Dan Schroeder, CPA, CISA, CRISC, CIPP/IT, PCI-QSA
Partner-in-Charge, Information Assurance Services
Dan is the founder and leader of the Information Assurance Services group at Aprio that serves leading national and international tech-based businesses with services such as:
- Cyber security and privacy risk assessments and guidance on risk management and compliance strategies and tactics (e.g.,ISO 27001, NIST Cyber Security, GDPR, U.S.-EU Privacy Shield, NY State Cyber Security Regs., HIPAA/HITECH and NIST 800-53)
- Service Organization Controls including readiness and audits/attest reports: SOC 1, SOC 2.
- ISO 27001 assessment and certification reporting.
- PCI DSS Report on Compliance (ROC) assessment and certification.
- LADMF certification.
- Due diligence assessment in support of M&A activities and in support of potential acquisition of information technology related services
- Vendor management program evaluation and design
Dan is a member of the American Institute of Certified Public Accountants (AICPA), the Georgia Society of CPAs, the Information Systems Audit and Control Association (ISACA), the International Association of Privacy Professionals (IAPP), the Risk Management Society (RIMS) and the American Bar Association (ABA). Dan is the immediate past chairperson of the AICPA Information Management Technology Assurance Committee. He received his MBA with honors from the University of Dayton and a BA in Accounting from Morehead State University. Dan also serves on the Steering Committee of the FinTech Society of the Technology Association of Georgia (TAG).
Dan has over 25 years of experience in IT operational and risk management functions in both private industry and leading CPA firms. Dan’s 12-year tenure with NCR Corporation included management roles in several operations and corporate positions, including supply chain performance evaluation and benchmarking, and supply/demand alignment. For six years, Dan served in leadership roles with a leading provider of mid-market ERP solutions, RF data collection applications, and EAI (i.e. intelligent middleware), where he assisted dozens of mid- and large-sized companies in their implementation of key enabling technologies.
Dan is a frequent speaker and author on IT risk management subjects including cyber security, audit and compliance reporting, privacy and cloud computing.