Richard Crawford, CISA

Current

• Global Manager - Information Security Architecture at GMAC Financial Services

Past

• Information Security Architect/Team Resource Manager at GMAC ResCap
• Vice President - Enterprise Technology & Services Audit at Fidelity Investments
• Manager - Global IT Audit Services at Mobil Oil Corporation

• EDP Audit Supervisor/Senior Audit Advisor/Internal Control Specialist at Superior Oil Company
• EDP Auditor at Houston Oil & Minerals
• Senior Accountant at Texaco Inc.
• Internal Auditor at Texaco Inc.

see less...

4 more...

Education

• Center for Creative Leadership
• Southeastern Louisiana University

Recommended

31 people have recommended Richard

Connections

500+ connections

Industry

Management Consulting

Richard Crawford, CISA’s Summary

Certified Information Systems Auditor (CISA) with proven track record for financial, operational and information technology audits, as well as special investigations, domestically and internationally in the financial services and petroleum industries. Able to establish and/or direct an internal audit organization, or provide an external assessment (i.e., quality assurance review) of existing internal audit activities, for executive management and the Board Audit Committee. Highly skilled at coordinating overall audit coverage with external auditors/consultants and developing innovative strategies to expedite their work, particularly in the area of regulatory compliance (e.g., Sarbanes Oxley). Recognized for strategic thinking, dynamic leadership, management and technical abilities. Works effectively with all levels of management. Ability to attract, develop, maintain and motivate individuals, create expert teams and lead internal audits of operations and processes which transcend organizational and geographic boundaries. Dedicated and organized professional. Resourceful, results-oriented manager accustomed to a fast-paced environment.

Richard Crawford, CISA’s Specialties:

IT and Internal Audit Outsourcing, including external Quality Assurance Reviews, resource analysis, organizational development, business strategy, infrastructure / application system audits, pre-implementation reviews, report writing, technical training, fraud awareness, data mining, business process reengineering, Sarbanes Oxley (SOX) consulting, etc.; Technical support (e.g., security and change management for devices on wired and wireless networks).

Richard Crawford, CISA’s Experience

• Global Manager - Information Security Architecture

  GMAC Financial Services

  (Public Company; 10,001 or more employees; GM; Financial Services industry)

  November 2008 — Present (1 year 5 months)

  Responsible for information security architecture globally, including business unit/project support, systems accreditation and certification, security technology research and development, identity management strategy, etc.

• Information Security Architect/Team Resource Manager

  GMAC ResCap

  (Financial Services industry)

  November 2006 — October 2008 (2 years )

  After leaving Fidelity, I opened my own consulting practice - R.E. Crawford & Associates. In November 2006, I joined GMAC ResCap, performing technical security reviews, vulnerability/risk assessments, penetration tests and special projects for senior management. Major consulting activities have included:
  
  1) A project to assess the adequacy of IT audit resources and coverage for the Director of Internal Audit Services at Pinnacle West Capital Corporation in Phoenix, AZ.
  
  2) Quality Assurance Reviews of internal audit functions at the United Nations - Internal Audit Division I, Boeing Corporation, Societe Generale, Anheuser-Busch, Dana Corporation, Marathon Ashland Petroleum, and the Texas Department of Criminal Justice.
  
  3) Management and technical consulting on a plethora of IT projects at GMAC ResCap, including security reviews of 3rd party service providers.
  
  4) Reviewing and testing security, audit and change management software for various software developers.

• Vice President - Enterprise Technology & Services Audit

  Fidelity Investments

  (Privately Held; 10,001 or more employees; Financial Services industry)

  January 1997 — October 2002 (5 years 10 months)

  Served as a trusted advisor to management and was responsible for leading and directing internal audits of the infrastructure supporting Fidelity’s operations worldwide, as well as due diligence reviews of third party vendors. Reviewed all ETSA activities and reports with executive management and the Chief Information Officer of each business unit. Coordinated closely with the external auditors to ensure appropriate audit coverage and support their SAS 70 reviews.

• Manager - Global IT Audit Services

  Mobil Oil Corporation

  (Public Company; 10,001 or more employees; XOM; Oil & Energy industry)

  December 1984 — December 1996 (12 years 1 month)

  Before leaving the oil patch to join Fidelity Investments, I was Manager – Global IT Audit Services for Mobil Oil, where I was responsible for leading and managing teams which provided technical audits of Mobil’s global networks and major data processing installations in the US, Canada, the United Kingdom, Japan, Singapore, Indonesia and Australia. I also managed the development of software to support Internal Audit activities globally.

• EDP Audit Supervisor/Senior Audit Advisor/Internal Control Specialist

  Superior Oil Company

  (Public Company; 1001-5000 employees; SOC; Oil & Energy industry)

  November 1979 — December 1984 (5 years 2 months)

  Managed business application/infrastructure audits. Provided sophisticated mainframe computer data mining and reporting for executive management, as well as technical support to financial and operational audit teams and the external auditors. Conducted special investigations and performed technical reviews/successful penetration tests of electronic funds transfer arrangements and several bank wire transfer systems. Used system software (Docu/Text) to document and analyze mainframe batch applications and prove where production jobs were executing code from non-production files. Developed many computer programs to perform technical audit tests and analyses using the Decision Analyzer. Served as a trusted advisor to senior Corporate and Internal Audit management, as well as the financial and operational audit managers and their respective organizations. Audited a pipeline construction project, detecting fraud and irregularities in excess of $2M.

• EDP Auditor

  Houston Oil & Minerals

  (Public Company; 1001-5000 employees; Oil & Energy industry)

  November 1978 — November 1979 (1 year 1 month)

  Performed technical audits of IBM mainframe operating environments and business application systems. Joined Superior Oil just before Houston Oil & Minerals collapsed and was acquired by Tenneco. Specifically, I used Docu/Text to document and analyze mainframe batch applications, as well as various 4th generation audit software products to perform EDP and financial audits and specialized management reporting.

• Senior Accountant

  Texaco Inc.

  (Public Company; 10,001 or more employees; Oil & Energy industry)

  July 1977 — November 1978 (1 year 5 months)

  Transferred to the Financial Reporting System project because of expertise in accounting, auditing, process documentation, system testing, fraud detection and project management. Liaised with developers and team leaders and provided oversight reports depicting overall project status to the Controller and FRS Project Manager. Recommended architectural changes to the Financial Reporting System which corrected problems that had caused the project to flounder for several years. Also, detailed changes to the Crude Oil Accounting system which would permit faster monthly closings and timely data feeds to the Financial Reporting System. Conducted and directed unit, system and integration tests of minicomputers used for financial reporting in Field Offices located around the world, as well as those used by the Data Control Group, and their interfaces to the mainframe computers running Texaco’s consolidation system. Helped to write the Field Operations and Data Control Group user manuals.

• Internal Auditor

  Texaco Inc.

  (Public Company; 10,001 or more employees; Oil & Energy industry)

  June 1972 — June 1977 (5 years 1 month)

  Joined Texaco in June, 1972, after graduating from Southeastern Louisiana University. Performed operational and financial audits, as well as special projects / investigations, for five years, progressing through a variety of Internal Audit positions. Documented all phases of the crude oil revenue cycle and suggested ways to automate related accounts receivable circularization work. The report provided detailed process documentation and control flowcharts illustrating transaction flows and financial reporting for Texaco’s domestic producing operations. Performed financial and operational audits of Texaco’s General Accounting, Cash Disbursements, Accounts Receivable, Computer Services, Purchasing, Geophysical, and Regional and District Sales offices. Detected numerous irregularities during these regularly scheduled departmental audits. Conducted operational audits and special investigations in LA, TX and OK. Detected a major defalcation at a plant supporting the East Texas market.

Richard Crawford, CISA’s Education

• Center for Creative Leadership

  Leadership 2001 — 2001

• Southeastern Louisiana University

  Bachelor of Science , Accounting , 1968 — 1972

  Activities and Societies:

  Delta Sigma Pi (professional business fraternity), Sigma Chi Alpha (now Beta Alpha Psi - national honorary accounting and professional fraternity), Chess Club, Student Senate, Baptist Student Union, Missionary Baptist Student Fellowship, Thirteen Club (SLU Elite Honor Society)

Additional Information

Richard Crawford, CISA’s Interests:

Bible study, investing, new technology, personal computers, telecommunications, swimming, fishing, hunting, archery, chess, IT audit training, internal auditing, management consulting, external quality assurance reviews, information security

Richard Crawford, CISA’s Groups:

Ancient & Accepted Order Nobles of the Mystic Shrine, Scottish Rite, AF&AM (Masons), Demolay, Key Club, Boy Scouts, First Baptist Church of Richardson, Men's Bible Study Fellowship, NeedHim Ministries, Institute of Internal Auditors (IIA), IIA Committee on Quality and Advanced Technology Committee, Information Systems Audit and Control Association, I-4, Commerce Department's Partnership for Critical Infrastructure Security, Delta Sigma Pi, Sigma Chi Alpha

•    Blue: The DallasBlue Business Network (25,000+ members)
•    CSORoundtable
•    eOffice
•    Executive Suite
•    SMB Technology Network
•    LION™ Worn with Pride! [Choose wisely ... ] < BEWARE OF COUNTERFEITS >
•    Freemasonry
•    Worldwide Management Consultants (23,000+ members)
•    Systems Thinking
•    Ancient Free & Accepted Masons (AF&AM)
•    ITIL V2&V3 (5000+)
•    Security Crew
•    CISO: Meaningful Metrics
•    Internal Audit Professionals
•    Digital Forensics Association (DFA)
•    The Enterprise Architecture Network
•    Chessmasters
•    Information Security Community
•    Eagle's Nest--Eagle Scout Award Recipients
•    Leadership Think Tank
•    TopLinked.com (Open Networkers)
•    Success Through Balance
•    Fellow Nobles of The Shrine
•    The F3 Coalition
•    Lodgeroom International
•    ISACA Professionals
•    CIO Forum
•    Mobil Oil Corp Alumni
•    Worldwide Scouters
•    CXO (CEO, COO, CKO, CFO, CMO, CAO, CVO, CDO, CRO, CLO, CSO & CTO) Community
•    Strategic Use of Information Technology
•    Eagle Scouts, Boy Scouts of America
•    Global Security Professional
•    IT audit
•    Scottish Rite Freemasonry
•    York Rite Freemasonry
•    History and Philosophy of Science
•    BoyScouts of America
•    Organizational Change Practitioners
•    SAS 70 Forum
•    ISO 38500 for IT Governance
•    Enterprise Security
•    Millionaire Business Club
•    IT Audit Gurus
•    Web Standards Design + Development
•    Eagle Scout Alliance
•    Free IT Security Training
•    Payment and Fraud Professionals
•    Global Analytics Network (+5K analytic professionals)
•    Layoff Support Network

Richard Crawford, CISA’s Honors:

2007 recipient of GMAC RecCap's Community Leadership Award, an honor bestowed on people dedicated to volunteer efforts.

Master Mason, 32nd Degree Scottish Rite Mason, Shriner

Spoke at an IIA/CIAO Summit Conference hosted by Oracle. Part of "hacking" presentation was aired on TV during prime time the same evening.

Keynote Speaker at a Fidelity Investments Information Security Forum

Thirteen Club (Southeastern Louisiana University - Elite Honor Society)

Eagle Scout

Won city-wide chess championship (senior division) at age 15

Richard Crawford, CISA’s Contact Settings

Interested In:

• career opportunities
• consulting offers
• new ventures
• job inquiries
• expertise requests
• business deals
• reference requests
• getting back in touch