About Denis Darveau
Born in a small town in Quebec, Canada, I joined the Canadian Air Force at age 17 in Air Defense as a NORAD Director and Program Manager. After completing a 24-year service and becoming an honorary retiree, I joined a company to teach UNIX administration and programming for numerous versions. I also obtained a Microsoft Certified Trainer (MCT) and a Microsoft Certified System Engineer (MCSE), teaching various versions of Windows NT.
After moving to California in 1996, I expanded my knowledge and experience in the health industry (Kaiser Permanente) as a Senior Systems Engineer, the finance industry (Greater Bay Bank) as a Senior Security Engineer/Auditor, and the retail industry (Mervyn’s) as a Senior IT Auditor. In 2008, I moved to Las Vegas to expand my gaming experience, working with numerous casinos as an IT Audit Manager and Senior Compliance Manager. My biggest accomplishment so far is designing and configuring the Windows NT architecture for Kaiser Permanente’s network of 39 hospitals and 623 Medical Facilities in 7 states and over 100,000 employees.
About the experience in auditing
I started my audit experience while working as a security engineer for a bank in California. At that time, it was a challenge that many IT auditors came from finance departments with limited IT knowledge; IT personnel did not trust such auditors to help them improve their IT and Security posture. I obtained CISA (Certified Information Systems Auditor) and CISSP (Certified Information Systems Security Professional) certifications in the early 2000s to add to my technical knowledge of Unix and Windows NT. This gave me added credibility as an auditor. As I performed audits, I added certifications such as ISACA’s CISM (Certified Information Security Manager), CRISC (Certified in Risk in Information Systems Controls), CDPSE (Certified Data Privacy Solutions Engineer), and PECB ISO/IEC 27001 (ISMS).
Having performed over 200 audits and taught the various ISACA certifications, I retired from the gaming industry, focusing on educating, training, and auditing personnel and companies on the ISO/IEC 27001 certifications. I then added GDPR and ISO/IEC 27701 PIMS to my list. All these certifications helped in my transition as an MSECB-certified auditor.
My favorite part of being an auditor is having the opportunity to share my knowledge and experience with the clients (who are always appreciative) while learning from them simultaneously.
Denis's experience with MSECB
Working for MSECB is a privilege. I started in 2018 and got a lot of help from their network and the staff at MSECB. Their audit and certification processes are enjoyed by the organizations that get their services, and in fact, they make our work so much easier.
Day-to-day support is excellent, and working with such professionals is much fun. To anyone interested in working with a certification body, I recommend MSECB. Furthermore, MSECB, a highly regarded certification body in the Information Security industry, offers a thorough and well-designed process for those who aspire to become management system auditors.
MSECB Auditor Profile
Joining MSECB in 2018, Denis Darveau has since showcased his exceptional skills as an auditor, particularly in conducting audits against ISO/IEC 27001 and ISO/IEC 27701. As a result of his attention to detail and efficiency in time management, audits are completed on schedule while maintaining high levels of quality and accuracy. Furthermore, Denis is a collaborative team player, always willing to share his knowledge and work with colleagues to achieve common goals.
We are honored to have him as part of our MSECB auditor network!
Build endless connections and professional networks by joining our team of over 500 MSECB Auditors.
We welcome you on board!