Who I work with
Partner-in-Charge of Aprio’s Information Assurance Services, I partner with COOs, CISOs, CIOs and Internal Counsel of domestic and international technology-based businesses, to help their organizations establish, monitor and maintain effective information security and privacy risk management programs. I work with clients of all sizes from promising tech startups to international market leaders.
I apply my 25+ years of experience in IT, operational and risk management functions to provide guidance on cybersecurity and privacy risk management compliance strategies. I have deep experience providing due diligence assessment in support of M&A activities and acquisition of information technology related services and I have considerable expertise in the evaluation and design of vendor management programs. I specialize in providing risk assessments and attestation services to address leading privacy and security protocols including:
SOC 1, SOC 2 and SOC 3 reporting
ISO 27001, ISO 27701, ISO 22301
Unique things about me
I am the past chairperson of the AICPA Information Management Technology Assurance Committee where I lead the launch of SOC reporting and wrote and delivered the first SOC reporting training curriculum.
I am a frequent speaker and author on cybersecurity, audit and compliance reporting, privacy and cloud computing. My articles have been published in the Wall Street Journal and The American Bar Association.
I received my MBA with honors from the University of Dayton and a BA in Accounting from Morehead State University.
When I am not at work
I serve on the Steering Committee of the FinTech Society of the Technology Association of Georgia (TAG).