Business Continuity Planning and Disaster Recovery Seminar

Joint meeting with West Florida ISACA;
Sponsor: Jefferson Wells

Monday December 12, 2005
8:00 - 5:00

RSVP ONLINE by December 7, 2005

Please note change in venue:

Hilton - Tampa Airport Westshore (Map)
2225 N. Lois Avenue (just off I-275)

8:00 - 10:45 am: Business Continuity Planning, presented by Karl Kispert & Lou Porres, Jefferson Wells (Break 9:40 - 9:55)
10:45 - 11:45 am: Offsite Document Storage and Disaster Recovery, presented by Laurel Burton, QWEST Cyber Center
1:00 - 1:30 pm: IIA Service Awards and CIA Certificate presentations
1:30 - 2:30 pm: Disaster Recovery, presented by Steve Ross, Deloitte
2:30 - 3:30 pm: Real Life Disaster Recovery, presented by Cheryl Adams, Tech Data & Jeffrey Roth, RSM (formerly NASA)
3:40 - 5:00 pm: Panel Discussion, Karl Kispert & Lou Porres, Jefferson Wells; Laurel Burton, QWEST Cyber Center; Cheryl Adams, Tech Data; Steve Ross, Deloitte; Jeffrey Roth, RSM

Karl Kispert, Jefferson Wells

Karl, Jefferson Wells Solution Director, Technology Risk Management, has over 19 years of diverse security experience in all aspects of corporate and government compliance and security – specifically information, systems and physical security. Karl has provided trusted business advisory services to financial, entertainment, manufacturing, government and pharmaceutical clients in all facets of IT security operations and technology risk management and compliance/audit, including providing industry targeted, architected solutions based on innovative deployment of technologies, automation of processes and enablement of strategic business initiatives. Karl also provided information security services that address issues in the context of enterprise wide systems. These services incorporated the full life cycle model of security including assessment, architecture, and implementation and monitoring.

Karl career accomplishments include:

Solution Director for Jefferson Wells’ global Technology Risk Management practice.
Developed, implemented, maintained and directed security policy for client to ensure the protection, purity and recovery of all software, data and intellectual property. Responsible for network and distributed systems security namely: vulnerabilities and threats, routers and firewalls, smart card/tokens for user authentication, encrypted communication and application security for this global firm.
Assisted with Jefferson Wells security and compliance methodologies with emphasis on the Sarbanes Oxley IT Compliance product.
Conducted over 300 risk and vulnerability assessments in the private and government community. Presented risks to, and created mitigation remediation plan with senior management.
Lead Security Advisor team contracted by the US State Department to accompany the Secretary of State to the Middle East and evaluate the entire security program administered by the Bureau of Diplomatic Security. Conducted assessments in the areas of secure and private computing, communications, executive protection, embassy security, diplomatic security, site survey and advance, and intelligence gathering.
Received formal training in, information and physical security from the Department of Defense, National Security Agency, Federal Bureau of Investigations, National Reconnaissance Office and the Central Intelligence Agency

Lou Porres, Jefferson Wells

Luis (“Lou”) Porres is an Engagement Manager in Jefferson Wells’ Technology Risk Management practice, with over 15 years experience in the IT industry. Lou has a comprehensive background in IT support and management including operational management of LAN/WAN infrastructures, information security, preparation and management of project plans, departmental budgets, management of technical staff, evaluation of new technologies and development and assessment of Business Continuity and Disaster Recovery planning.

Lou's career Accomplishments include:

Currently the Subject Matter Expert for Jefferson Wells in the field of Threat and Vulnerability Analysis, responsible for the development and management of practice methodologies and materials.
Former Subject Matter Expert for Jefferson Wells in the field of Business Continuity Management Services
Key member of team assigned to acquire and maintain firm wide certification to conduct VISA and MasterCard PCI Framework assessments.
Managed the Information Technology components of several Sarbanes-Oxley documentation and remediation projects for clients in various industries including, medical, electronics and real estate.
Managed and conducted security assessments for several small to mid sized community banks. • Managed a Business Continuity Plan development project for a Manhattan based bond dealer, specializing in foreign government bonds.
Conducted a comprehensive Information Security Assessment and managed a Business Continuity Plan development project for a major New Jersey Mortgage Company with over 9 billion dollars worth of closed loans.
Managed the redesign of the Local and Wide area networks and the creation of an Information Technology Disaster Recovery Plan for a Wall Street trading firm. • Conducted an Information Technology assessment for a Wall Street trading firm and provided suggestions and guidance for enhancements in technology and processes.
Managed a global Windows NT security remediation project for a global advertising and communications company, while providing technical guidance for the client
Managed the development of a Disaster Recovery strategy encompassing various technologies ranging from mainframe to client server and networking for a major global corporation with many diverse lines of business.
Managed several security engagements for large clients in the Food and Beverages and Internet Service Provider industries, which encompassed assessing the security posture of their networks.
Assumed a leadership role in the development and review of Business Continuity Plans and strategies for several large insurance companies covering the full breath of their technology infrastructure including mainframe, client server and network.
Accumulated a wide range of experience working with different operating systems and protocols such as AIX, OS/2, Windows 9x/ME/NT/Professional/2K, Novell Netware, Linux, TCP/IP, FTP & Other Internet Protocols, IPX/SPX, FDDI, Token-Ring, Ethernet, and Frame Relay.

Steve Ross, Deloitte

Steve Ross is a Firm Director in Deloitte & Touche’s Security Services Group in New York and is the national leader of the Firm’s Business Continuity Management practice. He is a specialist in the field of business resilience, information systems security, recovery and control. Mr. Ross is a specialist in Information Security, Recoverability and Auditability. He has implemented Business Continuity Management programs, disaster recovery plans and resilience preparations for numerous banks, government agencies and industrial corporations. With Deloitte & Touche since 1988, he has been in data processing for more than 30 years. In recent years, his focus has been on the security and availability of e-Commerce environments. He is editor of the multi-volume series, e-Commerce Security, and author of several of the books in the series, including e-Commerce Security: Business Continuity Planning.