P.O. Box 461
Ballwin, MO 63022
(314) 961-2660 ext. 7544
CURRENT POSITION
Webster University - School of Business and Technology, Department of Management. Professor of Management (tenured). January 1998 to present. Responsibilities include teaching doctoral and graduate computer resource management courses, chairing doctoral candidate committees, and supervising graduate internships and independent study programs.
Since the inception in 2000 of Webster’s online distance learning program, I have designed and taught courses in the computer resource management discipline.
Millikin University - Tabor School of Business. August 1987 to December 1997 Associate Professor, Management Information Systems (tenured 1993). Responsible for providing course instruction, in the following disciplines: business ethics, EDP auditing, production/operations management, structured analysis and design, decision support systems, management information systems, network/data communications, COBOL programming, and introductory data processing courses.
· Designed, implemented and currently direct an annual spring break EDP/Financial Auditing internship program. In its first year, ten students participated in a week-long IT audit at the corporate headquarters of American Automobile Association (AAA). Through personal contacts with the Director of Data Security for AAA, I arranged for the students to receive on-the-job experience by performing an audit of software copyright compliance, a review of key management systems, and a general security audit. The student audit team provided over 600 hours of field-level audit work for AAA, during the week. Audit team members worked with operations management, participated in a breakfast lecture series, and met with AAA's President and CEO.
This internship program provides both a link between the classroom EDP auditing course, and practical, hands-on EDP audit experience.
· Director, Tabor School Microcomputer Center. Management responsibility for daily operations of the 35 workstation Center. Hiring and monitoring of 40 student operators, and lab assistants. Payroll distribution and inventory control. Annual budget $12,000.
· Program Director, Tabor School Computer Camps. Organized, developed, implemented and directed Winter and Summer computer camp programs sponsored by the Tabor School, for fourth, fifth and sixth grade students as well as high school students from the surrounding communities. In its first summer of operation, the program was a financial success, generating additional revenue for the Tabor School's departmental budget.
This additional revenue was used in part, to offset Tabor School faculty expenses incurred in attending continued professional development programs. (Program began in 1988). The computer camps brought numerous reporters to campus and provided positive publicity for Millikin, generating interviews on several occasions by the local television station and the community's daily newspaper.
· Expanded and enhanced the MIS curriculum by developing and implementing two separate upper division (400 level) courses: IT Auditing and Network/Data Communications. The IT Auditing course not only increased the potential career opportunities for MIS students upon graduation, it also prepares students to sit for the Certified Information Systems Auditors (CISA) examination. The Network/Data Communications course exposes the MIS student to the concepts and technologies of voice/data telecommunications in practical business applications, for stronger data/information management.
· Assisted in securing industry internship experience for MIS students. Duties include administering the individual internship programs, and providing a contact reference between the University and industry representatives. To date, I have secured over seventy internship opportunities for MIS students. One of these internship opportunities, involved seven MIS students for a period of eight months, providing microcomputer consulting services for an area consulting firm.
University and Departmental Committee Appointments – Webster University
Academic Computing Advisory Committee
School of Business Doctoral Admissions Committee
School of Business Electronic Commerce Committee
School of Business Curriculum Committee
University Public Safety Committee
AACSB Advisory Council for Educational Services (2001 - present)
Chair, Institute of Internal Auditors, Saint Louis Chapter, Education Foundation
Board member, Saint Louis Business Community and FBI joint initiative InfraGuard Chapter
PROFESSIONAL EXPERIENCE
Business Automation Consultants, LLC: November 1984 to Present.
www.businessautomationconsultants.com
Founder and CEO. Continue as president of this specialty audit firm, which provides worldwide, contract information technology (IT) audit and training services. Coordinate a nation-wide professional audit staff, which provides complete information technologies audit support in areas such as:
· pre-assessment ISO 9000 certification audits
· pre-, post- and operational audits of electronic data interchange (EDI) applications;
· business continuity, contingency plan and incident management development and audit; site security reviews and evaluations;
· training and seminar presentation for all levels of the information technology (IT) and financial audit function; office automation analysis and design;
· application system life cycle analysis and development for financial, insurance, health services, and manufacturing corporations.
Audit Advisor: 1985 to 1987
Co-founded and served as managing editor, until its sale in 1987, of this ten-page professional newsletter, published monthly for internal and external auditors in the areas of IT, financial, and operational auditing.
The Dun & Bradstreet Corporation: May 1982 to October 1984.
Senior IT Auditor. Established the IT audit function for this multi-division, multi-national, Fortune 500 information services corporation, with sixteen major data processing centers worldwide.
· Recruited and directed a staff of five IT auditors.
· Managed and performed operational, application systems, and data center audits.
· Supervised and planned pre- and post-implementation systems audits and third‑party audits; reviewed internal controls over data bases, telecommunications systems, insurance, marketing, publishing, and on-line financial information delivery systems; designed detailed audit programs used by audit staff.
· Prepared comprehensive audit reports for presentation to both division and corporate senior management, as well as to external auditors.
The Hartford Insurance Company: June 1980 to May 1982.
Systems Audit Consultant. Provided staff IT consulting services to this major New England-based insurance corporation (a division of ITT) to determine that systems, in conjunction with data processing management and unit operating management, designed and administered data processing applications in accordance with established corporate policies and internal control standards.
· Performed operational audits of newly developed computer applications; provided unit management with an evaluation of internal and external controls inherent to those applications.
· Identified deficiencies and recommended improvements to ensure the adequacy and effectiveness of those applications. Directed staff auditors performing audits of those newly developed applications.
Uniroyal Corporation: June 1977 to May 1980.
IT Auditor. Executed operational, financial, and security control audits for this multi-division, multi-national Fortune 200 manufacturing corporation with twenty seven major data processing centers and thirty operating components worldwide. Traveled and lived extensively in Europe, Mexico, Africa, the Far East, North, South and Central America, on various audit-related assignments.
Adjunct Teaching Experience: September 1984 to May 1987
Held the position of Adjunct Professor, teaching management information systems courses at both the graduate and undergraduate levels, with the following Connecticut academic institutions:
· University of New Haven (graduate school) 1984-1987
· Post College (undergraduate) 1987
· Quinnipiac College (undergraduate) 1986
· Sacred Heart University (graduate school) 1985
EDUCATION
|
1995 |
Ph.D. |
Business Administration/Management (emphasis Information Technology) Walden University, Minnesota Dissertation topic: Ethics and Auditor Judgment |
|
|
|
|
|
1982 |
MBA |
Finance University of New Haven, Connecticut |
|
|
|
|
|
1977 |
BS |
Systems Management and Management (dual degree) Bryant College, Rhode Island
|
PROFESSIONAL CERTIFICATIONS
|
2005 |
Certified CobiT Trainer, Information Systems Audit and Control Association |
|
2004 |
NTI and OSU certified Computer Forensics Specialist |
|
1998 |
Certified Financial Services Auditor (CFSA) |
|
1994 |
ISO 9000 Lead Assessor Certification |
|
1988 |
Certified Information Systems Auditor (CISA) |
|
1987 |
Certificate in Data Processing (CDP) |
|
1986 |
Certified Office Automation Professional (COAP) |
|
1985 |
Certified Quality Analyst (CQA) |
|
1984 |
Certified Systems Professional (CSP) [renamed CCP] |
PROFESSIONAL AFFILIATIONS
Chair, Educational Foundation Committee, Saint Louis Chapter, Institute of Internal Auditors
Board of Directors, Saint Louis Chapter, Institute of Internal Auditors
Member, past Board of Director, Tau Kappa Epsilon (Beta Chapter)
Editorial Board Review Member Information Resources Management Journal
Recipient of the Institute of Internal Auditors Leon R. Radde Educator of the Year Award for 2000. This award is presented annually to the individual who has made significant contributions to the advancement of internal auditing and education in colleges and universities.
Marcella, A., Sampias, W., and Kincaid, J., (2006). Study Guide for the Certified Financial Service Auditor Professional Examination, Institute of Internal Auditors, Maitland, FL, www.theiia.org, ISBN (pending release in February 2006).
Marcella, A., Stucki, C., (2004), Business Continuity, Disaster Recovery and Incident Management Planning: A Resource for Ensuring Ongoing Enterprise Operations, Institute of Internal Auditors, Maitland, FL, www.theiia.org, ISBN 0-89413-527-9.
Marcella, A., Sampias, W., and Kincaid, J., (2004), CCSA Study Guide, Institute of Internal Auditors, Maitland, FL, www.theiia.org ISBN 0-89413-535-X.
Marcella, A., Stucki, C., (2003), Privacy Handbook, Guidelines, Exposures, Policy Implementation, and International Issues, John Wiley, ISBN 0-471-2309-2.
Marcella, A., Sampias, W., and Kincaid, J., (2003), Study Guide for the Certified Government Auditing Professional Examination, Second Edition, Institute of Internal Auditors, Maitland, FL, www.theiia.org, ISBN 0-89413-500-7.
Marcella, A., Greenfield, R., (2002), Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Auerbach Publishers and CRC Press, LLC, ISBN 0-8493-0955-7.
Marcella, A., Stucki, C., (2001). Process Development Life Cycle: An Audit Survival Guide, The Institute of Internal Auditors, ISBN 0-89413-450-7.
Marcella, A., Sampias, W., and Kincaid, J., (2001). Study Guide for the Certified Financial Service Auditor Professional Examination, Cannon Financial Institute, Atlanta, GA.
Marcella, A. (contributing editor), Sampias, W., and Kincaid, J., (2001). Study Guide for the Certified Government Auditing Professional Examination, The Institute of Internal Auditors, ISBN 0-89413-456-6.
Marcella, A. (2000). Establishing Trust in Virtual Markets, The Institute of Internal Auditors, ISBN 0-89413-428-0.
Marcella, A. (1999). www.StopThief.net Protecting Your Identity on the Web, The Institute of Internal Auditors, ISBN 0-89413-429-9.
Marcella, A., Sampias, W., and Kincaid, J. (1998). Effective Written Communication Skills for Audit Professionals. The Institute of Internal Auditors. (Text and software).
Marcella, A., Stone, L., Sampias, W. (1997). Electronic Commerce: Control Issues for Securing Virtual Enterprises. The Institute of Internal Auditors, ISBN 0-89413-414-0.
Marcella, A., Sampias, W., and Kincaid, J. (1996). Assessing Organizational and Individual Ethics: A Value-Added Audit. Institute of Internal Auditors: Florida. (Text, software and video).
Marcella, A. (1995). Outsourcing, Downsizing, and Reengineering: Internal Control Implications. The Institute of Internal Auditors: Florida, ISBN 0-89413-331-4.
Marcella, A., Kincaid, J. and Sampias, W. (1994). Fraud Prevention and Detection: Comprehensive Instructional Package, The Institute of Internal Auditors: Florida. (Text, software and video)
Marcella, A., Meyer, L., Akley, K., and Pitts, D. (1994). A Beginner's Guide to Paradox 4.0 for DOS. Hardcourt Brace: Texas. (Text, Instructor's Guide, and Lab Manual), ISBN 0-03-098659-1.
Marcella, A., Sampias, W., and Kincaid, J. (1993). Disaster Contingency Planning: An Audit Perspective. (Briefing Series) Institute of Internal Auditors: Florida, ISBN 0-89413-306-3.
Marcella, A., and Chan, S. (1993). EDI: Security, Control, and Audit. Artech House, Inc.: Massachusetts, ISBN 0-89006-610-8.
Marcella, A., Sampias, W., and Kincaid, J. (1992). Disaster Contingency Planning Tool Kit. Institute of Internal Auditors: Florida. (Text and software)
Marcella, A., Sampias, W., and Kincaid, J. (1992). Auditing End User Computing (Users Manual and Instructor's Guide to accompany Systems Auditability and Control Module 7 Training Video). Institute of Internal Auditors: Florida.
Marcella, A. (1991). Auditing IBM's Customer Information Control System. Institute of Internal Auditors: Florida, ISBN 0-89413-240-7.
Marcella, A. (2000). “Cyber-terrorism, Part I: Is your company a target?” September/October 2000, pg. 1, “Cyber-terrorism, Part II: An arsenal of damage” November/December 2000, pg. 6, AICPA Infotech Update.
Marcella, A. (1996). "Ethics and auditor judgment." Futurics: A Journal of Futures Research, Vol. 20, Nos. 1 & 2, pp. 56-60.
Marcella, A. (1995). "Is ethics education for audit professionals lacking?" Audit and Control Journal, Vol. 11, No. 1, pp. 9-10.
Marcella, A., Rauff, J. (Winter 1994-1995). "Utilizing expert systems to evaluate disaster recovery planning." The Journal of Applied Business Research, Vol. 11, No. 1, pp. 30-38.
Marcella, A. (Winter 1994). "Keeping your computer virus free: Security and control recommendations." Journal of End User Computing, Vol. 6, No. 1, pp. 33-40.
Marcella, A. (accepted for publication in 2006), “Incident Management Planning: Assessing a Workplace Violence Incident Management Plan,” Continuity Insights, www.continuityinsights.com, Volume xx, No. xx, page xx.
Marcella, A. (Winter 2006), “CERT Protecting the Home Front,” Disaster Recovery Journal, Volume 19, Number 1, pages 40 - 46.
Marcella, A., (December 2005), “Identity Theft 101: Be proactive to reduce risk of fraud,” Saint Louis Small Business Monthly, page 1.
Marcella, A. (Winter 2004), “Cyber Crime: Is your company a potential target? Are you prepared?” Disaster Recovery Journal, Volume 17, Number 1, pages 30-35.
Marcella, A. (October 2003), “A Question of Preparedness: Cyber Extortion Case Study” Internal Auditor, The Institute of Internal Auditors, Volume LX, No. 5, pgs. 67-69.
Marcella, A., Renz, G. (Winter 2000), “Who Gets the Chairs When the Music Stops?”, New Perspectives on Health Care Auditing, Volume 19, No. 1, pg. 10-14.
Marcella, A. (May 1999). "Controlling the ethical use of information in electronic commerce." EDPACS (New York, NY: Auerbach Publishers, a division of Warren, Gorham & Lamont), Vol. 26, No. 11, pg. 1-14.
Marcella, A. (November 1995). "Taking your company's ethical pulse." The Business Journal of MidCentral Illinois. Vol. 1, No. 9, pg. 8.
Marcella, A., Sampias, W., and Kincaid, J. (1992). I'll be watching you: The internal auditor's view of EDI." EDI FORUM. Issue No. 1., pg. 48.
Marcella, A. (April 1988). "International travel - the terrorism threat." Office Systems 88. Georgetown, CT: Office Systems 88.
Marcella, A. (May 1987). "Saving your life in a hotel fire." Office Systems 87. Georgetown, CT: Office Systems 87.
Marcella, A. (Winter 1985). "Disaster recovery planning‑business as usual." Corporate Accounting. New York: Warren, Gorham & Lamont.
Marcella, A. (Spring 1985). "Disaster recovery planning‑the next step." Corporate Accounting. New York: Warren, Gorham & Lamont.
Marcella, A. (August 1993). "Security and control considerations for a computer virus-free microcomputer." EDPACS (New York, NY: Auerbach Publishers, a division of Warren, Gorham & Lamont), Vol. 21, No. 2, pg. 1-6.
Marcella, A. (November 1990). "Auditing the customer information control system." EDPACS. New York, NY: Auerbach Publishers, a division of Warren, Gorham & Lamont, Vol. 28, No. 5., p. 1.
Marcella, A. (January 1990). "Application reviews of end-user spreadsheet designs." Data Processing Digest.
Marcella, A. (October 1989). "Application reviews of end-user spreadsheet designs." EDPACS. New York, NY: Auerbach Publishers, a division of Warren, Gorham & Lamont, Vol. 26, No. 16, p. 10.
Marcella, A. (May 1989). "Telecommunications: A control strategy." EDPACS. New York, NY: Auerbach Publishers, a division of Warren, Gorham & Lamont, Vol. 26, No. 11, p. 1.
Marcella, A. (October 1986). "Computer application reviews ‑ Auditing spreadsheet design." Internal Audit Advisor. New Haven, CT: Prosell Publications, Inc.
Marcella, A. (September 1986). "Systems software ‑ a primer." Internal Audit Advisor. New Haven, CT: Prosell Publications, Inc.
Marcella, A. (November/December 1985). "On‑line systems auditing ‑ IBM's Customer Information Control System." Internal Audit Advisor. New Haven, CT: Prosell Publications, Inc.
Marcella, A. (June 1985). "Focus on: Auditing end‑user computing." Internal Audit Advisor. New Haven, CT: Prosell Publications, Inc.
Marcella, A. “Cyber Terrorism: Is Your Company a Target?”, International Association for Computer Information Systems, Vancouver, B.C., October 5, 2001.
Marcella, A. Keeping Your Computer Virus Free: Security and Control Recommendations. 1992 National Educational Computing Conference.
Marcella, A., (200x), Cyber Forensics: Nuts & Bolts Auditing, (text and software).
Marcella, A., (200x), “Outsourcing Nirvana: Control Considerations in Managing Outsourced Operations,” (journal article).
Speeches, Presentations, and Seminars
12th Annual Internal Audit Congress, Dubai, U.A.E.
14th Annual Applied Gerontology Workshop, Webster University, Saint Louis, MO
AACSB E-Commerce Conference, Atlanta, GA
AICPA Value-Added Auditing Services Conference, Las Vegas, NV
Albany, NY chapter of The Institute of Internal Auditors
Association of College and University Auditors, Saint Louis, MO
Association of Public Pension Fund Auditors, Saint Louis, MO
Bloomington, IL chapter, of The Institute of Internal Auditors
Central Wisconsin chapter of The Institute of Internal Auditors
Chicago, IL chapter of The Institute of Internal Auditors
Cleveland, OH chapter The Institute of Internal Auditors
Cleveland, OH, chapter National Association of Certified Financial Services Auditors
Columbus, GA chapter of The Institute of Internal Auditors
Digital Interchange Standards Association (DISA), Orlando, FL
Disaster Recovery Journal World Conference, San Diego, CA
Electronic Commerce Forum of Saint Louis, Saint Louis, MO
European Internal Audit Conference – Istanbul, Turkey
European Investment Bank – Luxembourg City, Luxembourg
Financial Electronic Commerce Conference, Chicago, IL
Flushing, NY chapter Association of Government Accountants
Gateway/2 E-Business Speaker Series, Saint Louis, MO
Greensboro, NC chapter National Association of Financial Service Auditors
Greensboro, NC, chapter Information Systems Audit and Control Association
Hartford, CT chapter National Association of Certified Financial Services Auditors
IEEE 2nd GCC Technical Conference – Kingdom of Bahrain
Indianapolis, IN chapter of the Institute of Internal Auditors
Information Systems Audit and Control Association North American CACS Conference
Information Systems Audit and Control Association – Kingdom of Bahrain
Information Systems Audit and Control Association – Prague, Czech Republic
Institute for International Research, Dubai, U. A. E.
Institute of Internal Auditors – Business Risk Conference, Boston, MA
Institute of Internal Auditors – General Audit Management Conference, New Orleans, LA
Institute of Internal Auditors – Value-Added Auditing Services Conference, Toronto
Institute of Internal Auditors Annual International Conference, Buenos Aries, Argentina
Institute of Internal Auditors Annual International Conference, Sydney, Australia
Institute of Internal Auditors Annual International Conference, Washington, D.C.
Institute of Internal Auditors Financial Services Conference, Orlando, FL
Institute of Internal Auditors Fraud Conference, Las Vegas, NV
Institute of Internal Auditors Seminars Group, Palm Beach, FL
Institute of Internal Auditors State and Local Government Conference, Springfield, IL
Institute of Internal Auditors Training Seminar, Orlando, FL
Insurance Internal Audit Group, Baltimore, MD
International Association for Computer Information Systems Annual Technology Conference, Vancouver, B.C.
International Conference: Social Impact of Information Technologies, ST Louis, MO
International Group of Accounting Firms, Cancun, Mexico
Joplin, MO chapter of The Institute of Internal Auditors
Lancaster, PA chapter National Association of Certified Financial Services Auditors
Miami, FL chapter Information Systems Audit and Control Association
Millikin Decatur Executive Association and the Decatur, IL SCORE Chapter, Decatur, IL
New York, NY chapter of The Institute of Internal Auditors
New York, NY chapter of The National Association of Financial Service Auditors
Olympia, WA chapter The Institute of Internal Auditors
Orlando, FL chapter The Institute of Internal Auditors
Sacramento, CA chapter - Information Systems Audit and Control Association
Saint Louis Information Technology Exposition and Conference, Saint Louis, MO
Saint Louis ITEC Conference, Saint Louis, MO
Saint Louis, MO chapter of The Institute of Internal Auditors
Saint Louis, MO, chapter Association of Governmental Accountants
Sioux Falls, SD chapter of The Institute of Internal Auditors
Springfield, IL chapter of The Institute of Internal Auditors
TechGuard Security, LLC, Saint Louis, MO
The Association of Healthcare Internal Auditors Conference, Las Vegas, NV
The Institute of Internal Auditors' Best Practices Conference, Orlando, FL
The Institute of Internal Auditors Best Practices/CFIA Conference, Atlanta, GA
The Institute of Internal Auditors General Audit Management Conf., Jacksonville, FL
The Institute of Internal Auditors Professional Seminar Series, Saint Louis, MO
The International Studies Symposium Series- Webster University, Saint Louis, MO
The National Association of Financial Service Auditors Conference, Baltimore, MD
Toronto, Canada chapter Information Systems Audit and Control Association
Tulsa, OK chapter of The Institute of Internal Auditors
Webster University Faculty Forum, Grafton, IL
World Research Group, Phoenix, AZ
|
United States |
Canada |
Rest of the World |
|
|
|
|
|
Alabama Alaska Arizona California Colorado Connecticut Delaware District of Columbia Florida Georgia Hawaii Illinois Indiana Iowa Kansas Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nevada New Hampshire New Jersey New York North Carolina Ohio Oklahoma Oregon Pennsylvania Rhode Island South Carolina Texas Vermont Virginia Washington Wisconsin |
Provinces
Alberta British Columbia Manitoba Ontario Quebec
Cities
Banff Calgary Lake Louise Montreal Ottawa Quebec Toronto Vancouver Whistler Windsor Winnipeg |
Argentina Australia Belgium Brazil Bahrain Colombia Commonwealth of Independent States (U.S.S.R) Czech Republic Denmark Egypt England Finland France Germany Greece Guatemala Holland Hong Kong India Indonesia Ireland Japan Jordan Kenya Luxembourg Malaysia Mexico Netherlands New Zealand Oman Panama Peru Scotland Senegal Singapore South Africa Sri Lanka Turkey United Arab Emirates |