Off-Line
The SC Midlands Chapter of the Information Systems Audit & Control Association
CHAPTER 54
May 2009
Letter from the President
Greetings! The year is moving fast – we are almost near the end! I’m
ready for Summer!
If you were not able to join us for our March meeting, you sure missed
quite an interesting session on Ethical Hacking. Kevin Beaver provided
us with some great information and timely. I just read in the news
that the Federal Government is looking to hire several thousand Ethical
Hackers this year. We have included in this newsletter, some
information about EC Council and their offer of 40 scholarships towards
their Ethical Hacking Certification courses. Could be we have some
great potential candidates for that opportunity right here in our
chapter. Make sure to check it out.
In This Newsletter:
Letter from Pres. – Pg 1
Upcoming Meeting – Pg 1
CISA/CISM earns awards –
Pg 2
CGEIT Status – Pg 2
EC-Council Info – Pg 3
I hope to see you at our next lunch meeting scheduled for May 21st
when we will meet together with our local expert MS SQL expert, Brian
Kelley. We will also be electing officers for the upcoming year. Come
and be heard! Sign up for the meeting now on our chapter website at
http://www.scisaca.org/events.htm . Be sure to take the survey and let
Brian know what you want to hear about.
I would like to thank the volunteers who made our CISA Review course
a success. Thanks to their efforts, 11 people came and studied the
concepts required to sit for the award winning CISA certification.





Chapter
Chapter
Chapter
Chapter
Chapter
1
3
4
5
6
and 2 - Brian Harris, BlueCross BlueShield of SC
– Don West, our own treasurer!
– Chris Oder, BlueCross BlueShield of SC
– Mike Pinkham, BlueCross BlueShield of SC
– Mike Upfield, BlueCross BlueShield of SC
The Nominations Committee continues to accept volunteers as chapter
officers and Board of Trustee members for the upcoming 2009-2010
chapter year. Please contact me at susan.rusher@bcbssc.com to
volunteer yourself or to nominate another colleague just as soon as
possible. We need a treasurer, and a couple of new board members.
We need you!
Sincerely,
Sue Rusher
Chapter President
Microsoft SQL Server Security and Auditing (4 CPEs)
Course Description
In this 4 hour course, K. Brian Kelley (CISA, MCSE, Security+,
Microsoft MVP - SQL Server) will explain the security model for the
Microsoft SQL Server database engine, how it interacts with the
Windows operating system, which security features are available in
each version and edition of SQL Server, what backup/restore features
are available in each version and edition of SQL Server, and how to
audit for permissions and rights across SQL Server 2000 through 2008.
Register by following this link.
Important Date(s):
May 21 – May Meeting, SQL
Security, Brian Kelley
OFF-LINE
P a g e
2
ISACA’s CISA Certification Earns 2009 SC Magazine Award
for Best Professional Certification Program
Rolling Meadows, IL, USA (23 April 2009)—ISACA, a nonprofit association serving more than 86,000 IT
governance professionals in 160 countries, has been recognized with an SC Magazine 2009 Professional
Award. ISACA’s Certified Information Systems Auditor (CISA) designation was selected as the winner of
the Best Professional Certification Program, and its Certified Information Security Manager (CISM)
certification was named a finalist.
The award, which recognizes ISACA’s outstanding achievement in IT security, was presented Tuesday at
the exclusive SC Awards Gala, held in conjunction with the annual RSA Conference in San Francisco,
California, USA.
The CISA certification has been earned by more than 60,000 professionals since its inception in 1978. It is
recognized internationally as the global standard for IS audit, control and security professionals. CISM,
introduced in 2002, has been earned by more than 10,000 professionals.
ISACA’s CISA and other 2009 Professional Awards winners were chosen by a panel of 22 judges from
major corporations and public-sector organizations that were hand-picked by SC Magazine’s editorial team
for their breadth of knowledge and experience in the information security industry. The awards highlight
and showcase the best solutions, services and professionals, while recognizing achievement and technical
excellence in the information security industry. With almost 700 entries submitted in 30 categories, the
2009 SC Awards were the most competitive yet in the program’s 12-year history.
For more information and a detailed list of categories and winners, please visit
www.scmagazineus.com/awards. Additional information on ISACA’s CISA and CISM certifications, as well
as the new Certified in the Governance of Enterprise IT (CGEIT) designation, is available at
www.isaca.org/certification.
3,000 Professionals Earn ISACA’s New CGEIT Certification
Rolling Meadows, Illinois, USA (23 April 2009)—Established in late 2007, ISACA’s Certified in the
Governance of Enterprise IT (CGEIT) credential has already been earned by 3,000 professionals.
The CGEIT certification is awarded to those who meet stringent requirements, which include passing the
exam and providing proof of experience, or being accepted through the grandfathering provision, which
ended in December. The first CGEIT exam was administered in December 2008, and the 2009 CGEIT
exams will be held on 13 June and 12 December.
“ISACA has experienced overwhelming demand for the new CGEIT certification,” said Howard Nicholson,
chair of the CGEIT Certification Board. “It is clear that governance of enterprise IT is a top-of-mind issue
and that a credential indicating experience in that area is in great demand by professionals who want to
further set themselves apart and provide valuable contributions to their businesses.”
The CGEIT certification helps:
 Support the growing business demands related to IT governance
 Increase the awareness and importance of IT governance good practices and issues
 Define the roles and responsibilities of the professionals performing IT governance work
Additional information on all three of the certifications is available at www.isaca.org/certification.
OFF-LINE
P a g e
Electronic Commerce Consultants (EC-Council) Secure aid Program
EC-Council announces a US$100,000 allocation toward an Information Security scholarship fund through
EC-Council| Secure Aid™
EC-Council| Secure Aid™ the brainchild of EC-Council, strives to provide a platform for the attainment
of knowledge regardless of certification affiliation and aims to support national and global security
measures on combating cyber crime and cyber terrorism. EC-Council welcomes outstanding individuals
who have contributed meaningfully in the IT Security domain and possess the desire to update their
information security certification skills to apply for EC-Council’s scholarship. We hope to alleviate the pain
of some information security professionals that have been affected by the global economic crisis and at
the same time, we hope to empower the information security community and the world at large to fight
cyber crime and cyber warfare.
We are proud to be vendor neutral and independent in our pursuit of empowering knowledge seekers to
uphold the sanctity of their information security assets and in ensuring that every certified professional
upholds the best practices in penetration testing and be in the forefront of the industry’s compliant
requirements.
Therefore, EC-Council pursues with vigor the following objectives:
 To serve our community by remaining a vendor neutral information security certification body and
education provider
 To foster excellent research skills in the field of information security
 To encourage the development of ethical behavior within our certified community
 To sustain creativity in implementing, managing and solving IT security related issues
Scope of Scholarship
Enrollment in the following choice of courses:
1. EC-Council Certified Ethical Hacker (C|EH);
2. EC-Council Computer Hacking Forensic Investigator (C|HFI);
3. EC-Council Certified Security Analyst (E|CSA);
4. Licensed Penetration Tester (L|PT);
5. EC-Council Certified Disaster Recovery Professional (E|DRP)
Total of 40 full and partial scholarships available totaling US$100,000
Successful candidates shall be entitled to full or partial training fees and exam voucher waiver for year
2009/2010 excluding courseware. Please click HERE for details on tuition and related fees
Duration of courses offered – 5 day live, online, instructor led training. The courses are all approximately
36 instruction hours in length delivered either in four hour time blocks, twice a week in the evening for 5
weeks, or in 5 consecutive days in 8 hour time blocks
Courses to be administered through EC-Council’s iClass (Live, Online, Instructor-led)
3