ISACA Melbourne Chapter – Auxiliary Professional Development Session – Sep 2017

The ISACA Melbourne Chapter, with sponsorship by PwC Melbourne, invites members and general practitioners, to a half day event, packed with four Professional Development sessions, networking and refreshments.



·         7:00am – Registration and session sign-in – required to receive applicable CPE credits·         7:30am – Breakfast Open

·         7:50am – START – Welcome, Introductions, Agenda

·         8:00am – Sponsor Message – Technology Governance and Risk

·         8:15am – Speaker Talks, Questions & Answers

·         9:55am – Break

·         10:15am – Speaker Talks, Questions & Answers

·         12:00am – Lunch & Networking

·         01:30pm – Event End


CPE Hours

4.0 hours, based on the assumption you have signed the attendance sheet when attending.


Registration and Admittance

•           Due to our sponsoring partner’s facilities, access requirements and for catering purposes, we request that you register for this event to ensure you are able to attend.

•           Registration to this session is open and free of charge to all current full paid ISACA members.

•           A door fee of $50 will be charged for non ISACA members, paid in cash at the registrations desk on the day.

•           A registration door prize will be drawn from the list of duly registered attendees.


About the event sponsor

At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 157 countries with more than 223,000 people who are committed to delivering quality assurance, advisory and tax services.  Find out more and tell us what matters to you by visiting us at



PwC, 2 Riverside Quay, Southbank VIC 3006

Further directions in regards to this location will be posted closer to the event.


About the sessions and speakers.(listed in no particular order)


The Potential and Promise of Female Leadership

By, Jo Stewart Rattray, Elected Director on ISACA’s international Board of Directors and Chair of its global women’s leadership initiative.

ISACA has recognised that the empowerment of women within the global technology workforce is critical given the gender gap that exists in our fields of practice is one of the largest across all professions. It is estimated that less than 30% of the technology workforce is made up of women and it drops to 10% within information security. The development of ISACA’s Connecting Women Leaders in Technology initiative is aimed at assisting women to elevate into positions of leadership by providing a program that will support them through their careers with educational opportunities, support tools, networking opportunities and advocacy to name a few. Jo is the inaugural chair of the Women’s Leadership Council at ISACA and is Board sponsor of the initiative.

Jo has over 25 years of experience in IT including as a CIO utilities, and 19 in information security. She underpins her information technology and security background with her qualifications in education and management.

Jo specialises in consulting in information security issues with a particular emphasis on governance in both the commercial and operational areas of businesses. Jo provides strategic advice to organisations across a number of industry sectors including banking and finance, utilities, automotive manufacturing, tertiary education, retail and government.

Jo has chaired a number of ISACA’s international committees including Audit, Leadership Development, and Professional Influence & Advocacy. She is past president of ISACA’s Adelaide Chapter and she is currently serving as an Elected Director on ISACA’s international Board of Directors.


Agile Project Delivery Confidence: Mitigate project risks and deliver value to your business

By Melina Sehr and Andrew Sandford, PWC Assurance and Transformation Practices

When Agile becomes an organisation’s standard project delivery methodology, it changes the way projects are managed and controlled. In this talk, Melina and Andrew will explore how to create value for your organisation by building the right capabilities, unleashing your potential and gaining confidence to deliver the best product to market, while minimising delivery risks.

Melina Sehr is a Partner within PwC’s Assurance practice specialising in Transformation Confidence. Melina has over 25 years of experience working on large transformational programs within Australia’s major companies across banking and financial services, telecommunications, energy and utilities, health and public sectors. She has extensive business and technical skills which enable her to identify areas of risk and propose solutions that are effective and practical.

Andrew is a Senior Manager within PwC Transformation Confidence practice in Melbourne. Andrew partners with clients to provide an independent perspective on the risks to their strategic business change and transformation programs.


Shiny Toys’ vs Tools – Getting better value out of your detection tool suite

By, Petrina Olds, Telstra Security Detection Technology Lead

Petrina will discuss how to get better value out of your security detection tools including how to identify whether your tool is actually just a “shiny toy”. This talk will lay out a practical approach to evaluating your existing security detection tool suite which will in turn enable you to lay out a plan to improve their value.

Petrina Olds is the Security Detection Technology Lead at Telstra and leads the strategic direction of their Security Detection tools. During her 4.5 years at Telstra she has worked with the Security Operations teams hunting for new malware infections and improving detection capability. She has also worked on the various Security Incident Event Management (SIEM) systems in Telstra to make them alert correctly using the incoming raw events. Prior to Telstra she spent 16 years with the Commonwealth Public Service working as a software engineer where she held a number of technical positions designing and developing new platforms and applications from standalone to enterprise using a variety of software languages and platforms.


IT Risk Management – Improving Benefit Realization

By, Carl Michael, CTO LUCRF Super

The management of technology risk must steer away from IT optimized decisions which might inadvertently create business risks. Inadequate dependency analysis for IT risk management can cause risks to compound over time and give way to uncontrolled complexity. As part of the evolution of IT risk management, summarizing IT risks using Westerman’s 4A framework, which defines risks in terms of four key business objectives: availability, accessibility, accuracy, and agility provides an improved approach to presenting IT risks to the business in a non-technologically focussed manner. This approach also provides the IT department with a mirror with which to view risks with an integrated structure that allows for making informed decisions about IT risk in business terms of costs, benefits, prioritization and trade-offs. This approach helps to make the business consequences of IT risk clearer through augmenting dependency-analysis and decision-making which in turn improves benefits realization.

Carl Michael is the CTO at a LUCRF Super where his role covers operational responsibilities. He previously worked as a strategy consultant and headed enterprise architecture and development teams. His roles cut through the complexities of technologies and operations to enable business opportunities through practical solutions in sectors such as superannuation, banking, technology and government. Carl has an MBA in Technology Management, a Master of Strategic Foresight and is a senior member of the ACS. He has presented on strategy, architecture and foresight at conferences such as CeBIT.