With a professional career spanning over two decades, my background includes roles in firms from the “big 5” of their time, to regional mid-sized accounting firms, cybersecurity and IT audit based professional service firms, and audit software companies. At these firms, I ascended to upper management levels, extensively engaged in financial statement and information system audits (augmented by providing ITGC support for financial statement audits), pioneered and developed novel IT audit and SOC practices, and played an instrumental role in the growth and scalability of the firms.
My career journey has provided me with profound expertise in the SOC domain, manifesting in a large variety of SOC-related consulting and teaching opportunities including assisting firms with their practice development & refinement, peer review preparation, control review/development, workpaper or quality control reviews, and framework mapping to meet long-term firm or client goals.
I maintain an active involvement with the AICPA, volunteering with development of the SOC and CITP programs. These contributions span across various areas, including the SOC 2 working group (which helps develop the AICPA SOC 2 guide), developing and conducting numerous CPE trainings, teaching the SOC school, and development of the CITP body of knowledge and exam. I am a SOC peer review specialist and was a prior recipient of the AICPA IMTA Standing Ovation Award for outstanding professional achievement in the IT specialization area.
My other AICPA efforts include the CITP credential committee, the former IMTA SOC task force, the ASB Technology task force, and the ENGAGE Tech+ committee. I am also a Board Member for Community IT, a Washington, DC-based managed service provider for non-profits, and formerly held a board position with the Maryland Association of CPAs.
Beyond my SOC experience, I have participated in multiple FedRAMP engagements. Using this experience, I have forged connections between FedRAMP and SOC practices, resulting in a streamlined approach that effectively meets the requirements of both frameworks. To better serve clients, I also have functional knowledge of ISO standards, CSA STAR, C5, and FISMA.
I earned my Bachelor of Business Administration in Accounting from Loyola College in Maryland and a Master of Science in Information Assurance from the University of Maryland University College. I am a lead auditor for the ISO 22301 standard and hold certifications as a CPA, CITP, CISA, CIPT, and CCSK.
In my free time I study Uechi-Ryu Karate and have obtained the rank of Yondan (4th degree black belt).
I also play golf, so if you're ever up for a round or need a 4th, let me know!
Reach out to me if you need anything related to SOC! I'm happy to help everyone from service organizations to CPA firms. I truly find joy in helping, teaching, etc. by giving back to the CPA community and their firms, or anyone that needs additional information and guidance for the SOC space.