Mark Salamasick CIA, CISA, CSP, served as the Research Project Leader for The IIA Research Foundation on this project. He is director of a newly created IIA Endorsed Internal Audit Program at the University of Texas at Dallas. The program has a significant emphasis on technology, information security, and business process design. He teaches "Information Technology Risk Management," "Business Process Design and Internal Audit," and "Financial Statement Analysis" at the University. He also is a principal with Coordinated Risk Management and Audit, which performs independent audit and risk management services.
Mark was previously with Bank of America for over 20 years where he worked until the end of 2002. During his last two years at the bank he was in a role of Senior Vice President of Internet/Intranet Services. The group was responsible for all Web-hosting services and infrastructure for the bank. In that capacity he was responsible for establishing and chairing the process for all e-business architecture standards and products. Prior to that he served in the role of Senior Vice President and Director of Information Technology Audit at Bank of America. He worked within the Internal Audit Group of the bank for 18 years and gained experience in technology, financial, and operational auditing. He had responsibility for partnering and auditing technology, information security, and business continuity during those years. Prior to joining Bank of America, he was a senior consultant at Accenture (Andersen Consulting).
Mark has worked in various capacities with The IIA, including the last three projects related to Systems Auditability and Control (SAC) in 1990, 1993, and 2001. He recently completed a Handbook for The IIA, Auditing Vendor Relationships. He is published in the areas of internal audit, information security, and business continuity.
Charles Le Grand, CIA, CISA, CDP, is Assistant Vice President of Technology Practices for The Institute of Internal Auditors (IIA). He provides direction to all areas of The IIA in the use of technology to deliver programs and products for the internal auditing profession, and addresses current and emerging issues in technology that impact the profession. This includes research and educational programs to study and promote progress of the profession and individual internal auditors. He was Director of Research for The IIA Research Foundation before accepting his present position.
Le Grand is staff liaison to The IIA’s International Advanced Technology Committee. He serves on the Board of Directors of the Partnership for Critical Infrastructure Security, on the Advisory Board of the Center for Continuous Auditing, and interfaces with other organizations concerned with technology and its security, control, auditing, and educational aspects. He also was IIA’s staff member responsible for the landmark Systems Auditability and Control (SAC) research projects in 1990 and 1993, and the Information Security Management and Assurance report series and audit summits in 2000 and 2001.
