• Currently in the process of piloting a public-key infrastructure (PKI), including the implementation of a X.509 Certificate Authority and LDAP-compliant Directory Services (based on "Entrust"). The PKI supports encryption applications that include electronic-mail, Virtual Private Networks, secure remote access to the corporate network via the Internet, and secure sessions (world-wide web, telnet, file transfer protocol, and specialized client / server applications) within the corporate network.
   
• Reviewed and evaluated computer security mechanisms available and implemented as part of advanced client-server network architectures. Computers used included multiple UNIX/Oracle database severs connected to clients via TCP/IP and X.25 networks. Recommended improvements to better protect key customer records and system functions within a high-profile financial services environment.
   
• Designed a security architecture for a province-wide, multiple-protocol communications network, connecting government ministries using different computing platforms, local area networks, and other data sources such as voice and video. Architecture defined specific security mechanisms required in each network component to protect critical information resources.
   
• Designed a security architecture for a widely distributed financial application. Addressed security objectives, requirements, and techniques across multiple operating systems (MVS and VMS), network protocols (SNA, DECnet), and public and private data networks. Architecture served as security evaluation criteria for all subsequent system development.
   
• Developed and implemented strategies and guidelines for business contingency and disaster recovery planning. Decreased risk of loss of critical processing capabilities.
   
• Developed and implemented corporate security policy in conjunction with client security staff. Increased employee awareness and understanding of security implications in the business.
   
• Planned and executed specific procedures to address the resignation or termination of key client security personnel. Protected information resources from possible repercussions.

• Designed, evaluated, and tested controls within wide scope of sophisticated financial application systems. Applied skills to address control requirements of non-traditional and highly-complex information systems, such as those using "Electronic Data Interchange". Through automation of control mechanisms, enhanced reliability of information, and reduced need for labour-intensive manual control procedures.
   
• Developed and executed creative automated techniques for system testing and data analysis. Increased efficiency and effectiveness of testing efforts.

Assisted audit staff to deal with audit requirements within a variety of complex information systems environments. Identified controls within client financial application systems, and designed appropriate approach which reduced auditors’ level of risk. Designed computerized techniques for audit analysis, and to replace labour-intensive audit procedures.

• Designed and currently deliver several multi-day courses on computer and network security. To date, the courses have been presented to audit and security professionals in over 35 cities on six continents. The courses feature hands-on use of UNIX and other client/security mechanisms, including encryption software, and cover key security and audit issues for both stand alone and networked environments. One course, titled "Practical Applications of Encryption" introduces encryption theory and practice, including the implications of using Public-Key Infrastructures.
   
• Co-author of Teach Yourself NetWare in 14 Days (Sams Publishing) and Wireless Local Area Networks: Technology, Issues, and Strategies (McGraw-Hill), both distributed internationally.
   
• Delivered two full-credit courses at Ontario universities on the subject of computer audit and security.
   
• Regular speaker on the topic of computer audit, control, and security at seminars throughout the world.