ISACA MALAYSIA CHAPTER PROUDLY PRESENTS

Date: 15 to 18 May 2017 Venue: VE Hotel & Residence, Kuala Lumpur, Malaysia

Free Tablet For Each Delegate

ISACA 14 CPE

IIA 16 CPD

CYBERSECURITY, IT ASSURANCE & GOVERNANCE CONFERENCE 2017

Or ganised by: suppor t ing or ganisat ions

DISRUPTIVE, ANTICIPATIVE, RESILIENT

Pre-Conference Workshop: 15 May 2017 09:00 – 17:00 Pre-Conference Workshop: Dissecting Malware

Semi Yulianto CISA, CISM, MCT, CCNP, CEH, CHFI, ECSA, SSCP, CISSP, CSSLP, CASP ISC2 Authorized Instructor, Indonesia

Malware attacks can cause harm and has a big effect to an individual or organisation. Defence in depth and a proactive countermeasure should quickly be implemented in order to prevent the future attacks from occurring. For those who want to get the insights and understanding the behaviour of the latest malware, this workshop will provides the attendees the knowledge on how to set up a safe virtual environment, the types of tools and techniques used by professional to safely analyse malware, understanding the malware antivirus bypassing techniques, and many more. Hands-on labs throughout the workshop will enable you to practice and synthesize your skills as you dissect malware samples. You'll learn how to do static & dynamic analysis of malware to understand the working mechanism of what a malware can do to your system. Additionally, this workshop would cover the analysis of Windows & Android types of malware. For more details on this workshop and its key takeaways/learning objectives, please refer to the conference website – www.isaca.org.my

Post-Conference Workshop: 18 May 2017 09:00 – 17:00 Post-Conference Workshop: Securing and Auditing Disruptive Technologies

Saurabh Sarawat CISSP, ITIL, PRINCE2, ISO27001 LA, SABSA Managing Partner, Across Verticals Wilson Lim Wei Zheng SANS GPEN, ISO27001:2005 ISMS LA, Common Criteria Certified System Security Evaluator In the past few years, we have seen disruptive shifts in security. These shifts have been driven in part by the rise of BYOD, mobility, virtualisation and the cloud, which has resulted in a new level of complexity and fragmentation within distributed systems. Proliferation of organisations data, applications and systems has disrupted the traditional model of risk analysis and threat mitigation. As a security and audit practitioner, it is imperative to understand and secure the dynamic IT environment in order to mitigate the risks due to adoption of disruptive technologies. For more details on this workshop and its key takeaways/learning objectives, please refer to the conference website – www.isaca.org.my

Click a button and you have your personal data and sensitive information stored online; this put Cybersecurity into a very prominent place in both personal space and of the organisations. This phenomenon is attributed mainly to the rapid technological and connectivity advancements, together with the ever growing threats that potentially disrupt and exploit organisations’ impetus while embracing on these advancements. As such, organisations may struggle to put in place the right level of governance, management and assurance practices to protect themselves from both intentional and unintentional attacks, breaches and incidents. This Conference will be a right place for you, as the Conference would be featuring various discussions and talks from many esteemed subject matter experts via various plenaries, panel discussions and business / technical classes covering exciting topics in the area of cybersecurity, IT governance, risk management and assurance. Day One will be featuring the keynote address, plenaries and interactive panel discussion sessions, while Day Two you will have the opportunity to join the business / operational and technological classes covering the latest development on cyber security, IT governance, continuity management and assurance. These classes are designed to provide ‘live’ practical experiences and will cover the latest ISACA research and literature such as the Cybersecurity Nexus program and COBIT5 framework. Most importantly, you can interact with the facilitators who have in-depth experiences in their respective areas. This Conference will be fully electronic i.e. each conference delegates will be provided a tablet device each – whether to stay in tune with the plenary speakers, to pose questions and/or comments during the lively panel discussion or to be used as part of the classes’ hands-on approach. In addition, this year’s Conference will introduce two full-day workshops – pre and post-conference which will cover exciting topics on the latest on Cybersecurity and assurance topics. These workshops have limited places and are only available for a very reasonable price if you sign-up for the Conference. Details of the workshops are below:

Conference Day 1: 16 May 2017 08:00 – 08:45 Registration & Networking Session 08:45 – 09:00 Opening Remarks – Organising Committee Chairperson 09:00 – 09:30 Keynote: To Be Confirmed

Dato’ Ng Wan Peng Chief Operating Officer, Malaysia Digital Economic Corporation (MDEC) Details will be made available soon on conference website.

09:30 – 10:00 Platinum Sponsor Address: Battling with Cybersecurity Henry Ng CISA, CISSP-ISSAP Head of Consulting Services - APAC, Thales With many discussions around cybersecurity, it is prudent for management and IT professionals to understand the latest cyber threats and security trends in order to appropriately develop the IT and security plans to address the market concerns. In this session, Henry will lead the audience back to 2016 by reviewing the data breach cases. Making references to the latest 2017 Thales Data Threat Report, Henry will share the 2017 cyber security outlook and challenges ahead.

10:00 – 10:30 Platinum Sponsor Address: Business-driven Security: Fusing Business Risk and Technology Andrew Chang CISSP, CEH, RSA Certified Systems Engineer, CRA Senior Technology Consultant, RSA – Security Division of EMC Defending against human ingenuity demands a new way of thinking. Despite countless dollars spent and infinite security alerts many security leaders still don’t have a true picture of what is going on. So, when a breach happens, can you answer THE question: “How bad is it?” The inability to do so is what RSA calls the “gap of grief.” There is a need to redefine your security strategy and business risks. RSA’s strategy fuses security insight within business context to create explicit linkages between what security technologies tells us and what that means in terms of business risk. The result is what we call Business-Driven Security.

10:30 – 11:00 Break & Networking Session

11:00 – 11:30 Plenary 1: Business Enablement Through Enterprise-grade Social Media Platform: Risk and Cyber Security Perspectives. Leonard Ong CISA, CISM, CRISC, CGEIT, CoBIT5 Implementer & Assessor International Vice President, ISACA Organisations usually view social media as a significant risk and treat it conservatively which leads to organisations view social as a no business value contribution. The presentation will discuss a case study on the implementation of social media platform deployment in addressing a business problem which covers large geographical area. This presentation will highlight cyber risk, security consideration and the impact from implementing social media as part of the organisation’s DNA.

11:30 – 12:00 Plenary 2: To Be Confirmed To be confirmed Details will be made available soon on conference website.

12.00 – 12.30 Plenary 3: Convergence of Fraud Risk and Cybersecurity in Payments Sean Lam Jer-Wei Co-founder & CEO, Jewel Paymentech Over the last number of years, information security weaknesses and vulnerabilities have resulted in some of the world’s biggest payment heists. Cybercriminals are quick to exploit weaknesses and use technology to their advantage. As payments evolve to one that’s increasingly digital, a convergence of cyber security risk management and fraud risk management will be inevitable. The financial sector will need respond to these new threats by implementing holistic mitigating controls that span across different internal functions.

12:30 – 14:00 Lunch & Networking Session

14:00 – 14:30 Plenary 4: E-Banking: Impact, Risks and Security Considerations Semi Yulianto CISA, CISM, MCT, CCNP, CEH, CHFI, ECSA, SSCP, CISSP, CSSLP, CASP ISC2 Authorized Instructor, Indonesia Despite of all the benefits, e-banking facility introduces issues for banks and regulators. It increases the security risks to both banks and customers. Security is one of the most discussed issues around e-banking. The use of e-banking would potentially expose isolated system to open and risky environment. Many banks have reported that their system being probed for weaknesses, but minor security breaches were so far detected so far. As e-banking functionalities advance, paying more attention on security risks woiuld provide more benefits. A strategic and proactive approach to information security followed by strong business information security controls should be formulated in response to the new threats and vulnerabilities being raised today.

14:30 – 15:00 Plenary 5: What Should IT Audit Professionals Know About Cybersecurity? Prof. Frank Yam CISA, FHKIoD, FHKCS, FFA, FIPA, FHKITJC, CIA, CFE, CFSA International Vice Chairman - ISACA International (2004-2009), Chairman & CEO, Focus Strategic Group Inc. With the ever-increasing number of cyberattacks and with advancements of technologies such as Internet of Things (IoT), Bring Your Own Device (BYOD), Artificial Intelligence (AI), etc., company executives are looking for new business models that will give them better assurance for success. Many organisations are embracing cyber technologies with the right attitude, incorporating it into the enterprise risk management program and establishing clear guidelines, procedures and processes. Cybersecurity is here to stay and IT audit professionals need to adapt and survive.

15:20 – 16:00 Plenary 6: Cyber Security and Business Continuity Management: How are they linked? Dr Goh Moh Heng BCCLA BCCE CCCE CMCE DRCE President | BCM Institute, Managing Director of GMH Continuity Architects The digital transformation of business has redefined the meaning of a business disruption as information has become the lifeblood of all organisations. The reality is that data is valuable, it interfaces with core business activities, and any threat to it or the aligned processes is a threat to the business. Putting aside the complex and technology knowledge that requires any professional to understand the micro details of a cyber-attack, the key question is to consider whether all impacts to the day-to-day operations of the business fall squarely within the information security, auditors and/or business continuity professionals.

16:00 – 16:30 Break & Networking Session

16:30 – 17:15 Panel Discussion: Cyber Resilience in The Disruptive Age

Chair: Nickson Choo CISA, CRISC, CFE, CA Director | Deloitte Malaysia Panellist: Maz Mirza bin Mohd Aminurashid Deputy General Manager, Info Tech | MRT Corps

Panellist: Victor Lo Head of IT Security | Malaysia Digital Economic Corporation (MDEC)

Jason Yuen CISA, CISSP Partner, Cybersecurity | EY Malaysia

Digitalisation that are enabled by cheaper yet faster disruptive technologies are introducing new emerging risks which organisations across all industries are acknowledging to be an emerging threat. Facing rapid pace of technological advancement and new risks that comes with this trend such as artificial intelligence, the internet of things and quantum computing, how can long-term cyber resilience be achievable? This Panel Discussion would discussed the various thoughts on achieving the cyber resilience.

Conference Day 2: 17 May 2017

09:00 – 10:30 Business Track [BT1] Unravelling the Cloud Puzzle Technical Track [TT1] Phishing Is Evolving! Are You Evolving Too?

10:30 – 11:00 Break & Networking Session

11:00 – 12:30 Business Track [BT2] Auditing the IoT Security Technical [TT2] 21st Century Forensics

12:30 – 14:00 Lunch & Networking Session

14:00 – 15:30 Business Track [BT3] Exercising Your BCP to Manage a Cybersecurity Incident

Technical [TT3] Assessing Your Cybersecurity Maturity

15:30 – 16:00 Break & Networking Session

16:00 – 17:30 Business Track [BT4] Blockchain: An Ambitious Look at How It Can Improve Trust and Transparency

Technical [TT4] Privileged Access – The Road to Unlock Exclusive Rights to Your IT Kingdom

17:30 – 17:40 Lucky Draw & Closing Remark

Who to attend If you are from or who wants to enhance your knowledge, in the cybersecurity, assurance, risk and governance disciplines, you would be delighted to find that the Conference has been structured with both business / operational and technical professionals in mind. If you are one of the below, this is the Conference that you should not miss. • Executive Officers in charge of technology, security, governance, risk and assurance • Assurance, compliance and risk management professionals • Security professionals • IT Governance professionals • IT consultants and practitioners • Business / operational process managers

Conference Day 2: 17 May 2017 Detailed Outline

BUSINESS TRACK BT1 Unravelling the Cloud Puzzle Facilitators: Amrith Krishnan CISA, CISM, CGEIT, CRISC, CISSP Shankar Krishnan CISA, PCIP Members of ISACA Malaysia chapter Special Interest Group 3 on IT Governance

Cloud adoption has become the new norm and businesses are repositioning themselves to leverage on the cloud technology. As more mission-critical business workflows are moving to the cloud, yesterday’s security measure is becoming inadequate. Like most technological changes, cloud computing has its own share of risks and challenges. Security, Privacy and Assurance has been some of the main obstacles for cloud adoption. However, over the years, as vendors have a better understanding on the security and privacy concerns of their global customers,vendors have taken proactive steps to improve the security maturity. The emergence of cloud computing generates new needs in terms of provisioning of good governance on the cloud services, especially in the domain of security, privacy and assurance. Key takeaways/learning objectives:

• Recognize the security and privacy considerations across the Cloud adoption lifecycle • Interoperability and Portability for Cloud Computing • Consolidating your Cloud Risk Profile • Overview of the standards, frameworks, and certifications that exist for securing cloud computing

environments.

BT2 Auditing the IoT Security Facilitators: Mejar (R) Ariffuddin Bin Aizuddin MBA, CISM, CRISC CISSP

Today's IoT systems can pose a serious threat to human life and safety. This is an important area where the auditors must ensure that there is sufficient testing before it is being deployed. In term of monitoring, an assessment must be done whether adequate monitoring controls are in place and operating effectively over time. Auditors must also be careful and vigilant enough to prioritize IoT systems security audits in accordance to their criticality and sensitivity. Key takeaways/learning objectives:

• Common exposure and risks of IoT System • Auditing Security Controls for the IoT System • IoT System resiliency, health and safety requirements • Auditing the testing and monitoring effectiveness of the control measure over time • Prioritize the audits in accordance to criticality and sensitivity

BT3 Exercising Your Business Continuity Plan to Manage a Cybersecurity Incident Facilitator: Dr Goh Moh Heng BCCLA BCCE CCCE CMCE DRCE President | BCM Institute

An area which business continuity is relevant to the information security field is in testing and exercising. The involvement of the BC team in cyber exercises can secure an organisation to a new level. Testing ideas, raising awareness and integrating response teams across the technological and businesses are the objectives for cyber exercises, and if well run, good Business Continuity should help to build a corporate understanding of the assets values and the threat it could pose to the core business activities. Key takeaways/learning objectives:

• Understanding the preparatory requirement for the cyber security incident BCM exercise • Being able to review the requirement and provide inputs on the exercising the BC plan • Being able to determine the effectiveness of the BCM program in response to the cyber security threat

BT4 Blockchain: An ambitious look at how it can improve trust and transparency Facilitator: Clarence Chan CPA Associate Director | PriceWaterhouseCoopers (PwC) Malaysia

It has been dubbed as one of the “greatest technological breakthroughs since the Internet” by many. Critics are calling it a media sensation but Blockchain is slowly navigating its way from cryptocurrency to business. The speaker will talk about the current application of Blockchain technology as well as its potential adoption in many other parts of the business, with a focus on governance, risk, security and compliance. Key takeaways/learning objectives • Understanding the Blockchain technology • Blockchain current use cases and adoption in the businesses to improve trust and transparency • How Blockchain may reshape an organisation’s governance, risk and compliance function

Conference Day 2: 17 May 2017 Detailed Outline

TECHNICAL TRACK TT1 Phishing Is Evolving!!! Are You Evolving Too? Facilitators: Alan Yau CISA, CISM, CRISC, CGEIT, CSXF, CISSP, CCSK, CPTE, ITIL Alan is the chairperson of ISACA Malaysia’s Special Interest Group 1 on Cybersecurity

Over the last decade, phishing has been an effective social engineering method used by an attacker to deliver an attack payload. On an increasing frequency, various form of media has been publishing stories of hacking and data breaches caused by phishing as shown as part of the cyber-attack trail. The aim of this master class is to disseminate the knowledge to the participant in the latest phishing technique.

Key takeaways/learning objectives • How the ‘asymmetry’ of the relationship between attackers and victims is changing and what are its

implications for organisations?• How the phishing tool is increasing the risk of cyber-attacks?• How the vulnerabilities in external 3rd party website are putting organisation at risk• And finally, cyber kill chain model an effective strategy to mitigate phishing.

TT2 21st Century Forensics Facilitators: Barry John Foster CFE, CCFE, CCFI Laboratory Director | Standard Chartered Bank

With the rapid advancement of technology such as cloud computing, IoT and BYOD, information and data of organizations are now stored in various technologies which are enabled by the cyber space. This requires evolution in the way information technology professionals protect those data. One of the areas that is rapidly evolving with the advent of cyber security is in the forensics space, whereby there is a need for 21st Century Forensics.

Key takeaways/learning objectives • The current state of digital forensic techniques, tools and processing,• The transformation from digital forensic to Cyber Forensic• A future perspective and the implications on the Information Security mechanisms”

TT3 Assessing Your Cybersecurity Maturity Facilitators: Ho Siew Kei CISA, CPA, CISSP Director | Deloitte Malaysia

To optimize cybersecurity spending, organisations need to understand assets that are most important to them, and prioritize enhancements to their cybersecurity program based on risk appetite, the applicability of threats and cybersecurity capabilities. Cybersecurity maturity assessments help to provide the basis for building an organisation’s cyber security enhancement roadmap and also it provides a mean to measure progress of its cybersecurity program. Several industry-wide, open source frameworks have been developed over the years which facilitates these cybersecurity maturity assessments.

Key takeaways/learning objectives • Understanding cybersecurity maturity, available models and benchmarks• Understanding common cybersecurity capabilities• Being able to leverage cybersecurity maturity assessment frameworks to build cybersecurity roadmaps

and measure cybersecurity programs

TT4 Privileged Access – The Road to Unlock Exclusive Rights to Your IT Kingdom Facilitator: Jason Lim Business Development Director | MasterSam

Privileged accounts can be accessed either through on-premises, virtual or cloud environments. Gaining privileged access to support IT infrastructure is essential but you have a choice to implement a process/system to further safeguard and control the privileged access more effectively. Securing the privileged access to your network is a key element in protecting your data and mitigating the risk of data breach, via the combination of detection and prevention mechanism.

Key takeaways/learning objectives: • Common challenges faced by most organisations in protecting privileged accounts• How to control privileged access to your network effectively• Security vs Operation Efficiency – Which one comes first?• The 4A principle to complete your Privileged Access Management (PAM) framework• Recommendation of best practice in PAM

•

ISACA Malaysia is the local chapter affiliate of an international body of information governance professionals known as ISACA and has close to 900 local members in Malaysia. The local chapter’s objective is to promote research, standards, competencies and practices for effective governance, controls and assurance of information, systems and technology. As a not-for-profit organisation, the organising committee of this Conference are volunteers. Proceeds from this conference are for the benefit of the chapter's activities. For more information, go to: www.isaca.org/malaysia

SPEAKERS & FACILITATORS Dato’ Ng Wan Peng Dato’ Ng Wan Peng is the Chief Operating Officer of Malaysia Digital Economy Corporation (MDEC). She has been a core and pioneer member of the Organisation from the inception of Multimedia Super Corridor initiative since 1998.

Henry Ng Henry is currently the Head of Consulting Services within the Thales Critical Information Systems & Cybersecurity business line. With 24 years in the IT and security industry, Henry is currently managing a regional team within APAC. Henry is also the director of CSA Hong Kong and Macau.

Andrew Chang Andrew Chang is a Senior Technology Consultant at RSA, The Security Division of EMC. Andrew has about 20+ years of professional experience in the IT industry, with the last 16 years focused primarily as a security solution architect and technology consultant.

Leonard Ong He has over 15 years of experience in information and corporate security gained in the telecommunication, enterprise and banking industries. Besides being an ISACA International Vice President, Leonard was elected as the ISACA Singapore Chapter’s President twice.

Prof. Frank Yam He has been an adjunct professor and part-time lecturer for universities in China, Hong Kong, USA, Canada, and Australia, and is a very popular speaker of a wide variety of topics for professional organisations and government agencies, including the INTERPOL.

Sean Lam Sean is the co-founder & CEO of Jewel Paymentech - a financial technology startup that develops intelligent tools to solve unique e-payment fraud risk issues. He was formerly a Director of Fraud and Security Risk at Visa.

Semi Yulianto Semi Yulianto is a passionate InfoSec Professional with a wide range of knowledge and skills. Semi has trained IT professionals from diverse organisations globally for the past 15 years and has a proven track record in delivering high quality IT training with very good to excellent feedback ratings.

Dr. Goh Moh Heng Dr. Goh is the President of the BCM Institute and the Managing Director of GMH Continuity Architects. In addition to extensive experiences in implementing business continuity, crisis management and disaster recovery plans and programmes, he is a speaker and season practitioner in auditing practices.

Alan Yau Alan is the Sysarmy Sdn Bhd’s Chief Technical Officer with over 15 years of experience in Information Security, Governance and Controls including providing Next Generation Security Operation Centre services, IT assurance and cybersecurity services, and Security Incident Management and Response services.

Barry John Foster Barry is a Cyber Professional and has over 20 year’s investigations, analysis and consultancy experience. He conducted his first computer based examination in 1992 and has worked extensively in the areas of information security, investigations, cyber-crime and forensic computing since 1994.

Jason Yuen Jason has over 18 years of experience in Information Security, Governance and Controls. He has extensive experience in leading engagements and serving clients in the area of IT Risk, Security and Privacy. He was previously the Industry Advisor in the National CyberSecurity Agency under MOSTI.

Nickson Choo Nickson has over 24 years of corporate and professional experience including being responsible for leading and managing risk advisory services for various professional services firm. His diverse experiences include GST project implementation, technology audits and risk / governance reviews.

Clarence Chan Clarence is an IT governance, information security and controls subject matter expert within the Risk Assurance Services practice in PwC Malaysia. He was previously attached with PwC London where he worked with some of the largest FTSE clients to help improve their IT compliance and risk management function.

Ho Siew Kei Siew Kei is a Director in Deloitte Malaysia with more than 12 years of experience in risk and controls encompassing IT audit and advisory, cybersecurity assessments, risk assessments and data analytics services for clients in various industries, focusing on clients in the banking, insurance and entertainment industries.

Amrith Krishnan Amrith is an experienced Cyber Security Audit and Risk professional with over 13 years of experience in leading and managing IS Audits, Risk, Compliance & IT security programs for Fortune 500 organisations.

Mejar (R) Ariffuddin Bin Aizuddin Ariffuddin is a retired Malaysian Army Signal Officer. He holds an MBA, a double degree in Mathematics and Statistics and a Postgraduate Diploma in System Analysis & Design. He has almost 30 years of working experiences and is certified with, CISSP, CISM and CRISC.

Shankar Krishnan Shankar is an experienced Information Security Risk professional with over 11 years of experience in the areas of consulting, risk management and PCI DSS audits. His experience spans working for various organisations across different geographies in the Middle East and SEA.

Jason Lim Jason is the Business Development Director at Silverlake MasterSam group, responsible for business operation across Asia Pacific region with over 10 years of experience. He has active participation in many online webinars on cyber security topics, and exchange ideas with information security professionals, enterprise risk & compliance team.

Saurabh Sarawat Saurabh is a Managing Partner with Across Verticals in Malaysia. He has over 20 years of IT experience working with Big-4 Consulting firms and various multinational companies. He was also one of the ISC2 ISLA 2009 Award honouree for leadership in Information Security.

Wilson Lim Wei Zheng Wilson Lim is a Senior Cyber Security Consultant with SANS GIAC Penetration Tester (GPEN) certification. He has more than 6 years of experience in IT security with experience in BIG-4 and other cyber security consulting companies.

Contact Us: +6017-219 6225 | officeadmin@isaca.org.my (attention: Mr.Jayaseelan) Full speakers / facilitators profile and the registration form is available at: www.isaca.org.my

Contact Person Details

REGISTRATION FORM Note: This is an editable PDF.

Organisation Name

Address

Name Designation

Email Tel.

Delegate Details No. Delegate Name Designation Membership # Supporting Org. Business Track Technical Track

1.

BT1 TT1

BT2 TT2

BT3 TT3

BT4 TT4

2.

BT1 TT1

BT2 TT2 BT3 TT3

BT4 TT4

Please choose the concurrent business or technical tracks for the Day 2 program for our logistic / materials preparation.

Fee (For Each Delegate)

Conference Only (2 days)

RM2,080 – Normal Delegate RM1,880 – Delegates from Supporting Organisations RM1,680 – ISACA Members

Conference with Pre OR Post Workshop Package (3 days)

RM2,780 – Normal Delegate RM2,480 – Delegates from Supporting Organisations RM2,180 – ISACA Members

Conference with Pre AND Post Workshop Package (4 days)

RM3,180 – Normal Delegate

RM2,880 – Delegates from

Supporting Organisations

RM2,580 – ISACA Members

For special packages of 3 or more delegates from the same organisation, contact us at officeadmin@isaca.org.my or +6017 2196 225 (Mr. Jayaseelan)

Payment Details Please email the payment details / remittance advice for our records before places are confirmed.

Enclosed is a cheque / bank draft payable to INFORMATION SYSTEMS AUDIT AND CONTROL ASSOCIATION

Cheque / Bank Draft No.

Bank Amount (RM)

Direct Bank-In made (Ringgit Only) Bank Information: Malayan Banking Berhad | Account No.: 512231822725 Bank in slip / confirmation MUST be emailed to officeadmin@isaca.org.my or faxed to +603 7726 1257 with cover note stating organisation name / delegate details.

Important Information As good practice, ISACA Malaysia Chapter is informing you that your personal data will be processed, retained and used by ISACA Malaysia Chapter in relation to this training event. Your personal data may also be retained and used by ISACA Malaysia Chapter to market and promote training events conducted by ISACA Malaysia Chapter.

ISACA Malaysia Chapter reserves the right to make changes / amendments to the program should unavoidable circumstances arise.

Registration will only be confirmed upon receipt of registration form, followed by payment. Payment has to be made before the Conference to guarantee the delegate’s place.

Walk-in delegates with payment will be accepted based on availability basis only.

A refund minus a service charge of 10% will be levied for cancellations received in WRITING by 5 May 2017. No refund will be made for request after this date. Substitutions are allowed for a registered delegate.

Conference Venue

Bangsar South City, No 8, Jalan Kerinchi 59200 Kuala Lumpur. Tel: +603 2246 2888 http://www.vehotel.com/

Note: Delegates are responsible for their own accommodation arrangements in Malaysia. ISACA Malaysia Chapter cannot guarantee availability of accommodation or specific rates. Refer to http://www.isaca.org.my for list of nearby accommodation.