and the danger is clearer and more present than ever.

ISACA Melbourne Chapter, with sponsorship from PwC, offers a panel of seasoned professionals to share lessons learnt, risks and issues to watch out for, and provide perspectives on good Cyber Security Risk Management.

This will be followed by an opportunity to network and further connect with fellow professionals.

Key Discussion points:

  • What are the critical attributes of effective cyber security resilience?
  • What are the quick wins, if any?
  • What are the critical competencies?
  • How can CISOs measure risk and show ROI for investments?

Prospective delegates are welcome to send in their questions or discussion points in advance by Thu 21 Sep 2017, noon to be forwarded to the panel.  Please email us your questions/discussion points at this link:


CPE Hours

1.0 hours, based on the assumption you have signed the attendance sheet when attending


Registration and Admittance

  • Due to our sponsoring partner’s facilities access requirements and for catering purposes we request that you register for this event to ensure you are able to attend
  • Registration to this session is open and free of charge to all current ISACA members
  • A registration door price will be drawn from the list of duly registered attendees


Panel Members

Jo Stewart Rattray
Elected Director on ISACA’s international Board of Directors and Chair of its global women’s leadership initiative

Jo has over 25 years of experience in IT including as a CIO utilities, and 19 in information security. She underpins her information technology and security background with her qualifications in education and management.

Jo specialises in consulting in information security issues with a particular emphasis on governance in both the commercial and operational areas of businesses. Jo provides strategic advice to organisations across a number of industry sectors including banking and finance, utilities, automotive manufacturing, tertiary education, retail and government.


Mitra Minai
Governance, Risk and Regulatory Compliance Professional, Board Member, ISACA Melbourne Chapter

Mitra is a senior governance, risk and compliance professional with over 18 years of experience working in the Financial and Professional Services industries. She has a proven track record in assessing and solving complex risk and regulatory challenges for Organisations.

Mitra is currently leading NAB’s Cybersecurity and Data Security Risk management initiatives, formulating and prioritising the implementation of pragmatic solutions to meet Cybersecurity and Data protection and privacy requirements and uplift capabilities across the organisation. The outcome is effective oversight and governance of Cybersecurity risks and controls, leading to well informed investment, decision making and prioritisation of security solutions and services to manage the Bank’s riskiest operations.

Mitra was the Chair of the Oceania CACS 2010 and has been on the ISACA Melbourne Chapter Board since 2004, successfully leading various strategic, membership growth and retention and certifications promotion initiatives. Mitra is also a member of Standards Australia IT030 ICT Governance and Management Committee as well as a member of International Standards Organization (ISO) Joint Technical Committee 1 (JTC 1) focusing on Governance of IT, Service Management and Information Security. She is at the forefront of thought leadership and standards review and publications covering effective Enterprise Governance and Risk Management practices.


Jason Ha
Director at PwC Australia

Jason is a Senior Leader of PwC’s Digital Trust practice which aims to help clients maximise their growth potential, manage their risks and build confidence in their digital future. As an experienced Cyber Security and Risk professional, Jason provides the ability to develop and implement security strategies from business requirements stage all the way to ongoing operation and governance. One of Jason’s primary areas of expertise is helping organisations make sense of their Cyber Risks including understanding their impact to business and how to effectively communicate them.


Mike Trovato
Cyber Risk Advisor to Boards and CxOs; Board Member, ISACA Melbourne Chapter

Mike is a cyber security and technology risk advisor to boards, board risk committees, and executive management including CxOs. Helps key stakeholders understand the obligations and outcomes of effective cyber security. This includes solving an organisation’s greatest issues with respect to regulatory, industry, and company policy compliance and to protect what matters most in terms of availability, loss of value, regulatory sanctions, or brand and reputation impacts balanced with investment.

Key Australian and US roles: ICG, Global Cyber Practice Leader; Cyber Risk Advisors, Managing Partner; EY Cyber Security, Asia Pacific, Oceania and FSO Lead Partner; NAB Group, GM Technology Risk and Security; KPMG, Partner Information Risk Management; Salomon Brothers, Internal Audit; MasterCard International, Principal.

Graduate Australian Institute of Company Directors (GAICD); ISACA Melbourne Chapter Board Member. Certified Information Systems Manager (CISM); Certified Information Systems Auditor (CISA); and has been a PCI DSS Qualified Security Assessor (QSA). MBA Accounting and Finance and BS Management Science, Computer Science, and Psychology.


Biographies listed in no particular order.