Candy Alexander, CISSP CISM

Candy-Alexander-3As an industry recognized expert and hall of fame member, Candy Alexander has profound experience in performing many aspects of information security which she obtained through various information security roles. She has over 25+ years in the security industry working for companies such as Digital Equipment, Compaq Computer Corporation, and Symantec. Candy is often requested to present at various conferences. Her most memorable to date is the session at the United Nations where she was a featured speaker for the IT Security Symposium and running in close second is an invitation to the Offices of the White House to speak on the importance of security awareness to the President’s “Cyber-Czar” staff. In her ongoing commitment to “give back” Ms. Alexander volunteers as a Director on the ISSA (Information Systems Security Association) International Board where she is the chief architect for the Cybersecurity Career LifecycleTM. She is also the past President and current Board Member of the ISSA Education and Research Foundation. She has also served as Vice President of Education and Vice President of International Relations for the ISSA. She remains a loyal member at the local level with the New England Chapter and the ISSA-New Hampshire Chapter. Ms. Alexander has received numerous awards and recognition, including that of Distinguished Fellow of the ISSA ranking her as one of the top 1% in the association and she was inducted into the ISSA Hall of Fame in 2014. Candy has held several positions as CISO (Chief Information Security Officer) for which she developed and managed Corporate Security Programs. She is now working as a virtual CISO and Cybersecurity consultant.

Anthony Bellezza, CPA, CGMA

T-Bellezza-3Anthony J. Bellezza, CPA, CGMA, is an independent advisor and has been a Senior Faculty Member of MISTI for over ten years. Previously, he was Senior Vice President and Chief Compliance Officer (COO) at Rite Aid. He also serves as the Chief Ethics & Risk Officer for the company. Prior to Tony’s Rite Aid experience, he was a Partner at Ernst & Young, LLP (EY). While at EY, Tony served as the Mid-Atlantic Business Risk Services (BRS) Practice Leader and was also the Retail, Distribution and Manufacturing Industry Leader for the BRS practice. At EY, Tony played a key role in developing the firm’s Internal Audit Service delivery approach and methodology and in designing the educational and training programs for the practice. Tony has worked with over 20 Fortune 1000 Companies helping them in many areas from: establishing internal audit functions; implementing the requirements of the Sarbanes-Oxley Act; conducting strategic risk assessments; performing operational audits and fraud investigations; implementing control self-assessment programs, leading due diligence efforts on acquisitions and integrating governance, risk and compliance activities. While at EY, his team generated several hundred million dollars of cost savings for their clients. Tony also has extensive international experience as he was the Chief Audit Executive for a global Fortune 1000 company. In this capacity, Tony directed both a domestic and international team performing audits in over 30 countries. Tony is currently an independent advisor and senior faculty member for the MIS Training Institute (MISTI). He is the chairperson for two of MISTI’s Executive programs and is a seminar instructor / facilitator and keynote speaker at several conferences. He is the also the creator of two programs: a comprehensive three-day program focusing on Governance, Risk and Compliance (GRC) and the associated best practices to build an integrated infrastructure; and a two-day program that focuses on Auditing Corporate Culture and Ethics. Both of these programs leverage Tony’s “career and real world” experiences. Prior to Tony’s Rite Aid experience, he was a Partner at Ernst & Young, LLP (EY). While at EY, Tony served as the Mid-Atlantic Business Risk Services (BRS) Practice Leader and was also the Retail, Distribution and Manufacturing Industry Leader for the BRS practice. At EY, Tony played a key role in developing the firm’s Internal Audit Service delivery approach and methodology and in designing the educational and training programs for the practice. Tony has worked with over 20 Fortune 1000 Companies helping them in many areas from: establishing internal audit functions; implementing the requirements of the Sarbanes-Oxley Act; conducting strategic risk assessments; performing operational audits and fraud investigations; implementing control self-assessment programs, leading due diligence efforts on acquisitions and integrating governance, risk and compliance activities. While at EY, his team generated several hundred million dollars of cost savings for their clients. Tony also has extensive international experience as he was the Chief Audit Executive for a global Fortune 1000 company. In this capacity, Tony directed both a domestic and international team performing audits in over 30 countries. Tony is currently an independent advisor and senior faculty member for the MIS Training Institute (MISTI). He is the chairperson for two of MISTI’s Executive programs and is a seminar instructor / facilitator and keynote speaker at several conferences. He is the also the creator of two programs: a comprehensive three-day program focusing on Governance, Risk and Compliance (GRC) and the associated best practices to build an integrated infrastructure; and a two-day program that focuses on Auditing Corporate Culture and Ethics. Both of these programs leverage Tony’s “career and real world” experiences.


Bernard MarkMark Bernard is the lead instructor for MISTI’s Cybersecurity and Management Systems Framework course. Mr. Bernard joined MISTI in 2018 where he has introduced the highly respected Cybersecurity Management System Framework (CMSF) Curriculum. The CMSF was created to assist program managers and auditors with the implementation, operations and monitoring of Cybersecurity programs, so they can get their program up and running quickly. He is also responsible for the first published NIST Cybersecurity Framework course, released in 2014. This course is currently being redesigned into an online self-directed course. Prior to joining MISTI, Mr. Bernard founded Secure Knowledge Management an International Cybersecurity Training and Consulting company where he continues to play the role of Chief Executive Officer. He has played a strategic leadership role in many industries including banking, insurance, government, pharmaceutical, nanotechnology, health care, transportation, technology, and manufacturing. Mr. Bernard is regarded as a cybersecurity thought leader by thousands of followers on social media. In 2002 he founded the Atlantic Canada High Technology Crime Investigation Association. In 2015 Mark published the first NIST Cybersecurity Framework Foundation course. Mr. Bernard was trained by IBM on IBM’s AS400 and worked with IBM Global Services Red Team conducting penetration testing against off shore financial institutions. He has led the design and implementation of domestic and international Enterprise Information Security Programs for US and Canadian organizations using best practices. In addition, Mr. Bernard taught a Third Year College Diploma Course in Systems Engineering and holds the following professional certification and licenses: CISSP, CISM, CISA, CGEIT, CRISC, ISO 27001 Lead Auditor, COBIT Foundation, ITIL Foundation, PM, PA, Ministry of Justice Security Worker License. .

Steve Biskie, CISA, CITP, CPA, CGMA

Biskie-Steve-3Steve Biskie is a Director at RSM, one of the largest accounting and consulting firms in the world. Prior to joining RSM, he was co-founder and Managing Director of High Water Advisors, a consulting firm focused on helping organizations improve governance, risk management, compliance (GRC) and audit processes. Mr. Biskie was formerly the President of ERP Audit Solutions and Customer Solutions Director at ACL Services, Ltd. First introduced to SAP in the mid-90s while working as an external auditor for Deloitte & Touche, Mr. Biskie has been involved with SAP systems in a variety of roles, including as an internal auditor, consultant, implementation team member, compliance team lead, and SAP Steering Committee Chair. He worked directly with SAP as part of the SAP Influence Council for the Management of Internal Controls (MIC) tool (the first iteration of what is now SAP Process Control), and has been an advisor to SAP for both SAP Fraud Management and SAP Audit Management. A much sought-after trainer on SAP governance, audit, and control topics, Mr. Biskie is consistently rated as a top speaker at the SAP GRC conference. Mr. Biskie was an Expert Reviewer for Security, Audit, and Control Features: SAP ERP (3rd & 4th Editions), and authored Surviving an SAP Audit.

Jerod Brennen, CISSP

J-Brennen-3Jerod Brennen is an information security consultant with over a decade of IT, information security, and compliance experience. He has extensive experience in performing security assessments, penetration tests, and security architecture reviews, as well as evaluating security technologies on behalf of his clients. He applies his hands-on experience in support, management, and budgeting roles to help clients identify and implement reasonable and appropriate security controls to meet their security and compliance obligations. Previously Jerod was the CTO and Principal Security Consultant with Jacadis, an award-winning security solutions and services provider. Prior to joining Jacadis, Jerod spent years as an Information Security Specialist with American Electric Power, one of the largest electric utilities in the U.S., before moving to Abercrombie & Fitch (A&F), a multibillion dollar international luxury retailer. At A&F, Jerod built out and managed the information security program. His team was tasked with security operations, PCI and SOX compliance, and identity and access management. Jerod’s approach to information security has two key tenets: you shouldn’t be afraid to void warranties, and you shouldn't need to bypass security to get your work done.

Jason Claycomb, CISA, CISSP

JClaycomb-3Mr. Claycomb is the founder of INARMA LLC, where he helps clients build and maintain IT and enterprise GRC policies and processes. He is a 30-year veteran in cybersecurity, IT governance, and audit. Mr. Claycomb brings a realistic approach to GRC to comply with laws, federal regulations, and industry best practices, utilizing NIST as a foundation for risk assessment. He is proficient in IT governance, planning, systems development and installation, data analysis and reporting, and in evaluating logical and physical controls. Prior to founding INARMA, he served as National Director of IT Services at Experis, and a Manager at PricewaterhouseCoopers (PWC). Mr. Claycomb also served as the Director of IT Services at CrossCheck Compliance LLC, and as an IT Auditor at a Chicago based bank holding company. He is a member of ISACA and ISSA. Mr. Claycomb has particular experience working with highly regulated companies in the banking, financial services, and insurance industries. He has helped many SEC regulated firms to analyze risk, develop, and manage GRC and cybersecurity programs.

Dennis Cox, BSC, FCA, FISI

Dennis-Cox-3Dennis Cox is the Founder and Chief Executive of Risk Reward Ltd, where he oversees all consulting and training projects. He is also directly available to clients, offering international best practices and practical local financial services sector knowledge. In addition, he specializes in risk management, financial crime deterrence, fraud analysis, business strategy as well as other business and regulatory requirements. Mr. Cox has more than 25 years of experience in the areas of risk, banking, audit, and accounting. Previously, he was with HSBC Bank where he held senior management roles that included Director of Risk Management and Senior Audit Manager. Prior to joining HSBC Bank, he was Global Risk Manager at Prudential Portfolio Managers Ltd., responsible for credit, legal, and operational risk for the global business. A much in-demand speaker and trainer, Mr. Cox is the author of Banking and Finance: Accounts, Audit and Practice. He co-authored The Mathematics of Banking & Finance, and is the senior editor and author of several chapters in The Frontiers of Risk Management. More recently he has published an Introduction to Money Laundering Deterrence, The International Handbook of Money Laundering Deterrence, Risk Management in a Nutshell and two new volumes of Frontiers of Risk Management. .

Kathleen Crawford

Kathleen-Crawford-3Kathleen Crawford is a Senior Consultant for MIS Training Institute. She has more than 25 years' experience in internal audit and fraud investigation. Ms. Crawford is a consultant, specializing in assurance, investigative and advisory projects. Previously, she was an Internal Auditor for Vinfen Corporation, a private, nonprofit human services organization. There she assisted management in the standardizing operations, developing policies and procedures and improving processes. Ms. Crawford also investigated suspected financial crimes, collecting evidence to support successful prosecution and recovery of assets. She created unique methodology to detect and document fraud while complying with unique requirements of MA and CT human services regulations. Ms. Crawford began her career as a bank auditor, first with Bank of New England, then Eastern Bank and State Street Bank. In all three institutions, she was responsible for both internal audits and fraud investigations. Ms. Crawford holds an MBA from the University of Phoenix, attended Babson College Graduate School of Business, and holds a BA in English from Boston College. A member of the Institute of Internal Auditors, she is a past President of the Greater Boston Chapter of the IIA. She is also a member of the Association of Certified Fraud Examiners and the Association for Talent Development. Ms. Crawford serves as Treasurer of the Board of Trustees of the Foxborough Regional Charter School and its foundation, Friends of FRCS. She is also Chair of Vinfen Corporation's Family Advisory Council, a group that consults on issues important to persons with intellectual and developmental disabilities.

Ken Cutler, CISSP, CISA, CISM, Q/EH, Security+, CASP

Ken-Cutler-3Cutler is President and Principal Consultant of Ken Cutler & Associates (KCA) InfoSec Assurance. He is the Director – Professional Certification Programs for Security University. Mr. Cutler is also a Senior Teaching Fellow at CPEi (CPE Interactive), specializing in Technical Audits of CyberSecurity and related IT controls. He is an internationally recognized consultant and trainer in the CyberSecurity and IT Audit fields. He is both certified as and has conducted courses for: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Security+, and CompTIA Advanced Security Practitioner (CASP). Mr. Cutler is a Qualified Ethical Hacker (Q/EH), and both teaches and performs vulnerability/penetration testing around the world. In cooperation with Security University, he recently was featured in two full length training videos on CISSP and Security+. Mr. Cutler is a frequent and much-in-demand speaker on a wide array of CyberSecurity and IT Audit topics. He has delivered numerous hands-on CyberSecurity and outsourced IT Audit consulting projects through KCA and under various former MISTI affiliated professional services divisions, including the Information Security Institute (ISI) and Advanced Information Management (AIM)..


Greg-Duckert-3Greg Duckert is the Founder of Virtual Governance Institute LLC and is a Senior Consultant for MIS Training Institute. Mr. Duckert is an internationally recognized expert in the field of Enterprise Risk management. He is the author of the Wiley publication Practical Enterprise Risk Management: A Business Process Approach. He is Certified in Risk Management Assurance, Certified in Risk and Information Systems Control, a Certified Public Accountant, a Certified Information Systems Auditor, and is a Certified Internal Auditor.

Mr. Duckert was educated at the University of Wisconsin - Madison and obtained an MBA in Accounting in 1989, a BBA in Accounting in 1978, and a BA in Economics in 1971. He specializes in consulting with major organizations regarding progressive Twenty-First Century methodologies for the construction of data centric enterprise risk assessment and management models including Financial, Operational, Regulatory, and IT areas of concern that yield high business value. He also consults with his clients in all areas of ERM, as well as auditing including continuous audit / consulting platforms. Mr. Duckert is the sole developer and owner of a proprietary approach to risk assessment and management that is applied to both ERM and to enterprise risk data centric risk methodologies for Internal Auditing for organizations of all sizes. During 2012 he worked closely with the General Director - Global Automotive Audit & International Dealer Audit and the General Auditor and Chief Risk Officer of General Motors Corporation in transitioning to his proprietary audit approach known as ORCA™ (Outcome-Risk Centric Auditing). He is currently under contract with a major organization with revenues exceeding the multi-billion $ threshold to build risk based audit and ERM data centric models using his proprietary approaches. In addition, in depth hands on consulting is also performed in the areas of operational analysis and process improvement methodologies. He has developed extensive risk assessment metric inventories for evaluating risks in all organizational areas including operations, IT application systems, IT operations, regulatory and financial areas. Mr. Duckert has addressed the Permanent Undersecretary for Military Affairs of Parliament and the Defense Audit Board of the Ministry of Defense – United Kingdom on the subject matter of creating a risk based business approach to governmental oversight. He is involved in the building of or consulting on the creation of Data Centric Risk Assessment and Management models on an ongoing basis. He conducts seminars and workshops on a global basis and is a frequent speaker at conferences in his areas of expertise.

Mr. Duckert has been engaged in the professional practice of Internal Auditing and Risk Assessment and Management for over 35 years. He founded the Internal Audit function of a Fortune 500 corporation at the age of 27 and built the audit department from non-existence to a highly competent Financial, Operational, Information Technology and Regulatory audit body. He was also the General Auditor and Chief Audit Executive at two other major organizations. The audit positions were in the Manufacturing and Health Care industries. His work in Risk Assessment and Management spans virtually all key industry types

Mark Edmead, MBA, CISA, COBIT 5.0 Assessor, ISO 38500

Mark-Edmead-3Mark Edmead is the Managing Director at MTE Advisors and a Senior Instructor for MIS Training Institute. Mr. Edmead is a 30-year-veteran of computer systems architecture, information security, and project management. He has extensive knowledge of IT and application audits, IT governance, and SOX compliance auditing. He holds CISA, CISSP, DevOps, Lean IT, TOGAF 9.1 certifications, and is a COBIT 5.0 Certified Assessor. His focus is on IT Transformation, leadership, change management, process improvement, enterprise architecture, technology road mapping, strategic IT planning, IT organization analysis, IT portfolio management, and IT governance. He has worked with many international firms, and has the unique ability to explain very technical concepts in simple-to-understand terms. Mr. Edmead has authored articles in Compliance Advisor Magazine, IT Compliance Journal, IIA Insights, and The Auditor. In addition, he is an adjunct professor at the Keller Graduate School of Management.


SFlanders-3Shawna Flanders is MISTI’s Director of Instructional Technology & Innovation and Lead Technical Public Speaker / Trainer. With over 30 years of experience in the financial services sector, Ms. Flanders brings her real-world experience to every engagement. She has completed certificate programs in Risk Management from Kaplan University and Six Sigma Green & Lean/Black Belt from Villanova University, and has earned the Life Operations Management Association – Associate of Customer Service designation as well as holding certifications in CRISC, CISM, CISA and CSSGB. Ms. Flanders frequently speaks at conferences as well as within MISTI’s seminar, webinar and in-house businesses and has conducted over 100 CISA, CISM certification review programs since 2007 and was part of the CRISC certification review material development team and has taught the CRISC Review course since its preview in 2010. She designs her own course content and also has contributed and/or reviewed multiple publications including ISACA CRISC and CISM Review Manuals; Risk IT and COBIT® 5 for Risk. She also participated in development of the Risk Management and Assurance ISACA Training Week courses.

Martin Green, Esq.

M-Green-3Martin Green is a graduate of the Faculty of Arts and Sciences of the University of Toronto. He is also a graduate of the University of Windsor (Ontario) Law School. He immigrated to the United States in 1974.Martin Green is a senior instructor for MIS Training Institute. He has been a member of the MIS|TI faculty for more than 33 years. His areas of expertise include computer technology, networking, and IT and Data security. His popular seminars include: Network Security Essentials and Advanced IT Audit School. Mr. Green is the principal of Martin H. Green, P.C. Mr. Green concentrates his practice on the representation of companies in matters pertaining to computer technology, data protection, and protection of trade secrets, intellectual property, and copyright law. Mr. Green is a member of the Massachusetts Bar and is a member of the Bar of the Supreme Court of the United States. Mr. Green also maintains an active consulting practice to lawyers and other professional service businesses regarding networking and IT and Data security and related auditing and security challenges. .

Jeffrey T Hare, CPA, CISA, CIA

J-Hare-3Jeffrey Hare is the CEO of ERP Risk Advisors, a leading thought leadership firm providing risk advisory services for organizations running Oracle Applications. Mr. Hare’s extensive background includes public accounting (including Big 4 experience), industry, and Oracle Applications consulting experience. He has worked in the Oracle Applications space since 1998 with implementation, upgrade, and support experience. Mr. Hare has worked in several international locations, including Australia, Austria, Canada, Mexico, Brazil, United Kingdom, Ireland, Saudi Arabia, Germany, Panama, and United Arab Emirates. Mr. Hare published Oracle E-Business Suite Controls: Foundational Principles in 2018 (a second edition originally published as Oracle E-Business Suite Controls: Application Security Best Practices) and Auditing Oracle E-Business Suite: Common Issues in 2015. He has written white papers and articles, some of which have been published by organizations such as ISACA, the ACFE, and the OAUG. Mr. Hare is also a contributing author for Best Practices in Financial Risk Management, published in 2009.

Peter Higgins, CIA, CRMA

Peter Higgins 3Pete Higgins is a consultant for the MIS Training Institute and principle consultant/trainer for Boston Audit Solutions Group, which specializes in audit and risk management advisory and training services. Prior to starting Boston Audit Solutions Group, Mr. Higgins spent the majority of his career as an internal auditor in financial services, including three years as VP Corporate Audit Professional Practices at State Street Bank, where he was responsible for the research, design, implementation, and continuous improvement of audit methodologies and operating standards for approximately 200 audit professionals. Also at State Street, Mr. Higgins transitioned to the 1st-Line of Defense as VP Risk and Compliance, where he led a team (20+) to provide all facets of risk, compliance and audit/examination support for multiple business lines, geographies, and approximately 1,800 employees.

Lane Hollis, MBA, CPA, CFF

Lane-Hollis-3Lane Hollis is the President and CEO of Hollis, Pleiman and Company, P.A. located in Jacksonville, Florida. Before joining Hollis, Pleiman and Co., P.A., Ms. Hollis worked in the Internal Audit department as a corporate manager at Jacobs Engineering, Inc. While at the corporate office, she served as the lead investigator on numerous forensic investigations in the aerospace, technology, infrastructure, transportation, medical, oil and gas, and pharmaceutical sectors. Before joining Jacobs’ corporate office, she served as the Finance Manager in the program control department on the Cape Canaveral Launch Operations and Support contract for Delta, Titan, and Atlas unmanned rocket launches and with NASA on the Space Shuttle payload processing for missions to the International Space Station. Lane has worked at three of the Big Four accounting firms. She was an Audit Manager at Ernst & Young, LLC. an auditor at Coopers & Lybrand, LLC, and in the audit department at Peat, Marwick and Mitchell, LLC. She has extensive experience as an educator, as she has taught courses in Forensics and Fraud Auditing with MIS Training Institute, advanced accounting and auditing classes at Keiser University, Melbourne, Florida and advanced accounting courses at Southeastern Oklahoma State University in Durant, Oklahoma. She has conducted audits and investigation services, delivered seminars, and made numerous presentations for internal auditors, human resource professionals, and government agencies and companies in North and South America as well as in Europe. Lane is a Certified Public Accountant and Certified in Financial Forensics. The Certified in Financial Forensics (CFF) specialization/credential is awarded by the American Institute of Certified Public Accountants exclusively to qualified CPAs with considerable professional experience in financial forensics. Lane was recently appointed to the Florida Institute of Certified Public Accountants (FICPA) Valuation, Forensic Accounting & Litigation Committee.

Ken Jaworski, CISSP, CIPP, CIPM

Ken-Jaworski-3Ken Jaworski is a Data Security Specialist for Lochbridge Professional Services specializing in the fields of Data Security, Data Privacy, Business Continuity and Records Retention. He is responsible for a variety of assignments in both the public, private and educational sectors. Mr. Jaworski's present assignment is “Data Security Manager”, supplying enterprise wide expertise in Data Security, Data Privacy and Business Continuity for the City of Detroit. He has implemented his skills both as a practitioner and an instructor. Areas of expertise include: Data Security, Gap Analysis, Business Continuity including Data Centers, Workspace and Workforce recovery Data Privacy, Security Metrics, Project Management, Risk Management, Policy and Procedure Development, Configuration and Change Management, Insuring Secure Outsourcing, Insuring Safe Cloud Computing, Training and Awareness. Many of Mr. Jaworski's accomplishments have been through self-developed tools that assist in Risk Analysis, Privacy Impact Assessments, Business Impact Analysis and Gap Analysis. Prior to joining Lochbride, he had a 31-year career with Detroit Edison. While at Detroit Edison, he worked in the Information Protection organization and helped build the 1996 Information Protection Program of the Year. Prior to entering the Data Security field, Mr. Jaworski spent 18 years as an application developer/supervisor on a variety of systems the most important of which assisted in the operations and maintenance of a Nuclear Power Plant. As an instructor for MISTI since 1996, he has conducted numerous Management Level data security, data privacy and business continuity courses. Besides teaching course in the US, Mr. Jaworski has lead courses in Muscat, Hong Kong, Nigeria, Moscow, Singapore, Mexico, London and Amman. Recently, he was the lead consultant for the development, implementation and eventual maintenance of a nationwide awareness program in the country of Oman.

Stephen Kost

Stephen Kost is the Chief Technology Officer for Integrigy Corporation, which specializes in the securing mission critical databases and ERP applications. He has worked with Oracle products since 1994 in many roles including database administrator, technical architect, IT security auditor and applications administrator. Mr. Kost has been writing about and presenting on Oracle security and auditing since then. Prior to founding Integrigy, Mr. Kost worked at Ernst & Young and Price Waterhouse.

Joel Kramer, CPA

Joel-Kramer-3Joel F. Kramer is Managing Director of the Internal Audit Division of MIS Training Institute. Mr. Kramer joined MIS in 1982, and introduced its highly respected Internal Audit curriculum. In addition, his Audit Managers' and Directors' Symposium, SuperStrategies Conference, and The Audit Leadership Institute executive program are highly acclaimed throughout the internal audit community. Prior to joining MIS, Mr. Kramer was Director of Internal Audit for Instrumentation Laboratory, Inc. He also worked for both The Gillette Company and Coopers & Lybrand. Mr. Kramer was inducted into the Institute of Internal Auditors' American Hall of Distinguished Practitioners in 2013. He is a recognized speaker at international, national, and regional audit conferences. Mr. Kramer has written several articles for The Internal Auditor and Protiviti's KnowledgeLeader. He is a past member of the Board of Governors of the Greater Boston Chapter of the IIA, and currently serves on the Advisory Board of the Louisiana State University Center for Internal Auditing.

Susan Landauer, CPA

Sue Landauer-3Ms. Landauer is a partner in the firm Forensic Accounting Services Group, LLC, which specializes in fraud investigations, prevention and training. Her company is affiliated with the CPA firm Wojeski and Company CPAs, LLP. She is a certified public accountant, with over 25 years of experience in the accounting and the financial services industry. Ms. Landauer has conducted numerous fraud investigations for clients in various industries, including banking, manufacturing, construction and others. She has testified as an expert witness in federal and local courts. She began her career with a big four accounting firm, where she specialized in brokerage, banking, manufacturing, credit union and healthcare clients. She then worked for seven years at one of the nations’ top ten banking institutions, where she functioned as the Vice President and Financial Controller of the Trust subsidiaries and Private Banking department. Most recently Ms. Landauer was the Senior Vice President of the New York State Credit Union League, where she oversaw the Audit Services, Strategic Consulting, Education and Training, Foundation, Business Partners, Member Services and District Relations divisions. She is also a presenter of numerous fraud topics, financial information, internal controls and board of director responsibilities for various organizations, including the MIS Training Institute, CUNA, the Association of Credit Union Internal Auditors (ACUIA), NYSCUL, the New Jersey Credit Union League, The Ohio Credit Union League, the Pennsylvania Credit Union League, the Alabama Credit Union League, the Iowa Credit Union League, and various chapters of the Institute of Internal Auditors and Association of Certified Fraud Examiners, as well as regional conferences for Board of Directors and Audit Committees. Ms. Landauer graduated from Siena College with honors, receiving a Bachelors of Arts in Accounting. She is a licensed Certified Public Accountant. She is a member of the American Institute of Certified Public Accountants, the Association of Certified Fraud Examiners and the Capital District chapter of the Association of Certified Fraud Examiners.

Robert McDonough, CRP, CIDA

Robert-McDonough-3Rob McDonough is the Senior Research Manager of Angel Oak Consulting Group, a risk management consultancy serving the investment, risk management, and capital markets needs of financial institutions. He leads engagements which include investment portfolio performance and risk assessments, financial model validations, and strategic/regulatory stress testing implementations. Mr. McDonough also develops and delivers technical training and executive education for financial professionals in banking, investments, asset management, insurance, and regulation.Mr. McDonough was previously the Chief Risk Officer for Angel Oak Capital Advisors, LLC, an SEC-Registered Investment Advisor (RIA) with over USD 6 billion in assets under management. His responsibilities included developing risk monitoring systems to assess market, credit, and operational risks associated with multiple public and private investment funds. He worked closely with Angel Oak’s trading operations to implement controls for fixed income trade settlement processes including clearing, custody, counterparty due diligence, and collateral/margin management. He was also responsible for managing the internal policy compliance and external SEC regulatory compliance processes for Angel Oak. He is also the President and CEO of Strategic Financial Solutions, Inc., a financial services consultancy specializing in risk management consulting and training for institutions managing market, credit, operational, and other risks. Rob has co-sourced with many internal and external audit groups to develop programs and manage audit engagements for firms with significant investment and derivative trading operations. Mr. McDonough was with the Federal Reserve System for 12 years as an economic analyst and a capital markets safety and soundness examiner. His primary focus was regulatory policy development as well as assessing the condition of large complex domestic and international financial institutions. He has an MBA in Finance and Economics from Georgia State University and a BBA from Emory University in Business Administration. He has completed the CFA level I exam and will be sitting for the Level II exam in 2017. Mr. McDonough has delivered capital markets and risk management seminars and consulting services to financial institutions, trading organizations, central banks, and regulatory agencies across the U.S. as well as in Albania, Argentina, Azerbaijan, Bermuda, Brazil, Canada, Croatia, Denmark, the Republic of Georgia, Hong Kong, India, Ireland, Jamaica, Jordan, Kuwait, Lebanon, Malaysia, Mexico, Morocco, the Netherlands, Nigeria, Poland, Portugal, Romania, Russia, Singapore, South Africa, Trinidad and Tobago, the U.K., and Zimbabwe.

Dr. Hernan Murdock, CIA, CRMA

HMurdock3Dr. Hernan Murdock is Vice President, Audit Division for MIS Training Institute. Before joining MISTI, he was the Director of Training at Control Solutions International, where he oversaw the company's training and employee development program. Previously he was a Senior Project Manager leading audit and consulting projects for clients in the manufacturing, transportation, high tech, education, insurance and power generation industries. Dr. Murdock also worked at Arthur Andersen, Liberty Mutual and KeyCorp. Dr. Murdock is a senior lecturer at Northeastern University where he teaches management, leadership and ethics. He is the author of Auditor Essentials: 100 Tips, Tools and Techniques for Success, Operational Auditing: Principles and Techniques for a Changing World, 10 Key Techniques to Improve Team Productivity, and Using Surveys in Internal Audits. He has also written articles and book chapters on whistleblowing programs, international auditing, mentoring programs, fraud, deception, corporate social responsibility, and behavioral profiling. He has conducted audits and consulting projects, delivered seminars and invited talks, and made numerous presentations at internal audit, academic and government functions in North America, Latin America, Europe and Africa.

William Nealon, CIA, CFE, MBA

W-Nealon-3William J. Nealon is a Senior Consultant for MIS Training Institute. A former Audit Manager for the New York State Comptroller’s Office, Mr. Nealon was responsible for identifying, planning, and overseeing financial, operational, and programmatic audits and studies in the Higher Education, Tax and Health areas of government. His experience includes audits of the State University of New York, the City University of New York, New York State Department of Taxation and Finance and the New York State Lottery. He was the on-site audit supervisor during the $1.5 billion construction of the Nelson A. Rockefeller Empire State Plaza. During his career, Mr. Nealon was also the Chief Auditor of Refunds for New York State where he was responsible for the audit and approval of all personal and business tax refunds issued by the State. A 30-year audit veteran, Mr. Nealon’s career includes extensive experience in planning and designing audits to detect fraud and identify poor controls that increase fraud opportunities. He was involved in fraud scenarios that resulted in convictions, and he is currently developing a college-level fraud audit course. In addition, Mr. Nealon was an Adjunct Professor of Management at the Graduate College of Union University for 15 years, and an Adjunct Instructor at Rensselaer Polytechnic Institute’s Lally School of Management and Technology. He taught courses in accounting and auditing at the graduate and undergraduate levels. Mr. Nealon is a member of the Institute of Internal Auditors and the Association of Certified Fraud Examiners.

Charles Pask, CISSP, M.Inst.ISP

Charles-Pask-3Charles V. Pask is the Managing Director of ITSEC Associates Ltd, responsible for delivering global IT Audit and IT Security consultancy services. He was a founding member of the Institute of Information Security Professionals (IISP) and recognised globally as a thought leader in Information Security and IT Controls.Mr. Pask has over 30 years’ experience in IT, IT audit, and IT security, and has previously held Senior IT Auditor positions at Forward Trust Group (subsidiary of HSBC) and Alliance & Leicester Bank plc, and also Group Head of Information Security for Alliance & Leicester (10 years). Mr Pask was the Global Head of Strategy, Development and Globalisation for the BT Business Continuity, Security and Governance Practice. He was previously a Director with MIS Training, and Director of Information Security Institute (ISI) European and Middle East e-Security Services (2000-2). Mr. Pask has been a member of the ITSEC Common Criteria team working with the UK Government, and a committee member of the APACS Security Advisory Group and the LINK Security Group helping to regulate the UK Financial systems. Mr Pask provides IT Audit and Information Security related consultancy services as well as public training courses, in-house training courses, conferences and symposiums. He is recognised as an industry expert on the ISO27000 standards, COBIT, SP800-53, ISO22301, Risk Management, ISC2 CBK, PCIDSS, NIST standards and other Information Security related legislation, regulation and compliance requirements. Mr Pask’s clients includes a number of well-known organisations: Royal Court Affairs, Oman; United Nations (Geneva, New York, Brindisi, Nairobi); Lloyds TSB Bank; KPMG; Unisys; and Intrum Justitia. Mr Pask has Chaired and Co-chaired the prestigious Chief Information Security Officers (CISO) conferences in Europe, Africa and in the Middle East. He has spoken at a number of conferences, including CISO, WebSec, Compsec, the International Security Managers Symposium, and various ISACA events. Mr Pask delivers a number of MIS Training Institute’s IT Audit and Security training program in USA and EMEA. He has also previously been a Senior Instructor for ISC2 in EMEA for CISSP exam training classes. Mr Pask has personally helped over 400 students globally achieve the CISSP training exam.

Keith Pennifold, ACDA

Keith-Pennifold-3Keith Pennifold has been an ACLTM Certified Trainer since 1999 and became a Certified Master Trainer in 2004. As an ACL Certified Master Trainer, he has developed new trainers and helped them achieve their ACL Certified Training designation. Mr. Pennifold has delivered ACL training and consulting to multi-national, government, and financial clients worldwide. Prior to that, Keith worked as an Internal Auditor for a natural gas company where he was introduced to, and gained extensive experience in, the advantages of using ACL as an audit tool. Keith has over twenty years of experience in accounting and audit. He has held senior positions in both the US and Europe, including roles as Controller and Vice President of Finance. Keith is an ACL Certified Data Analyst (ACDA). .

Michael Podszywalow, MBA, CISSP, CISM, CISA, CEH

Podszywalow.Michael 3Michael Podszywalow, Founder and Security Consultant, SpyByte, LLC, performs technical and physical security assessments, including traditional penetration testing and specialized blended threat assessments, through his information security consulting business at SpyByte, LLC. Mr. Podszywalow’s specialty includes helping clients identify weaknesses in their security posture by applying a blended threat approach to targeting information. With a direct focus on protecting and defending critical assets, this approach helps businesses assess, implement, and manage security effectively. He earned an MBA degree from Indiana University and provides an array of security consulting services including assistance with IT Regulatory Compliance. He also works as a Director of Risk Management for Best-One Tire & Service. Mr. Podszywalow has worked as the Information Security Officer for Tower Financial Corporation. He was responsible for all facets of the information security program where he was routinely involved in risk assessments, awareness programs, business continuity, penetration testing, and policy/compliance with GLBA, SOX, PCI and other security requirements. His other areas of expertise include incident response, penetration testing and security awareness training. In the past, Mr. Podszywalow worked as a member of an information security team for Tetra Pak Global Information Management. The team was responsible for implementing physical and information security solutions to affiliated locations around the globe. Through this position, Mr. Podszywalow developed a unique understanding of the cultural implications of information security. Mr. Podszywalow's past work experiences cross national boundaries. He has lived in six countries and his international work experience includes assignments in Canada, Western and Eastern Europe, Singapore, Brazil, and Taiwan. He is a citizen of the United States, Canada, and Poland and speaks several languages.

Tony Redlinger, CIA, CISA, CISSP, CFE

Keith-Pennifold-3Tony Redlinger, CIA, CFE, CISA, CISSP, has more than 20 years of IT audit experience in industries ranging from financial services to nuclear science. He is currently a Senior Audit Manager for IHS Markit, a global information company headquartered in London, where his primary responsibility is management of the IT audit function. Over the course of his IT audit career, Mr. Redlinger has participated in a wide variety of audit activities, including multiple acquisitions and data center consolidations, Y2K readiness assessments, annual information security assessments based upon British Standard 7799 (ISO/IEC 27002), internal audit quality assessments, managing a SAS 70/SOC 1 initiative, launching anti-fraud program, and serving as a member of a security steering committee. He has presented on audit and security topics for IIA, ISACA, IMA, and PMI chapters as well as at conferences for the MISTI. He is a graduate of the University of Iowa.

David Richards, CIA, CPA

David-Richards-3David A. Richards is the former President of The Institute of Internal Auditors (IIA) and served as a member of The IIA International Board of Directors for more than 17 years. After holding various vice chairman positions on the board, he was elected the 2001-2002 IIA chairman of the board. In 2004, he was recognized for his extraordinary service to the association with The IIA’s prestigious Victor Z. Brink Award for Distinguished Service. Prior to his tenure as President of The IIA, Mr. Richards was Chief Audit Director at FirstEnergy Corp., the seventh largest investor-owned electric utility serving over four million customers in the Ohio, Pennsylvania and New Jersey areas. As CAE for FirstEnergy, he oversaw the planning, performance, resolution, reporting and implementation of the work of 30 auditors. During his 33 years at FirstEnergy, Mr. Richards served in a variety of capacities, including Supervisor of Accounts Payable, and Accountant in General Auditing, Project Team Leader for three merger transition teams, Y2K Project Leader and SOX Project Team Leader. He also oversaw the annual compliance process for the FirstEnergy Code of Conduct, initiated a Corporate Compliance Program and assisted in the development of the FirstEnergy’s Enterprise Risk Management Program. In addition, Mr. Richards served five years as a member of the COSO Board of Directors during the period when the COSO documents on Enterprise Risk Management Integrated Framework (2004), Internal Control over Financial Reporting Guidance for Small Businesses (2006) and Guidance on Monitoring of Internal Control Systems (2009) documents were issued. He served two years on the Audit Board for the City of Orlando and was a member of the Edison Electric Institute Internal Auditing Committee for more than 24 years, including one year as chair.

Rita Roberts, ACDA, CISA

Rita-Roberts-3Rita Roberts is an ACLTM Certified Master Trainer and has been instrumental in helping clients apply ACLTM to meet their data analysis requirements throughout North America, specializing in the banking & finance and healthcare industries. Rita has many years of Information Systems’ audit experience with organizations in healthcare, hospitality, financial services, and public accounting. Rita has a Bachelor of Science with concentration in Finance from the McIntire School of Commerce at the University of Virginia, and was previously named in Who’s Who in the Computer Industry. She is a Certified Information Systems Auditor (CISA) and is also an ACLTM Certified Data Analyst (ACDA).

Fred Roth, CISA

Fred-Roth-3Fred C. Roth is a Senior Instructor for MISTI. He is a frequent speaker at international conferences and delivers IT control and security training on a worldwide basis. As the former Vice President of MISTI's IT Audit Division for 15 years, he facilitated and coordinated the IT Audit curriculum. Previously, as IT Audit Manager at Eastman Kodak Company, he had worldwide responsibility for planning and coordinating Kodak’s IT audits in the United States, Asia, Europe and South America. Mr. Roth was a key player in Eastman Kodak’s successful worldwide SAP implementation, where he was responsible for the Corporate Audit partnership on the project and for assessing controls during system design and implementation.

Thomas Salzman, CISA, ITIL

Tom-Salzman-3Thomas Salzman is IT Audit Manager for Illinois State University, where he manages all computer audits conducted by the University. His responsibilities include working with educational and administrative departments throughout the University to prepare and streamline IT policies and procedures, improve operational processes and controls, and develop methodologies for managing computer resources. His work requires him to be skilled in telecommunications controls, application management, computer intrusion, security management, and application design and development. A much in-demand speaker, Mr. Salzman teaches a variety of computer management and audit topics worldwide. He has presented numerous IT courses throughout the world, including the USA, Panama, Canada, Argentina, England, Hungary, Indonesia, Turkey, United Arab Emirates, Kuwait, Singapore, Japan, Guam, Puerto Rico, Cyprus, Trinidad and Tobago, and Guyana. Mr. Salzman develops and conducts IT audit courses for MIS Training Institute. Most recently, he also has been conducting IT audit and control webinars with MIS Training Institute. Mr. Salzman is the recipient of the College and University Auditors Excellence in Service Award and is honored to be an original member of the Association of College and University Auditors Faculty. He also has served on the faculty of DePaul University in Chicago. Mr. Salzman has assisted a number of financial institutions, manufacturing concerns, universities, government agencies, and energy companies with building new IT and IT audit functions from scratch. Previously, Mr. Salzman was Director of Professional Services for the Information Systems Audit and Control Association (ISACA) where he was responsible for establishing and supporting its worldwide network of educational programs, conferences, and special events. He also served as editor and co-author of the ISACA CISA Review Manual. Prior to joining ISACA, Mr. Salzman was with Coopers & Lybrand, heading their Technical Training & information Security practices. Mr. Salzman has been President of the Institute of Internal Auditors NW Chicago Chapter, and Treasurer of the IIA Central Illinois Chapter.


MSiero-3Mary Siero is Senior Instructor for MISTI. She is an executive level Information Technology Consultant and the President of Innovative IT, a leading North Carolina based information technology consulting firm that specializes in IT operational, compliance and security consulting.Ms. Siero’s career includes ten years in healthcare as a Chief Information Officer and five years in the gaming industry as Vice President of IT Operations, both heavily regulated industries. She has over 40 years’ experience in engineering and technology from industries such as Healthcare, Government, Education, Gaming and Hospitality, Consumer Products, and Manufacturing.Ms. Siero is active in the information system security community and has provided testimony on the record for the State of Nevada Information Technology Board regarding The Current and Future Cyber Threat. She routinely presents at national conferences on information technology topics; holds several professional IT security certifications including CISSP, CISM and CRISC; and is the author of Safeguarding Your Organizations Data: A Call to Action. She is a Charter Member of the FBI Citizen’s Academy Alumni Association in Las Vegas, , and is a member in good standing of the International Information Systems Security Certification Consortium (ISC)2, the Information Systems Security Association (ISSA), , the Information Systems Audit and Control Association (ISACA), and the North Carolina Technology Association She is a graduate of the University of Detroit with a Master’s Degree in Polymer Chemistry and a graduate of Michigan State University where she obtained her Bachelor’s Degree in Chemistry.

Marilyn Stanton, MSOD, ICC

Marilyn-Stanton-3Ms. Stanton is the Managing Partner of Illuminated Consulting LLC a leadership coaching, strategic change, and people development firm based in San Francisco. She specializes in coaching global leaders on reaching their full potential and in customized consulting with worldwide clients on implementing strategic change, aligning their organization to achieve business strategy, and on building productive workplaces with effective interpersonal interaction and with cross-functional and intact teams. Ms. Stanton’s 25 plus years of international and North American experience includes working on management and infrastructure strengthening, implementing a systems-wide internal controls framework (COSO) and Talent Management Strategy at the 12th District Federal Reserve Bank, and consulting to Fortune 500 firms in the manufacturing, retail, high-tech, and bio-tech sectors on developing global leaders and workforce, strategic change initiatives such as SOX implementation, private payments network installation, global supply chain redesign, key meeting facilitation, and IT systems implementation. Her firm also specializes in assessing and developing intercultural leadership competencies to reduce business risks associated with miscommunication and mistrust in critical international or domestic multicultural business relationships. Ms. Stanton has also been an instructor at the college and university level for 20 years where she taught various courses on organizational change and doing business globally. She holds a MSOD (Masters of Science in Organization Development), certified ICF PCC Leadership Coach trained by ICC and CTI with over 2500 hours of coaching, and is a member of both the US and European Organization Design Forum (ODF).

Alan Sugano

Alan-Sugano-3Alan Sugano is a Sr. Instructor for MISTI. He attended California State University, Northridge (CSUN) and graduated with a double major in Management Information Systems (MIS) and Management Systems Analysis (MSA). After graduation, he worked at Coopers & Lybrand (now Price Waterhouse Coopers) for several years in their Microcomputer Advisory Services Group (MAS) as a consultant. Mr. Sugano is now the President of ADS Consulting Group, Inc. (ADS) and ADS Cloud. Founded in 1991, ADS specializes in Security, Networking, Server Virtualization, Workstation Virtualization, Application Virtualization, Exchange, Custom Programming, PCI Compliance, Web Development, SharePoint and SQL Server Development. Mr. Sugano has given talks on Virtualization, Storage, Network Audits/Security, Troubleshooting, Server Selection, Network Documentation, Network Management, Network Design and Topologies, SQL Databases, Disaster Recovery and Cloud Migration. He speaks at IT/DevConnections Conferences, sponsored by Windows IT Pro Magazine. ADS Cloud was started in 2013 and is hosted at Switch Las Vegas. It is a private Cloud and Backup Service that is VMware vCloud Director based and has 100% uptime since 2013. Mr. Sugano leveraged his IT Infrastructure expertise to build a highly secure, scalable, customizable and flexible Cloud Infrastructure for ADS Cloud Clients.Mr. Sugano is a Contributing Editor for Windows IT Pro and has articles published in the magazine several times a year. He wrote a book titled the Real-World Network Troubleshooting Manual, which is a practical guide to network troubleshooting. Mr. Sugano was a Microsoft Most Valuable Professional (MVP) in Connected System Developer from 2004 to 2008. Mr. Sugano teaches Virtualization and Active Directory Security Classes for MISTI several times a year.

Sarah Swanson

Swanson Sarah 3Sarah Swanson is the founder of Tumbleweed Writing and a consultant for MIS Training Institute. As a professional writer and editor, she has 17 years experience in technical, marketing, and audit report writing. In 2005, Ms. Swanson joined Hewlett Packard’s Internal Audit team. At HP, she saw that auditors often struggled to write final reports. She committed herself to making the writing experience better. Sarah takes a simple, formulaic approach to writing with focus on content, grammar, and brevity. Her goal is to empower auditors to take command of their writing and create impactful reports that get released on time. The trainings she created for HP led her to working with other companies including Corporate Executive Board, Audit Directors Roundtable, various chapters in The IIA, and multiple private and public corporations throughout the world.

Jim Tarantino, CISA, CRISC, ACDA

Jim-Tarantino-3Jim Tarantino is a Manager at RSM, one of the largest accounting and consulting firms in the world. He has over 20 years of information technology, analytics, audit and GRC experience with a recognized expertise in developing solutions to enable data-driven auditing, risk assessment and investigations. Prior to joining RSM, he was the Client Solutions Director for High Water Advisors, a consulting firm specialized in using technology to help organizations improve governance, risk management, compliance (GRC) and audit processes. He has also held a number of GRC practitioner roles including Solution Lead/Practice Manager for ACL Services, Senior Auditor at RTI International, and various management positions at Nortel Networks implementing a HR analytics program. Mr. Tarantino holds a bachelor’s degree in Psychology and master’s degree in Industrial/Organizational Psychology from North Carolina State University. As a member of the IIA, ISACA and ACFE, he participates in local chapter activities, including serving as an instructor for CISA certification exam preparation seminars.

Richard Tarr, CISA, CIA

Richard-Tarr-3Richard H. Tarr is an audit and information systems (IT) veteran. As an audit and information systems consultant and President of Richard Tarr and Associates, his consulting practice specializes in: the development and training of integrated internal auditing functions; internal audit quality assurance reviews; and application and general control reviews. His extensive experience includes the development, training, and evaluation of internal audit departments in government, industry and higher education with more than 100 external quality assessment reviews over the past 20 years. Previously, he was the Manager of Quality Assurance Review Services for the Institute of Internal Auditors (IIA) and was with the Walt Disney Company for 10 years.

John Verver CPA, CISA, CMC

John-Verver-3John Verver is the Global Director of Analytics Strategy with High Water Advisors. Previously, he was a vice president with ACL, with overall responsibility for ACL’s product and services strategy, as well as for relationships with key organizations in the audit, compliance, risk, and control market. His responsibilities at ACL included leadership and growth of ACL’s professional services organization, including consulting, training and technical support. John is acknowledged as an expert authority and domain thought leader on audit analytics and continuous controls monitoring and led the overall development of ACL's original CCM product suite. He is regularly asked to speak at global audit and control conferences and is an inaugural member of the Center for Continuous Auditing's advisory board. John was a key contributor to the Institute of Internal Auditor's Global Technology Audit Guide #3 on continuous auditing and controls monitoring. Prior to joining ACL, John spent 15 years with Deloitte in the UK and Canada. During his tenure, he was director of computer services, with responsibility for IT audit and security services, as well as accounting systems consulting and implementation. He subsequently became a principal, responsible for building and managing the business system development and implementation practice in British Columbia. John is a Chartered Professional Accountant, Certified Management Consultant and Certified Information System Auditor. He has served on the Council of the Institute of Management Consultants of B.C. and on a variety of committees of the Institute of Chartered Accountants of B.C. He has an honors degree from King's College, University of London, England.

Leonard Vona, CPA, CFE

L Vona-3Leonard W. Vona is the CEO of Fraud Auditing and cited by Wiley as a world- renowned authority in fraud auditing. He is the author of Fraud Risk Assessment: Building the Fraud Audit Program, The Fraud Audit: Responding to the Risk of Fraud in Core Business Systems, and Fraud Data Analytics Methodology: The Fraud Scenario Approach, published by Wiley. A forensic auditor with more than 38 years of diversified forensic auditing experience, he has provided more than 1,500 days of fraud training around the world in over thirty-seven countries and 48 states. Mr. Vona has provided fraud auditing consulting services regarding fraud risk assessment, fraud auditing, and fraud data analytics for some of the largest organizations in the world. He has provided expert witness testimony in federal and state courts and consulted with corporations around the world. His financial investigation experience includes embezzlement, economic damage, asset theft, bribery, intellectual property, and various disbursement schemes. Mr. Vona’s trial experience is extensive, including appearances in federal and state courts. He has been cited in West Law for the successful use of circumstantial evidence as establishing evidence of embezzlement. He previously has instructed for the National Association of Certified Fraud Examiners, Lally School of Management at Rensselaer Polytechnic Institute, and wrote the class ‘Auditors Responsibility for Detecting Fraud – SAS 99’, used by CPA societies across the country. His international training experience spans five continents and includes training through interpreters in the languages of Spanish, Portuguese, and Russian.Mr. Vona graduated from Siena College with honors, receiving a Bachelor of Business Administration in Accounting. He is a member of the American Institute of Certified Public Accountants and the National Association of Certified Fraud Examiners. He was the 1994 President of the N.Y. Capital Chapter of the Association of Government Accountants and the founding President of the Albany Chapter of Certified Fraud Examiners.

Tom Winson, CPA, ACDA

Tom-Winson-3Tom Winson is a consultant with RSM, a global accounting firm. As part of RSM’s data analytics practice, his focus is on applying analytics to improve organizations’ risk assessment, governance, compliance, and internal audit capabilities. Prior to joining RSM, he was an external financial auditor for seven years at a regional public accounting firm based in Dallas-Fort Worth. Within the last five years, he helped establish the firm’s data analytics practice by developing all aspects: from establishing strategy and standards, to development of a cohesive set of processes. He has experience with developing analytics systems for audit organizations as well as developing specific analytics as a consultant to assist organizations in various areas such as inventory, expenditures, and fraud detection. Mr. Winson holds a Bachelor’s Degree in Electrical Engineering from the University of South Florida and a Master’s Degree of Professional Accounting from the University of Texas, Arlington. He is a CPA and an ACL Certified Data Analyst.

William Woodington, CPA, CIA

WWoodington-3Mr. Woodington is President of Woodington Training Solutions, LLC. He spent 18 years managing the Learning & Development (L&D) function for Wells Fargo Audit & Security before starting his own business, which delivers internal auditing and professional development training. He is based in Minneapolis and holds a CPA, CIA, and CRMA, with a bachelor’s degree in Accounting and a master’s degree in Finance. He is also a member of the Institute of Internal Auditors (IIA) and Association for Talent Development (ATD). Mr. Woodington spent four years as an Audit Specialist supervising audit projects prior to moving into the L&D position at Wells Fargo. Prior to that, he worked for First Bank System and Deloitte and Touche. In his position at Wells Fargo, he was responsible for teaching the core curriculum classes (New Hire Orientation, Auditor In-Charge Training, CIA Exam Review, Effective Writing, Situational Leadership, and Leadership 101) to Wells Fargo’s Audit staff. He was also responsible for developing and delivering virtual training related to audit topics, and managing Audit & Security University at Wells Fargo. Mr. Woodington has taught seminars for the Institute of Internal Auditors (IIA) and MIS Training Institute (MISTI) He is certified by the IIA to teach CIA Exam Review. He is also certified by the Ken Blanchard Companies to teach Situational Leadership II.