Alan Calder
Steve Watkins

Anil Chiplunkar

Paulo Coelho

England

England

India

Portugal

Robert E Davis

Cindy Greatrex

USA

USA

Anil Chiplunkar

Vinod Vasudevan

Michael Krausz

India

India

Vienna

Cindy Greatrex

USA

Steve Watkins

Kersi F. Porbunderwalla

England

Information Security

Robert E Davis

Vinod Vasudevan

Peter Wood

Anil Chiplunkar

Dr Julie Mehan

James Ritchie

USA

India

England

India

USA

USA

Steve Watkins

Anil Chiplunkar

Paulo Coelho

England

India

Portugal

ISMS & Management System Auditing

Robert E Davis

Steve Watkins

Anil Chiplunkar

Michael Krausz

USA

India

Vienna

Steve Watkins

England

Alan Calder
Steve Watkins

Anil Chiplunkar

England
England
India

ISO 27001

Alan Calder
Barry Kouns
Steve Watkins

Anil Chiplunkar

Paulo Coelho

Vinod Vasudevan

Dr Julie Mehan

James Ritchie

Kersi F. Porbunderwalla

England

USA

England

India

Portugal

India

USA

USA

Alan Calder
Steve Watkins

Kersi F. Porbunderwalla

England
England

Alan Calder
Steve Watkins

England

England

USA

Dr Julie Mehan

USA

Michael Krausz

Vienna

Thejendra B.S

India

Steve Watkins

England

Vinod Vasudevan

James Ritchie

Michael Krausz

India

USA

Vienna

Recruiting/Staff Augmentation Solutions

Barry Kouns

USA

 Robert E Davis

Dr Julie Mehan

Cindy Greatrex

USA

USA

USA

Anil Chiplunkar

Vinod Vasudevan

Dr Julie Mehan

Michael Krausz

Cindy Greatrex

India

India

USA

Vienna

USA

Robert E Davis

James Ritchie

Kersi F. Porbunderwalla

USA

USA

Barry Kouns

USA

Barry Kouns

USA

Robert E Davis

Vinod Vasudevan

USA

India

Calder, Alan

Alan Calder is an international authority on information security management.  He led the world’s first successful implementation of BS 7799, the information security management standard upon which ISO 27001 is based, and with Steve Watkins wrote the definitive compliance guide for this standard, ‘IT Governance: A Manager’s Guide to Data Security and ISO27001/ISO27002’.  The 3rd edition of this book is the basis for the UK Open University’s postgraduate course on Information Security.

He is a consultant to companies including Cisco.  He regularly blogs on IT security issues at www.alancalderitgovernanceblog.com.

Email your questions to Alan at: acalder@itgovernance.co.uk

Thejendra B.S has 17+ years of experience in IT support, disaster recovery, business continuity, IT asset management and other related areas. Starting as a computer field engineer in the previous century he has also been directly or indirectly involved in a range of technical project implementations. He has worked in Saudi Arabia, Dubai, Bahrain, Qatar and Australia, and has interacted with countless flavors of customers and organizations of all sizes. He is also a life member of the Bangalore Management Association. Prior to entering the IT waters he was a lecturer in electronics for a short duration in 1989.

Apart from IT work, he is also a writer and author. He has written books like Disaster Recovery & Business Continuity and Practical IT Service Management, both published by IT Governance Publishing, U.K and other books on business humor and self improvement. He also pens articles and books on technology, self improvement, workplace humor, business management and a variety of other topics. His articles have appeared on many reputed websites like geekleaders.com, cio.com, techrepublic.com, cnbc.com, ezinearticles.com, itmuseum.org, drj.com, thecareermag.com sourcingmag.com and many ezines and blogs. A couple of his humor articles were also published by Swift magazine, an in-house magazine published by Harvard College in Cambridge, MA .

Contact him on thejendra@yahoo.com . Visit his web cave www.thejendra.com for his free articles and details of his books.

Anil has 23+ years of experience in Information Systems and is working in the information security space for last 9+ years. He is a Certified Information Security Manager (CISM), Certified Fraud Examiner (CFE), and Certified Lead Auditor for ISO27001 and BS7799. He had managed multiple consulting projects for implementation of information security management system (ISMS) for variety of clients. During ISMS projects he handled formulation of security strategies, policies, procedures, Information Security Audits and IS Risk Assessment. He was involved in advising his clients for establishing and improving the holistic information security posture for the individual organizations which includes areas like information technology, physical and environmental security, logical access controls, security in information systems development process etc. He has substantial experience in SUN ERP- financial modules and has implemented it end-to-end. He was the principal design consultant for Finance Workflow Management software using Lotus Notes. He as a consultant had developed and implemented Forex Management software for one of the renowned bank in India.

Worked across Asia Pacific, Middle East Countries: India, Nepal, Sri Lanka, Hong Kong, Singapore, Japan, Korea, Taiwan, Indonesia, Malaysia, Philippines, Thailand, Saudi Arabia, Jordan, Oman, Bahrain and Australia.

Anil can be contacted at anilchiplunkar@gmail.com

Paulo Coelho has participated in several ISO 27001 projects in leading Portuguese institutions. From the year 2000 onwards he has worked successively in IT security, network security, information security and, at the moment, he is strongly involved with risk and compliance management projects. In those projects he led the development and application of compliance tools against COBIT 4.1, Solvency II, internal IT procedures, etc.

He currently holds a couple of information security qualifications (CISSP, CISA, ISO 27001 Lead Auditor, ISO 27001 Consultant), apart from IT certifications (Cisco´s CCNA and CCDA and Microsoft´s MCSE) and a Master in Information System Management.

Paulo is also a part-time University lecturer and Trainer and his memberships include IT Security Normalization Commission in Portugal (CT 163), ISACA and (ISC)².

Currently Paulo is working at KPMG at Information Protection Services (IPS) and when he is not working, he is editing the Information Security Community Portugal website at www.ismspt.blogspot.com, or studying for another certification, he enjoys hiking in mountains with his spouse.

Paulo can be contacted by email at pcoelho@kpmg.com

Robert E. Davis is an independent management audit consultant, a Pleier Corporation author as well as a Boson Software, Inc. author and instructor. His IT audit specializations include Control Objectives for Information and related Technology, Sarbanes-Oxley Act, and the Foreign Corrupt Practices Act. Regarding information security and privacy, Robert is available to provide International Organization for Standardization-27002, U.S. Federal Information Security Management Act, Gramm-Leach-Bliley, and Basel II consulting. Furthermore, his primary computer technology research interests are databases, operating systems, and distributed information systems processing.

As a CISA, Robert has provided data security consulting and information systems auditing services to the U.S. Securities and Exchange Commission, the United States Enrichment Corporation, Raytheon Company, the U.S. Interstate Commerce Commission, Dow Jones & Company, and Fidelity/First Fidelity (Wachovia) corporations. In particular to management information systems, some of his professional software and hardware experience includes MVS, UNIX, Windows, Oracle, Clarity, the International Money Management System, MS-Project, PERL, COBOL, PASCAL, DEC, IBM, Tandem, Compaq, and DELL.

Robert graduated from Temple University and West Chester University of Pennsylvania with a Bachelor of Business Administration and Master of Business Administration degree, respectively. While attending Temple University, his major areas of study were Business Law and Accounting. He successfully completed the requirements for a Management Information Systems subject major at West Chester University. Robert also obtained the Certified Information Systems Auditor (CISA) certificate, after passing the 1988 Information Systems Audit and Control Association’s rigorous three hundred and fifty multiple-choice questions examination and was conferred the Certified Internal Controls Auditor (CICA) certificate by the Institute for Internal Controls.

Lastly, Robert's workbook credits include: "IT Auditing: An Adaptive Process", "IT Auditing: Information Assets Protection", “IT Auditing: Information Security Governance," IT Auditing: Irregular and Illegal Acts", "IT Auditing: IT Governance", "IT Auditing: IT Service Delivery and Support" and "IT Auditing: The Process".

Email your questions to Robert at: bobdcisa@yahoo.com

Cindy has been actively involved with IT for over 15 years, most notably in Telecom and Network Security.  At present she is the Vice President of Channel for Security integrator Integralis. Technology proficiencies include: Enterprise Managed Security Services, SaaS Design/Delivery, Identity and Access Management, Strong Authentication, Intrusion Detection/Prevention Systems, Security +, Virtualization, NAC, SOA, Enterprise Risk Management, Corporate Governance Risk and Compliance suites (ITIL, SAS70 II, COBIT, NERC/CIP, ISO/IEC, SCADA, NIST, FDIC/OCC, SOX). BC/DR, Enterprise Mobility Management, Unified Communications, SAP Security, Vulnerability Management, Sustainable Compliance, Security Policy Design, Forensic Analysis, Cloud Security, Biometrics, Recoverable Network Architecture, BGM/MITM Defense, Enterprise Dynamic Access Control, Change Management, Security Metrics and Measurements, Vulnerability Assessments, Critical Infrastructure Protection and Legacy Data Remediation. Certified in Aviation Security. Author of noted whitepapers on advances in cochlear implant technologies.

Email any questions to Cindy at cindy.greatrex@diplomats.com

Kouns, Barry

Barry Kouns, is principal and information security director for SQM-Advisors, an Information Security, Quality Systems and IT Service Management consultancy.

Barry leads SQM-Advisors’ pre-certification consulting and training services in the areas of ISO 27001, ISO 20000 and quality management systems. With over 25 years of experience in information security consulting, quality management and professional staffing, Barry has performed work for financial, healthcare, defense, insurance, manufacturing and aerospace companies.

He is a trained BS7799/ISO 27001 lead auditor and implementer and was the lead consultant responsible for guiding the Federal Reserve Bank of New York to the first ISO 27001:2005 certification in North America.

Barry is an accomplished presenter and trainer and has contributed to numerous information security articles for leading IT, banking and financial publications. He holds a BS in Statistics from Virginia Tech and a MS in Industrial Engineering from NDSU.

Mr. Michael Krausz studied physics, computer science and law at the University of Technology Vienna and Webster University Vienna. He is a Certified ISMS Manager and Auditor as well as a licensed professional investigator. Pioneering information security in Austria since 1995 he designed the first training class for a modern comprehensive approach on information security in 1998, the technical examination questionnaire for all future ISO 27001 auditors in Austria in 2002 and a two-year training program on Computer Forensics for a foreign public sector customer. After 10 years as system administrator and IT-Manager he now serves as a consultant for national and international corporations in a consulting, training and investigations capacity.

Dr Julie Mehan is a Principal Analyst for a strategic consulting firm in the State of Virginia. She has been a career Government Service employee, a strategic consultant, and an entrepreneur – which either demonstrates her flexibility or inability to hold on to a steady job! Until November 2007, she was the co-founder of a small woman-owned company focusing on secure, assured software modernization and security services. She led business operations, as well as the information technology governance and information assurance-related services, including certification and accreditation, systems security engineering process improvement, and information assurance strategic planning and programme management. During previous years, Dr Mehan delivered information assurance and security-related privacy services to senior department of defence, federal government, and commercial clients working in Italy, Australia, Canada, Belgium, and the United States.

She served on the President’s Partnership for Critical Infrastructure Security, Task Force on Interdependency and Vulnerability Assessments. Dr Mehan is Chair for the development of criteria for the International System Security Engineering Professional (ISSEP) certification, a voting board member for development of the International Systems Security Professional Certification Scheme (ISSPCS), and chair of the Systems Certification Working Group of the International Systems Security Engineers Association. She also serves as an Associate Professor at the University of Maryland University College, specializing in courses in Information Technology and Organizational Structure, and Ethics in Information Technology.

Dr Mehan graduated summa cum laude (with highest honour) with a PhD from Capella University in Organization and Management, focusing her research into challenges facing Chief Security Officers in large government and commercial organizations and development of a dynamic model of Chief Security Officer leadership. She holds a Master of Arts with honours in International Relations and Law from Boston University and a Bachelor of Science degree in History and Languages from the University of New York. Dr Mehan was elected 2003 Woman of Distinction by the Women of Greater Washington and has published numerous articles including Framework for Reasoning About Security – A Comparison of the Concepts of Immunology and Security; System Dynamics, Criminal Behavior Theory and Computer-Enabled Crime; The Value of Information-Based Warfare To Affect Adversary Decision Cycles; and Information Operations in Kosovo: Mistakes, Misteps, and Missed Opportunities, released in Cyberwar 4.0. Dr Mehan is also fluent in German and has conversational skills in French and Italian. 

Porbunderwalla, Kersi F.

Watkins, Steve

Steve is co-author of the book on IT Governance, and provides consultant and training services for IT Governance Limited.

Steve has held posts with HM Crown Prosecution Service Inspectorate, London Underground, Focus Central London, Business Link, a large photocopier sales and service organization and in local Government. In his various roles he has been responsible for most support disciplines. He has over 17 years' experience of managing integrated management systems, including maintenance of Information Security, Quality, Environmental and Investor in People certifications. As well as being a trained ISO27001 and ISO9000 lead auditor Steve is a trained EFQM Assessor and holds diplomas in safety and financial management.

He is Chair of the ISO/IEC27001 User Group, the UK Chapter of the ISMS International User Group, and also sits on the Management Committee of the British Standards Society where he chairs the Corporate Governance Group.

Email your questions to Steve at: swatkins@itgovernance.co.uk

Vinod Vasudevan, CISSP, is a co-founder of Paladion and has over 13 years of experience in technology and information risk management domain. As the Director for Managed Risk Services at Paladion, Vinod has serviced large enterprise organizations across the globe for setting up of integrated risk management systems and for stream lining system based operations. He has held key technical positions with global firms including Microsoft. He is the co-author of "Application Security in the ISO27001 Environment" and "Enhancing Computer Security with Smart Technology". He has also authored several papers.

He wrote the chapter ‘Application Security and ISO27001’.

Contact Vinod at vinod.vasudevan@paladion.net

Wood, Peter

Peter Wood founded First Base in May 1989 as a vendor-independent consultancy. The firm now provides security testing and audit services to clients including B&Q, Bradford & Bingley, Co-operative Group, the Learning & Skills Council, Skipton Building Society and Xchanging. Peter has hands-on technical involvement in the firm on a daily basis, working in areas as diverse as penetration testing, social engineering and skills transfer.

Peter’s innovative and entertaining speaking style has led him to present to the boards of the largest international companies as well as at international conferences on many IT security-related topics. He has made several documentaries with the BBC and was recently rated the British Computer Society’s number one speaker.

Peter has worked in the electronics and computer industries since 1969. During the mid 1970's, he ran the UK operation for Raytheon International Data Systems: a major supplier of wide area network systems for airlines. He also provided training for customers and staff at Raytheon's headquarters in Amsterdam.

In 1979, he founded Amplicon Micro Systems: one of the first personal computer dealerships in the UK. Amplicon grew to be one of the largest suppliers of personal computers in the South of England. In 1983, Amplicon gained IBM Systems Centre accreditation, specialising in network systems and host connectivity. As a main board director, Peter was responsible for all technical issues and staff training.

Peter Wood is a Fellow of the British Computer Society and a member of the BCS Register of Security Specialists.

Peter has a blog site address which is http://fpws.blogspot.com/.  Contact Peter at peterw@firstbase.co.uk