May 2021 AGM – Membership and CPE Meeting

We are excited to announce our Annual General Membership Meeting (AGM)!

Please join us for our annual business meeting and enjoy an interesting session and earn CPE credits.

Date: May 21st, 2:00-4:00

Location:  Virtual Zoom Event (Zoom information and a Calendar Event will be sent in the RSVP Confirmation Email.).

RSVP Information to to Follow

Cost:  ISACA Boise Members (Free), Non-Members $50

  • 2:00 – 2:45 – Business MeetingWelcome, Announcements, Chapter Updates, Member Recognition, Board Position Intros (and Subcommittee/Volunteer Signup), Elections
  • 2:45 – 3:00 – Break
  • 3:00 – 4:00 – CPE Panel Discussion (more details to follow)
  • 4:45 – 6:00 – Optional Drinks and Hors d’oeuvres at The Ram Meridian. (more details to follow)

April 21, 2021 CPE Event

Topic: Intro to Factor Analysis of Information Risk (FAIRTM)

Join us for this presentation by Cary Wise, Head of Partner Professional Services for RiskLens,

Time and Location: April 21st, via Zoom Meeting 12:00-1:00pm

Click here to RSVP.  Please Note:  Zoom information and a Calendar Event will be sent in the RSVP Confirmation Email.

Summary:  Factor Analysis of Information Risk (FAIRTM) is the only international standard quantitative model for information security and operational risk.

  • FAIR provides a model for understanding, analyzing and quantifying cyber risk and operational risk in financial terms.
  • It is unlike risk assessment frameworks that focus their output on qualitative color charts or numerical weighted scales.
  • It builds a foundation for developing a robust approach to information risk management.

Cary is the Head of Partner Professional Services for RiskLens, where he has been a leader in risk quantification for the past 3 years. Prior to joining RiskLens, he managed security programs at a Fortune 1,000 manufacturing organization as well as a power utility company. His IT security and risk experience is rooted in the government sector, where he served 12 years in the United States Navy.

Regarding risk quantification, Cary has built and improved programs for multiple Fortune organizations on a global scale and has been a speaker at security conferences on the topic. He is also a FAIR instructor, where he provides education to risk practitioners and executives around the world.

Cary has a BS degree in Organizational Leadership, is a Certified Information Systems Security Professional (CISSP), and sits as the Co-Chairman of the FAIR Institute’s Federal Government Chapter.

Scholarship Application 2021 – 2022 Academic Year

The ISACA Boise Chapter is proud to offer a $1,000 scholarship for the 2021-2022 academic school year. This scholarship is to promote students studying in the related fields of Computer Science, Information Systems, Cybersecurity and Accounting attending an Idaho University / College or are an Idaho resident attending a University / College.  The application deadline is May 7, 2021.

As a nonprofit, global membership association for IT and information systems professionals, ISACA is committed to providing its diverse constituency of more than 140,000 professionals worldwide with the tools they need to achieve individual and organizational success.  Through more than 200 chapters established in more than 80 countries, ISACA provides its members with education, resource sharing, advocacy, professional networking, and a host of other benefits on a local level. The ISACA Boise Chapter has a membership of around 120 professionals residing in the Boise Metropolitan Area. The global community of ISACA members and certification holders come from various career tenure and cover a variety of professional IT-related positions in nearly all industry categories—some of which include IS auditor, consultant, educator, IS security professional, risk professional, chief information officer and internal auditor.  Members rely on ISACA for resources that enhance their skills, expand their professional knowledge and connect them with a vibrant community of peers.

Scholarship Eligibility:

  • Must be a full-time college student
  • Must be studying in the related areas of:
    • Computer Science, Information Systems, Cybersecurity, or Accounting
  • Must currently reside in Idaho or physically attend an accredited Idaho college or university (at either an Idaho college or university or an Idaho resident attending an accredited college or university in the United States)

Selection Criteria:

  • Quality and completeness of the application and all required attachments
  • Sincere desire for further education or training in the field of: Computer Science, Information Systems, Cybersecurity, or Accounting
  • Individual achievement as evidenced through participation in outside interests and activities, leadership roles and/or work experience
  • Grade point average or academic standing will be considered, but will not be the primary determinant
  • Individual financial need may be considered as part of the selection criteria

Scholarship Application Procedures:

  • Complete the Application Form and submit all required attachments.
  • ISACA Boise may request Enrollment Verification prior to awarding the scholarship.


  • The application must be received by May 7, 2021
  • Incomplete applications and applications after the deadline will not be accepted

For questions or assistance, please contact ISACA Boise Academic

March 17, 2021 CPE Event

Topic: Auditing and Access Reviews in the Cloud Age, Then and Now

Join us for this presentation by Garret F. Grajek, CEO, YouAttest

Time and Location: March 17th, via Zoom Meeting 12:00-1:00pm

Click here to RSVP.  Please Note:  Zoom information and a Calendar Event will be sent in the RSVP Confirmation Email.

Garret Grajek, CEH, CISSP,  is a credential security professional who has 25+ years of IT Security product creation. He has 15 U.S. patents for information security products (focus: Application SSO, 2FA, Identity Assurance, Continuous Authentication, AI and Blockchain).

Garret has specialized in creating and promoting IT security products  for markets in the Financial, Health Care, Federal, State, Education  and other regulated arenas – having worked in product creation/deployment at companies like IBM, RSA, Cisco and starting his own 2-Factor Authentication firm: SecureAuth.

Products Garret has created resulted in multiple awards, Gartner ranking, and sold to over 500 customers resulting in $80M+ in revenue and sold for over $200M.

February 17, 2021 CPE Event

TopicA Pandemic Resistant Framework for Innovation

Join us for this presentation by Reid Stephan, VP, Chief Information Officer, St. Luke’s Health System

Time and Location: February 17th, via Zoom Meeting 12:00-1:00pm

Presentation Summary:  Innovation is one of the most frequently used words in business today, which has caused it to become outgrown as a concept and functionally not very useful. This has created an environment where it is possible to discuss innovation with a colleague and unknowingly have a conversation that is singular in intent, but entirely separate in terms of assumptions and understanding. Within the St. Luke’s Integrated Health Technologies (IHT) department, we have been working on establishing a framework for innovation with the goal of defining a common language and standardized approach to make innovation as accessible and repeatable as possible. The intent is to have a framework that will enable demand-side driven innovation rather than supply-side driven efforts that often result in waste. The framework strives to put the consumer at the center and is built on three core principles – empathy, curiosity, and rapid experimentation.

Reid Stephan is the VP, Chief Information Officer at St. Luke’s Health System. St. Luke’s is the  only Idaho-based, not-for-profit health system, with 9 hospitals and 200+ clinics serving the  needs of communities across Southwest Idaho. He has over 20 years of experience in the  technology space, including serving as St. Luke’s Chief Information Security Officer prior to his  current role, and 9 years leading HP’s global corporate IT security incident response program.

He has a Bachelor of Management Information Systems from the University of Idaho and an  MBA, Technology Management from the University of Phoenix. He is a HealthCare Information  Security and Privacy Practitioner (HCISPP) and a College of Healthcare Information  Management Executives (CHiME) Certified Healthcare CIO.