Wellington Monthly Forum

27 October 2017 - 27 October 2017
12:00 pm-02:00 pm
113-119 The Terrace
Wellington, NZ

Session One - 12.00pm - 12.45pm

Accelerating digital transformation – what does it mean for assurance practitioners and the GCIO

The pace at which technology is transforming business is staggering whether you operate in the private sector or the public sector. In this presentation, we will look at some of the challenges and risks faced by organisations as well as some of the practical steps you can take to provide assurance over digital transformation programmes within your organisation. Accelerating digital transformation is changing the role of the GCIO too. We will update you on what’s happening in the world of ICT Assurance and some of our key initiatives.

Presenter: Claire Linskill

Claire is an experienced risk and assurance practitioner having worked in external and internal audit as well as ICT consulting, risk management and project management. She worked in the private sector for a number of years before joining the Department of Internal Affairs in September 2014 where she is leading the ‘gERM’ initiative exploring options for lifting risk management capability. Claire is a Chartered Accountant, Certified Information Systems Auditor (CISA) and Project Management Professional (PMP).

Lunch 12.45pm - 1.15pm

Session Two - 1.15pm - 2.00pm

Bruce Edwards, Manager, Information Systems Audit and Assurance. Audit New Zealand

Bruce will provide an update on the ISACA Education Day scheduled for 24 November at KPMG, Wellington, and also re-present an information security presentation last presented to the chapter two years ago as a springboard for participatory discussion of recent information security challenges. Has anything really changed? Bring your real life examples to share.

Presentation: Implementing information Security Governance: A Real Life Example

Implementing information security governance in a way effective and suitable to the organisation is a challenge for many organisations. A sound governance foundation can set the tone and empower (or disempower) information security effectiveness.

In this session, Bruce will discuss his experience as Chief Information Security Officer at the University of Louisville (in Louisville, Kentucky, USA), a position he held for nearly six years from the position's establishment and how sound Information Security governance was a key to effectively moving the university's information security program forward.

We will review the university's background that lead to the establishment of the CISO role, the reporting relationship of the CISO within the university, and how this positioning facilitated success at significantly changing the approach to information security within the university and lead to buy-in and support of the vast majority of stakeholders as lnfoSec was aligned with the university's enterprise strategy and long term vision. We will also see some examples of efforts within the information security program and how these tied back to overall governance and support of the university's strategic vision.


Bruce has over 20 years information security, audit and training experience in the public and private sectors including life insurance, health insurance, government, university and utilities sectors and has performed both operational and advisory roles.

Bruce is currently Manager, Information Systems Audit and Assurance in Wellington, New Zealand. Before moving to New Zealand from the U.S.A. in 2010 Bruce was most recently the CISO at the University of Louisville, a position he held for nearly six years where he lead successful projects on eHealth security compliance, lnfoSec awareness, risk assessment, policy and standards redesign/adoption, and research facility security compliance among other efforts.

In the U.S., Bruce was a member of the Kentucky eHealth Network Privacy and Security Subcommittee, the Louisville Health Information Exchange, the Health Care Compliance Association (HCCA) and the Health Information Security and Policy Collaboration Project (HISPC). He is current vice president of ISACA's Wellington chapter. He has spoken or instructed at National and International Conferences or events in New Zealand, Australia and the United States from 2005 to the present on implementing information security programmes, practical information security policies and standards, and other audit, risk and compliance topics.

Bruce completed his Masters in Public Health in 2010 and maintains CISM, CISA, CRISC, CIA and Prince2 Practitioner qualifications.

Please register by clicking on the register button above

Registrations close October 25th.

All registrations cancelled after October 25th are non refundable.


Members $20.00 GST inclusive

Isaca Members $20.00 GST inclusive

Non-members $25.00 GST inclusive

CPE: 2

For all inquiries please email admin@iianz.org.nz

Event Registration