Partners
NEW!
Case
Study: Enhanced Reporting Gives Investors and Brokers Peace
of Mind
WHITE
PAPER
Click here for more
on what user entities need to know about managing outsourcing
and cloud risks.
Dan
is the partner-in-charge of HA&W’s IT Audit and
Assurance Services practice. Dan has over twenty years experience
in IT risk management functions, and over nine years leading
IT Audit & Assurance functions at leading regional CPA
firms. Dan is actively involved in delivery and practice
development in several areas including:
-
Service Organization Controls including readiness and
audits/attest for SAS 70/SSAE 16 and trust services principles
of security, confidentiality, processing integrity, availability,
and privacy.
-
Privacy risk management consulting and attest services
with expertise leveraging the AICPA Generally Accepted
Privacy Principles (GAPP) framework.
-
IT controls for financial reporting, both readiness and
audits, for SOX 404 and private companies standards.
-
Compliance risk management, e.g., PCI, GLBA, banking regulations,
and HIPAA/HITECH.
-
Governance and CIO services such as enterprise IT risk
management program definition and deployment, application
and service provider due diligence, vendor management,
business performance improvement, such as business process
and workflow assessment and design, technology alignment,
scorecard and performance evaluation systems.
-
IT Governance and technology risk management initiatives
for insurance, healthcare, banking, and other industries
for both public and private companies that include assessment
and improvement of operational, financial and compliance
related controls, as well as design and deployment of
Business Continuity and Disaster Recovery Planning functions.
Dan
has extensive technology and process management experience
in many industries. Dan’s twelve-year tenure with
NCR Corporation included management roles in several operations
and corporate positions, including Supply Chain Performance
Evaluation and Benchmarking, and Supply/Demand Alignment.
For six years Dan worked with a leading provider of mid-market
ERP solutions, RF Data Collection applications, and EAI
(i.e., intelligent middleware) where he assisted dozens
of mid- and large-sized companies in their implementation
of key enabling technologies.
Dan
is a member of the American Institute of Certified Public
Accountants (AICPA), the Georgia Society of CPAs, the New
Jersey Society of CPAs, the Information Systems Audit and
Control Association (ISACA), the Institute of Internal Auditors
(IIA), and the International Association Privacy Principles
(IAPP). Dan is the Chairperson of the AICPA Information
Technology Executive Committee and serves on the AICPA Peer
Review SOC Task Force. He received his MBA with honors from
the University of Dayton, and a BA in Accounting from Morehead
State University. Dan also serves on the Metro Atlanta Chamber
of Commerce Transaction Processing Subcommittee, the Software
Committee of the American-Israel Chamber of Commerce, SE
Region–Software Committee, and the Steering Committee
of FinTech Society of the Technology Association of Georgia
(TAG).
Dan
is a frequent speaker and author on IT risk management subjects
including SSAE 16/SAS 70, technology risk management and
financial IT auditing. Recent and planned speaking engagements
include:
-
AICPA IT Audit School (2008, Oct 2010)
-
AICPA Controllers Workshop (Nov 2011)
-
Georgia Society CPAs Annual Convention June 2010
-
ISACA Atlanta Chapter – July 2010
-
AICPA National Advanced Auditing and Accounting Technical
Symposium (2009, July 2010, July 2011)
-
AFCOM Data Center World (Sept 2011)
|
