Infrastructure Automation

I stood in front of an applauding crowd of almost 30 people, and I was smiling.  I was elected president of the (ISC)2 Raleigh Durham chapter and I was happy about it… so why was there a little voice in my head telling me, “you should be careful what you wish for”?

Over the next month I dove headfirst into learning chapter operations and that little voice often returned.  There was little documentation and almost everything we needed was in the founding member’s head.  The membership wasn’t large, but the board was working at full capacity and often over capacity to pull off meetings.  It was obvious there was no way to scale; at least not without some changes.

How was I going to lead this group?  How was I going to make the founder proud of his legacy?  How could I grow an organization that wasn’t particularly organized?

After a year and half, we have automated almost all our routine processes like member registration, paying dues, distributing newsletters, financial accounting, and tracking attendance for CPE’s.  If these tasks sound familiar, it’s because we provide them for AICPA members.  In fact, my experience learning about the processes at AICPA are how I was able to help grow the local (ISC)2 chapter to three times its size, and below explains how.

The (ISC)2 is the International Information Systems Security Certification Consortium and serves as the international trade organization for cyber security.  There are many similarities between the (ISC)2 and the AICPA, including:


  • Operating as Not-for-profit (NFP) organizations representing a complex discipline,
  • Promoting the disciplines and recruiting to grow the industry
  • Serving different membership types based on credentials,
  • Delivering education and tracking CPE’s,
  • Providing an international presence and supporting locally run chapters,
  • Sponsoring public awareness campaigns to educate the general population, and of course
  • Both have incredibly complicated acronyms


Automating the Business

For 5 years the (ISC)2 Raleigh Durham Chapter had been functioning by either using tools that did not integrate with each other or performing tasks manually – so we started by questioning everything.  There were challenges shifting from existing tools but with a formed idea of the experience we required, and the architecture needed to support that experience, it became clear what was going to work and what was not.

While establishing the website we invested time to define solid journeys for customers to register, login, retrieve passwords, and open support tickets.



Next we established how to pay dues electronically, which has iterated continuously over the last year.  What began as either cash or unbranded PayPal experiences are now branded experiences that shows payment history on our site.  Recently we closed our financial accounts for the first time and 2020 dues supports recurring invoices that can be paid by a button in an email from a phone.

The integration architecture supports taking payments (online or in person) and synchronizing real-time with our infrastructure to provision access, update marketing segmentation, and update our back-end financial system.

Our events management and recording attendance was also manual.  Today, we provide online registration and onsite a board member checks one box to confirm attendance. (If guests attend, we ask them to register, login, and RSVP on their phones (which is why journeys needed to be as intuitive and painless as possible).

Attendance is recorded and provides confirmation email to the customer, a record for CPE’s, and a report to our host facility.

The next step to improve check-in is to use an AI program given to me by Professor Ng from Stanford that uses facial recognition whilst literally walking past a facing camera.

Since automating administrative tasks, we now have the time to build quality into training programs.

Our public awareness training partners with (ISC)2 Safe and Secure Online to help people ‘surf safely’.  The audiences range from youth, parents (should I be concerned about my child’s online experience; and what is Fortnite?), and seniors who get online to connect with family (we know you love them, but your grandchildren’s names’ make horrible passwords).


How AICPA helped

As mentioned, there are many parallels between the (ISC)2 and the AICPA, and it would be remiss to not acknowledge some of the experiences that have helped me to help the chapter:


  • Peggy McIntyre who helped me understand customer feedback and promoted the idea of making the experience ruthlessly simple.
  • Andy Sedaca who helped me put ruthlessly simple designs to the test over and over as we iterated to improve the content and experience at AICPA.
  • Elisabeth Pinekenstein, who has inspired me to learn more about accounting – which led to our chapter being singular in how seriously we take accounting and closing books.
  • Kati McDaniels, who manages our dues playbook, taught me that if we can simplify the process, simplification to manage and reduced exceptions should follow.
  • Clar Rosso who’s team developed the NFP program that I completed to learn more about the accounting practices required for NFP’s.


Chapter growth

Growing our membership is a governing value, but we chose to be patient and build the right processes before actively driving growth.  Despite the pause, automated processes now support membership growth which has tripled in the last 15 months and is forecast to double again in 2020.

Thanks to our growth we have more opportunities to draw different speakers to our meetings and to support partner organizations.  Currently we support several groups including WiCyS (Women in Cyber Security) and the Scholarship Opportunities with the (ISC)² and the center for Cyber Safety and Education.  Also, we have a newly thriving marketing segment for volunteers who help us better promote our programs and industry.