Patrick Rozario is a Managing Director of Moore Hong Kong and heads up the firm’s Advisory Services to help clients manage their risks and enhance their business operations.

Patrick has over 30 years’ experience working for large international accounting firms and in the commercial sector. Patrick has substantial experience working in the areas of governance and risk advisory. Patrick managed various internal audits, corporate governance, Sarbanes-Oxley, internal control and information technology advisory and assurance engagements for clients across different industries including banking, insurance, telecommunication and government in Hong Kong and China.

Patrick also worked in the commercial sector. He was project manager of a number of large-scale business process re-engineering and information systems implementation projects in the Asia-Pacific Region and in North America.

Patrick chaired the organising committee for the HKICPA Best Corporate Governance Disclosure Awards 2013 to 2016. Between 2017 & 2024, he chaired the review panel of the HKICPA Best Corporate Governance and ESG Awards. Patrick is also a member of the Financial Reporting Review Panel of the Accounting and Financial Reporting Council (AFRC) and Vice President of ISACA China Hong Kong Chapter.

Patrick received his Bachelor of Arts degree from Queen’s University in Canada. Patrick is a Fellow of CPA Australia and a Certified Information System Auditor (CISA). He is also a member of the Institute of Internal Auditors (IIA).

Cybersecurity incidents can result in financial loss, business disruption, damage to reputation and other adverse consequences for an insurer. The CRAF provides prescriptive guidelines on risk assessment and control principles to assist authorised insurers in implementing their cybersecurity frameworks effectively.

The webinar will describe CRAF which consists of four parts and also how we could leverage technology in performing the assessments and helping insurers in implementing their cyber resilience systems :

1.     It sets out its applicability to insurers and the assessment approach under CRAF.

2.     It explains how the assessments on an insurer’s overall inherent risks are conducted.

3.     It explains how the assessments on an insurer’s cybersecurity maturity level are conducted.

4.     It sets out the protocol on submission to the Insurance Authority (“IA”) of assessment results and improvement / remedial plan where insurers’ actual cybersecurity maturity level falls short of the level expected of them.

The Chapter will report your CPE Hour directly to the ISACA Global. To facilitate the process, please ensure the registration form is correctly completed with:

·     ISACA ID (upto 7 digits, but not certification number)

·     Name (Identical to ISACA record)

·     Email address (Identical to ISACA record)

[Attention: For CPE Entitlement]

·     Only for those who have participated in the event for 50 minutes or more

·     Apply your CPE hour after the chapter has uploaded your CPE hour to ISACA website (Email notification from the chapter will be sent within a week after the event)

·     If you provide an invalid ISACA ID, you will be removed from the registration list

·     We will keep you informed once CPE recording to ISACA Global is completed.

·     Member of ACFEHK/ HKCS/ HKICPA/ CPA Canada/ IIAHK/ ASISHK: HK$150

·     Non-Member: HK$300

·     Non-Member or member of ACFEHK/ HKCS/ HKICPA/ CPA Canada/ IIAHK/ ASISHK, please send email to events@isaca.org.hk  and provide your name, email address and respective membership number.

·     Please do not share the zoom details to third party as the provided information is exclusive to registrants only.

·     Please be reminded that for CPE hour entitlement, you have to be present for the event for at least 50 minutes.