From the Author
Excerpts from a guest author interview with Robert E. Davis by Saurabh Sharma
Saurabh : Welcome to my blog Robert E. Davis. Shall we begin?
Robert: Yes. However, before we start the interview, I thank you for contacting me and enabling readers to acquire an enhanced perspective regarding my professional writings.
Saurabh: You are Welcome. Here is my first question to you:
Readers know you as an Author. But there is always something more than that. I would like to know the real you. How would you describe yourself as a human being?
Robert: I consider myself a courteous, articulate, spiritual, inquisitive, polite, and determined individual pursuing the 'American Dream' through my acquired knowledge and experience.
Saurabh: How and when did you decide that you wanted to write a book?
Robert: As I recollect, I was sitting in front of a library computer, when epiphany struck in December 2001 to write a detail, yet general, workbook regarding the IT audit process.
Saurabh: Who has been a real help from your family in your journey as an author?
Robert: From encouragement to commentary, all of my family members have aided me in becoming an author.
From the Inside Flap
Explicitly or implicitly, safeguarding assets is an inescapable fiduciary obligation bestowed on managers; whether the entity exists for-profit or not-for-profit. Fiduciary duties are an inherent managerial responsibility correlated to accountability that can be conveyed through legislation, regulation, or expectation. Foundationally, an operating entity's very existence is usually heavily dependent on how well employees safeguard assets utilized in fulfilling the organizational mission. Assumption for safeguarding assets should span the entity's total tangible and intangible resources. Specifically, information and associated technologies are assets requiring appropriate investments in protective measures to retain intrinsic value.
Generally, three unique elements are required for adequate information security architectures: people, processes and technology. For most entities, designing and operating adequate safeguards is an extremely complex process requiring a total compliance commitment from every employee empowered to access information assets. Absence of any one of the information security architectural components can create a weak link in safeguarding information assets and hinder security control usefulness.