About Us

---

We improve your business by improving your internal controls!

We are a professional services firm focused on managing business risks. We specialize in internal auditing, physical and cybersecurity, regulatory compliance, fraud prevention and detection, project management, and training.  We are a sponsor of the National Association of State Boards of Accountancy (NASBA) and are authorized to issue Continuing Professional Education (CPE) credits to our seminar attendees.

We recognize the need for organizations to run their operations in a cost-effective manner.  We collaborate with your staff to deliver sustainable solutions.  We have deep expertise in financial services, aerospace & defense, IT, manufacturing, distribution, retail, healthcare, and service industries. 

Our audits include consultations, walkthroughs, and document inspections to map your:

- organizational objectives,

- risks and problems that impede or could impede those objectives, and

- internal controls designed to mitigate risks.

We deliver a comprehensive yet concise report based on our independent assessment of your internal controls to balance the risks.  This confidential report has pragmatic, risk-ranked suggestions to tighten up your internal control gaps, and identifies corrective actions with cost analyses, accountabilities, and proposed implementation schedules.

We can develop or critique your policies and procedures to comply with internal and external requirements, shore up your internal controls, and improve your posture with clients, customers, suppliers, auditors, and regulators.

Our Principal Consultant

David S. Marshall, MBA, CISA, CFE, CFS, is the Founder and Chief Executive Officer of Infotech Global Audit and Security, Inc., a consulting firm specializing in internal auditing, physical and cyber security, regulatory compliance, risk management, and fraud prevention and detection. He is also the Co-Founder of Corporate Compliance Seminars, a NASBA-sponsored corporate training organization that delivers Continuing Professional Education (CPE) to Boards of Directors, Audit Committees, Auditors, and Compliance, Accounting, Legal, Security, and IT professionals.

David has managed and performed hundreds of audits, security assessments, fraud investigations and Sarbanes-Oxley Act compliance activities over his 25+ year career.  He has researched and authored CPE seminars and has trained thousands of professionals.  He is the developer of the “Internal Auditing” series of seminars, “Understanding SSAE 18 SOC Audits”, “SOX and COSO Compliance”, “Frauditing”, “Best Practices for Audit Committees”, “The Art of Audit Report Writing”, “Continuous Auditing”, “World Class ERM”, “Managing Audit Quality”, “Cybersecurity Excellence”, and many others.

David is an authority on designing, implementing and assessing internal controls.  Prior to Infotech and Corporate Compliance, he headed up an internal auditing, IT, and compliance practice of a worldwide U.S. Aerospace and Defense corporation and was a Senior Manager in the Management Consulting and Auditing practices of a Big 4 CPA firm.

David is an expert in internal control, IT, and assessing compliance with the Sarbanes-Oxley Act.  Since its ratification in 2002, he has helped dozens of companies with all aspects of their Sarbanes-Oxley compliance projects, including project management, security and control policy development, and the detailed testing of controls.  Dave helps companies implement COSO’s latest release of the Internal Control Integrated Framework (“COSO ICIF 2.0”), including Enterprise Risk Management (ERM) programs, SSAE SOC audits, SOC Readiness Assessments, Cybersecurity/ ISO/ NIST 800 audits, and internal control “design, implementation and operation” assessments. Dave is an accomplished Business and IT Auditor with global experience in many industries including government agencies. He has helped companies of all sizes…from start-ups to multi-nationals, “improve their business by improving their internal controls”.

His unique perspective as a business owner, consultant, financial system analyst, enterprise software implementer, auditor, and trainer allow him to make practical, cost-effective recommendations for improving profitability and internal control. He has a Master’s Degree in Business Administration (MBA), is a Certified Information Systems Auditor (CISA), a Certified Fraud Examiner (CFE), and a Certified Fraud Specialist (CFS).

David is the former six-year President and Chair of the Board of Directors of the Greater Chicago Chapter of the Association of Certified Fraud Examiners (ACFE).  He is a Board Member of the ACFE Worldwide Advisory Council.  He was the Vice Chairman of the International Institute for Outsource Management (IIOM) and was a contributor to the Outsource Management Body of Knowledge (OMBOK).  He was a member of the Advisory Board of the College of Business Administration of a university.  He was a Board Director of the Chicago Chapter of the Information Systems Audit and Control Association (ISACA) and was the Technology Committee Chairperson of the Institute of Internal Auditors (IIA) International Conference.  He held a security clearance with the U.S. Department of Defense and worked on classified government projects.  He continues to consult to the U.S. Defense industry.

David is technically proficient, outgoing, and active in professional associations, charitable organizations and community affairs.  He conveys to his clients that “you cannot improve what you do not measure” and “internal controls should balance risks, not outweigh them”. Internal controls can help organizations achieve their objectives, and David is committed to implementing them in a reasonable, cost-effective manner.