Tom works in the Firm’s IT Risk Assurance & Advisory practice. He has over 15 years of experience in internal and external audit, with over four in a managerial capacity with a concentration in Information Security. Tom’s primary focus is on system and organizational control attestation engagements.
As a seasoned risk and control expert, Tom has performed assurance and audit services end-to-end beyond just technology including business operations, compliance and legal engagements. Tom has had a diverse client base throughout his career which includes emerging start-ups as well as larger investment firms and financial institutions that operate on a global scale. His clients’ industries include technology, software, financial services, healthcare, insurance and higher education. Tom also has experience and is well versed in international standards ISO/IEC 27001/27002 for Information Security.
As a Certified Information Systems Auditor and Certified Information Systems Security Professional, Tom recognizes the challenges and pressures faced by clients trying to assess and implement controls to secure their technology environments and data. His experience and knowledge in cybersecurity and the technology space have helped clients overcome obstacles by adding value through viable recommendations and identifying opportunities for efficiency.