Thomas Salzman

Thomas Salzman, CISA

Illinois State University

Tom Salzman is the IT Audit Manager for Illinois State University, where he manages all computer audits conducted by the University. His responsibilities include working with educational and administrative departments throughout the University to streamline procedures and improve operational processes and controls using a variety of CAATs. His work requires him to be skilled in telecommunications controls, application management, computer intrusion and security management, and application design and development.

Previously, Mr. Salzman was Director of Professional Services for the Information Systems Audit and Control Association (ISACA) where he was responsible for establishing and supporting its worldwide network of educational programs, conferences, and special events. He also served as editor and co-author of the ISACA CISA Review Manual. Prior to joining ISACA, Mr. Salzman was with Coopers & Lybrand, heading their Technical Training and Information Security practices.

Tom is past President of the Institute of Internal Auditors NW Chicago Chapter, and past Treasurer of the IIA Central Illinois Chapter.

A much in-demand speaker, Mr. Salzman teaches a variety of computer and audit topics worldwide. He has presented numerous IT audit courses throughout the world, including the USA, Canada, Argentina, England, Hungary, Turkey, United Arab Emirates, Kuwait, Singapore, Japan, Guam, Puerto Rico, Cyprus, Trinidad and Tobago, and Guyana.

Mr. Salzman has assisted a number of financial institutions, manufacturing concerns, universities, and government agencies with building new IT audit functions from scratch. Mr.Salzman is the recipient of ACUA’s Excellence in Service Award in 2004.

Mr. Salzman’s areas of expertise:

  • Risk Management
  • Performing Annual Audit Risk Assessments
  • Auditing Automated Business Applications
  • Conducting a General Controls Audit on Mainframe, Server Farm and Server
  • Facilities
  • Auditing Procurement Card Systems
  • Developing an Information Technology (IT) Audit Function in 2-3- Years: Everything You Need
  • IT Auditing for Financial Auditors
  • Auditing Payment Card Industry Data Security Standards
  • Auditing Computer and Telecommunications Networks
  • Auditing Telephone Systems
  • Installing Continuous Auditing Models
  • Auditing Application Systems Development Projects
  • Auditing Disaster Recovery
  • Installing a Business Continuity Plan
  • Preparing for the Certified Information Systems Auditor Exam (CISA)