About the Author
Xenia Ley Parker, CIA, CISA, CFSA, is an IT auditor with over 22 years of experience. Principal of her own firm since April 2000, Xenia joined Marsh, Inc., as Vice-President, Compliance Enterprise Technology Group, in 2004. In 2006 she assumed the position of Senior Audit Director, MMC, with global IT audit responsibility. With Coopers & Lybrand LLP for 14 years and Ernst & Young for three years, she served clients in telecommunications, financial services, retail, manufacturing and nonprofit organizations. Xenia has developed and implemented audit methodologies, risk assessment tools, seminars, policies and procedures, and collateral material for internal and external auditors. With CBS Inc. for six years, she was Associate Director--Production of the UNIX-based data center for CBS/AT&T Venture One, one of the earliest online services tests, which evolved into today's Prodigy. Xenia developed the IT content in the Committee of Sponsoring Organizations (COSO) study, Internal Control--Integrated Framework, has written numerous Information Systems Audit and Control Association (ISACA) and Institute of Internal Auditors (IIA) monographs, and is author of the Critical Infrastructure Assurance Office (CIAO) U.S. Department of Commerce reports--Information Security Governance: What Directors Need to Know and Building, Managing and Auditing Information Security, the e-Risk Primer, and the Handbook of IT Auditing, 1st through 3rd editions. A frequent presenter at major conferences, Xenia was adjunct Assistant Professor of Information Systems at New York University for four years. Member of the IIA and ISACA, Certified Information Systems Auditor (CISA) and Certified Financial Services Auditor (CFSA), she is on the IIA's International Professional Conferences Committee (formerly on Advanced Technology), and the Board of Governors, IIA New York chapter.