Home 最新消息及活动 Events ISACA Conference – IT Governance Executive Roundtable
ISACA Conference – IT Governance Executive Roundtable

There are no translations available.


Thursday, 15 March 2012 (Conference)
08:30 - 09:00
09:00 - 09:20
Opening Address - Science & Technology for Hong Kong?
Prof. Tony F Chan
09:20 - 10:10
Keynote 1 - 21st Century Technology - 18th Century Controls. Is Our Control Paradigm Fit For Purpose? Are We Fit For Purpose?
Dr. John Mitchell
10:10 - 11:00
The Development of Finance Industry Governance
Mr. Pierre Herbst
11:00 - 11:25
Coffee Break
11:25 - 12:15
The Top Five Reasons that ICT Projects Go Bad
Mr. Nicholas Blackmore
12:15 - 13:30
Lunch Break
13:30 - 14:20
Keynote 2 - Is Governance Relevant in This Agile World of Innovation?
Mr. Robert Stroud
14:20 - 15:10
IT Governance - Who Cares !
Mr. Michael O'Hehir
15:10- 15:40
Coffee Break
15:40 - 16:50
Panel Discussion - IT Governance, Challenges and Opportunities
Panelists Mr. Henry Shek, KPMG; Mr. Kenneth Wong, PricewaterhouseCoopers; Mr. Peter Koo, Deloitte Touche Tohmatsu; Mr. Vincent Chan, Ernst & Young
16:50 - 17:00
Closing Remarks
ISACA China HK Chapter Director

*The Organizer reserve the rights on modifying the programme schedule without prior notice.


Guest of HonourBiography

Prof. Tony F Chan

Prof Chan, President of The Hong Kong University of Science and Technology, received his BS and MS from Caltech and PhD in Computer Science from Stanford University (1978). He taught at Yale before joining UCLA as Professor of Mathematics in 1986. At UCLA, he served as Mathematics Department Chair (1997-2000), Director of the Institute for Pure and Applied Mathematics (2000-2001) and Dean of Physical Science (2001-2006). From 2006-2009, Prof Chan served as Assistant Director of the Mathematical and Physical Sciences Directorate at the US National Science Foundation and managed research funding of over US$1B a year in astronomy, physics, chemistry, mathematical sciences and material science.

Prof Chan is an elected Fellow of the Society of Industrial and Applied Mathematics and the American Association for the Advancement of Science. He is currently member of the Board of Trustees of the King Abdullah University of Science and Technology (KAUST) in Saudi Arabia, President’s Advisory Council of the Korea Advanced Institute of Science and Technology (KAIST) and Committee of 100. Prof Chan is one of ISI’s most cited mathematicians.



Dr. John Mitchell
Dr. John Mitchell is an international authority on corporate governance, risk management, cyber crime and the impact of regulatory and compliance issues on the delivery of IT services. He is a Fellow of both the Institute of Internal Auditors and the British Computer Society, where he is a member of its governing Council. He is also chair of the Audit Committee of ISACA's London Chapter and holds ISACA's prestigious John Kuyers' award for best conference contributor.

He has over 30 years practical governance experience and an international reputation for advising organisations on their governance strategies and associated methodologies. This is coupled with a strong academic background, which includes research, extensive publications and teaching at the post-graduate level.

John has been an expert adviser in a number of UK commercial and criminal cases and has been featured in a major British computing publication as the 'IT Detective'. His doctorate in using risk analysis techniques for audit planning was awarded by City University, London, England. His MBA in financial control was awarded, with distinction, by Middlesex University, England.

Mr. Pierre Herbst

Pierre Herbst is the Regional Head of Morgan Stanley Internal Audit for Non-Japan Asia, based in Hong Kong. He provides oversight over both operational and IT audits. Pierre has over 25 years of Audit and Technology experience across various industries, including over 16 years within Financial Services.

Pierre joined Morgan Stanley's Internal Audit Department in 1998 as an IT and Operational Audit Manager. In 2002, he became the IT Audit Director for Asia, responsible for IT Audit across the region. He also performed and managed operational audits across Non-Japan Asia. At the end of 2005, Pierre became the Regional Head of Internal Audit for Non-Japan Asia.

Pierre graduated from the University of Tasmania in 1987 with a B.Com in Accounting and Computer Science. He is an Australian Chartered Accountant and Certified Information Systems Auditor (CISA).

Mr. Nicholas Blackmore

Nicholas Blackmore, is a registered foreign lawyer specialising in IT and intellectual property law at Kennedys. Nicholas moved to Hong Kong and joined Kennedys in September last year after twelve years at Corrs Chambers Westgarth in Melbourne, Australia. Nicholas has experience in advising clients including the Hong Kong Hospital Authority, Foster's Group, Motorola and the Australian National Broadband Network on technology procurement and contracting, including complex system integration and IT outsourcing projects. Nicholas holds a Master of Laws and a Bachelor of Science from the University of Melbourne.

Mr. Robert Stroud

Robert Stroud, immediate past ISACA International Board Member and the Cloud Computing, Governance and Service Management evangelist at CA Technologies will take the cover off his crystal ball and predict what is around the corner for 2012, 2013 and beyond and where the future for governance is. Robert will share his thoughts on how these trends will impact you and your organization! More importantly Robert will share with you how can you prepare for and leverage the technology advances to add value to your organization, all in a soundly governed and managed environment!

Mr. Michael O'Hehir

Michael is a Director in the Risk and Controls Solutions (RCS) group of PricewaterhouseCoopers (PwC) Hong Kong practice. He has a degree in Economics and Information Systems from the University of NSW, Sydney, is certified as CISA (Certified Information Systems Auditor) and CGEIT (Certified for Governance of Enterprise IT), a member of the Information Systems Audit and Control Association, the Institute of Internal Auditors and the Australian Computer Society. 

Michael is an IT advisory and information systems audit specialist with over 30 years experience. He commenced his career in IT subsequently leading large ERP application implementations for an Australian multi-national headquartered in Sydney. He then became their Director of Technology Risk prior to joining PwC. During his time with PwC Michael has lead the IT Effectiveness groups in Thailand and Beijing and is now the Director responsible for PwC’s Data Management Services practice in HK/China integrated with the ERP and Project Implementation Assurance practices.

He is responsible for managing key clients in the RCS group in PwC HK/China which provides services to clients relating to areas such as IT Strategy, IT Governance and establishment of governance frameworks, Data Quality Management and data analytics, business and IT process and controls improvement, information security, IT controls and risk assessments, project assurance and risk reviews.



Mr. Henry Shek
Henry is a partner with KPMG China’s Management Consulting. He is certified as CISA (Certified Information Systems Auditor), CGEIT (Certified in the Governance of Enterprise IT), and CRISC (Certified in Risk and Information Systems Control). Henry is experienced in various areas of information technology including IT Audit, IT Risk and Control, IT Governance, Data Protection, Internet Security Review, and Business Continuity. Henry has worked with a large mix of clients from banking and finance to telecommunication where he has been responsible in assisting clients in understanding their technology risk exposure. Reporting to the relevant board and audit committees, Henry help clients establish governance framework, mitigate risks as well as address on-going compliance issues relevant to technology. Henry also leads technical system reviews where he has been the lead partner responsible for core system assessments for several banks as well as market operators in Hong Kong and China.

Mr. Kenneth Wong
Kenneth is a Partner in PwC's Risk & Controls Solutions (RCS) practice with extensive experience in Australia, Hong Kong and mainland China, and he currently leads PwC Greater China's Technology Risk and IT Governance practice. His areas of expertise and experience include IT strategy, governance and planning, IT service management, IT regulatory compliance, ISO 27001:2005 and 20000 consulting, information security & privacy risk management, PKI/CA advisory consulting, BCM/BCP risk management, evaluation of application development and implementation, business process & IT system controls assurance, IT and operational due diligence review. Kenneth started his career with PwC Australia having served the largest telco company as one of his key clients and worked with their fixed-line and mobile switching and billing platforms for a number of years. After returning to Hong Kong and prior to re-joining PwC Hong Kong, Kenneth had worked with a US bank's Technology Risk Management division responsible for designing, implementing and monitoring the bank's technology risk management framework, policies and procedures within the Asia Pacific region. In recent years, Kenneth has performed and led a large number of Internet banking and securities trading security assessments, including a number of mobile banking security assessments in the past year. Kenneth is Vice President and Treasurer of the Information Systems Audit & Control Association (China Hong Kong Chapter).

Mr. Peter Koo
Peter Koo is a Partner of the Enterprise Risk Services in Hong Kong office of Deloitte Touche Tohmatsu. He manages consulting services such as, Sarbanes Oxley Attestation/Readiness, Internal Audit, System Process Control Consulting, IT Audit, Risk Management and Business Process Re-engineering and is the regional leader of the firm's eBusiness Security and Certification Authority/PKI consulting services. Also, he is an active member of our Financial Service Industry (FSI) Group and Telecommunications Media & Technology (TMT) Group. Having served the firm in different countries, he was also recognized as the Practice Leader of the Internet Security Consulting Services in the West Coast of both Canada and USA. Prior to joining the firm, he worked in different internal audit departments within the federal governments of Canada, with exposure in Financial Transaction Audit, Internal Audit, System Process Consulting and Business Process Control as well as Risk Management.

Mr. Vincent Chan
Vincent is the Partner in charge of Ernst & Young's Advisory Services in Hong Kong and China South. He also leads a team of professionals in the delivery of IT & business risk management, project management, process improvement, and information security advisory services to a variety of clients.

Vincent has over seventeen years' experience in the IT, audit, controls and security industry. In the late 1990's, he was an early adopter and advocate of a number of international leading practices, such as WebTrust assurance services, and implementing ISO27001 security management standard for various local and multinational organizations in the early stage of the rollout of these international standards. In recent years, Vincent's focus has been on assisting companies establish Enterprise IT Governance.

Vincent is a Certified Practicing Accountant (CPA Australia), Member of the Hong Kong Institute of Certified Practicing Accountant (HKICPA), a Certified Information Systems Auditor (CISA), as well as Certified in Governance of Enterprise Information Technology (CGEIT). Vincent was the President of ISACA (China Hong Kong Chapter) for five years in a row until end of 2009, and he is also involved in a number of industry roles including - Vice-President of the Hong Kong IT Joint Council (HKITJC), member of CityU's Information Systems Department Advisory Committee (ISDAC), and Convener of the Hong Kong Institute of CPA's IT Interests Group.

Wednesday, 14 March 2012 (Pre-conference Workshop)
9:00 am - 5:00 pm


Lunch Time
12:45 pm - 1:30 pm
Business Risk Management for IT Assurance Staff, by Dr. John Mitchell

Objective: The management of business risk has become of great importance due to the impact of regulatory compliance across the world. Not all companies will face the same risks, but It is usually fundamental to service delivery. The management of the risk is of equal importance and the workshop will discuss what techniques are available. The concepts of embedded monitors and early warning indicators will be introduced and how they fit into the overall risk management process. This programme is designed to introduce participants to the principles of risk management in a non- mathematical and practical manner.

What you get: The programme will be of benefit to anyone involved in compliance operations and to those involved in general business risk management.

Friday, 16 March 2012 (Post-conference Workshop)
9:00 am - 5:00 pm


Lunch Time
12:45 pm - 1:30 pm
COBIT 5 - Evolution or Revolution, by Mr. Robert Stroud

Objective: The Control Objectives for Information and Related Technology (COBIT) is a set of best practices (framework) for information technology (IT) management, created by the Information Systems Audit and Control Association (now know as simply "ISACA") and the IT Governance Institute (ITGI) in 1996. ISACA is close to completion of the COBIT 5 framework to ensure that IT effectively leverages and delivers IT enabled business value. The COBIT 5 framework leverages proven ISACA IP including COBIT, Val IT and Risk IT for a detailed framework for the effective governance and management of IT enabled business. While COBIT ensures that IT is working as effectively as possible to maximize the benefits of technology investment, Val IT helps enterprises make better decisions about where to invest, ensuring that the investment is consistent with the business strategy. And while COBIT provides a set of controls to mitigate IT risk in IT processes, Risk IT provides a framework for enterprises to identify, govern and manage IT-related risks.

What you get: This workshop will provide the delegate with an detailed overview of the proposed COBIT 5 publication, differences from COBIT 4.1, tips and techniques on leveraging the publication, information on the Process Assessment Model and guidance on how to leverage the publications to ensure value from your business driven IT initiatives.

Conference Venue - Regal Ballroom, Regal Hong Kong Hotel
Regal Hotel Hong Kong
88 Yee Wo Street,
Causeway Bay, Hong Kong
MTR Causeway Bay Station, Exit E, or Exit F

Click here for a larger map


Workshop Venue - Joint Professional Centre

Unit 1, G/F, The Centre
99 Queen's Road, Central, Hong Kong

Conference on Thursday, 15th March 2012
Early Bird before 15 February 2012Regular
ISACA Member
HK$ 1,500
HK$ 1,800
Members of Sponsors/Supporting Organizations
HK$ 2,000
HK$ 2,200
HK$ 2,400
HK$ 2,800

*Lunch will be included
Workshops on Wednesday, 14th March 2012; Friday, 16th March 2012
Early Bird before 15 February 2012Regular
ISACA Member
HK$ 1,500 per workshop
HK$ 1,700 per workshop
Members of Sponsors/Supporting Organizations
HK$ 2,000 per workshop
HK$ 2,200 per workshop
HK$ 2,300 per workshop
HK$ 2,500 per workshop

*Special Discount - If you enrolled more than one event, you can save at least HKD200.
Option 1 - Two events Less HKD200 Option 2 - Three events Less HKD300 Register and Payment Method
Ms. Mayo Lam +852 2528 3272
Ms. Alison Tang +852 2528 3772
15B, Yam Tze Commercial Building, 23, Thomson Road, Wanchai, Hong Kong
Payment Method
Direct Deposit to CitiBank
A/C no. : 250 390 14512025
A/C name: ISACA China HK Chapter
Cheque - payable to
"ISACA China HK Chapter"

Registration form
  • Word format PDF format

    Platinum Sponsor

    Supporting Organizations