Overview
Brett has more than 20 years of business process and IT control experience and leverages it to help small-to-midsized companies protect their operations from cyber threats. He has performed over 3,000 audit* and compliance-related engagements for companies across multiple industries, including fintech, healthcare, healthcare IT, technology, insurance, licensed gaming, telecommunications, and consumer and industrial products.
Experience
Brett has a deep understanding of business processes, IT controls, data security, and privacy, as well as the impact these processes have on IT applications, systems, and networks and compliance requirements, such as GDPR, FISMA, FedRAMP, HITRUST and HIPPA. He routinely provides clients with a range of solutions including:
- Cybersecurity and privacy risk assessments and guidance on risk management and compliance strategies and tactics (e.g., ISO 27001, NIST Cyber Security, GDPR, U.S.-EU Privacy Shield, NY State Cyber Security Regs., HIPAA/HITECH and NIST 800-53).
- Special Attestation Reports (including SOC 1, SOC 2, AT-C 105, AT-C 205, GDPR, ISO 27001, and PCI),
- HIPPA and Data Security and privacy readiness assessments
- HITRUST Assessments, as a Certified CSF HITRUST Practitioner (CCSFP)
- Compliance with Section 404 of the Sarbanes-Oxley Act
Education & Affiliations
Brett earned a Bachelor of Business Administration in Accounting from the University of Georgia. His professional affiliations include:
- Member of the Institute of Internal Auditors (IIA);
Former Executive Officer and Steering Committee Member - Member of American Institute of Certified Public Accountants (AICPA)
- Member of the Georgia Society of CPAs
*Aprio assurance, attest, and audit services provided by Aprio, LLP.
Insights
