RI Banner

Take advantage of our Early Registration pricing before 12/31/17


Monday, February 12, 2018
8:00AM to 4:30PM EDT
Registration 8:00AM to 8:30AM
Please Note: No Wi-Fi Available

Add to Calendar 


100 Amica Way
Lincoln, RI 02865

Driving Directions 


Ron Roy 

Cancellations / Refunds Policy

Payment is due on, or before, the scheduled session. Cancellations must be received seven (7) calendar days prior to a seminar date; if you already paid in full, a full refund will be provided. If you need to cancel within the seven calendar days prior to a seminar and you already paid, you will not receive a refund however you may defer your payment towards a future seminar. Please note that we need to adhere to our policy in order to offer our members quality training sessions and to help us plan for seminar expenses (room/food).

Audit and Security for Cloud-Based Services

What You Will Learn:

1. Cloud-Based Computing: An Architectural Overview
- application architectures
- the SPI Cloud Computing Model
- key drivers for moving towards cloud-based services

2. Software as a Service (SaaS)
- key enterprise applications
- the SaaS transaction model(s)
- SaaS security and audit concerns

3. Platform as a Service (PaaS)
- major development providers/platforms
- PaaS security and audit concerns

4. Infrastructure as a Service (IaaS)
- host security in the cloud
- network security in the cloud
- data storage/SAN in a cloud IaaS environment
- cloud bursting
- virtualization models for cloud-based services: Hypervisor VM and inter VM isolation
- cloud-based security domains: virtualized security/firewalls
- IaaS security and audit concerns

5. Cloud-Based Network Models
- private cloud architectures
- hybrid architectures
- public architectures
- de-perimiterization of networks: secure access from any device, anywhere

6. Cloud Security and Audit
- key risks and audit concerns
- identifying key controls and mitigations
- cloud-based risk analysis models: ENISA, NIST, CSA
- security best-practices models for cloud-based services
- audit techniques and tests in a cloud-based environment

Speaker Bio: Jason D. Claycomb, CISA, CISSP, is Senior Instructor for MISTI is the founder of INARMA LLC, where he helps clients build and maintain IT and enterprise GRC policies and processes. He is a 30-year veteran in cybersecurity, IT governance, and audit. Mr. Claycomb brings a realistic approach to GRC to comply with laws, federal regulations, and industry best practices, utilizing NIST as a foundation for risk assessment. He is proficient in IT governance, planning, systems development and installation, data analysis and reporting, and in evaluating logical and physical controls.

Prior to founding INARMA, he served as National Director of IT Services at Experis, and a Manager at PricewaterhouseCoopers (PWC). Mr. Claycomb also served as the Director of IT Services at CrossCheck Compliance LLC, and as an IT Auditor at a Chicago based bank holding company.

He is a member of ISACA and ISSA and has particular experience working with highly regulated companies in the banking, financial services, and insurance industries. He has helped many SEC regulated firms to analyze risk, develop, and manage GRC and cybersecurity programs.

CPE: 8

Registration Cost:
ISACA Member: $150 ' Non-Member: $175 / Students: $100 (must presetn current student ID)

Register 3 and the 4th is free!

Contact president@isaca-ri.org with the names and email addrss of 3 registered from your company and the name of the 4th person who will be noted as free on the registration form at the event.

Continental Breakfast and Lunch Included

Registration is limited to 100, so please register early.