Daniel Neal (risk and security)
|Last online||20th Dec 2011|
|Member since||23rd Jun 2010|
|Number of views||1410|
|Number of posts||39|
|Number of testimonials||4|
we protect our clients from computer crime, fraud and breaking the law
you need to protect your business and your customers from the real threats.
- 1 in 5 crimes is an e-crime;
- last year alone there was a 74% increase;
- the average cost per incident is over £10,000!
the old way of doing things, including antivirus, clearly isn't working.
Daniel is an information security and risk management specialist with over fifteen years experience in IT operations and security. He has provided advisory and audit services to large and medium sized corporate and public sector clients. Daniel has spent over three years working internationally within an internal audit department. He has experience with companies located in Europe, South America and North America and has spent a year in the USA providing internal audit, compliance and advisory services within a large financial services company.
Daniel adopts a risk based approach to engagements that has consideration of the businesses goals, its risk appetite and the threats to the business in achieving its objectives. He applies an understanding of the underlying business process and controls, as well as the supporting IT systems, to deliver focused services that provide businesses with valuable information on their exposure to risk, and real world recommendations to support their decision making.
Key achievements include:
- Operational and IT audits for the protection of data and non repudiation of transactions
- Leading the vulnerability assessment and Operating System review of customer web portals
- Reviews of application security for in-house and outsourced software development projects
- Physical security reviews of IBM and EDS data centres
- Security review of a major government database containing personally identifiable information
- Creation of penetration and vulnerability assessment services
- IT governance reviews supporting managements decision making
- Project assurance roles in public and private sectors for multi million pound projects
After graduating University, Daniel worked within Information Technology departments. With experience of IT operations he specialized in infrastructure security and worked in both wholesale distribution and e-business hosting, with many of the world's top IT companies as clients.
Daniel transitioned to IT Audit in 2002, where he spent three and a half years with RSM Robson Rhodes working within the risk advisory services department for public and private sector clients. As well as conducting business process engineering, internal audit and supporting financial audits, he also developed the company's penetration and vulnerability assessment service offerings. Daniel also applied his operational IT experience to the execution of technical audits including a review of security for a government departments Personally Identifiable Information (PII) database, and he provided training and education for other IT auditors in new technologies.
Daniel spent more than three years working in the financial services sector, for Ally Financial (GMAC) the financial services provider of General Motors. He has experience in conducting advisory work and audits within the sectors of mortgage, auto finance and the highly regulated US banking sector.
In his role within GMAC Daniel was an international IT Audit Manager spending more than 75% of his time leading reviews in overseas operations, where he experienced many different country regulations and operations. He received a 12 month secondment to the corporation's headquarters in Detroit, USA. In his time there he provided risk advisory services in the company's drive to implement an Identity Access Management solution as well as security and operations reviews of the outsourced IT service providers. He also led infrastructure reviews and vulnerability assessments of corporate servers. Daniel is a Certified Fraud Examiner and whilst in the USA he applied his skills in the regulatory bodies' requirements for fraud prevention, anti money laundering and the protection of personal information.
Daniel is a member of the Association of Certified Fraud Examiners (ACFE), International Information Systems Security Certification Consortium (ISC2), Information Systems Security Association (ISSA), Audit Director Roundtable, Information Systems Audit and Control Association (ISACA) and Institute of Internal Auditors (IIA).
He is a Certified Fraud Examiner, Certified Information Systems Security Professional, Certified Information Systems Auditor and Certified in the Governance of Enterprise IT.