Gartner Sourcing & Strategic Vendor Relationships Summit

September 13-15
Gaylord Opryland Resort & Convention Center
Nashville, TN


Special CISQ rate: CISQ members save $325 off the registration fee. Apply the code GARTOMG at registration.


Lead Sourcing and Vendor Management to the Core of Digital Business


Gartner Sourcing & Strategic Vendor Relationships Summit will address how Sourcing, Procurement and Vendor Management can proactively become agents and enablers of digital business. The agenda will focus on both traditional run-the-business sourcing and vendor management best practices as well as new models to increase sourcing’s proactiveness in supporting the organization’s digital business transformation.


The agenda features dedicated tracks for sourcing managers, procurement/contract managers, IT vendor managers, and a track on emerging trends and disruptive technologies. In addition, Gartner’s exclusive Program for Senior Sourcing Executives provides a forum for the most senior level delegates to engage with Gartner analysts and peers in a series of presentations and discussions. Drill down on your hottest sourcing topics based on your role, experience level and key focus.


2017 Agenda tracks
Track A: Sourcing Leaders:
Sourcing for the Digital Platform and Business Value


Track B: Sourcing and Procurement​ Managers
Selecting and Contracting for Agility, Innovation and Value


Track C: Vendor Managers
Maturing Vendor Management for the Digital Age


Track D: All Roles
Embracing Disruptive and Innovative Technology to Gain Competitive Advantage


CISQ members save $325 off the registration fee! Apply the code GARTOMG at registration.











Forrester Privacy & Security 2017


September 14-15, 2017
The Mayflower Hotel in Washington, D.C.

Special member rate: CISQ members save $400 off the registration fee with the code OMG400.


Driving Customer Loyalty and Business Growth With Trust


Privacy & Security 2017 will explore the rapid escalation of security, privacy, and risk from the operational back office to a strategic, enterprise-level imperative — and key driver of digital business and customer trust.


Your consumers’ expectations of privacy and trust now go far beyond such basic questions as “Will you protect my personal information?” They demand a seamless, consistent experience of safety, security, and data privacy. They require trust — and the smartest enterprises are increasingly committed to trust as a core component of their value proposition and brand.


Yet, this commitment to trust is happening at the same time that threats to data security are rapidly proliferating — in number, variety, scale and sophistication. Established security techniques and technologies are buckling under the assault.


In fact, Forrester predicts that a Fortune 1000 company will disappear in 2017 — through bankruptcy, acquisition, or regulatory enforcement — because of a cyberattack.


To WIN in this new era requires new approaches:


First, security and risk must move from the back office to the forefront of corporate strategy. Security, privacy, and risk are no longer about managing exposure to the downside, but are now critical drivers of business success, customer loyalty, and revenue growth.


Second, new technologies, teams, and techniques are required to defeat the growing threats to enterprise data and security, while simultaneously delivering frictionless customer experiences that inspire trust.


Forrester’s Privacy And Security 2017 is designed to bring security and IT professionals together with business and strategy leaders to collaboratively leverage security and trust for future growth in this challenging and volatile environment.









Cyber Resilience Summit: Modernizing and Securing Government IT


Topic: Reducing Modernization Risk through Compliance to Software and Risk Management Standards


Hosted by: Consortium for IT Software Quality (CISQ) in cooperation with the Object Management Group (OMG) and IT Acquisition Advisory Council (IT-AAC)


Date: Thursday, October 19, 2017 from 8:00am – 3:15pm followed by “Cyber Mingle” until 4:00pm


Venue: Army Navy Country Club, 1700 Army Navy Drive, Arlington, VA


RSVP: 781-444-1132 x149



With passage of the Technology Modernization Act and Executive Order for Cyber Security seeking to modernize and secure legacy systems, forward-leaning public officials, standards bodies, and IT Communities of Interests are converging for the 4th annual Cyber Resilience Summit on October 19 in Arlington, VA. With growing threats from a tech savvy adversary, Federal agencies need to embrace advanced risk management and modernization practices proven effective in the global IT market.


If you look at the Trump agenda, you understand that the government is trying to maximize the use of commercial innovation, commercial standards and commercial best practices, and in doing so, direct that at the modernization and security of legacy systems that right now are the #1 cyber threat.


The program will cover the topics of risk-managed digital transformation and the practical application of systems engineering to support agile acquisition, cloud readiness, big data, technical debt control, and cyber risk management of complex mission, C2, weapon and citizen-facing systems.



Registration is complimentary for government employees; industry $250; includes refreshments and lunch. Government employees, please select “Special” under Payment Type and enter the code CISQGOV17 at registration.









8:00 Registration and Coffee Social
8:30 Welcome Remarks
Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ)
– John Weiler, Vice Chair, IT Acquisition Advisory Council (IT-AAC)
8:45 Keynote Panel: Tony Scott, former Federal Chief Information Officer
9:15 Titans of Cyber Panel: Policy and Directives for Modernizing and Securing Legacy IT
Topics: FITARA, MGT Act, Executive Order for Cyber Security
Lead: Dr. Edward E. Amoroso, CEO, Tag Cyber LLC


– Sara Mosley, Acting Director for the Office of the Chief Technology Officer, DHS CS&C
– Gen. Greg Touhill, former White House CISO
– Jack Wilmer, Cyber lead for American Technology
Council, White House OSTP – confirming
– Jeffrey Eisensmith, CISO, DHS OCIO – confirming

10:30 Break & Networking
10:45 Standards to Measure and Manage Security, Resilience and Technical Debt
– Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ)
– Greg Smithberger, CIO/CTO, NSA – confirming
11:15 Cyber Resilience Standards of Practice
Lead: Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ)

– Dr. Ron Ross, Computer Scientist and Fellow, NIST
– Roberta Stempfley, Director of SEI’s CERT Division
– Herb Krasner, University of Texas at Austin (ret.), Texas IT Champion
– Neal Ziring, Technical Director, NSA – confirming
12:15 Luncheon and Cyber Solutions Roundtables
1:15 Titans of Cyber Panel: Best Practices and Innovations for Rapid Modernization

Lead: John Weiler, Vice Chair, IT Acquisition Advisory Council (IT-AAC)

– Jeannette Manfra, Assistant Secretary DHS CS&C – confirming
– Jose Arrieta, Director, Office of IT 70 Schedule Contract Operations, GSA
– Ken Bible, Deputy CIO, USMC
– Matt Conner, CISO, NGA

2:15 Supply Chain and Integration Risk Management
Lead: Joe Jarzombek, Global Manager, Synopsys Software Integrity Group


– Emile Monette, Senior Cybersecurity Strategist and Acquisition Advisor, DHS Continuous Diagnostics and Mitigation Program
– Shon Lyublanovits, IT Security Category Manager and Director of the Security Services Division for the Office of Integrated Technology Services (ITS) in GSA’s Federal Acquisition Service (FAS)
– Dave Duma, Acting Director, DoD OT&E – confirming

3:15 – 4:00 Closing Remarks and “Cyber Mingle”
















“Risk-Managed” Digital Transformation at Forrester Forum

An event series now in its second year, Forrester Research is hosting the Digital Transformation Forum in cities across the U.S., Europe and India. CISQ is a proud partner along with parent organization, The Object Management Group® (OMG®). This week (May 9-10) we’ve been at Digital Transformation in Chicago with 500+ attendees discussing multiple, important angles of the subject:

  • Creating customer-centric experiences through digital technology
  • Changing business models and operations
  • Discovering new growth opportunities
  • Supporting digital transformation through technology, culture, leadership, skills and processes


CISQ’s expertise in the digital transformation discussion is at the software level – specifically the IT systems and applications that are being built or modernized to enable these new capabilities. Digital systems (software) are powering the enterprise. Operational excellence is critical in terms of system performance, reliability, maintainability, and security (see CISQ’s Automated Quality Characteristic Measures).


Digital is all about the software that runs your business. What we’re hearing at the Forrester Digital Transformation Forum, and from our members, is that they are going to have to write a whole lot of new software for their digital business strategies, and will also have to transform a lot of existing software.


As these new software ecosystems come into being, the ability to measure and certify the non-functional characteristics of software risk is going to become more important. Digital requires business leaders to take charge, because digital transformation is really a business transformation. Yet, there’s still a deep disconnect between what technologists know about the company’s digital assets and what the business people understand. Having a standard lingua-franca to communicate the state of business software is turning out to be increasingly valuable for business stakeholders.


Stop by CISQ’s table at future Forrester events! We’re located near the Forrester product stations.








Como controlar riesgos, seguridad y costes del software en el contexto de la Transformacion Digital

09 de Junio de 2017

Torre Espacio

Madrid, Spain




Si solicita alguna aclaración, no dude en contactar con nosotros:


Hoy en día, la mayoría de las organizaciones están inmersas en un proceso de Transformación Digital con el objetivo de mejorar la experiencia de sus clientes y conseguir ser más competitivos aprovechando las posibilidades tecnológicas actuales.


Debido a estos procesos, la complejidad del software ha aumentado de forma exponencial en los últimos años. Esta complejidad, combinada con la necesidad de reducir el “time to market”, conlleva un aumento de riesgos y costes inherentes al software, sobre todo los relativos a la seguridad, robustez, eficiencia y mantenibilidad.


Nos complace invitarte al desayuno, organizado por CAST, con la participación de Richard Soley, Presidente y CEO de OMG; y Paul C. Bentz, Director de Programas para los Sectores Público y Privado de CISQ. Un grupo de CIOs innovadores debatirán sobre cómo gestionar los riesgos y costes relacionados con el software en este contexto de transformación.


Esta sesión, que será en castellano, está dirigida a Directores de TI, Líderes de Transformación Digital, Directores de Arquitectura, Directores de Desarrollo, Directores de Innovación.


Download the event flyer!








Speakers Announced for Brussels Cyber Resilience Summit in June

Needham, MA – May 9, 2017 – The Consortium for IT Software Quality™ (CISQ™), today announced it will host the Cyber Resilience Summit on 6 June 2017 at the Radisson Blu Royal Hotel in Brussels, Belgium. Click here for the full agenda. Admission is complimentary but registration is required.


The Summit will feature American and European CIOs and IT policy makers who will discuss how to measure and manage software risk, security and technical debt. Featured speakers are:

  • Professor Georges Ataya, Belgian Cybersecurity Coalition
  • Paul Bentz, CISQ Director of Government and Industry Programs; former CIO at Paribas and Allianz
  • Erik Beulen, Principal, The Boston Consulting Group
  • Antonio Conte, European Commission, DG Enterprise and Industry (invited)
  • Paul Cornelisse, Director, METRI Group
  • Dr. Bill Curtis, Executive Director, CISQ
  • Nicolas Fleuret, Partner, Deloitte France
  • Dr. J. Michael Gilmore, former Director of Operational Test and Evaluation with the U.S. Department of Defense, now at RAND
  • Jean-François Legendre, Development Manager, AFNOR
  • Constant Kohler, Programme Manager, Industry & Infrastructure, CEN and CENELEC
  • Dr. Richard Soley, Chairman and CEO, Object Management Group
  • Toine van Eeden, CIO, NCOI

Learn more how CISQ members are addressing cyber resilience issues in software-intensive systems at


About CISQ

The Consortium for IT Software Quality™ (CISQ™) is an IT industry leadership group comprised of IT executives from the Global 2000, system integrators, outsourced service providers, and software technology vendors committed to introducing computable metrics standards for measuring software quality and size. Founded by the Object Management Group (OMG®) and the Software Engineering Institute (SEI) at Carnegie Mellon University, CISQ is a neutral, open forum in which customers and suppliers of IT application software can develop an industry-wide agenda of actions for improving IT application quality and reduce cost and risk. CISQ is sponsored by CAST, Synopsys, Booz Allen Hamilton, Cognizant and Huawei. For more information, visit



Note to editors: For a listing of all OMG trademarks, visit All other trademarks are the property of their respective owners.






Gartner Security & Risk Management Summit 2017


Manage Risk. Build Trust. Embrace Change.


Digital business can yield many benefits, but it also exposes organizations to new threats and risks. Today’s security and risk practitioners must deliver a program that establishes the enterprise, with its systems and employees, as a trusted participant in the digital economy.


Find out how to use proven practices as well as innovative technologies and methods at Gartner Security & Risk Management Summit 2017, June 12 – 15, in National Harbor, MD. You’ll walk away knowing how to embrace change and manage increasing cybersecurity risks without unnecessarily inhibiting the business. Get unbiased content across these targeted role-based programs:

  • Chief Information Security Officer (CISO) Program
  • Security Program
  • Business Continuity Management (BCM) Program
  • Risk Management and Compliance Program
  • Marketplace for Security Program


CISQ members save $300 on the standard registration rate with code GARTCISQ.


Click here to register.






Forrester Digital Transformation 2017



May 9-10, 2017
Sheraton Grand Chicago


Enjoy a special rate! CISQ members save $400 off registration with the code OMG400.


Digital disruption is rewriting the rules in almost every industry as customers turn to digital touchpoints in preference to traditional ones. Forrester’s Digital Transformation 2017 will inspire you and give you the necessary tools to provide innovative digital, social, and insights-driven omnichannel experiences for customers and employees alike — and harness these outlets for growth.


Companies aren’t pursuing a digital transformation to simply keep pace with their peers, or become better at what they currently do. Success in Digital Transformation is not about strengthening or bettering your company, but exposing new business opportunities and opportunities for growth. Digital Transformation has the power to fundamentally change your business model. At this Forum you will:

  • Gain the tools needed to lead an enterprise-wide transformation and keep pace with your customers.
  • Learn the organizational designs and practices needed to build tight alignment between business and technology leaders.
  • Address the need to break with best practices, legacy systems, and even long-standing partners in many cases.
  • Build your transformation strategy based on a detailed vision of the future states of your customers and your business, along with the digital revolutions to come.


Join more than 50 Forrester and industry speakers on-site including leaders from Gap, Expedia, GE Oil & Gas, Nespresso, Siemens, Bloomingdale’s and more. Visit the event webpage to explore the latest agenda updates and to register. Attendees will also have the opportunity to meet with Forrester analysts 1-on-1 to discuss strategy, challenges, and emerging trends. View participating Forrester analysts.


The day before the Forum Forrester will also be hosting an AI Summit on the future of artificial intelligence, machine learning, and data analytics for digital business and technology leaders. Add this on to your forum ticket to develop strategies to design and implement AI-infused experiences.






Agile Dev, Better Software & DevOps West



Join TechWell at the Agile Dev, Better Software & DevOps West conference from June 4–9 at Caesars Palace. The collocated conferences will feature popular topics such as agile leadership, business analysis & requirements, agile test/QA, DevOps, mobile testing, kanban, lean management, and much more!


Register using CISQ’s exclusive promo code CWCM and save up to $200 off your registration. Additionally, if you register by May 5, you will save up to an additional $200 off with early bird pricing—a combined savings of up to $400.*


Not ready to register yet? Explore the full program and discover what the conference has in store. Build your full week of learning and benefit from comprehensive tutorials, exceptional concurrent sessions, inspiring keynotes, networking activities, pre-conference training classes, the Expo, and much more.

  • In-depth tutorials are presented in a mixture of two half-days or one full-day formats
  • Keynotes from speakers that will inspire and motivate you
  • Networking opportunities will allow you to expand your peer network, meet new business contacts, and engage with industry-leading speakers
  • Travel the Expo floor to experience innovations of the leading software organizations
  • And more!


*Valid on packages $400 or more. Promo code discount offer may not be combined with the group discount. Offer valid on new registrations only.




OWASP AppSec USA 2017


Save the Date!


Venue: Disney’s Coronado Springs Resort in Orlando, Florida


Event Site:


Registration: CISQ members save $50 off the registration fee! Apply the code UNLM50CISQ.


OWASP AppSec conferences are the premier gathering for software security leaders and researchers. It brings together the application security community to share cutting-edge ideas, initiatives and technological advancements.