ISO 27001 versus ITIL – IT Security Management?

When: September 18, 2008 (12:00 noon)
Where: Terminal City Club (837 West Hastings St.)
Cost: $35 non-members, $25 ISSA members, and $20 students
RSVP: (space is limited)

Within ITIL there is a module for IT Security Management (ITSM), so if you’re an ITIL shop it would only make sense to implement ITSM wouldn’t it? But wait a minute what if you’ve been planning on becoming ISO 27001 Certified/Registered wouldn’t that be a whole lot better especially since its independent of IT, its specialized, its certifiable. During my presentation we’re going to walk through these two valuable programs and weigh the pros and cons, so that you can decide. Central 1 Credit Union (formally CUCBC) became ISO 27001 certified in February 2008 and they also run a hybrid ITIL program. If you’re pondering these questions and thinking about becoming on or the other or both ISO 20000 and ISO 27001 certified you should attend. It’s very possible that your organization can leverage the best of both worlds and reap the management benefits by improving the governance along with improved efficiency and effectiveness of your information security program. There are also financial benefits as you improve the quality of the program costs will drop.  These improvements will improve the transparency of your operation with regulators, customers and partners who will ultimately look at your organization as one that has taken the extra steps to safeguard their personal information. Last but certainly not least this is a potential marketing bonanza that front line staff can use in communications and branding or cross branding.

Mark E.S. Bernard has been leading Central 1 Credit Unions (formerly CUCBC) Security and Privacy program since early 2007 and helped them achieve ISO 27001 Certification/Registration in just 10 months. Mark is taking on a new role within BC Government and will be managing the compliance, assessment and reporting for the BC Government from the Executive branch’s Information Security Office. Mark has nineteen years of proven experience within the domain of Information Security, Privacy & Compliance within a broad range of industries including, Government, Financial Services, Credit Unions, Charter Banking, Insurance, Pharmaceutical, Telecommunications, Technology, Manufacturing and Academia.

In 2002, Mark received acknowledgement from the New Brunswick Premier and earned the New Brunswick’s Rising Star award through his contributions to the local knowledge industry. In 2004 and 2007 Mark also received acknowledgement from ISACA for his contribution to the CISMŪ Common Body of Knowledge and training materials.

Mark was the founder of New Brunswick’s High Technology Crime Investigation Association (HTCIA) chapter and actively participates in local ISACA and HTCIA activities. Mark has taught many workshops, led keynote speeches, published articles and appeared as an expert on Information Security and Privacy topics in newspapers, radio and television. 

On-site registration and networking begins at noon, and lunch will be served at approximately 12:15. The presentation will run from 1:00pm to 2:00pm, to be followed by an open discussion forum. Members and non-members of the ISSA are welcome but space is limited. Cost for the event is $35.00 for non-members, $25.00 for ISSA members and $20.00 for students payable in advance at our web site using PaypalŪ, or at the door in cash or by cheque payable to “ISSA Vancouver”. RSVP to to guarantee your seat. Please note that we require 72 hours notice of any cancellations, or you will be invoiced for the event since we are required to finalize the food orders.

Please note that the TCC has a business-casual dress code, and contact us in advance if you have special dietary requirements or would like wheel chair accessible parking so that we can make the necessary arrangements on your behalf.

James Crooks: (604) 806-7027.