.

Brian D’souza

. Thought Leadership Article: Blockchain Fundamentals

. Upcoming Events

Brian D’Souza

IS C c muni c t b

Who is Brian?I was born in Kenya and did my studies here. I am an accountant by profession with my biggest focus and drive being the use of technology in all I do. Embedding the continuous use of technology in audit was one of my objectives for many years in my earlier days. I am currently the Partner and Head the Risk and Management consulting business at KPMG in East Africa. I am married to Sabrina and have a son, Joshua who is 12 years old. When not working, I am involved in community work and try and play a part in keeping the Goan community alive. I am a Trustee of the Goan Institute, an organization that was started in 1905 and steeped in tradition . I am also involved in ACCA activities in Kenya and like playing golf when time permits.

How did you transition from accounting to Information Technology?

and other services. In the early days, it was as basic as use of spreadsheets and word documents. Today, it is the extensive use of automation and analytics now and in the future.

members of ISACA Kenyan Chapter and I have done a fair share of my contributions to its development including the introduction of a requirement for a minimum CISA designation to particular roles in our technology advisory teams.

What’s the biggest obstacle to your career and how have you coped with the situation?Getting people to believe that technology and analytics is the future and complements all businesses. I have learned not to give up and to keep demonstrating that technology can be of use in the business world.

or anything else.

What is your life’s philosophy? Everyone should have values that they stand for. Personally I am driven by integrity, which also drives my work at KPMG. One should believe and act with integrity. I strive for good governance in what I do and I also believe in giving back to the younger generation by teaching and coaching. I am proud to say in my life at KPMG, I have recruited many students and helped mould them into the professionals they are today.

What is next for you? I want to continue to build my people to have life skills, not just as professionals but in all aspects of life. I also would like to use my skills in governance, accounting, technology and data to help the country grow. I will continue giving back to the communities as well as the professions I belong to.

The interview was conducted by Fredrick Ouma CISA

Kenya Chapter Newsletter Vol 2/2018 Apr-June 2018

Mr.

M.r Brian D’ souza partner at KPMG East Africa

It is very di�cult to turn attention to the fundamentals of the underlying technology - Blockchain – that is driving up the crypt currency craze. Everyone is excited about crypto currencies as manifested through Bitcoin and very little attention is being given to basic building blocks that have made this happen.

This brief article aims to ground our understanding on what makes the Bitcoin network functional , its unique elements andproperties and begin to show how these could be used beyond the �nancial sector. The blueprint of how bitcoin works is well articulated in the founder’s whitepaper titled Bitcoin – a peer to peer electronic cash system. Essentially Satoshi, the founder solved the problem of how to send electronic cash without the need of an intermediary.

The predominant system of money exchange requires a middle party – the bank- to act as an intermediary between two or more parties wishing to exchange money. The bank keeps a record of both parties and tracks their respective credits and balances. Both parties must obviously trust that whatever the bank re�ects in its books as their balances is indeed a true picture of reality.

Satoshi, �ipped this trust-based model upside down by proposing a trust-less, decentralized system where participants trust in the network, rather than a central agency.

When Alice wants to send electronic money to Bob, she would simply send it the same way we send emails to each other. However, given the electronic nature of the money, nothing stops Alice from sending the same money to another party.

This is called the double-spend problem. How can we stop Alice from buying two di�erent items using the same electronic coin?The solution proposed is the power behind the bitcoin network.

First we must have a public ledger where everyone participating is able to see the amount of money that Alice has in the �rst place. This is in contrast to the traditional banking model where only the bank has copies of each participant’s value.

How Bitcoin Works, video, https://www.youtube.com/watch?v=bBC-nXj3Ng4&feature=youtu.be Satoshi Nakamoto original white paper, http://nakamotoinstitute.org/bitcoin/

In the bitcon network, each participant or node has a copy of the transaction ledger that keeps a historical record of all transac-tions since the beginning of the network.

The ledger is therefore public, distributed and decentralized. With such a ledger, Alice cannot purport to spend more than what she has recorded in her favor, since the participating nodes will reject such a transaction.

This is known as the consensus protocol and one can begin to see that the decision on which transactions gets to be validated and accepted into the public ledger or database is now taken away from a central agency, and shared across multiple nodes orparticipants within network.

To provide better e�ciency, Satoshi proposed a way in which blocks of validated transaction would now be cryptographically linked to previous blocks in a chain-like manner – hence the term Blockchain.

A Blockchain is therefor a transparent, distributed, decentralized and immutable database that continues to record transactions in a chronological manner. It has these useful properties that makes it revolutionary and appropriate to industries outside the �nancial sector.

In future articles, we shall build on this foundational knowledge to explore the where else we can use Blockchain, what are the security & regulatory concerns amongst others.

BLOCKCHAIN FUNDAMENTALS.By J. Walubengo,walu.john@gmail.com, @jwalu

Kenya Chapter Newsletter Vol 2/2018 Apr-June 2018

ACADEMIC RELATIONS

Kenya Chapter Newsletter Vol 2/2018 Apr-June 2018

The ISACA Kenya chapter is focused on making ISACA resources accessible and a�ordable to university students. One way in which it has done so is to host inter-varsity bootcamps targeting students from various Kenyan universities.

The bootcamps provide training on ISACA certi�cations facilitated by ISACA Kenya trainers who volunteer on pro-bono basis as a way of mentoring the next generation of professionals.

The �rst bootcamp was held at USIU-A from Mon 24th April - Fri 28th April 2017. The participants were taken through the Cybersecurity Fundamentals (CSX) and Certi�ed Information Systems Auditor (CISA) curriculum at a fee of only Ksh 10,000/=. The money was used to cater for meals, administrative costs and ISACA student membership.

The second was held from 17th to 19th January 2018 at Strathmore University. This boot camp exclusively covered Cybersecurity Fundamentals (CSX). ISACA student members only paid Ksh 5,000/= and nonmembers Ksh 7,000/=

ISACA Kenya is looking for more Universities to partner with in order to host future bootcamps. If you are able to facilitate this please send an email to events@isaca.or.ke.

CISA 635316 Mr. Polycap Denis Okumu Onyango

CISM 1099130Mr. Paul Kamau Kamiru, CISM

CRISC 1040154Mr. Micah Amge Njeule, CISA,CISM,CRISC

1. IT Governance, Risk and Compliance Date: 9th-10th April 2018 Venue: Mombasa Charges: Members 40,000 Non-Members Kshs. 50,000. CPE Hours: 14

4. Cybersecurity (CSX) and CISM Bootcamp Date: 23rd -27th April 2018 Venue: Nairobi Charges: Members 7,000 Non-Members Kshs. 10,000. CPE Hours: 35

6. Mapping Enterprise Cyber Security Plan to Risk Framework Date:31st May 2018 Venue: Nairobi Charges: Members 1,000 Non-Members Kshs. 1,500. CPE Hours:2

7. CISA/CISM/CGEIT/CRISC Exam Review Date: 4th - 8th June 2018 Venue: Nairobi Charges: Members 60,000 Non-Members Kshs. 70,000. CPE Hours: 35

8. IT Audit (Financial Workshop) Date: 18th - 22nd June 2018 Venue: Nairobi Charges: Members 92,800 Non-Members Kshs. 98,600. CPE Hours: 35

9. IT Innovations: IoT Risk, Assurance and Audit Date: 18th - 22nd June 2018 Venue: Mombasa Charges: Members 1,000 Non-Members Kshs. 1,500. CPE Hours: 2

5. Cybersecurity: Doing more with less Date: 9th May 2018 Venue: Nairobi Charges: Members 3,500 Non-Members Kshs. 4,000. CPE Hours: 3

3. ISACA Annual Conference Date: 11th-13th April 2018 Venue: Mombasa Charges: Members 46,400 Non-Members Kshs. 52,200. CPE Hours: 14

2. Cybersecurity (CSX) Fundamentals + Exam Date: 9th-10th April 2018 Venue: Mombasa Charges: Members 75,000 Non-Members Kshs. 85,000. CPE Hours: 14

Kenya Chapter Newsletter Vol 2/2018 Apr-June 2018

Q1 SUMMARY IN PHOTOS (2018 SGM)

8

ISACA CERTIFICATIONS Kenya Chapter Newsletter Vol 2/2018 Apr-June 2018

Certification Certification Description

Target group Cost (Tuition + Exam) Exam window

CISA (Certified Information Systems Auditor)

CISA designation is a globally recognized certification for IS audit control, assurance and security professionals.

The CISA Certification was specifically created for professionals with work experience in information systems auditing, control or security that include: • IS/IT Auditors • Security Professionals • IS/IT Consultants • IS/IT Audit Managers

Members: USD 575. Non-members:USD760

1st May-30th June 1st Aug-30th Sept. 1st Nov.-30th Dec.

CISM The uniquely management-focused CISM certification promotes international security practices and recognizes the individual who manages, designs, and oversees and assesses an enterprise’s information security.

The CISM certification was developed specifically for experienced information security managers and those with information security management responsibilities who include: • Information Security Managers • Aspiring Information Security Managers • IS/IT Consultants • Chief Information Officers

Members: USD 575. Non-members:USD760

1st May-30th June 1st Aug-30th Sept. 1st Nov.-30th Dec.

CGEIT CGEIT provides you the credibility to discuss critical issues around governance and strategic alignment, and the traction to consider a move to the C-suite, if you aren't already there.

The CGEIT certification was specifically developed for IT and business professionals who have significant management, advisory, or assurance roles relating to the governance of enterprise IT, including: • IS/IT Directors • IS/IT Managers • IS/IT Consultants • IT Governance Professionals • IS/IT Executives

Members: USD 575. Non-members:USD760

1st May-30th June 1st Aug-30th Sept. 1st Nov.-30th Dec.

CRISC CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise.

The CRISC certification was specifically created for risk and control professionals, which include: • IT professionals • Risk professionals • Control professionals • Business analysts • Project managers • Compliance professionals

Members: USD 575. Non-members:USD760

1st May-30th June 1st Aug-30th Sept. 1st Nov.-30th Dec.

CSX (Fundamentals & Practitioner)

CSX is designed to help fortify and advance the industry by educating, training and certifying a

The Cyber Security Course is ideal for the following IT Professionals:

• IT Manager • Network

Members: USD 728 Non-members: USD 825 per module

1st May-30th June 1st Aug-30th Sept. 1st Nov.-30th Dec.

CSX (Fundamentals & Practitioner)

CSX is designed to help fortify and advance the industry by educating, training and certifying a stronger, more skilled workforce that can keep organizations and their information secure- now and in the future.

The Cyber Security Course is ideal for the following IT Professionals:

• IT Manager • Network

Manager • Security

Manager • Site

Administrator • Network

Administrator • Technical

Support Engineer • Systems Engineer • Banking,

Insurance, and Finance Professionals

• Law Enforcement Officers

• Government Agencies

Members: USD 728 Non-members: USD 825 per module

1st May-30th June 1st Aug-30th Sept. 1st Nov.-30th Dec.

Further details can be accessed on: http://www.isaca.org/certi�cation/pages/default.aspx

For enquiries contact Fredrick Bitta (Certi�cations Coordinator) on: fred.bitta@gmail.com or admin@isaca.or.ke