1

J U N E , 2 0 1 5

I N S I D E T H I S

I S S U E :

Letter from the

President

1

Next Meeting

Agenda:

Luncheon

2

Next Meeting:

Pre &

Post-Luncheon

3

News from

ISACA

International

4

...and in other

news

4

ISACA NTX

Events Policy

5

Payments /

Cancellations

6

A call for

volunteers!

6

2014-2015

ISACA NTX

Board &

Coordinators

7

Conferences &

Training

Opportunities

8

ISACA NTX

2015 Spring

Seminar!

9

Career

Opportunities

10

Letter from the President It’s hard to believe another chapter year comes to a close this month. Our June meeting

takes place on Thursday, June 11th at the Globe Life Park in Arlington (The Ballpark)

- 1000 Ballpark Way, Arlington, TX 76011. Nitin Salvi with GM Financial presents

"Architecting to Auditing Risk Based Controls" at the pre-session. Courtenay

Thompson with Courtenay Thompson & Associates presents "Exploring Fraud in

Technology Projects & Contracting" at our lunch session and Rick Brunner with GM

Financial presents "Suggested/Recommended Audit Points in the Software Lifecycle

(From thought to sunset)" at our post-session. Please register for this meeting on our

web site at www.isaca-northtexas.org.

Bonus Session: Following the post-session, the chapter Facilities team has arranged

for a guided tour of the Ballpark for those interested. No advance reservation required – just leave some

time in your schedule to stick around. Sorry – no CPE for this one :-)

Our Spring Seminar, Auditing Web Applications, held June 1st – 3rd was a great success. If your company

is interested in hosting a seminar or if you are interested in volunteering your time toward making our

seminars successful please email the Education team at education@isaca-northtexas.org.

Our Summer Seminar, A Risk-Based Guide to IT Infrastructure Controls, will take place August 11 -13,

2015 at UTD. In this three-day seminar, attendees will explore the varied aspects of developing an

effective risk-based IT audit plan and examine the use of risk-based standards and frameworks, including

COSO ERM. The instructor will review such risk elements in IT audit planning as regulatory compliance

risks, IT governance risks, business information risks and IT infrastructure risks. The seminar will also

cover the increased risks introduced by outsourced IT operations and functions. Throughout this high-

impact seminar, focus will be on developing an annual IT audit universe based on assessing enterprise

information risks. Attendees will leave this intensive seminar with a proactive strategy that will help

establish a comprehensive risk-based IT audit plan that will boost the efficiency and effectiveness of IT

audits.

This seminar will be taught by Mark Edmead, Senior Instructor for MIS Training Institute. Mark has

developed and delivered courses for the SANS Institute, MIS Institute and the University of California San

Diego, Institute of Internal Auditors (IIA), Technology Training Corporation, Professional Development

Academy, and Learning Tree International. He is also an adjunct professor at Keller Graduate School of

Management. Mark is a master trainer, facilitator, and storyteller and has a very energetic and entertaining

style that keeps audience's attention from start to finish. Mark is a Certified COBIT 5 Assessor, TOGAF

9.1 Certified, Certified Baldrige Internal Assessor, Business Relationship Management Professional

(BRMP), Certified Information systems Security Professional (CISSP), Certified Information Systems

Auditor (CISA), and member of the Malcolm Baldrige National Quality Award Board of Examiners.

Registration for this summer seminar will open soon. Watch our website and your email box for an

announcement.

I hope you have a terrific summer filled with family, friends, and hopefully, some vacation time!

Laurie Flandrau, CISA, CRISC

President – ISACA North Texas

Laurie Flandrau Chapter President

2

...and elsewhere

Did you enjoy CACS last year? This year it’s in Vegas! Be sure to get

registered!

Time is running out! Get your colleagues to join ISACA by December

31st to win a tablet or other prizes!

Many of us think we have all the right answers...but how many of us

know the right questions? Submit your certification exam questions to

ISACA and get PAID!

Haven’t even taken that test yet? The June 2014 exams are now open

for registration.

The 2013 IT Risk/Reward barometer examines plans and perceptions of

many of the hot topics in our field, taken from members around the

world.

Have a passion for helping out your fellow IT geeks? Want to do more

within the community? Become an ISACA volunteer!

T H E P A S S W O R D

How much is too much when it comes to IT risk management?

Microsoft has joined the FIDO (Fast IDentity Online) alliance in an

attempt to move away from passwords to more secure means of

authentication. Sounds great...but surely nobody will ever guess “123456”

is your password?

P A G E 2

Scenes from our June meeting...

Pre & Post Luncheon on Page 3

Luncheon

Luncheon registration opens at 11:15 am Lunch served no later than 11:45 am

Speaker at 12:20 pm

Topic: “Exploring Fraud in Technology Projects & Contracting ”

Presenter: Courtenay Thompson, Courtenay Thompson & Associates

Description: Technology projects are always challenging but they are made even more difficult by fraud and corruption. This session will explore the role fraud plays in cost overruns and failed

projects. It will address bribery, improper gifts and entertainment and techniques used to deter detection and investigative response.

Speaker Bio: Courtenay Thompson is a recognized authority on training managers, auditors and

investigators in fraud-related matters. He has designed and presented courses on fraud prevention,

detection and investigation for business and government organizations worldwide. His courses are known for providing practical, proven approaches to real problems. These practical approaches have

yielded dramatic results for class attendees.

Courtenay’s experience prior to entering the consulting field includes public accounting, audit supervisor for consumer financial services for a large retailer, and director of auditing for a life insurance

company. His career in public accounting and internal auditing provided exposure to a number of types of impropriety including embezzlement, insurance fraud, loan fraud, stock fraud, kickbacks and bribery,

misappropriation of funds and mail fraud.

Courtenay received his BBA and MBA degrees from Southern Methodist University and is a Certified

Public Accountant. He is a member of the Institute of Internal Auditors, Inc., the American Institute of Certified Public Accountants, and the Texas Society of Certified Public Accountants. Objectives - Attendees will learn about:

Fraud in technology contracting.

Lessons from technology projects in the U.S. and other countries.

The role of bribery and kickbacks in selling and keeping projects going.

Program Level: Basic

Category: Specialized Knowledge & Applications

Prerequisites/Advance Preparation: None

Recommended CPE Hours: 1 per session

June Meeting Agenda When: Thursday, June 11th

Where: Globe Life Park in Arlington

1000 Ballpark Way

Arlington, TX 76011

Room: Hall of Fame off

Randol Mill Rd.

Parking: Lot B

BONUS!!! Stick around after the post-

session for a tour of the ballpark!

3

T H E P A S S W O R D

Pre-Luncheon 10:30 AM (Pre-Luncheon registration begins at 10:00 am)

Topic: “Architecting to Auditing Risk Based Controls" Presenters: Nitin Salvi, Infrastructure Security Architect, GM Financial

and Dan Seider, Infrastructure Security Architect, GM Financial

Description: Traditionally organizations have focused their security and controls on meeting the compliance requirements and the risks of failing a compliance audit. Recent changes in the Security threat environment (e.g. cyber terrorism) have prompted forward thinking executives to change their approach to risk based security and controls.

Speaker Bios: Nitin has over 22 years of experience across the fields of IT security, physical security, privacy, audit, and risk management. Nitin is currently an Enterprise Information Security Architect with GM Financial and has

worked for the Schlumberger; INS; Caremark and CVS. He is a graduate of Bombay University and currently holds the CISSP, TOGAF, SABSA, ITIL, PMP, CIPP, CIPP/IT, CISA, CISM, and CPISM. Nitin teaches CISA, CISSP and PMP certification classes for Crescent foundation, which is an nonprofit organization that supports unemployed community members to get jobs within IT.

Dan has more than 35 years of experience in information technology and security, specializing in enterprise architecture, security architecture, information architecture, secure systems and application design and development, secure system

engineering, information risks and controls, audit, and strategy and program management. Dan is currently an Enterprise Security Architect at GM Financial. Prior positions include the International IT Security

Manager (ISO) for GameStop, CIO for Thomas Group, and CIO for Good Shepherd Medical Center. He holds a Master’s degree and Bachelor’s degrees in Business and Bachelor of Architecture. All three degrees are from the University of

Arizona.

Objectives - Attendees will learn about:

Architecting Risk Based Security Controls

Baseline and Monitoring Controls

Developing an Audit Plan

-------------------------------------------------------------------------------------------------------------------------

Post-Luncheon 1:30 PM

Topic: “Suggested/Recommended Audit Points in the Software Lifecycle (From thought to sunset)” Presenter: Rick Brunner, AVP Security and Architecture, GM Financial

Description: What are some key audit points within a software lifecycle, for that matter does software even have a lifecycle? IT Auditors may have a solid grasp as to what these audit points are, or maybe they do not. Whether you do or not, the topic at hand is sure to raise one’s awareness, possibly challenge some others. Either way,

presentation will raise individual awareness and be a sanity check whether an organization has the “right” audit points, assuming “right” is properly defined.

Speaker Bio: Rick has more than 35 years’ experience in information security and technology, specializing in secure systems/application design and development, system architectures, information risks and controls, testing, and strategy and program management. Rick is an Assistant Vice President, Security Strategy and Architecture at GM Financial and has worked in Healthcare, Finance, Human Resources, Military, and Intelligence. Rick has 32 years of

military service, both active and reserves, rising to the rank of Colonel (0-6). He holds an Executive Jurist Doctorate degree, concentration in Law and Technology from Concord Law School; Master of Science degree in Computer Science, concentration in Information Systems Security from James Madison University; and a Bachelor of Science degree in

Mathematics and Computer Science from University of Texas at San Antonio. Rick is an Assistant Faculty member at Collin College , instructing courses in their cyber security program. Rick holds the following certifications: Certified Information Systems Security Professional (CISSP), SABSA Chartered Security Architect - Foundation Certificate (SCF),

and ITIL Foundation Certificate in IT Service Management.

Objectives - Attendees will learn about:

Define and gain an understanding into software and software lifecycle terms

Describe various software development models, with emphasis on identifying similar processes within the various

models

Identify suggested/recommended Audit Points within the

identified similar processes

Provide some thoughts on Software as a Service

Provide references for additional support or for conducting

individual research

P A G E 3

**Note about Presentations: ISACA North Texas can only post

presentations from monthly meetings that are provided by the speaker with their permission. If a presentation is not on the website it either means we have not been granted permission or the speaker has not provided us the presentation to post yet.

4

...and elsewhere

Did you enjoy CACS last year? This year it’s in Vegas! Be sure to get

registered!

Time is running out! Get your colleagues to join ISACA by December

31st to win a tablet or other prizes!

Many of us think we have all the right answers...but how many of us

know the right questions? Submit your certification exam questions to

ISACA and get PAID!

Haven’t even taken that test yet? The June 2014 exams are now open

for registration.

The 2013 IT Risk/Reward barometer examines plans and perceptions of

many of the hot topics in our field, taken from members around the

world.

Have a passion for helping out your fellow IT geeks? Want to do more

within the community? Become an ISACA volunteer!

T H E

How much is too much when it comes to IT risk management?

Microsoft has joined the FIDO (Fast IDentity Online) alliance in an

attempt to move away from passwords to more secure means of

authentication. Sounds great...but surely nobody will ever guess “123456”

is your password?

News from ISACA International ISACA has officially launched the Cybersecurity Nexus, a new security

knowledge platform and professional program that provides cutting-

edge thought leadership, training and certification programs.

Speaking of Cybersecurity, sign up today to attend the inaugural CSX

North America conference October 19th-21st!

Contribute to ISACA’s knowledge center - Gather and share

knowledge, and earn badges!

...and be sure to take advantage of ISACA’s available research and

publications!

Have a passion for helping out your fellow IT geeks? Want to do more

within the community? Become an ISACA volunteer!

P A G E 4

...and in other news Reading that a “moron” posting on social media led to U.S. bombing of ISIS

targets brings up a good question - What are your employees doing on social

media? Does your organization have good policies in place to limit exposure? Do

employees know about these policies?

You’ve probably heard by now of China’s recent breach of one of our federal

agencies (Office of Personnel Management). The Washington Post’s report on the

event outlines how the agency responded. Do you have a good Incident Response

Plan in place. What will you do when you’re breached?

In the latest exploit news, a vulnerability affecting Macs shipped prior to mid-2014 may

open a backdoor for malicious users to remotely overwrite your machine’s BIOS.

While Apple has fixed this in later releases, they have yet to release a firmware update

to address this issue.

SC Magazine’s report on MEDJACK (or “medical device hijack”) explains how attackers

are breaching healthcare networks through unpatched

devices, many of which are never turned off. These

are often closed systems that require a vendor’s

support for patching, leaving them vulnerable.

...and Dark Reading explains why we’re just on the

cusp of healthcare attacks and links to the latest

benchmark on security of healthcare data.

5

T H E PA S S W O R D

ISACA North Texas Events Policy 10/24/14

The ISACA North Texas Chapter offers three types of fee based programs: Chapter Monthly Meetings, CISA® and CISM® Review Courses, and Seminars. The chapter strongly encourages advance registration and payment for all events, as this reduces chapter expenses and the capacity for many of our events is limited due to the size of the event locations. Therefore, seats may not be available on the day of the event for walk-up registrants. The following table summarizes the chapter's payment and cancellation policies: Payment Policy All advance, online event registration payments will be made through CVENT. For advance, online

registrations, payment is accepted via Visa, MasterCard, American Express, Discover and PayPal. Advance registrations will not be accepted after the time noted above unless otherwise noted in online event

details. For Pay at Door registrations, credit card via Cvent, check, cash or Paypal payment at the door is required. For walk-in registrations, credit card via Cvent, check, cash or Paypal payment is required. Cancellation and Refund Policy The North Texas Chapter of ISACA (ISACA NTX) strives to provide appropriate facilities for meetings, seminars and certification review classes. Since facility providers and/or speakers require advance notice and financial commitment, ISACA NTX must balance those obligations against our members’ periodic need to cancel a reservation based on job requirements, illness or other circumstances. Upon receipt of e-mail notification to reservations@isaca-northtexas.org, ISACA NTX will refund prepaid fee according to the following deadlines:

Monthly Program Meetings - cancellations must be received by 6:00 PM three days prior to the meeting. Certification Reviews - cancellations must be received at by 6:00 PM eight days before the first class. Seminars - cancellations must be received by at least one week prior to the first day of the seminar. If

unusual cancellation terms are required based on speaker and/or venue, details will be included in the online event details.

Attendee substitution is permitted at any time until the event by contacting the Registration Coordinator at reservations@isaca-northtexas.org and is subject to any additional charge for non-member fees. Cancellations and refund for advance registrations are allowed if cancellations are submitted to reservations@isaca-northtexas.org by the deadline noted in the table above. Advance registrants who do not attend the event or do not cancel by the date noted in the table above are not eligible for a refund. Attendee substitutions are permitted at any time until the event, subject to any additional charge for non-

member fees. Inquire with Chapter Registration Coordinator at reservations@isaca-northtexas.org.

-->Please see Page 7 for table that summarizes payments & cancellations policy<--

P A G E 5

6

T H E PA S S W O R D P A G E 6

The following table summarizes the chapter's payment and cancellation policies:

Policy Chapter Monthly Meetings CISA or CISM

Review Courses Seminars

Payments

Advance registration payments accepted

Credit Card** (Visa/MC/AMEX/Discover) and PayPal**

Credit Card** (Visa/MC/AMEX/Discover), PayPal**, Check, and

Purchase Order (Invoice payment must be received by the

pre-registration deadline)

Credit Card** (Visa/MC/AMEX/Discover), PayPal**, Check, and

Purchase Order (Invoice payment must be received by the

pre-registration deadline)

Advance registration cutoff date

6:00 PM three days before the event

(May be earlier if a joint event with another organization that requires

earlier registration counts)

6:00 PM eight days before the first class.

6:00 PM two weeks prior to the first day of the seminar.

Walk-in registration payments accepted

Cash, Check, Credit Card** (Visa/MC/AMEX) and PayPal**

All attendees must pre-register for this event. Walk-in registration is not

permitted.

All attendees must pre-register for this event. Walk-in registration is not

permitted.

Cancellations

Cut-off date for cancellations

6:00 PM three days prior to the event.

6:00 PM eight days before the first class.

At least one week prior to the first day of the seminar.

Substitutions permitted for cancellations after

cutoff date?

Attendee substitution is permitted at any time until the event,

subject to any additional charge for non-member fees.

Inquire with Chapter Registration Coordinator at reservations@isaca-northtexas.org

Attendee substitution is permitted at any time until the event.

Inquire with Chapter Registration Coordinator at reservations@isaca-northtexas.org

Attendee substitution is permitted at any time until the event, subject to any

additional charge for non-member fees.

Inquire with Chapter Registration Coordinator at reservations@isaca-northtexas.org

**Credit Card and Paypal only if you register electronically via Cvent on the chapter website

Call for Volunteers for 2015 -2016 Chapter Year!

It takes may people many hours to provide all the programs and services that the North Texas chapter provides to its members each year. In addition to the nine elected Board members the chapter is served by members who hold the appointed positions listed below. These positions can have one or more members holding the position.

Please let us know if you are interested in being appointed to any of these positions for 2015 – 2016 by emailing president@isaca-northtexas.org.

Position Reports to

Website Coordinator(s) VP Communications

Marketing Coordinator(s) VP Communications

Chapter Photographer (s) VP Membership

Jobs Coordinator(s) VP Membership

CPE Compliance Coordinator(s) VP Membership

Volunteer Coordinator(s) VP Membership

Position Reports to

Assistant Treasurer(s) Treasurer

Education Coordinator(s) VP Education

Certification Coordinator(s) VP Certification

Academic Relations Coordinator(s) VP Certification

Reservation Coordinator(s) VP Facilities

Newsletter Coordinator(s) VP Communications

7

2014-2015 ISACA North Texas Coordinators

P A G E 7

T H E P A S S W O R D

2014-2015 ISACA North Texas Board of Directors

Position Name Affiliation E-mail Address

President Laurie Flandrau GM Financial president@isaca-northtexas.org

Secretary Iddah Wangondu Alliance Data secretary@isaca-northtexas.org

Treasurer Brian Evans Briggs International treasurer@isaca-northtexas.org

VP Programs Carol Barke Barke & Associates, LLC programs@isaca-northtexas.org

VP Education Matthew Smith Independent Contractor education@isaca-northtexas.org

VP Facilities Doug Gorrie Vendor Resource Management facilities@isaca-northtexas.org

VP Communications Brittany George Weaver communications@isaca-northtexas.org

VP Membership Chris Jordan Quicksilver Resources Inc membership@isaca-northtexas.org

VP Certification Kyle Wess Ernst & Young certification@isaca-northtexas.org

1st Past President Greg Streder General Datatech, L.P. N/A

2nd Past President Marvin Reader Coalfire Systems N/A

3rd Past President Sue Pagel GameStop N/A

Position Reports to Volunteer(s) Affiliation

Assistant Treasurer Treasurer Sowmitha Kalyan Ernst & Young

Education Coordinator VP Education Sean McAloon Crowe Horwath

Certification Coordinator VP Certification Dariel Dato-on Ernst & Young

Certification Coordinator VP Certification Valerie Doty Santander Consumer USA

Academic Relations Coordinator VP Certification Jose Lineros University of North Texas

Reservation Coordinator VP Facilities Leslie Norwood Ocwen Financial Corporation

Newsletter Coordinator VP Communications Ian Connors Crowe Horwath

Website Coordinator VP Communications Jeff Kromer UT Southwestern

Marketing Coordinator VP Communications Shirley Walker JCPenney

Marketing Coordinator VP Communications Neha Patel Weaver

Chapter Photographer VP Membership Zac Taylor Grant Thornton

Jobs Coordinator VP Membership Joe McKeman IBM

CPE Compliance Coordinator VP Membership Lisa Bartsch Capital One

Volunteer Coordinator VP Membership Eryn Shields GM Financial

8

P A G E 8 T H E PA S S W O R D

Upcoming Conferences & Training

Opportunities

Gartner’s Security & Risk Management Summit takes place in the Washington DC area

June 8-11. Register and get more details here!

ISACA International and Deloitte LLP, are bringing a unique healthcare IT training course

to Dallas, Texas, USA, 20-23 July 2015. See next page for details!

2015 GRC - An ISACA/IIA collaboration - This year’s GRC conference takes place at the

historic Arizona Biltmore hotel in sunny Phoenix, AZ, August 17-19, where you can earn

up to 18 CPE! Register!

A little further down the road, EuroCACS is taking place in Denmark November 9-11,

2015. This mega-conference gets you a whopping 39 CPE! Early bird registration until

September 2nd saves you $200.

Don’t have time for all that travel? Try one of ISACA’s virtual conferences! The latest

covers Mobile Security for the enterprise environment and will earn you 5 free CPE!!!

Travel AND time-constrained? Check for free webinars with ISACA that are short and

sweet ways to earn that extra hour of CPE.

Get more CPE!

9

P A G E 9 T H E PA S S W O R D

ISACA and Deloitte Bring Healthcare IT Training to Dallas

ISACA International and Deloitte LLP, are bringing a unique healthcare IT training course to Dallas, Texas, USA, 20-23 July 2015. The four-day instructor led course will provide participants with an overview of current healthcare IT topics as well as an update on regulatory issues, trends and future reform that affect IT audit professionals. The course is designed for IT auditors, information security professionals, finance, business process and compliance auditors and CIO and IT executives in healthcare. Learning objectives of the course include:

Describe healthcare background and trends and anticipated changes

Navigate through the healthcare industry in an era of reform

Gain a deeper understanding of the hot IT related topics in the healthcare industry

Analyze the framework, requirements, and challenges of the most pressing healthcare IT issues “Healthcare is one of the fastest growing and dynamic industries for IT professionals,” said Robert E Stroud, CGEIT, CRISC, international president of ISACA and vice president of strategy and innovation at CA Technologies. “Designed and presented in conjunction with Deloitte, this training course will be valuable to healthcare IT professionals who need to know the latest about audit and security as well as anticipated challenges and reforms.”

“We are very proud of the opportunities this course provides IT auditors to enhance the skills they need to help their organizations and take their careers to the next level,” said Tim Okrie, Internal Audit Transformation partner at Deloitte & Touche LLP. The ISACA Deloitte Training Course, which includes course materials, is US $2,495 for ISACA members and US $2,695 for nonmembers. Participants are eligible to earn up to 32 continuing professional education (CPE) hours. For additional ISACA Training Week information and to register, please visit www.isaca.org/training.

Who ISACA and Deloitte

What Healthcare Information Technology

When 20-23 July 2015

Where 2200 Ross Ave, Suite 1600, Dallas, Texas 75201

Web site www.isaca.org/training

10

Current Career Opportunities P A G E 1 0

The Password is a free copyrighted publication of the North Texas Chapter of ISACA. It is published periodically from August through June. It is objective of the North Texas Chapter of ISACA to be a forum of free expression and interchange of

ideas. Statements of position or expressions opinion appearing herein are those of the authors and not, by the fact of publi-cation, necessarily those of ISACA or the North Texas Likewise, the publication of any advertisement is not construed

to be an endorsement of the product or service offered unless specifically

Copyright 2015 ISACA North Texas Chapter

all rights

Questions? Comments? Corrections? Please advise us at newsletter@isacantx.org T H E P A S S W O R D

Job Title Company Location Category Career Level Post Date Exp. Date

Sr. IT Security Architect Cyber

Defense (Nuclear environment) Energy Future

Holdings Dallas, Texas Permanent Management 1/15/2015 6/30/2015

Lead Third Party Information Security

Assessor Citi Irving, TX Permanent Non-Management 2/23/2015 6/30/2015

Sr. Auditor, Internal Audit Ocwen Financial Coppell, TX Permanent Non-Management 3/3/2015 6/30/2015

Senior Manager, Internal Audit Ocwen Financial Coppell, TX Permanent Management 3/3/2015 6/30/2015

Lead IT Auditor, Internal Audit Ocwen Financial Coppell, TX Permanent Management 3/3/2015 6/30/2015

Senior Corporate Auditor

(Integrated) Dr Pepper Snapple

Group Plano, Texas Permanent Non-Management 3/11/2015 6/30/2015

Information Security Analyst Texas Capital Bank Richardson, Texas Permanent Non-Management 3/23/2015 6/30/2015

Internal Auditor Fossil Corporate Dallas, TX Permanent Non-Management 3/23/2015 7/1/2015

Senior IT & Financial Auditor Fossil Corporate Dallas, TX Permanent Non-Management 3/23/2015 7/1/2015

Manager, Information Risk - Risk

Intelligence (Assessments) Santander Consumer

USA Dallas, TX Permanent Non-Management 4/14/2015 6/30/2015

Lead IT Compliance Analyst TXU Energy/Energy

Future Holdings Irving, TX Permanent Non-Management 4/19/2015 7/31/2015

Risk and Control Advisor, Technology

Audit Depository Trust &

Clearance Corporation Coppell, TX Permanent Non-Management 4/23/2015 7/31/2015

IS Senior Auditor Addison Group Irving, Texas Permanent Non-Management 5/6/2015 7/31/2015

Control Specialist Sr ( req#

1501820) BNYMellon Dallas, TX Permanent Non-Management 5/11/2015 6/29/2015

Control Specialist Sr ( req#

1501820) BNYMellon Dallas, TX Permanent Non-Management 5/11/2015 6/29/2015

Data Analytics Specialist Weaver Dallas, Texas Permanent Non-Management 5/12/2015 6/30/2015

Internal IT Auditor Associa Dallas, TX Permanent Non-Management 5/12/2015 8/1/2015

Sr. Information Systems Auditor Mary Kay Inc. Addison, TX Permanent Non-Management 5/12/2015 8/1/2015

IT Auditor (Entry to Sr. level) Aquarius Professional

Staffing Dallas, TX Permanent Non-Management 5/20/2015 8/1/2015

Analyst - IT Compliance Energy Future

Holdings Downtown Dallas Permanent Non-Management 5/20/2015 7/31/2015

Senior Information Technology

Auditor University of North

Texas System Internal Denton, TX Permanent Non-Management 6/1/2015 6/29/2015