"The IT revolution has changed what we mean by 'security'."

Bar Biszick-Lockwood
CISA, CISSP, CSQA

Bar Biszick-Lockwood is a Certified Information Systems Security Professional (CISSP), and a Certified Information Systems Auditor (CISA) and a Certified Software Quality Analyst (CSQA). She is an expert in Security Life Cycle standards and specializes in IT regulatory compliance audit, IS assessment and IT process re-engineering to optimize organizational security and meet regulatory mandates.

Ms. Biszick-Lockwood authored the security activities in the pending revision of IEEE P1074 Standard for Developing Software Life Cycle Processes that provide practical guidance in applying optimal security controls to software projects and building adequate security controls into products. She is a member of IEEE, ISSA, ISACA, and SIM and is also on the adjunct curriculum writing staff of Logical Security, a security education company led by Shon Harris, author of McGraw-Hill's best selling CISSP All-In-One-Guide.

Ms. Biszick-Lockwood uses a proprietary audit workbook featuring over 1850 data points to baseline organizational security and provide a 360 degree view of organizational security risk and improvement. This workbook combines guidance from IEEE P1074 with that from ISO 17799 Code of Practice for Information Security Management, ISO 15408 Common Criteria for Technology Security Evaluation, NIST SP 800-27 Security Baseline, NIST SP 800-53 Role Based Security Education, from the Cyber Security Governance Task Force (Corporate Governance Assessment) and from ISACA (Baseline Security Controls and Guidelines for Sarbanes-Oxley Compliance).

She is also an IT curriculum developer and trainer, having designed and taught courses in quality assurance, testing and security at AT&T Wireless and Adobe Systems.

CISA-Certified Information Systems Auditor (ISACA)
CISSP-Certified Information Systems Security Professional (ISC2.)
CSQA-Certified Software Quality Assurance (Quality Assurance Institute of America)
Specialist system life cycle control and Sarbanes-Oxley (SOX) Sec. 404 Audit remediation