I help clients satisfy various IT compliance requirements through evaluating IT general controls and IT security controls for both external audits and through the lens of an outsourced internal audit provider.
With over 18 years of IT risk assessment, IT audit, and IT general control experience in a number of industries, including healthcare, higher education, real estate, manufacturing and distribution, and technology services. I have experience assisting clients in identifying and monitoring the effectiveness of IT control environments in support of various compliance initiatives, including Sarbanes-Oxley, FDICIA, PCI, HIPAA, ISO 27001, and NIST-800-53, among others. My experience includes working closely with client management to evaluate the impact of IT changes on the client environment (e.g., system implementations/upgrades, transition in IT control ownership, integration of merged entities, IPO readiness), collaborate with the audit team and management to right-size the scope of the IT audit, execute audit procedures in alignment with regulatory requirements, present control deficiencies with root cause statements to control owners, and facilitate executive level reporting to the audit committees and/or the board of directors.
I belong to the IIA, ISACA, ISSA, and PMA, and I recently spoke to the IIA Denver Chapter on “Managing Third Party Risk.” I received my B.S. in management/business from the Georgia Institute of Technology.
Outside of the office, I spend my free time with my family hiking, skiing, and camping.