IT Auditing: Information Assets Protection

Robert E. Davis, MBA, CISA, CICA

Robert E. Davis is an independent management audit consultant (currently associated with Robert Half Management Resources) and a Boson Software, Inc. author and instructor, as well as Pleier Corporation author.  His IT audit specializations include Control Objectives for Information and related Technology, Sarbanes-Oxley Act, and the Foreign Corrupt Practices Act.  Regarding information security and privacy, Robert is available to provide International Standards Organization-17799, Graham-Leach-Bliley Act, and Basel II consulting.  His primary computer technology research interests are databases, operating systems, and distributed information systems processing. 

Since starting his career as an IT auditor, Robert has provided data security consulting and IT auditing services (from staff through senior management) to the United States Enrichment Corporation, Raytheon Company, United States Interstate Commerce Commission, Dow Jones & Company, Fidelity/First Fidelity (Wachovia) Corporations, and other organizations.

Some of his professional IT software and hardware experience includes MVS, UNIX, Windows, Oracle, Clarity, the International Money Management System, PERL, COBOL, PASCAL, DEC, IBM, Tandem, Compaq, and DELL.  

Prior to engaging in the practice of IT auditing and information security consulting, Robert provided inventory and general accounting services to Philip Morris USA and general accounting services to Philadelphia National Bank (Wachovia).

Robert graduated from Temple University and West Chester University of Pennsylvania with a Bachelor of Business Administration and Master of Business Administration degree, respectively.  While attending Temple University, his major areas of study were Business Law and Accounting.  He successfully completed the requirements for a Management Information Systems subject major at West Chester University.  

Robert obtained the Certified Information Systems Auditor (CISA) certificate, after passing the Information Systems Audit and Control Association’s rigorous three hundred and fifty multiple-choice questions examination and was conferred the Certified Internal Controls Auditor (CICA) certificate by the Institute for Internal Controls.  

During his twenty-year professional involvement in education, Robert acquired postgraduate and professional technical licenses in computer science and computer systems technology.  

Robert has authored "Did IT Auditing Forget the Foreign Corrupt Practice Act" and "How Does Management Support Deploying IT Governance?" articles for IT AUDIT magazine and IT Governance, LTD; respectively.

Robert is a former ISACA-Philadelphia Chapter Board of Directors member and College Relations Chairman.  Robert has provided instruction to an Internet CISA study group, the Data Processing Management Association, and the ISACA-Philadelphia Chapter CISA Review course.
 
Robert is a member of The Institute of Internal Auditors, ISACA, American Association of University Professors, and The Institute for Internal Controls.  He is also a college computer science and mathematics instructor, having previously taught at Cheyney University and Bryant & Stratton College.   

Robert’s IT audit publications include “Information Systems Auditing: The IS Audit Planning Process”, “Information Systems Auditing: The IS Audit Study and Evaluation of Controls Process”, “Information Systems Auditing: The IS Audit Testing Process”, and “Information Systems Auditing: The IS Audit Reporting Process” electronic monographs.  A consolidated and enhanced version of these monographs is available through Pleier Corporation as "IT Auditing: An Adaptive Process".

For those preparing for the CISA or Certified Information Security Manager (CISM) examination, Robert has authored knowledge diagnostic tests that are also available at http://www.boson.com/Product/64.html.

Based on his accomplishments, Robert has been featured in Temple University's Fox School of Business Alumni Newsletter and The Institute for Internal Controls e-Newsletter.  Furthermore, he is a lifetime member of the Madison Who's Who Registry of Executives and Professionals.

Robert has authored 3 other indispensable resources available from Pleier Corporation "IT Auditing: The Process", "IT Auditing: An Adaptive Process", and "IT Auditing: IT Governance", that are especially valuable references to prepare for related sections of the ISACA Certified Information Systems Auditors examination.  Offered at a reduced price, Davis' "CISA Review Material" is a combination of 4 titles, the 3 listed and "IT Auditing: Information Assets Protection".

Additional references and information is available at Have CISA - Will Travel.



Robert E. Davis has been privileged to assist various organizations in achieving their information systems control objectives and improving business processes.  Recently, he has applied his expertise in assisting organizations in fulfilling U.S. Sarbanes-Oxley and Federal Information Security Act requirements as well as training professionals internationally.   

Robert is sharing his experience by providing tools to prepare auditors to perform IT audits in an extremely cost-effective manner.

Business organizations, governmental organizations, colleges, and universities can benefit from his knowledge and expertise concerning IT auditing.

This self-paced PowerPoint presentation with accompanying material is organized to provide initial training of IT auditors and security professionals as well as continuing training of auditors, security professionals, audit managers, and security managers.  The “Administrator’s Guide” provides tools for group and individual self-paced training. 

Utilizing the enclosed PowerPoint slides, in conjunction with the “Participant’s Guide,” can ensure adequate understanding of IT audits and reviews related to information assets protection.  Furthermore, participant attentiveness to the material and completion of the eighteen exercises in the Guide can enhance auditor professionalism in corresponding job responsibilities.

Participants who complete this training will be adequately prepared to perform competent Information Assets Protection Audits and Reviews.

Auditors, security professionals, Audit Departments, and Security Departments that purchase this electronic publication on CD can duplicate the enclosed Administrator’s and Participant’s Guides royalty free for training of individual auditors and security professionals in that department and for in-house group training.

Organizations including schools that purchase this electronic publication on CD can duplicate the enclosed Administrator’s and Participant’s Guides and use that material to conduct public and classroom training by paying a royalty fee of $20 by check or online for each copy of the workbook produced on paper or file to:


When making payment please include with payment or a separate email the place and date that the training was held.

Your feedback, concerning this product, should be sent to pleier@pleier.com.


IT Auditing: Information Assets Protection contains over 560 PowerPoint slides with slide notes offering a practical method for performing IT audits and reviews addressing potential information assets protection risks.  Furthermore, the PowerPoint slides content allows presentation and participation in either a group or individual self-paced training format.

This “IT Auditing: Information Assets Protection” course can be offered in a 5 day period as outlined in the PowerPoint slides, in any timeframe to meet an organization's needs, or in a self-paced mode for individuals.

To view each of the 5 PowerPoint presentations click the blue link for that module such as the one that follows.  Click View Slide if necessary.  Click the left mouse button each time you are ready to advance to the next item or to check an answer throughout this presentation.  To continue a presentation at a specific slide while viewing slideshow right click the mouse, select Go To Slide, and select a specific slide number.


“IT Auditing: Information Assets Protection Presentation – module 1"

Module 1 sets the framework for learning about information assets protection associated with IT audits and reviews, as well as offering suggestions on how to use this CD in a self-study or group training mode, specifically addressing: 
“IT Auditing: Information Assets Protection Presentation – module 2"
Module 2 continues the learning concerning information assets protection associated with IT audits and reviews specifically addressing:
“IT Auditing: Information Assets Protection Presentation – module 3"

Module 3 continues the learning concerning information assets protection associated with IT audits and reviews specifically addressing:
“IT Auditing: Information Assets Protection Presentation – module 4"
Module 4 continues the learning concerning information assets protection associated with IT audits and reviews specifically addressing:
“IT Auditing: Information Assets Protection Presentation – module 5"

Module 5 continues the learning concerning information assets protection associated with IT audits and reviews specifically addressing:

"IT Auditing: Information Assets Protection Administrator's Guide"

The 108-page "Administrator's Guide" provides the administrator / seminar leader with an excellent guide to offer quality training correlated to the "IT Auditing: Information Assets Protection" PowerPoint presentation and provides answers for course participant exercises. Beneficially, the "Administrator's Guide" documents researched answers, with additional reference sources available on the Internet.

In a self-study mode the participant should use the "Participant's Guide" and then check the accuracy of an answer with the "Administrator's Guide".

To access the Administrator's Guide click the blue link above. 

"IT Auditing: Information Assets Protection Participant's Guide"

The 48-page "Participant's Guide" encourages active learning about information assets protection associated with IT audits and reviews. This workbook allows application of presented material and demonstration of the IT audit methodology, using various formats. Additionally, practice variety also is incorporated through group or individual exercise assignments.

The "Participant's Guide" contains a glossary of terms that a participant might want to reference throughout the PowerPoint presentation.

To access the Participant's Guide click the blue link above. 


If you like the quality of this electronic publication on CD-ROM please review http://www.pleier.com for additional information.

Current Publications - Click the link to preview:

• 21st Century Audit Management – Opportunities and Challenges – by a number of contributing authors
• A Practitioner's Guide to Corruption Auditing by Muhammad Akram Khan
  
• A Practitioner’s Guide to Performance Auditing by Muhammad Akram Khan
• Achieving Auditor Excellence by David McNamee
  
• Auditing Fraud - Complete Publications, Threat Scenarios, Purchasing & Contracts Fraud by David McNamee
• Auditing IT Infrastructures by Alan Oliphant
• Auditing Purchasing and Contracts by David McNamee
  
• Control Self Assessment by David McNamee
• Exceeding Expectations by John D. Tongren
  
• Internal Auditing: Basics & Best Practices by David McNamee
  
• IT Auditing: An Adaptive Process by Robert E. Davis
• IT Auditing: Irregular and Illegal Acts by Robert E. Davis
• IT Auditing: IT Governance by Robert E. Davis
• IT Auditing: New Systems by Michael Lapelosa
• IT Auditing: The Basics by Michael Lapelosa
• IT Auditing: The Process by Robert E. Davis
  
• McKeever CCSA Study System by John J. McKeever
• Operational Auditing: Adding Value to Organizations by John D. Tongren
• Risk Management - Best Practice, Case Studies, and Related Material – by a number of contributing authors
• Risk Management and Risk Assessment by David McNamee

Print Order Form - PDF
Print Order Form - Word Document
Order Online

ADM PLUS Audit Management Systems for managing an Audit Department help auditors manage better.