| Contact Information | |
| Name: | Peter Davis |
| Email: | ptdavis (at) pdaconsulting (dot) com [email concealed] |
| Location: | Toronto, Ontario, Canada |
| Resume | |
| Position/Title: | Director of Privacy and Security |
| Resume: |
PETER THOMAS DAVIS BUSINESS OBJECTIVE To fully use business, technical and interpersonal relationship skills in diverse and dynamic environments, to ensure service excellence for clients and value-for-money in all aspects of business. Governance, Compliance, CISO, Security, Six Sigma, CISSP, CISM, CISA, Project Management, Program Management, Portfolio Management, Training, Seminars, audit, control review, organizational development, Risk Management, architecture, policy, standards, procedures, business process mapping, swim lane, use case, LOVEM, network security, author, quality, strategic planning, strong verbal/written skills, SOX, PCI DSS, ITIL, COBIT, ISO 27001, ISO 17799, TELEPHONE: 416•907•4041 FAX: 416•907•4851 PROFESSIONAL EXPERIENCE PRINCIPAL January 1993 - Present Peter Davis+Associates, Toronto, Ontario Develop and provide consulting services, technical training courses and seminars in information systems security. Work includes the development of security architectures, strategies, and policies, directives, standards, practices, guidelines and procedures. As well, have acted as an expert witness and presented in court. Perform threat/risk assessments and mainframe (MVS and VM/VSE), OS/32, iSeries (AS/400), UNIX and Windows security reviews, as well as, network security assessments (primarily TCP/IP networks). Helped clients develop compensating and mitigating controls and action plans for implementation. Clients include Aetna Canada, Atoma International, Aveksa, Bank of Montreal, Barbados Shipping & Trading, BrandPartners, California Management Institute, CCBill, CIBC, Cobb County (GA), Centre for Behavioural Research and Program Evaluation, Computer Associates, Computer Channel Inc., Computer Services, Inc., Co-operators General Insurance, DataCard, Data-Tech Institute, Decoma International, Farm Credit Canada, Food Marketing Institute, Gennum, Hartford Group, Homewood Health Centre, IBM Global Services, Immoeuro, Information Security Institute, Information Systems Audit and Control Association, Institute of Internal Auditors, IT Compliance Institute, Janus Associates, Management Board Secretariat (Province of Ontario), Marco Sales & Incentives, Ministry of Consumer and Commercial Relations (Province of Ontario), Ministry of Tourism, Culture and Recreation (Province of Ontario), Ministry of Health and Long-Term Care (Province of Ontario) – Agencies Liaison Unit, IAD Health Cluster and Health Network System, MIS Training Institute, Movicom, New Centuries Energies, Nortel, Paisley Consulting, Plastcoat, Pennsylvania Power & Light, Peoples Bancorp., PotashCorp, Sanmina-Sci, Search Networking, SHL SystemHouse, Inc., Spar Aerospace, Staples Business Depot, Symantec, Teranet Land Information Services, Inc., VisitingNurseService of New York and Watt Design Group. PROFESSOR January 2003 - Present Seneca College, School of Computer Studies, Toronto Part-time professor in data communications for the School of Computer Studies, Seneca@York. EDITOR May 2002 – February 2004 EDPACS, Auerbach Publications, CRC Press, New York, New York Develop, write and edit content for the monthly copy of EDPACS: The EDP Audit, Control & Security Newsletter. The newsletter provides articles on complex problems facing today’s control and audit specialists. It provides guidance on implementing EDP auditing policies, improving information systems security, and managing the control function more effectively. EDPACS delivers the latest news and techniques to EDP audit, security, and IS professionals. DIRECTOR, INFORMATION SYSTEMS AUDIT June 1990 - January 1993 Office of the Provincial Auditor, Toronto, Ontario Responsible for the external comprehensive audits, that is, value-for-money, compliance and attest audits, of information technology of the Province of Ontario ministries, agencies, boards, and commissions. Also, responsible for providing information technology for the Office. Under my direction, the Office selected and installed LAN technology to improve knowledge worker productivity. Responsible for the planning of all audits and directing and controlling staff of ten. A member of the Management Committee. PRINCIPAL August 1987 - June 1990 Ernst & Young (formerly Clarkson Gordon), Toronto, Ontario As a national resource, responsible for the development of computer audit programs (such as program change control, access control and disaster recovery planning) and specialized computer education. To meet this objective, developed a knowledge-based system for use at the firm. Also, performed technical reviews of large, complex clients, such as banks, telephone companies, lotteries and service bureaux. Work involved detailed reviews of clients such as National Trust, International Trust, Royal Trust, Clarke Transport, Canada Packers, Eatons, Manufacturers Life, Canada Life, London Life, Co-operators Data Services Limited (CDSL), Datacrown (ISM), CSG (ISM), Policy Management Systems (ISM), Ontario Lottery, Florida Lottery, California Lottery and DST. Performed environment reviews on Toronto Dominion Bank, CIBC, Confederation Life, Ontario Hydro, Toronto Star, Harlequin, UCO, Ultramar and Ford to name a few. In addition, developed a comprehensive security programme for the Ontario Ministry of Agriculture & Food. CANADIAN SALES MANAGER July 1986 - July 1987 Digital Pathways, Inc., Toronto, Ontario As first Canadian Sales Manager for a high-technology California firm, the requirement was to establish an office and a reputation for the company. The company specialized in the manufacture of computing devices, such as timing control units, serial line clocks, communication monitors, controlled access system, encryption and user authentication devices. Primary focus of company was communications security. SENIOR CONSULTANT, DATA SECURITY March 1982 - June 1986 Bank of Montreal, Toronto, Ontario Primary duty was to provide a consulting service for new or existing projects. By presenting data security seminars, awareness was raised, so that consulting was requested at the beginning of any new project. In addition, performed duties as back-up RACF administrator. Developed cost-effective, security requirements for international and treasury systems, communications networks and management information systems. SENIOR CONTROL ANALYST, INTERNAL CONTROL October 1979 - February 1982 Bank of Nova Scotia, Toronto, Ontario Responsible for coordinating security and control reviews of software and applications systems in production or under development. Designed, developed and implemented a risk management program to cost-justify security resource allocation. Supervised a staff of four Control Analysts. Responsibilities included planning, directing and controlling the unit. EDUCATION & CERTIFICATION • Bachelor of Commerce (Honours), Carleton University • Certified Data Processor (CDP) • Certified Information Systems Auditor (CISA) • Certified Management Accountant (CMA) • Certified Systems Professional (CSP) • Information Systems Professional (I.S.P.) • Certified Information Systems Security Professional (CISSP) • Certified NetWare 3.11 Administrator (CNA) • Certified Computing Professional (CCP) • Certified Management Consultant (CMC) • Cisco Certified Network Associate (CCNA) • Certified Wireless Network Administrator (CWNA) • Certified Information Security Manager (CISM) • Accredited COBIT/CISSP Trainer • COBIT Foundation Certificate 2006 • ITIL v2/v3 Foundation Certificate • International Systems Security Professional Certification Scheme (ISSPCS) • Project Management Professional (PMP) • Six Sigma Green Belt (SSGB) MEMBERSHIPS • Computer Security Institute, 1994-1995, Advisory Board member • Information Systems Security Association (ISSA), Past President of the Toronto Chapter and 1991-1992 Recording Secretary, International Board • Institute of Certified Management Consultants of Ontario (ICMCO) • Society of Management Accountants (SMAO) • Information Systems Audit and Control Association (ISACA) • Member of International Who’s Who of Professionals CURRENT BOOKS/ARTICLES Hacking Wireless Network for Dummies, John Wiley & Sons, 2005. Co-author. Wireless Networks for Dummies, John Wiley & Sons, 2004. Co-author. Data Management: Data Destruction and Preservation, Part 2, EDPACS. Auerbach Publications. October 2003, Volume XXXI, No. 4. Data Management: Data Destruction and Preservation, Part 1, EDPACS. Auerbach Publications. September 2003, Volume XXXI, No. 3. Quis Custodiet Ipsos Custodes, EDPACS. Auerbach Publications. August 2003, Volume XXXI, No. 2. Microsoft’s Palladium—Friend or Foe?, EDPACS. Auerbach Publications. February 2003, Volume XXX, No. 8. TCPA: Who Can You Trust?, EDPACS. Auerbach Publications. December 2002, Volume XXX, No. 6. Configuring Cisco Reflexive Access Lists, Auerbach Publications (Monograph). 2002 number 46-60-12. Dysfunctional Controls: Useless, Impractical, Inefficient, and Poorly Designed, EDPACS, Auerbach Publications. September 2002, Volume XXX, Number 3. Configuring Cisco Denial-of-Service Security Features, Part 1, EDPACS, Auerbach Publications. June 2002, Volume XXIX, Number 12. Configuring Cisco Denial-of-Service Security Features, Part 2, EDPACS, Auerbach Publications. July 2002, Volume XXX, Number 1. Securing and Auditing Cisco Routers, Auerbach Publications-CRC Press, 2002. Auditing Microsoft's Internet and Acceleration Server, Auerbach Publications (Monograph). 2001 number 74-10-30. Teach Yourself Windows 2000 Server in 21 Days, SAMS Publishing, 2000. Co-author. Teach Yourself Windows NT Server 4.0 SP 4 in 21 Days, SAMS Publishing, 1999. Co-author. Computer Security for Dummies, IDG Books, 1996. Co-author. Securing Client/Server Computer Networks, Windcrest/TAB Books, 1996. Editor and contributor. N. B. For a current list of articles, please refer to http://www.pdaconsulting.com/cyber.htm. Also, you will find a list of current presentations at http://www.pdaconsulting.com/speak.htm. |
