IT Governance, Compliance, Security and Audit from the Pros: People

Peter is founder and principal of Peter Davis+Associates (PDA), a management consulting firm specializing in the security, audit and control of information systems. Prior to PDA, Peter's private sector experience included two large Canadian banks and a manufacturing company.

In addition, Mr. Davis was a Principal in the Information Systems Audit practice of Ernst & Young, where he participated in detailed security reviews for several major service bureaux in Canada and the U. S.. He reviewed operating systems, change control methods for application development and maintenance; evaluated hot-site and disaster recovery testing; and evaluated communication security for on-line networks. He also participated in the review of the Ontario Lottery Corporation, Florida State Lottery and California State Lottery. For other clients, Peter reviewed operating system security features including access control, system software change control and system redundancy. He reviewed software encryption for transmissions; evaluated data centre physical access controls; and reviewed the implementation of ACF2, RACF and Top Secret.

Peter also worked for the federal and provincial public service. Latterly, Mr. Davis was Director, Information Systems Audit, Office of the Provincial Auditor (Ontario). While at OPA, he directed the cross-ministry audits of microcomputers, minicomputers, mainframes and information technology security and audits of the Office of the Registrar General, CORPAY, the Health Registration System, and local area networks.

He has been involved in security and audit since 1979 working as a security administrator, security planner, a consultant, a salesperson for a security products manufacturer and an information systems auditor. Peter is a past Advisory Council member of the Computer Security Institute (CSI), Past Recording Secretary of ISSA International, and Past President and Founder of the Toronto ISSA Chapter. In addition, he is a member of the international committee formed to develop Generally Accepted System Security Principles (GSSP): an international security methodology.

Mr. Davis is author of Complete LAN Security and Control (McGraw-Hill) and Securing and Controlling Cisco Routers (Auerbach Publications/CRC Press) and co-author of Teach Yourself NetWare in 14 Days (SAMS), Wireless Local Area Networks: Technology, Issues, and Strategies (McGraw-Hill), Computer Security for Dummies (IDG Books), Teach Yourself Windows NT Server 4.0 in 14 Days (SAMS), Teach Yourself Windows NT Server 4.0 in 21 Days (SAMS), Teach Yourself Windows 2000 Server in 21 Days (SAMS), Wireless Networks for Dummies (Wiley), and Hacking Wireless Networks for Dummies (Wiley). Peter is the editor of and contributor to Securing Client/Server Computer Networks (McGraw-Hill). He also wrote the Computer Security Institute's successful Manager's Guide to Internet Security pamphlet and Auerbach Publication's Auditing Microsoft's Internet Security and Acceleration Server monograph as well as others. Finally, Peter is the Editor of EDPACS and has written numerous articles for that publication.

Peter is a frequent speaker at COMDEX, IIA, ISACA, ISSA, CICA/IIA/EDPAA, CSI and MIS international conferences, as well as chapter meetings of the ISACA, ISSA and IIA. In addition, he is an accredited COBIT, ITIL and CISSP trainer. His courses include Wireless LAN Security and Audit, Router Security and Audit, Audit and Security of Client/Security Architectures, Understanding LANs, Introduction to LAN Security, Protecting Your Networks from Hackers, Viruses, and Other Attacks, Building a Security Awareness Program and Auditor's Guide to the Internet.