Dan is the founder and leader of the Information Assurance Services practice at HA&W that serves leading national and international tech-based businesses with services such as:
- Cyber security risk assessments and guidance on risk management strategies and tactics.
- Service Organization Controls including readiness and audits/attest reports: SOC 1 (SSAE 16), SOC 2.
- ISO 27001 assessment and certification reporting.
- PCI DSS Report on Compliance (ROC) assessment and certification.
- Security and privacy compliance risk management, e.g., GLBA, BSA/AML and other banking regulations, HIPAA/HITECH and NIST 800-53.
- Due diligence assessment in support of M&A activities and in support of potential acquisition of information technology related services.
- Vendor management program evaluation and design.
Dan is a member of the American Institute of Certified Public Accountants (AICPA), the Georgia Society of CPAs, the Information Systems Audit and Control Association (ISACA), the International Association Privacy Principles (IAPP) and the American Bar Association (ABA). Dan is the immediate past chairperson of the AICPA Information Management Technology Assurance Committee and currently the chairperson of the AICPA Privacy Task Force. He received his MBA with honors from the University of Dayton, and a BA in Accounting from Morehead State University. Dan also serves on the Steering Committee of FinTech Society of the Technology Association of Georgia (TAG).
Dan has over 25 years of experience in IT operational and risk management functions in both private industry and leading CPA firms. Dan’s 12-year tenure with NCR Corporation included management roles in several operations and corporate positions, including Supply Chain Performance Evaluation and Benchmarking, and Supply/Demand Alignment. For six years, Dan worked with a leading provider of mid-market ERP solutions, RF Data Collection applications, and EAI (i.e., intelligent middleware) where he assisted dozens of mid- and large-sized companies in their implementation of key enabling technologies.
Dan is a frequent speaker and author on IT risk management subjects including cyber security, audit and compliance reporting, privacy and cloud computing.