SEMINAR

ON
INFORMATION SECURITY
We can evade reality but
we cannot evade the
consequences of evading
reality."

Ayn Rand

Highlights
Information Security
IS Audit
Data Protection
IS Myth


GENERAL INFORMATION
Date: 31
st
Aug & 1
st
Sep 2014
(15 & 16 Bhadra 2071)
Time: 10 am 5 pm
Venue: Hotel Shanker, Lazimpat, Kathmandu
Title: SEMINAR ON INFORMATION SECURITY
E mail: sqaenthusiast@gmail.com
INFORMATION SECURITY
We cannot imagine any organization without any information, the main asset of any organization is
their secured information. For some types of information, confidentiality is a very important attribute.
Examples include research data, medical and insurance records, new product specifications, and
corporate investment strategies. If there is loss of confidentiality in any organization then it will ham-
per their whole business process.

Information security is the Practice of defending information from unauthorized access, use,
disclosure, disruption, modification, perusal, recording or destruction. As well as Information security
is necessary for the risk management and smooth functioning in any business or the organization.
EXECUTIVE SUMMARY
SQA Enthusiast a Tech community in Nepal which has been working since 2011. This is a group of
software quality assurance enthusiast, penetration testers, and network/system admins, dedicated in
awareness creation, training, research and providing improvement solutions to improving the
information security for our country.
As we know Information Security is the most buzzed topic in todays world, a step has to be taken now
so that the system, software, resources that we use and develop today and tomorrow are secure as
much as possible so that the data we use and store are at higher side of security considering. Since
Nepal is taking a leap in Information technology, its a must do, and must attend event by any
organizations, business houses, government bodies in Nepal. It will be a great event to learn which will
help each one to think and act on their data they own, information security policy, and information
security.
INFOGRAPHICS
What Statistics suggest is,
the most targeted areas are
Financial Sector (29.2%)
and Governmental Sector
(25.5%) among other
numerous sectors.

OUR TEAM
Sam
CISA, CRISC,CAIIB, GRC,
CIRMB, CBF
28+ years of experience in IS
Sam is a Core Banker
professional with 28 years of
experience. With the dynamic
changes in IT Industry he took
up the challenges in the area
of IS Risk Management &
Auditing in BANKING
Domain . He holds various IS
certification like CISA, CRISC,
CAIIB & Oracle GRC.
Currently he holds the
position of HEAD of IT
SECURITY & IT AUDITNG in
Head office of a BANK at Hy-
derabad. He has international
exposure in handling clients.


Somnath Bose
CSM, CISA, PMP, ITIL V3,
CQA
23+ years of experience in IS
Somnath is an astute profes-
sional presently practicing
project management and
mentoring project best
practices, managing IS audit,
F&A, design, development &
implementation, transition and
transformation projects worth
multi millions dollars globally.
SCOPE OF INFORMATION TECHNOLOGY
Information security doesnt belongs to only security of electronic data
it get change with the customer requirement and the changing
environment. Now information security also refers to security in
physical access to working place and the equipment use in office or by
the employee.
Information Security looks in different field like
Stored on databases, computer or any other storage device
Printed or hand written on paper, white boards etc.
During communication between employee within or outside
organization
OBJECTIVE
To aware people and organizations about information security
To share knowledge on Audit Standards
To promote the acquisition of appropriate technological skills,
concepts, principles, methods and vocabulary regarding Information
Security.
To promote greater Information Security and opportunities among
Nepalese governments, organization and stakeholders.
To spread the knowledge regarding vulnerability and countermeas-
ures
IMPORTANCE OF INFORMATION SECURITY
To protect data from being loss or damage from any natural or the illegal
activity
To run business or any organization smoothly in any situation
To ensure that important data, business documents and other confidential
information are protected from theft or unauthorized access.
To stabilize business with customer satisfaction and confidentiality about
their data and information
OUR TEAM

Habeeb Mohammed Khan
B.Com, CISA, PMP, OCP,
CA
17+ years of experience in IS
Habeeb is an experienced,
matured and hardworking
CISA qualified professional
with pragmatic result oriented
approach in managing
finance, accounting,
reporting, IS Security and
Implementing Oracle ERP
business solutions likes
to take up challenges in
Oracle Implementations / IS
Audits. Have worked and
delivered projects globally in
(USA, Spain, Saudi Arabia,
Bahrain, UAE (Dubai & Abu
Dhabi), South Africa,
Singapore, Mexico) and
managed Offshore projects
from Hyderabad.

Narayan Koirala
Software Engineer
7+ years of experience in
Software Quality
An accomplished Software
Engineer and IT Entrepre-
neur with solid experience in
providing Software Quality
Assurance solutions to
corporate organizations,
organizing national and local
level tech events, promoting
Software developers,
students towards Software
quality, secure development
and information technology
solutions.
PROBLEM
Why are we initiating this?
Information security is the main buzzing word in Nepals corporate arena.
All financial institutions are on the process of IT audit so each of us will
have to know more about Information security, various standards, audit
process, business risk associated etc.
The rate at which Nepalese websites are being hacked is increasing
rapidly making the situation critical and raising the importance for
securing websites.
To improve the security of information are not the playground for
practicing hack.
GUESTS
Ministry of Science, Technol-
ogy & Environment
Department of Information
Technology
Nepal Rastra Bank
Nepal Police
Nepal Army
Telecommunication
Banking
PARTICIPANT
Government: IT Officials &
Policy Makers
Financial Sector: IT Officials
IT Officials of Medical Sector
IT Officials of Travel sector
IT Professionals from
Corporate Organizations
Software Companies
INGOs, NGOs
PROGRAM SCHEDULE (Tentative)
DAY I - 31
st
August 2014
10:00 10:15 Registration and Tea/Coffee/Cookies
10:15 10:45 Inaugural Ceremony
10:45 11: 15
Presentation
Department of Information Technology (DoIT)
11:15 12:30
Introduction to Information Security
Somnath Bose/Habeeb Khan
12:30 01:15 LUNCH BREAK
01:15 02:00
Threats & Risks
Habeeb Khan/Sam
02:00 03:00
GRC (Governance, Risk Compliance )
Sam/Habeeb Khan
03:00 03:30
Presentation
Nepal Rastra Bank (NRB)
03:30 05:00
ISMS
Sam/Somnath
05:00 05:30 Networking and Tea/Coffee/Cookies
DAY II - 1
st
September 2014
10:00 10:15 Registration and Tea/Coffee/Cookies
10:15 11:30
Evidence
Somnath Bose / Sam
11:30 12:30
SQA/EW
Narayan Koirala
12:30 01:15 LUNCH BREAK
01:15 02:00
Review & Documentation
Habeeb Khan/Somnath Bose
02:00 03:00
Presentation / Panel
Sam, Somnath, Habeeb, DoIT, NRB, IS Security Experts and
stakeholders of Nepal
03:00 03:30 Certificate Distribution by Narain Koirala
03: 30 04:00 Concluding Remarks
04:00 04:30 Business Networking with Tea/Coffee/Cookies

Contact Us
Give us a call for more
information
SQA Enthusiast
Gyaneshwor, Kathmandu
+977 01 4413100
sqaenthusiast@gmail.com

Narayan Koirala
Event Organizer
9851140451

Anu Shrestha
Event Coordinator
9851152629
EXPECTED OUTCOME
Protecting our system, valuable data/ information is a major concern,
with each passing day, IT environment has become more and more
complex. Hardware and software manufacturers are constantly
developing innovative offerings with new capabilities, and your IT and
security needs likely continue to far outpace your IT and security
budgets. The persistent rise in security threats, combined with limited
internal security resources and the increase in regulatory compliance
requirements, makes it essential for an organization to think strategically
when prioritizing IT initiatives.

We will deliver the following benefits;
Awareness about Information security
Awareness about various standards of audits
Provide Professional guidance in understanding threats, risks.
To improve the quality of the web system.
To make people aware about web quality.
To improve the whole ecosystem of IT towards quality development.
Effectively monitor the security of your environment
Quickly identify, analyze and respond to potential security threats
Focus on your core business needs
To tell people that we ourselves are responsible for maintaining
quality of web system not developer, not test engineer and nor
hosting company.
Sharpen self for quality development, quality testing, and periodic
health checkup of system.
Companies spend millions of dollars on rewalls, encryption and
secure access devices, and its money wasted, because none of
these measures address the weakest link in the security chain.
Kevin Mitnick
REGISTRATION:
Individual
Fee: NRs. 15,000/- Early Bird: NRs. 12, 000/- (Till 22
nd
August 2014, 12 noon)
Corporate:
For 3 Participant: NRs. 40, 000/- Early Bird: NRs. 30,000/- (Till 22
nd
August 2014, 12 noon)
For 5 Participant: NRs. 65, 000/- Early Bird: NRs. 50,000/- (Till 22
nd
August 2014, 12 noon)
Note:
Last Date: 28
th
August 2014 / 12
th
Bhadra 2071
Payment have to be prior to the event date.
Excluding taxes
Includes Kits & Dine during seminar