November 14, 2018 ISACA Detroit Chapter Meeting

Pre-Dinner Topic: The Exposure and Conviction of Dr. Farid Fata:

The Notorious Michigan Medical Fraud Case, Part 1 After-Dinner: The Exposure and Conviction of Dr. Farid Fata: The Notorious Michigan Medical Fraud Case, Part 2 Speakers: Bryan Drake and Lafell Peoples

Date: Wednesday, November 14, 2018

Time: 4:30 - 5:00 Registration & Networking 5:00 - 6:00 Pre-Dinner Presentation 6:00 - 6:45 Dinner 6:45 - 7:45 After-Dinner Presentation

Location: Michigan State University Management Education Center 811 W. Square Lake Road Troy, MI 48098-2831

Cost: Advance Online Registration Only: Walk-In Fees: $20.00 Member $40.00 Member $30.00 Non-Member $50.00 Non-Member $10.00 Student / Retiree $15.00 Student / Retiree

PRESIDENT

Juman Doleh-Alomary, MScE CISA, CISM, CRISC, ISO27001 Wayne State University

VOLUME 33 # 2 REGION 4 CHAPTER 8

DATABYTE

The Chapter must provide the number of reservations by 12:00 pm on the Friday prior to the Chapter meeting. Advance online registration closes at noon on Friday, November 9, 2018. If you have made a reservation and cannot attend, please contact Crystal Wirth at Administrator@isaca-det.org prior to the above noted deadline for refunds. Walk-in registration is available at an increased fee. Reservations not cancelled prior to the above-noted deadline cannot be refunded as we are committed to the caterer for the meals ordered.

VICE PRESIDENT

Ryan Hodges, CISA, CISSP CISM, CRISC, ISO27001 Deloitte

Treasurer

Charles Murray CPA, CISA KPMG

Secretary

Melvin B. Taylor CISA, CRISC General Electric

Please forward any ISACA questions to our Chapter Administrator at administrator@isaca-det.org and your question will be routed to the appropriate ISACA Board member

DIRECTORS

Brad Barton, CISA 248-707-9372 Greg Boehmer, CISA, CIA, CFE, CGEIT CISSP, CISM, CRISC, CRMA, CSFX, PMP Deloitte & Touche Keith Cheresko, JD, CIPP, CIPT, FIP Privacy Associates International LLC 248-535-2819 Shannon Desjardins, CPA, CISA, CRISC Blue Cross Blue Shield of Michigan 586-201-1603 Michael A. Forrest, CISA, CGEIT Flagstar Bank 248-312-5435 Michele M. Haroon, CPA, CISA Lear Corporation 248-447-3001 Chris Johnson, CISA Lear Corporation 248-447-1066 Tammy Johnson, CISA Fiat Chrysler Automobiles 248-709-0427 Linda Kearney, CISA, CISM, CIA, CIPP-US 248-512-3858 D. Robert Okopny, PhD, CIA, CFE, CMA Eastern Michigan University 734-487-0246 Sajay Rai, CPA, CISSP, CISM Securely Yours LLC 248-723-5224 Malini Sarma, CISA General Motors 313-667-2878 Carrie Schrader, CISA, CBM, CFE, CGEIT, CRISC GM Financial 313-989-4711 David Soubly, CISA David.soubly@gmail.com Doug Wahr, CFE, CISA, CRMA,CISSP Auto Club Group (AAA) 313-436-7277 Manish Zaveri, CISA, CPA FordDirect LLC 248-888-9090

2

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

Hello Fellow Detroit Chapter Members, Hope you are doing well and enjoying the fall weather. I’m looking forward to sharing some up-dates with you. At our October monthly meeting we had two great speakers from Network Intelligence Con-sulting. Our first speaker was the founder, KK Mookhey, and he presented how an effective stra-tegic plan will be your biggest asset in the event of a breach. His presentation was engaging and walked the audience through the Equifax breach timeline and then how to get the incident re-sponse program right. There are many blocks that makeup an effective breach strategy. These blocks include asset and configuration management, encryption, monitoring and detecting, con-tinuous risk awareness at the senior level, and, of course, an incident response plan. The second speaker was Viral Trivedi who pointed out through various examples how the critical infrastructure is constantly under attack. Securing the industrial control systems is not a new phenomenon and it is a global issue for sure! Identifying the method to risk assess and grading the critical infrastructure cybersecurity posture is still a challenge. He further explained why some conventional IT security controls may not be enough and that there are many NIST and Department of Energy publications on SCADA/ICS controls that will help in that effort. The good news is that we have both presentations posted on our website under the members’ area. So please, check them out!

The ISACA November meeting is coming early! Because of the Thanksgiving holiday, we pulled the meeting ahead to November 14. Please make sure you register early because we need an accurate count ASAP. Also, don’t forget that the December meeting is our annu-al joint meeting with the IIA and that will take place on Tuesday, December 11, 2018. Please mark your calendars for those two early meetings and look for the invite to register. We can’t wait to see you. To check out the schedule of speakers, please go to our Detroit Chapter ISACA website and mobile app.

Spring Training registration is open! The Detroit Chapters of the IIA and ISACA are proud to continue their co-sponsorship of the 20th Annual Spring Training Seminar. It will take place on March 11-13, 2019 at the Suburban Collection Showplace in Novi. Look for the ISACA invite and mark your calendar for this awesome training opportunity where you can earn up to 22 CPEs. Since we invite neighboring chapters to this amazing opportunity, please make sure you register early to secure your spot. Some classes run out of space fast. To reg-ister for the spring training go to http://www.eiseverywhere.com/2019springtraining. The Chair of the Spring Training Seminar is our IIA member Pam Bishop and she is doing a fantastic job leading the effort. CSX—Cybersecurity Audit Certificate Program—ISACA launched a new Cybersecurity Audit Certificate program. The assessment-based program provides learners in-depth training and it includes an exam to measure how well the learning objectives were achieved. Individ-uals who successfully complete the remote-proctored exam will earn the Cybersecurity Audit Certificate and a digital badge.

Did you know that the CPEs that you get from the Chapter meetings are uploaded to your ISACA portal? This step saves you time and all you have to do is assign it to the certification(s) that you need.

Don’t forget to download our mobile app, “Det-ISACA”, from your Google or Apple store. Our mobile app will enable you to get the latest information, signup for monthly meetings, and view other activities we have for our members.

Please connect with us on social media. Follow us on LinkedIn (ISACA Detroit Chapter) and Twitter at @ISACA_Detroit. Also, take the time to get to know your proud serving Board of Directors by going to our Chapter’s website at http://www.isaca.org/chapters7/Detroit/AboutOurChapter/Pages/default.aspx.

Thank you for being a dedicated ISACA Detroit Chapter member. Your support to the Chapter and to the profession is the driving force to our commitment.

Enjoy the beautiful fall weather.

Juman Doleh-Alomary Proud Serving ISACA Detroit Chapter President

3

November 14, 2018 ISACA Detroit Chapter Meeting Before and After Dinner Topic - The Exposure and Conviction of Dr. Farid Fata:

The Notorious Michigan Medical Fraud Case, Part 1 and Part 2 FBI agents Bryan Drake and Lafell Peoples helped spearhead a complex and challenging investigation that exposed one of the most notorious, sad and tragic cases of medical fraud this nation has experienced in recent times. The Dr. Fata cancer fraud case not only defrauded Medicare of millions of dollars, it also resulted in the tragic compromise of health and in some cases loss of life of his pa-tients, many of whom were aggressively treated for cancers they did not even have. Drake and Lafell's riveting account of this case is a combination of front-line action and back-office due diligence. Their efforts, as well as those of a larger team of FBI, law enforcement and medical personnel, combined to ensure that justice prevailed in one of the sad-dest cases this region has experienced. They have been commended many times for their efforts in a story that received national attention.

Meet Our Speakers

Forensic Accountant Lafell Peoples graduated Magna Cum Laude from the University of Detroit in 1994 with a Bachelor of Science in Accounting. He obtained his CPA license in 1996 while working for Plante Moran from 1994 to 2003 and reaching the position of Senior Manager. Lafell worked for George Johnson & Company from 2003 to 2006 becoming the Principal / Owner. While at Virchow Krause from 2006 to 2009, currently known as Baker Tilly he reached the position of Senior Manager. Lafell has been a Forensic Accountant with the FBI for 8 years now on the Health Care Squad and has worked over 40 cases varying in size and complexity. Special Agent Bryan Drake graduated with a Bachelor of Science degree in Criminal Justice from Michigan State University in 1999 . He began working with the FBI in 2000 as an Investigative Specialist doing surveillance. In 2008, Bryan attended New Agents Training at Quantico. Upon completion of the Academy he was assigned to the Milwaukee Field Office working Counterterrorism. He trans-ferred to Detroit in 2011 working Cybercrimes and Cyber Terrorism until 2013 when he began working Health Care Fraud. He was also a member of the FBI's Evidence Response Team in both Detroit and Milwaukee for 13 years.

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

New ISACA Detroit Chapter Members

Zane Al-Rufaie Andrew Dodds Kelsey Donovan Kevin Hayes Dan Jenkins Junhyun Kim Eric Marzec Zachary Martin Shelley Rose Migliore Russell Guy Smith Dubravko Vukmirovic

Newly Certified

Johannes Baraa Abona, CISA Ayaz Anwar, CISA

Timothy Michael Cobor, CRISC Jacqueline Q. DeConinck, CISA

Gerardo Espinoza, CISA Nader Ettaher, CISA

Ryan Michael Finn, CRISC Romel Rausa Llarena, CISM

Greg Radke, CISA Amit Singh, CISA

William Varhol, CRISC Lisa Zufelt, CISA

Exam Passers

Johannes Baraa Abona, CISA Alioune Badara Diouf, CISA

Michael John DeGrande, III, CISA Gerardo Espinoza, CISA

Nader Ettaher, CISA Ryan Michael Finn, CRISC

Nathan S. Lake, CISA Romel Rausa Llarena, CISM

Greg Radke, CISA James David Schell, CISM

Letian Tang, CISA William Varhol, CRISC

Lisa Zufelt, CISA

October Raffle Winners

Spencer Andrews ▫ Scott Bogan ▫ Marge Bonk Wayne Carpenter ▫ Shannon Desjardins

Laurie Hepner ▫ Helena Le ▫ Robert Morse Patrick O’Neill ▫ Vicki Riley ▫ Matthew Schick

Philip Snell ▫ Colleen Wachowski ▫ Lisa Xu

The ISACA Detroit Chapter Certification Committee wishes to Congratulate the Newly Certified and Exam Passers

4

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

Newly Certified, Helena Le, with our Treasurer and Board Member Charles Murray

2nd Speaker for October, Viral Trivedi of Network Intelligence Consulting, with Board Member David Soubly

October Speaker KK Mookhey, founder of Network Intelligence Consulting, with Deep Chandra and Board Member David Soubly

5

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

November 14, 2018 MENU

Beef Bourguignon Fried Perch Lemon Sage Chicken Mashed Potato & Cheese Strata Seasonal Vegetable Greek Salad Italian Chopped Salad Chef’s Choice Dessert

ISACA Detroit Smart Device App

The ISACA Detroit Chapter Communications Committee is happy to announce the availability of a smart device App designed to provide current and important information on several membership benefits and activities. This App is now available for both Apple and Android devices and can be in-stalled by following the steps below. Making this App available to our membership is just one in a series of improve-ments being researched and planned by the Communications Committee. We are anxious to meet our membership’s expectations for effective communications and any and all ideas are welcomed. If you have a suggestion, please send an email message to: Brad Barton, Chairman of the Communications Committee (bbarton424@gmail.com) or reach out to any of our Board members to submit your suggestions. The ISACA Detroit Communications Committee

ADVERTISE IN THE “DATABYTE” NEWSLETTER

¼ Page $ 50.00 ½ Page $100.00 Full Page $200.00

Contact ISACA Administrator at: administrator@isaca-det.org

or Mike Forrest at: m_forrest@wowway.com

Photo Disclaimer: ISACA Detroit Chapter may capture images from meetings and events on film or digital media for publication and marketing purposes.

Attend up to 4 Chapter Meetings FREE

During difficult times, the ISACA Detroit Chapter Board wants to help. If you are unemployed, laid-off, or are not currently receiving a paycheck, we have some good news. It’s during times such as these that maintaining a network of peers and maintaining your level of training is so very important. We are, therefore, offering to allow you to at-tend up to four (4) meetings FREE. You must register for each meeting through the Membership Chairman by send-ing an e-mail stating that you are currently out of work and wish to attend the meeting. The e-mail must be re-ceived prior to the meeting registration close for that meeting.

Please send your email to Mike Forrest at: m_forrest@wowway.com.

6

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

2019 Spring Training Program March 11-13, 2019

Suburban Collection Showplace Novi, Michigan

CLICK HERE TO REGISTER

TRACK

MON MARCH 11

TUES MARCH 12

WED MARCH 13

A How Successful People Think

Don Levonius

Promoting Civility & Building Trust

Don Levonius

How to Be a REAL Success

Don Levonius

B How to Deliver a Dynamic

Presentation

Keith Levick

Valuing Diversity & Inclusion and Deterring Sexual Harassment

Keith Levick

Resilient Leadership

Keith Levick

C Successful Crisis Management

Paul Zikmund

Navigating Instances of Workplace Violence, Harassment & Retaliation

Paul Zikmund

Effective Interviewing and Interrogation

Paul Zikmund

D

Creating and Preserving Value with COSO ERM 2017

James Roth

Auditing Culture: Challenges and Proven Techniques

James Roth

E Internal Audit University

Hernan Murdock

F Enterprise Risk Management

Greg Duckert

G Advanced Auditing

Kathleen Crawford

H

Mobile Technology Security & Audit

John Tannahill

Windows Service 2012/2016 Security & Audit

John Tannahill

VMware Security & Audit

John Tannahill

I

Amazon Web Service (AWS) Audit & Control

Nick Benevuto

Introduction to IT Auditing

Nick Benevuto

J

Cyber Security Vulnerability & Pen-etration Testing

Kevin Cardwell

Intrusion Analysis and Incident Response

Kevin Cardwell

K Securing & Auditing Application Software Infrastructure

Ken Cutler

L Audit & Security of SAP ERP

Steve Biskie

7

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

RETURNING THIS YEAR - VENDOR EXPO!

We have invited audit and assurance vendors to set up displays during the training event to give you an opportunity to learn about products and partners that are in

the marketplace and their associated benefits for your organization.

2019 Spring Training Program March 11-13, 2019

Suburban Collection Showplace, Novi, Michigan

8

DATABYTE

DETROIT CHAPTER ISACA – YOUR ‘YEAR-ROUND’ PARTNER FOR PROFESSIONAL GROWTH

DATABYTE

ISACA Detroit Chapter Administrator Crystal Wirth

administrator@isaca-det.org

2018-2019 ISACA Detroit Chapter Committee List

Committee Name Committee Members Committee Chair

Academic Relations

Sajay Rai Sajay Rai

Brad Barton

Bhaskar Kakulavarapu

Bylaws, Policies & Procedures

Greg Boehmer Ryan Hodges

Keith Cheresko

Ryan Hodges

Certification

Charles Murray Charles Murray

Michael Forrest

Michele Haroon

Communications

Brad Barton Brad Barton

Keith Cheresko

Chris Johnson

David Soubly

Malini Sarma

Michele Haroon

Bhaskar Kakulavarapu

Linda Kearney

Facilities

Carrie Schrader Carrie Schrader

Ryan Hodges

Tammy Johnson

Linda Kearney

Membership Michael Forrest Shannon Desjardins

Michael Forrest

Nominating & Audit Greg Bohmer Greg Bohmer

Keith Cheresko

Program

David Soubly Doug Soubly

Greg Boehmer

Keith Cheresko

Seminar

Manish Zaveri Manish Zaveri

Brad Barton

Carrie Schrader

Doug Wahr

Melvin Taylor Tammy Johnson

Social Tammy Johnson Michele Haroon

Shannon Desjardins

Michele Haroon

Spring Training

Juman Doleh-Alomary Juman Doleh-Alomary

Bob Okopny

Linda Kearney

Exciting Opportunities for Review Class Instructors

OVERVIEW Thank you to those of you who have sacrificed time to teach the Detroit Chapter’s ISACA certification review classes in the past! Interesting and exciting opportunities are on the horizon and we wanted to make sure we made you aware of them. ISACA International has devel-oped an opportunity to better prepare you, our volunteer instructors, along with the Chapter’s prospective students. ISACA developed the Accredited Training Program to ensure exam candi-dates for ISACA’s core (i.e., CISA, CISM, CGEIT, and CRISC) certifica-tions have access to the highest quality training available in the market, while maintaining the integrity of ISACA’s Intellectual Property (IP) and brand value globally. This message provides you with a high-level over-view of the new program. Beginning in 2018:

• Only accredited instructors (i.e., those who have been through the new training) can teach local Chapters’ CISA, CISM, CGEIT, and CRISC certification review classes.

• ISACA is providing free training to the Chapter for two trainers.

• ISACA is also deeply subsidizing the costs of the accreditation fees for any additional Chapter trainers.

• Includes accreditation for 1 or multiple certifications per trainer (If a trainer has CISA and CISM and becomes accredited for CISA, that accreditation would apply for both certification classes.)

• Training components (no special preparation or testing and allows local

language preferences). Trainer must hold certification in good standing to be trained.

TIMING ISACA Detroit is looking to provide accredited trainers for certification classes beginning Fall 2018. At this time, ISACA International has not provided a deadline for applying for the free and discounted training. THE NEED The Certification Committee is looking for interested volunteers to be-come Certified Trainers. If interested, contact Charlie Murray, Certifica-tion Director, as noted below:

Charlie Murray Certification Director

ISACA Detroit Chapter Cell: 313.320.4566

cmurray@kpmg.com

The December 11, 2018 ISACA Chapter Meeting

will be held at:

VisTaTech Center Schoolcraft College

18600 Haggerty Road, Livonia, MI 48152 734-462-4400