Candy Alexander, CISSP CISM

Candy-Alexander-3As an industry recognized expert and hall of fame member, Candy Alexander has profound experience in performing many aspects of information security which she obtained through various information security roles. She has over 25+ years in the security industry working for companies such as Digital Equipment, Compaq Computer Corporation, and Symantec. Candy is often requested to present at various conferences. Her most memorable to date is the session at the United Nations where she was a featured speaker for the IT Security Symposium and running in close second is an invitation to the Offices of the White House to speak on the importance of security awareness to the President’s “Cyber-Czar” staff. In her ongoing commitment to “give back” Ms. Alexander volunteers as a Director on the ISSA (Information Systems Security Association) International Board where she is the chief architect for the Cybersecurity Career LifecycleTM. She is also the past President and current Board Member of the ISSA Education and Research Foundation. She has also served as Vice President of Education and Vice President of International Relations for the ISSA. She remains a loyal member at the local level with the New England Chapter and the ISSA-New Hampshire Chapter. Ms. Alexander has received numerous awards and recognition, including that of Distinguished Fellow of the ISSA ranking her as one of the top 1% in the association and she was inducted into the ISSA Hall of Fame in 2014. Candy has held several positions as CISO (Chief Information Security Officer) for which she developed and managed Corporate Security Programs. She is now working as a virtual CISO and Cybersecurity consultant.

Patrick Allen

Patrick AllenPatrick is a retired Master Chief of the U.S. Navy. He has 20+ years in IT implementation project management and over nine years in IT field service. Patrick has his BSEE & MSEE from The University of Alabama at Birmingham. He also has his certifications for CompTIA A+, Network+, & Security+. LeaderQuest logo

Anthony Bellezza, CPA, CGMA


Anthony J. Bellezza, CPA, CGMA, is an independent advisor and has been a Senior Faculty Member of MISTI for over ten years. Previously, he served as the Senior Vice President & Chief Compliance Officer (CCO) at Rite Aid.  In addition to being the CCO, Tony was the Chief Risk Officer & Chief Ethics Officer for the company. Tony reported directly to the Board of Directors and was responsible for the efforts of over 1,000 associates that were linked together in the Chief Risk / Chief Compliance Office. The functional areas that reported to Tony included: asset protection and security activities; corporate and field compliance monitoring; the privacy office; investigations and ethics; risk and controls: internal auditing – financial, operational and information systems; and all coordination, monitoring and training of governance, risk and compliance.  While at Rite Aid, Tony’s team generated over $200 million in cost savings and implemented measures to reduce risk and reduce the cost of compliance.

Prior to Tony’s Rite Aid experience, he was a Partner at Ernst & Young, LLP (EY). While at EY, Tony served as the Mid-Atlantic Business Risk Services (BRS) Practice Leader and was also the Retail, Distribution and Manufacturing Industry Leader for the BRS practice. At EY, Tony played a key role in developing the firm’s Internal Audit Service delivery approach and methodology and in designing the educational and training programs for the practice. Tony has worked with over 20 Fortune 1000 Companies helping them in many areas from: establishing internal audit functions; implementing the requirements of the Sarbanes-Oxley Act; conducting strategic risk assessments; performing operational audits and fraud investigations; implementing control self-assessment programs, leading due diligence efforts on acquisitions and integrating governance, risk and compliance activities. While at EY, his team generated several hundred million dollars of cost savings for their clients.

Tony also has extensive international experience as he was the Chief Audit Executive for Harsco Corporation, a global Fortune 1000 company.  In this capacity, Tony directed both a domestic and international team performing audits in over 30 countries. 

Tony is an independent advisor and senior faculty member for the MIS Training Institute (MISTI).  He plays a major role as lead seminar instructor / facilitator and keynote speaker at several conferences. He is the creator of three programs: a comprehensive three-day program focusing on Governance, Risk and Compliance (GRC) and the associated best practices to build an integrated infrastructure; a two-day program that focuses on Auditing Corporate Culture and Ethics; and a three-day program on Auditing and Teaming with the Corporate Compliance Function. Each of these programs leverage Tony’s “career and real world” experiences.

Gary Bell

Bernard MarkBorn in Billings, MT, Gary attended the Oklahoma City University, the University of Central Oklahoma, The University of Oklahoma, and Oklahoma City Community College. He has his BS in Marketing and a MEd (Masters Adult Education). His proudest accomplishments come from helping students connect with job placement contacts. He’s worked with companies like Dell, Purina, and many others to facilitate great jobs. Gary has 25 years of IT experience with work in sales, CNE (Certified Novell Engineer) networking, MSCA, and certified C-Tech copper and fiber optic instructor. Eleven years teaching and training students in CompTIA, Microsoft, cabling, job skills, & soft skills. He has certifications in CompTIA A+, Network+, Microsoft MCSA (4 subjects), CNE, C-Tech copper/fiber cabling courses taught at LeaderQuest. LeaderQuest logo


Bernard MarkMark Bernard is the lead instructor for MISTI’s Cybersecurity and Management Systems Framework course. Mr. Bernard joined MISTI in 2018 where he has introduced the highly respected Cybersecurity Management System Framework (CMSF) Curriculum. The CMSF was created to assist program managers and auditors with the implementation, operations and monitoring of Cybersecurity programs, so they can get their program up and running quickly. He is also responsible for the first published NIST Cybersecurity Framework course, released in 2014. This course is currently being redesigned into an online self-directed course. Prior to joining MISTI, Mr. Bernard founded Secure Knowledge Management an International Cybersecurity Training and Consulting company where he continues to play the role of Chief Executive Officer. He has played a strategic leadership role in many industries including banking, insurance, government, pharmaceutical, nanotechnology, health care, transportation, technology, and manufacturing. Mr. Bernard is regarded as a cybersecurity thought leader by thousands of followers on social media. In 2002 he founded the Atlantic Canada High Technology Crime Investigation Association. In 2015 Mark published the first NIST Cybersecurity Framework Foundation course. Mr. Bernard was trained by IBM on IBM’s AS400 and worked with IBM Global Services Red Team conducting penetration testing against off shore financial institutions. He has led the design and implementation of domestic and international Enterprise Information Security Programs for US and Canadian organizations using best practices. In addition, Mr. Bernard taught a Third Year College Diploma Course in Systems Engineering and holds the following professional certification and licenses: CISSP, CISM, CISA, CGEIT, CRISC, ISO 27001 Lead Auditor, COBIT Foundation, ITIL Foundation, PM, PA, Ministry of Justice Security Worker License.

Steve Biskie, CISA, CITP, CPA, CGMA

Biskie-Steve-3Steve Biskie is a Director at RSM, one of the largest accounting and consulting firms in the world. Prior to joining RSM, he was co-founder and Managing Director of High Water Advisors, a consulting firm focused on helping organizations improve governance, risk management, compliance (GRC) and audit processes. Mr. Biskie was formerly the President of ERP Audit Solutions and Customer Solutions Director at ACL Services, Ltd. First introduced to SAP in the mid-90s while working as an external auditor for Deloitte & Touche, Mr. Biskie has been involved with SAP systems in a variety of roles, including as an internal auditor, consultant, implementation team member, compliance team lead, and SAP Steering Committee Chair. He worked directly with SAP as part of the SAP Influence Council for the Management of Internal Controls (MIC) tool (the first iteration of what is now SAP Process Control), and has been an advisor to SAP for both SAP Fraud Management and SAP Audit Management. A much sought-after trainer on SAP governance, audit, and control topics, Mr. Biskie is consistently rated as a top speaker at the SAP GRC conference. Mr. Biskie was an Expert Reviewer for Security, Audit, and Control Features: SAP ERP (3rd & 4th Editions), and authored Surviving an SAP Audit.

Jerod Brennen, CISSP

J-Brennen-3Jerod Brennen is an information security consultant with over a decade of IT, information security, and compliance experience. He has extensive experience in performing security assessments, penetration tests, and security architecture reviews, as well as evaluating security technologies on behalf of his clients. He applies his hands-on experience in support, management, and budgeting roles to help clients identify and implement reasonable and appropriate security controls to meet their security and compliance obligations. Previously Jerod was the CTO and Principal Security Consultant with Jacadis, an award-winning security solutions and services provider. Prior to joining Jacadis, Jerod spent years as an Information Security Specialist with American Electric Power, one of the largest electric utilities in the U.S., before moving to Abercrombie & Fitch (A&F), a multibillion dollar international luxury retailer. At A&F, Jerod built out and managed the information security program. His team was tasked with security operations, PCI and SOX compliance, and identity and access management. Jerod’s approach to information security has two key tenets: you shouldn’t be afraid to void warranties, and you shouldn't need to bypass security to get your work done.

John Brown

John BrownIn his 40+ years of experience, John has worked in almost every aspect of IT including operations, programming, database management, desktop support, server support, and more. He started with rack-mounted minicomputers while serving in the U.S. Coast Guard and moved on to mainframes in college. For the last 10 years, he has applied this extensive experience to his true passion of teaching Microsoft and CompTIA subjects. John has his BS in Computer and Information Sciences from the College of Engineering. He has certifications in CompTIA A+, Network+, Security+, Project+, Server+, ITIL Foundation, MCSA, Windows 7, and MCSA Server 2003, & MCSA Server 2008. LeaderQuest logo

Jason Claycomb, CISA, CISSP

JClaycomb-3Mr. Claycomb is the founder of INARMA LLC, where he helps clients build and maintain IT and enterprise GRC policies and processes. He is a 30-year veteran in cybersecurity, IT governance, and audit. Mr. Claycomb brings a realistic approach to GRC to comply with laws, federal regulations, and industry best practices, utilizing NIST as a foundation for risk assessment. He is proficient in IT governance, planning, systems development and installation, data analysis and reporting, and in evaluating logical and physical controls. Prior to founding INARMA, he served as National Director of IT Services at Experis, and a Manager at PricewaterhouseCoopers (PWC). Mr. Claycomb also served as the Director of IT Services at CrossCheck Compliance LLC, and as an IT Auditor at a Chicago based bank holding company. He is a member of ISACA and ISSA. Mr. Claycomb has particular experience working with highly regulated companies in the banking, financial services, and insurance industries. He has helped many SEC regulated firms to analyze risk, develop, and manage GRC and cybersecurity programs.

Dennis Cox, BSC, FCA, FISI

Dennis-Cox-3Dennis Cox is the Founder and Chief Executive of Risk Reward Ltd, where he oversees all consulting and training projects. He is also directly available to clients, offering international best practices and practical local financial services sector knowledge. In addition, he specializes in risk management, financial crime deterrence, fraud analysis, business strategy as well as other business and regulatory requirements. Mr. Cox has more than 25 years of experience in the areas of risk, banking, audit, and accounting. Previously, he was with HSBC Bank where he held senior management roles that included Director of Risk Management and Senior Audit Manager. Prior to joining HSBC Bank, he was Global Risk Manager at Prudential Portfolio Managers Ltd., responsible for credit, legal, and operational risk for the global business. A much in-demand speaker and trainer, Mr. Cox is the author of Banking and Finance: Accounts, Audit and Practice. He co-authored The Mathematics of Banking & Finance, and is the senior editor and author of several chapters in The Frontiers of Risk Management. More recently he has published an Introduction to Money Laundering Deterrence, The International Handbook of Money Laundering Deterrence, Risk Management in a Nutshell and two new volumes of Frontiers of Risk Management. .

Kathleen Crawford

Kathleen-Crawford-3Kathleen Crawford is a Senior Consultant for MIS Training Institute. She has more than 25 years' experience in internal audit and fraud investigation. Ms. Crawford is a consultant, specializing in assurance, investigative and advisory projects. Previously, she was an Internal Auditor for Vinfen Corporation, a private, nonprofit human services organization. There she assisted management in the standardizing operations, developing policies and procedures and improving processes. Ms. Crawford also investigated suspected financial crimes, collecting evidence to support successful prosecution and recovery of assets. She created unique methodology to detect and document fraud while complying with unique requirements of MA and CT human services regulations. Ms. Crawford began her career as a bank auditor, first with Bank of New England, then Eastern Bank and State Street Bank. In all three institutions, she was responsible for both internal audits and fraud investigations. Ms. Crawford holds an MBA from the University of Phoenix, attended Babson College Graduate School of Business, and holds a BA in English from Boston College. A member of the Institute of Internal Auditors, she is a past President of the Greater Boston Chapter of the IIA. She is also a member of the Association of Certified Fraud Examiners and the Association for Talent Development. Ms. Crawford serves as Treasurer of the Board of Trustees of the Foxborough Regional Charter School and its foundation, Friends of FRCS. She is also Chair of Vinfen Corporation's Family Advisory Council, a group that consults on issues important to persons with intellectual and developmental disabilities.

Ken Cutler, CISSP, CISA, CISM, Q/EH, Security+, CASP

Ken-Cutler-3Cutler is President and Principal Consultant of Ken Cutler & Associates (KCA) InfoSec Assurance. He is the Director – Professional Certification Programs for Security University. Mr. Cutler is also a Senior Teaching Fellow at CPEi (CPE Interactive), specializing in Technical Audits of CyberSecurity and related IT controls. He is an internationally recognized consultant and trainer in the CyberSecurity and IT Audit fields. He is both certified as and has conducted courses for: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Security+, and CompTIA Advanced Security Practitioner (CASP). Mr. Cutler is a Qualified Ethical Hacker (Q/EH), and both teaches and performs vulnerability/penetration testing around the world. In cooperation with Security University, he recently was featured in two full length training videos on CISSP and Security+. Mr. Cutler is a frequent and much-in-demand speaker on a wide array of CyberSecurity and IT Audit topics. He has delivered numerous hands-on CyberSecurity and outsourced IT Audit consulting projects through KCA and under various former MISTI affiliated professional services divisions, including the Information Security Institute (ISI) and Advanced Information Management (AIM).

Gregory H. Duckert, MBA, CERMDA, CARDA, CFADA, CPA, CRISC, CRMA, CISA, CIA, CMA Founder of Virtual Governance Institute LLC / Senior Consultant - MISTI

Greg-Duckert-3Mr. Duckert is an internationally recognized expert in the field of Risk and Enterprise Risk Management. He is the author of "Data-Centric ERM: Common That Isn't Very Common". He holds 9 professional certifications and an MBA. Mr. Duckert was educated at the University of Wisconsin - Madison and obtained an MBA in Accounting, a BBA in Accounting, and a BA in Economics. He has written over 30 seminars for and conducts a variety of them currently with MIS Training Institute where he is Senior Consultant. He is also a frequent speaker at national and international conferences. He consults with major organizations regarding progressive data centric ERM models designed to make ERM a profit and not a cost center. He also consults with audit departments in building continuous and continual audit / consulting platforms. Mr. Duckert is the sole developer and owner of a proprietary approach to risk assessment and management that is applied to organizations of all sizes. He worked closely with the General Director - Global Automotive Audit & International Dealer Audit and the General Auditor and Chief Risk Officer of General Motors Corporation in transitioning the GM audit shop to his proprietary audit approach known as ORCA™ (Outcome-Risk Centric Auditing). When implemented it resulted in savings of over $40 million in the first 8 months of operation. He is currently under contract with a major multi-billion $ organization to build an ERM data centric model using his proprietary approaches. In addition, he also performs in depth, hands on consulting in the areas of operational analysis and process improvement methodologies. He has developed extensive risk assessment metric inventories for evaluating risks in all organizational areas including operations, IT, regulatory and financial areas which are marketed through Virtual Governance Institute. Mr. Duckert has addressed the Permanent Undersecretary for Military Affairs of Parliament and the Defense Audit Board of the Ministry of Defense – United Kingdom on the subject matter of creating a risk-based business approach to governmental audit oversight. He has been engaged in the professional practice of Internal Auditing, Risk Assessment and Management for over 40 years. He founded the Internal Audit function of a Fortune 500 corporation at the age of 26 and built the audit department from non-existence into a highly competent Financial, Operational, Information Technology and Regulatory audit body. He was also the General Auditor and Chief Audit Executive at two other major organizations, in the Manufacturing and Health Care industries. His expertise in data-centric Risk Assessment and Management spans virtually all key industry types.

Mark Edmead, MBA, CISA, COBIT 5.0 Assessor, ISO 38500

Mark-Edmead-3Mark Edmead is the Managing Director at MTE Advisors and a Senior Instructor for MIS Training Institute. Mr. Edmead is a 30-year-veteran of computer systems architecture, information security, and project management. He has extensive knowledge of IT and application audits, IT governance, and SOX compliance auditing. He holds CISA, CISSP, DevOps, Lean IT, TOGAF 9.1 certifications, and is a COBIT 5.0 Certified Assessor. His focus is on IT Transformation, leadership, change management, process improvement, enterprise architecture, technology road mapping, strategic IT planning, IT organization analysis, IT portfolio management, and IT governance. He has worked with many international firms, and has the unique ability to explain very technical concepts in simple-to-understand terms. Mr. Edmead has authored articles in Compliance Advisor Magazine, IT Compliance Journal, IIA Insights, and The Auditor. In addition, he is an adjunct professor at the Keller Graduate School of Management.


SFlanders-3SShawna Flanders is MISTI’s Director of Instructional Technology & Innovation and Lead Technical International Public Speaker / Trainer. With over 30 years of experience in the financial services sector, Ms. Flanders brings her real-world experience to every engagement. Ms. Flanders has completed certificate programs in Risk Management from Kaplan University and Six Sigma Green & Lean/Black Belt from Villanova University, and has earned the Life Operations Management Association – Associate of Customer Service designation as well as holding certifications in CRISC, CISM, CISA and CSSGB. Ms. Flanders frequently speaks at conferences as well as within MISTI’s seminar, webinar and in-house businesses. She has conducted over 100 CISA, CISM and CRISC certification review programs since 2007 and was part of the CRISC certification review material development team. She also has taught the CRISC Review course since its preview in 2010. She designs her own course content and has contributed and/or reviewed multiple publications including ISACA CISA, CRISC and CISM Review Manuals; Risk IT and COBIT® 5 for Risk and Privacy Principles. She also participated in development of the Risk Management and Assurance ISACA Training Week courses.

Martin Green, Esq.

M-Green-3Martin Green is a graduate of the Faculty of Arts and Sciences of the University of Toronto. He is also a graduate of the University of Windsor (Ontario) Law School. He immigrated to the United States in 1974.Martin Green is a senior instructor for MIS Training Institute. He has been a member of the MIS|TI faculty for more than 33 years. His areas of expertise include computer technology, networking, and IT and Data security. His popular seminars include: Network Security Essentials and Advanced IT Audit School. Mr. Green is the principal of Martin H. Green, P.C. Mr. Green concentrates his practice on the representation of companies in matters pertaining to computer technology, data protection, and protection of trade secrets, intellectual property, and copyright law. Mr. Green is a member of the Massachusetts Bar and is a member of the Bar of the Supreme Court of the United States. Mr. Green also maintains an active consulting practice to lawyers and other professional service businesses regarding networking and IT and Data security and related auditing and security challenges. .

Jim Grimes

Jim Grimes James W. (Jim) Grimes started his career in IT with the U.S. Army as a Computer/Mainframe Operator in 1986. In successive years, Jim has held a number of varied positions in IT. They include working in call centers, both as a call agent and supervisor, network administration, critical incident coordination, supporting mainframes & supercomputers, and providing deskside support for PCs. Jim has certifications in CompTIA A+, Network+, Security+, Secure Infrastructure Specialist, IT Operations Specialist, ITIL Foundation, ITIL Intermediate CAP-OSA, ITIL Intermediate Certificate LC-CSI, & Six Sigma White Belt. LeaderQuest logo

James Gross

James Gross James spent 22 years serving our country in the USAF. Two things stand out from his time in the service starting in Basic Training and proceeding through his active duty career. He’s repeatedly been handpicked to train others and has immersed himself in technology to the point of being considered the go-to person for nearly all things IT. Combining those two areas in one job is one of his several dreams come true. James has 21 years of experience, 16 years as part of professional duties and five years full-time. He has certifications in CompTIA A+, Network+, Security+, Server+, CLinux+, CySA+, Cloud+, ITIL Foundation, ITIL Intermediate CSI, ITIL Intermediate OSA, CIW Web Foundations Associate, CIW Web Design Specialist, MTA Windows Operating System Fundamentals, LPIC-1, Novell CLA, MCSA: Windows 7, & SUSE 11 Technical Specialist. LeaderQuest logo

Jeffrey T Hare, CPA, CISA, CIA

J-Hare-3Jeffrey Hare is the CEO of ERP Risk Advisors, a leading thought leadership firm providing risk advisory services for organizations running Oracle Applications. Mr. Hare’s extensive background includes public accounting (including Big 4 experience), industry, and Oracle Applications consulting experience. He has worked in the Oracle Applications space since 1998 with implementation, upgrade, and support experience. Mr. Hare has worked in several international locations, including Australia, Austria, Canada, Mexico, Brazil, United Kingdom, Ireland, Saudi Arabia, Germany, Panama, and United Arab Emirates. Mr. Hare published Oracle E-Business Suite Controls: Foundational Principles in 2018 (a second edition originally published as Oracle E-Business Suite Controls: Application Security Best Practices) and Auditing Oracle E-Business Suite: Common Issues in 2015. He has written white papers and articles, some of which have been published by organizations such as ISACA, the ACFE, and the OAUG. Mr. Hare is also a contributing author for Best Practices in Financial Risk Management, published in 2009.

Peter Higgins, CIA, CRMA

Peter Higgins 3Pete Higgins is a consultant for the MIS Training Institute and principle consultant/trainer for Boston Audit Solutions Group, which specializes in audit and risk management advisory and training services. Prior to starting Boston Audit Solutions Group, Mr. Higgins spent the majority of his career as an internal auditor in financial services, including three years as VP Corporate Audit Professional Practices at State Street Bank, where he was responsible for the research, design, implementation, and continuous improvement of audit methodologies and operating standards for approximately 200 audit professionals. Also at State Street, Mr. Higgins transitioned to the 1st-Line of Defense as VP Risk and Compliance, where he led a team (20+) to provide all facets of risk, compliance and audit/examination support for multiple business lines, geographies, and approximately 1,800 employees.

Lane Hollis, MBA, CPA, CFF

Lane-Hollis-3Lane Hollis is the President and CEO of Hollis, Pleiman and Company, P.A. located in Jacksonville, Florida. Before joining Hollis, Pleiman and Co., P.A., Ms. Hollis worked in the Internal Audit department as a corporate manager at Jacobs Engineering, Inc. While at the corporate office, she served as the lead investigator on numerous forensic investigations in the aerospace, technology, infrastructure, transportation, medical, oil and gas, and pharmaceutical sectors. Before joining Jacobs’ corporate office, she served as the Finance Manager in the program control department on the Cape Canaveral Launch Operations and Support contract for Delta, Titan, and Atlas unmanned rocket launches and with NASA on the Space Shuttle payload processing for missions to the International Space Station. Lane has worked at three of the Big Four accounting firms. She was an Audit Manager at Ernst & Young, LLC. an auditor at Coopers & Lybrand, LLC, and in the audit department at Peat, Marwick and Mitchell, LLC. She has extensive experience as an educator, as she has taught courses in Forensics and Fraud Auditing with MIS Training Institute, advanced accounting and auditing classes at Keiser University, Melbourne, Florida and advanced accounting courses at Southeastern Oklahoma State University in Durant, Oklahoma. She has conducted audits and investigation services, delivered seminars, and made numerous presentations for internal auditors, human resource professionals, and government agencies and companies in North and South America as well as in Europe. Lane is a Certified Public Accountant and Certified in Financial Forensics. The Certified in Financial Forensics (CFF) specialization/credential is awarded by the American Institute of Certified Public Accountants exclusively to qualified CPAs with considerable professional experience in financial forensics. Lane was recently appointed to the Florida Institute of Certified Public Accountants (FICPA) Valuation, Forensic Accounting & Litigation Committee.

Marcia L. Ingino

Marcia Ingino Marcia has more than 16 years of training and development experience in both corporate and educational environments. Her consulting background in the Fortune 500 includes technical engineering and IT experience, progressive management skills in multiple industries, and international training facilitation. She has certifications in PMP, PMI-ACP, and PMI-PBA IIBA-CBAP. LeaderQuest logo

Ken Jaworski, CISSP, CIPP, CIPM

Ken-Jaworski-3Ken Jaworski is a Data Security Specialist for Lochbridge Professional Services specializing in the fields of Data Security, Data Privacy, Business Continuity and Records Retention. He is responsible for a variety of assignments in both the public, private and educational sectors. Mr. Jaworski's present assignment is “Data Security Manager”, supplying enterprise wide expertise in Data Security, Data Privacy and Business Continuity for the City of Detroit. He has implemented his skills both as a practitioner and an instructor. Areas of expertise include: Data Security, Gap Analysis, Business Continuity including Data Centers, Workspace and Workforce recovery Data Privacy, Security Metrics, Project Management, Risk Management, Policy and Procedure Development, Configuration and Change Management, Insuring Secure Outsourcing, Insuring Safe Cloud Computing, Training and Awareness. Many of Mr. Jaworski's accomplishments have been through self-developed tools that assist in Risk Analysis, Privacy Impact Assessments, Business Impact Analysis and Gap Analysis. Prior to joining Lochbride, he had a 31-year career with Detroit Edison. While at Detroit Edison, he worked in the Information Protection organization and helped build the 1996 Information Protection Program of the Year. Prior to entering the Data Security field, Mr. Jaworski spent 18 years as an application developer/supervisor on a variety of systems the most important of which assisted in the operations and maintenance of a Nuclear Power Plant. As an instructor for MISTI since 1996, he has conducted numerous Management Level data security, data privacy and business continuity courses. Besides teaching course in the US, Mr. Jaworski has lead courses in Muscat, Hong Kong, Nigeria, Moscow, Singapore, Mexico, London and Amman. Recently, he was the lead consultant for the development, implementation and eventual maintenance of a nationwide awareness program in the country of Oman.

Stephen Kost

Stephen Kost is the Chief Technology Officer for Integrigy Corporation, which specializes in the securing mission critical databases and ERP applications. He has worked with Oracle products since 1994 in many roles including database administrator, technical architect, IT security auditor and applications administrator. Mr. Kost has been writing about and presenting on Oracle security and auditing since then. Prior to founding Integrigy, Mr. Kost worked at Ernst & Young and Price Waterhouse.

Joel Kramer, CPA

Joel-Kramer-3Joel F. Kramer is Managing Director of the Internal Audit Division of MIS Training Institute. Mr. Kramer joined MIS in 1982, and introduced its highly respected Internal Audit curriculum. In addition, his Audit Managers' and Directors' Symposium, SuperStrategies Conference, and The Audit Leadership Institute executive program are highly acclaimed throughout the internal audit community. Prior to joining MIS, Mr. Kramer was Director of Internal Audit for Instrumentation Laboratory, Inc. He also worked for both The Gillette Company and Coopers & Lybrand. Mr. Kramer was inducted into the Institute of Internal Auditors' American Hall of Distinguished Practitioners in 2013. He is a recognized speaker at international, national, and regional audit conferences. Mr. Kramer has written several articles for The Internal Auditor and Protiviti's KnowledgeLeader. He is a past member of the Board of Governors of the Greater Boston Chapter of the IIA, and currently serves on the Advisory Board of the Louisiana State University Center for Internal Auditing.

Susan Landauer, CPA

Sue Landauer-3Ms. Landauer is a partner in the firm Forensic Accounting Services Group, LLC, which specializes in fraud investigations, prevention and training. Her company is affiliated with the CPA firm Wojeski and Company CPAs, LLP. She is a certified public accountant, with over 25 years of experience in the accounting and the financial services industry. Ms. Landauer has conducted numerous fraud investigations for clients in various industries, including banking, manufacturing, construction and others. She has testified as an expert witness in federal and local courts. She began her career with a big four accounting firm, where she specialized in brokerage, banking, manufacturing, credit union and healthcare clients. She then worked for seven years at one of the nations’ top ten banking institutions, where she functioned as the Vice President and Financial Controller of the Trust subsidiaries and Private Banking department. Most recently Ms. Landauer was the Senior Vice President of the New York State Credit Union League, where she oversaw the Audit Services, Strategic Consulting, Education and Training, Foundation, Business Partners, Member Services and District Relations divisions. She is also a presenter of numerous fraud topics, financial information, internal controls and board of director responsibilities for various organizations, including the MIS Training Institute, CUNA, the Association of Credit Union Internal Auditors (ACUIA), NYSCUL, the New Jersey Credit Union League, The Ohio Credit Union League, the Pennsylvania Credit Union League, the Alabama Credit Union League, the Iowa Credit Union League, and various chapters of the Institute of Internal Auditors and Association of Certified Fraud Examiners, as well as regional conferences for Board of Directors and Audit Committees. Ms. Landauer graduated from Siena College with honors, receiving a Bachelors of Arts in Accounting. She is a licensed Certified Public Accountant. She is a member of the American Institute of Certified Public Accountants, the Association of Certified Fraud Examiners and the Capital District chapter of the Association of Certified Fraud Examiners.

Robert McDonough, CRP, CIDA

Robert-McDonough-3Rob McDonough is the Senior Research Manager of Angel Oak Consulting Group, a risk management consultancy serving the investment, risk management, and capital markets needs of financial institutions. He leads engagements which include investment portfolio performance and risk assessments, financial model validations, and strategic/regulatory stress testing implementations. Mr. McDonough also develops and delivers technical training and executive education for financial professionals in banking, investments, asset management, insurance, and regulation.Mr. McDonough was previously the Chief Risk Officer for Angel Oak Capital Advisors, LLC, an SEC-Registered Investment Advisor (RIA) with over USD 6 billion in assets under management. His responsibilities included developing risk monitoring systems to assess market, credit, and operational risks associated with multiple public and private investment funds. He worked closely with Angel Oak’s trading operations to implement controls for fixed income trade settlement processes including clearing, custody, counterparty due diligence, and collateral/margin management. He was also responsible for managing the internal policy compliance and external SEC regulatory compliance processes for Angel Oak. He is also the President and CEO of Strategic Financial Solutions, Inc., a financial services consultancy specializing in risk management consulting and training for institutions managing market, credit, operational, and other risks. Rob has co-sourced with many internal and external audit groups to develop programs and manage audit engagements for firms with significant investment and derivative trading operations. Mr. McDonough was with the Federal Reserve System for 12 years as an economic analyst and a capital markets safety and soundness examiner. His primary focus was regulatory policy development as well as assessing the condition of large complex domestic and international financial institutions. He has an MBA in Finance and Economics from Georgia State University and a BBA from Emory University in Business Administration. He has completed the CFA level I exam and will be sitting for the Level II exam in 2017. Mr. McDonough has delivered capital markets and risk management seminars and consulting services to financial institutions, trading organizations, central banks, and regulatory agencies across the U.S. as well as in Albania, Argentina, Azerbaijan, Bermuda, Brazil, Canada, Croatia, Denmark, the Republic of Georgia, Hong Kong, India, Ireland, Jamaica, Jordan, Kuwait, Lebanon, Malaysia, Mexico, Morocco, the Netherlands, Nigeria, Poland, Portugal, Romania, Russia, Singapore, South Africa, Trinidad and Tobago, the U.K., and Zimbabwe.

Jacob L. Miller

Jacob MillerOriginally from a small town in Oklahoma, Jacob moved to Denver when he got married and then attended LeaderQuest himself back in 2012. He’s been in the IT field since then. Jacob has his B.S. in Information Technology with a focus in Security. He also has certifications in ITIL Foundation, CompTIA A+, Network+, Security+, Project+, Linux+, CCNA, & IINS.  LeaderQuest logo

Dr. Hernan Murdock, CIA, CRMA


Hernan Murdock is Vice President, Audit Division for MIS Training Institute.  Before joining MISTI he was the Director of Training at a global professional services organization where he oversaw the company’s training and employee development program. Prior to that he was a Senior Project Manager leading audit and consulting projects for clients in the manufacturing, transportation, high tech, education, insurance and power generation industries. 

Dr. Murdock is a Senior Lecturer at Northeastern University where he teaches management, leadership and ethics.  He is the author of Auditor Essentials: 100 Concepts, Tools and Techniques for Success; Operational Auditing: Principles and Techniques for a Changing World; 10 Key Techniques to Improve Team Productivity and Using Surveys in Internal Audits. He has also written articles and book chapters on whistleblowing programs, international auditing, mentoring programs, fraud, deception, corporate social responsibility, and behavioral profiling.  He has conducted audits and consulting projects, delivered seminars and invited talks, and made numerous presentations at internal audit, academic and government functions in North America, Latin America, Europe, the Middle East, and Africa.

William Nealon, CIA, CFE, MBA

W-Nealon-3William J. Nealon is a Senior Consultant for MIS Training Institute. A former Audit Manager for the New York State Comptroller’s Office, Mr. Nealon was responsible for identifying, planning, and overseeing financial, operational, and programmatic audits and studies in the Higher Education, Tax and Health areas of government. His experience includes audits of the State University of New York, the City University of New York, New York State Department of Taxation and Finance and the New York State Lottery. He was the on-site audit supervisor during the $1.5 billion construction of the Nelson A. Rockefeller Empire State Plaza. During his career, Mr. Nealon was also the Chief Auditor of Refunds for New York State where he was responsible for the audit and approval of all personal and business tax refunds issued by the State. A 30-year audit veteran, Mr. Nealon’s career includes extensive experience in planning and designing audits to detect fraud and identify poor controls that increase fraud opportunities. He was involved in fraud scenarios that resulted in convictions, and he is currently developing a college-level fraud audit course. In addition, Mr. Nealon was an Adjunct Professor of Management at the Graduate College of Union University for 15 years, and an Adjunct Instructor at Rensselaer Polytechnic Institute’s Lally School of Management and Technology. He taught courses in accounting and auditing at the graduate and undergraduate levels. Mr. Nealon is a member of the Institute of Internal Auditors and the Association of Certified Fraud Examiners.

Charles Pask, CISSP, M.Inst.ISP

Charles-Pask-3Charles V. Pask is the Managing Director of ITSEC Associates Ltd, responsible for delivering global IT Audit and IT Security consultancy services. He was a founding member of the Institute of Information Security Professionals (IISP) and recognised globally as a thought leader in Information Security and IT Controls.Mr. Pask has over 30 years’ experience in IT, IT audit, and IT security, and has previously held Senior IT Auditor positions at Forward Trust Group (subsidiary of HSBC) and Alliance & Leicester Bank plc, and also Group Head of Information Security for Alliance & Leicester (10 years). Mr Pask was the Global Head of Strategy, Development and Globalisation for the BT Business Continuity, Security and Governance Practice. He was previously a Director with MIS Training, and Director of Information Security Institute (ISI) European and Middle East e-Security Services (2000-2). Mr. Pask has been a member of the ITSEC Common Criteria team working with the UK Government, and a committee member of the APACS Security Advisory Group and the LINK Security Group helping to regulate the UK Financial systems. Mr Pask provides IT Audit and Information Security related consultancy services as well as public training courses, in-house training courses, conferences and symposiums. He is recognised as an industry expert on the ISO27000 standards, COBIT, SP800-53, ISO22301, Risk Management, ISC2 CBK, PCIDSS, NIST standards and other Information Security related legislation, regulation and compliance requirements. Mr Pask’s clients includes a number of well-known organisations: Royal Court Affairs, Oman; United Nations (Geneva, New York, Brindisi, Nairobi); Lloyds TSB Bank; KPMG; Unisys; and Intrum Justitia. Mr Pask has Chaired and Co-chaired the prestigious Chief Information Security Officers (CISO) conferences in Europe, Africa and in the Middle East. He has spoken at a number of conferences, including CISO, WebSec, Compsec, the International Security Managers Symposium, and various ISACA events. Mr Pask delivers a number of MIS Training Institute’s IT Audit and Security training program in USA and EMEA. He has also previously been a Senior Instructor for ISC2 in EMEA for CISSP exam training classes. Mr Pask has personally helped over 400 students globally achieve the CISSP training exam.

Keith Pennifold, ACDA

Keith-Pennifold-3Keith Pennifold has been an ACLTM Certified Trainer since 1999 and became a Certified Master Trainer in 2004. As an ACL Certified Master Trainer, he has developed new trainers and helped them achieve their ACL Certified Training designation. Mr. Pennifold has delivered ACL training and consulting to multi-national, government, and financial clients worldwide. Prior to that, Keith worked as an Internal Auditor for a natural gas company where he was introduced to, and gained extensive experience in, the advantages of using ACL as an audit tool. Keith has over twenty years of experience in accounting and audit. He has held senior positions in both the US and Europe, including roles as Controller and Vice President of Finance. Keith is an ACL Certified Data Analyst (ACDA). .

Michael Podszywalow, MBA, CISSP, CISM, CISA, CEH

Podszywalow.Michael 3Michael Podszywalow, Founder and Security Consultant, SpyByte, LLC, performs technical and physical security assessments, including traditional penetration testing and specialized blended threat assessments, through his information security consulting business at SpyByte, LLC. Mr. Podszywalow’s specialty includes helping clients identify weaknesses in their security posture by applying a blended threat approach to targeting information. With a direct focus on protecting and defending critical assets, this approach helps businesses assess, implement, and manage security effectively. He earned an MBA degree from Indiana University and provides an array of security consulting services including assistance with IT Regulatory Compliance. He also works as a Director of Risk Management for Best-One Tire & Service. Mr. Podszywalow has worked as the Information Security Officer for Tower Financial Corporation. He was responsible for all facets of the information security program where he was routinely involved in risk assessments, awareness programs, business continuity, penetration testing, and policy/compliance with GLBA, SOX, PCI and other security requirements. His other areas of expertise include incident response, penetration testing and security awareness training. In the past, Mr. Podszywalow worked as a member of an information security team for Tetra Pak Global Information Management. The team was responsible for implementing physical and information security solutions to affiliated locations around the globe. Through this position, Mr. Podszywalow developed a unique understanding of the cultural implications of information security. Mr. Podszywalow's past work experiences cross national boundaries. He has lived in six countries and his international work experience includes assignments in Canada, Western and Eastern Europe, Singapore, Brazil, and Taiwan. He is a citizen of the United States, Canada, and Poland and speaks several languages.

Tony Redlinger, CIA, CISA, CISSP, CFE

Keith-Pennifold-3Tony Redlinger, CIA, CFE, CISA, CISSP, has more than 20 years of IT audit experience in industries ranging from financial services to nuclear science. He is currently a Senior Audit Manager for IHS Markit, a global information company headquartered in London, where his primary responsibility is management of the IT audit function. Over the course of his IT audit career, Mr. Redlinger has participated in a wide variety of audit activities, including multiple acquisitions and data center consolidations, Y2K readiness assessments, annual information security assessments based upon British Standard 7799 (ISO/IEC 27002), internal audit quality assessments, managing a SAS 70/SOC 1 initiative, launching anti-fraud program, and serving as a member of a security steering committee. He has presented on audit and security topics for IIA, ISACA, IMA, and PMI chapters as well as at conferences for the MISTI. He is a graduate of the University of Iowa.

David Richards, CIA, CPA

David-Richards-3David A. Richards is the former President of The Institute of Internal Auditors (IIA) and served as a member of The IIA International Board of Directors for more than 17 years. After holding various vice chairman positions on the board, he was elected the 2001-2002 IIA chairman of the board. In 2004, he was recognized for his extraordinary service to the association with The IIA’s prestigious Victor Z. Brink Award for Distinguished Service. Prior to his tenure as President of The IIA, Mr. Richards was Chief Audit Director at FirstEnergy Corp., the seventh largest investor-owned electric utility serving over four million customers in the Ohio, Pennsylvania and New Jersey areas. As CAE for FirstEnergy, he oversaw the planning, performance, resolution, reporting and implementation of the work of 30 auditors. During his 33 years at FirstEnergy, Mr. Richards served in a variety of capacities, including Supervisor of Accounts Payable, and Accountant in General Auditing, Project Team Leader for three merger transition teams, Y2K Project Leader and SOX Project Team Leader. He also oversaw the annual compliance process for the FirstEnergy Code of Conduct, initiated a Corporate Compliance Program and assisted in the development of the FirstEnergy’s Enterprise Risk Management Program. In addition, Mr. Richards served five years as a member of the COSO Board of Directors during the period when the COSO documents on Enterprise Risk Management Integrated Framework (2004), Internal Control over Financial Reporting Guidance for Small Businesses (2006) and Guidance on Monitoring of Internal Control Systems (2009) documents were issued. He served two years on the Audit Board for the City of Orlando and was a member of the Edison Electric Institute Internal Auditing Committee for more than 24 years, including one year as chair.

Rita Roberts, ACDA, CISA

Rita-Roberts-3Rita Roberts is an ACLTM Certified Master Trainer and has been instrumental in helping clients apply ACLTM to meet their data analysis requirements throughout North America, specializing in the banking & finance and healthcare industries. Rita has many years of Information Systems’ audit experience with organizations in healthcare, hospitality, financial services, and public accounting. Rita has a Bachelor of Science with concentration in Finance from the McIntire School of Commerce at the University of Virginia, and was previously named in Who’s Who in the Computer Industry. She is a Certified Information Systems Auditor (CISA) and is also an ACLTM Certified Data Analyst (ACDA).

Fred Roth, CISA

Fred-Roth-3Fred C. Roth is a Senior Instructor for MISTI. He is a frequent speaker at international conferences and delivers IT control and security training on a worldwide basis. As the former Vice President of MISTI's IT Audit Division for 15 years, he facilitated and coordinated the IT Audit curriculum. Previously, as IT Audit Manager at Eastman Kodak Company, he had worldwide responsibility for planning and coordinating Kodak’s IT audits in the United States, Asia, Europe and South America. Mr. Roth was a key player in Eastman Kodak’s successful worldwide SAP implementation, where he was responsible for the Corporate Audit partnership on the project and for assessing controls during system design and implementation.

Thomas Salzman, CISA, ITIL

Tom-Salzman-3Thomas Salzman is IT Audit Manager for Illinois State University, where he manages all computer audits conducted by the University. His responsibilities include working with educational and administrative departments throughout the University to prepare and streamline IT policies and procedures, improve operational processes and controls, and develop methodologies for managing computer resources. His work requires him to be skilled in telecommunications controls, application management, computer intrusion, security management, and application design and development. A much in-demand speaker, Mr. Salzman teaches a variety of computer management and audit topics worldwide. He has presented numerous IT courses throughout the world, including the USA, Panama, Canada, Argentina, England, Hungary, Indonesia, Turkey, United Arab Emirates, Kuwait, Singapore, Japan, Guam, Puerto Rico, Cyprus, Trinidad and Tobago, and Guyana. Mr. Salzman develops and conducts IT audit courses for MIS Training Institute. Most recently, he also has been conducting IT audit and control webinars with MIS Training Institute. Mr. Salzman is the recipient of the College and University Auditors Excellence in Service Award and is honored to be an original member of the Association of College and University Auditors Faculty. He also has served on the faculty of DePaul University in Chicago. Mr. Salzman has assisted a number of financial institutions, manufacturing concerns, universities, government agencies, and energy companies with building new IT and IT audit functions from scratch. Previously, Mr. Salzman was Director of Professional Services for the Information Systems Audit and Control Association (ISACA) where he was responsible for establishing and supporting its worldwide network of educational programs, conferences, and special events. He also served as editor and co-author of the ISACA CISA Review Manual. Prior to joining ISACA, Mr. Salzman was with Coopers & Lybrand, heading their Technical Training & information Security practices. Mr. Salzman has been President of the Institute of Internal Auditors NW Chicago Chapter, and Treasurer of the IIA Central Illinois Chapter.


MSiero-3Mary Siero is Senior Instructor for MISTI. She is an executive level Information Technology Consultant and the President of Innovative IT, a leading North Carolina based information technology consulting firm that specializes in IT operational, compliance and security consulting.Ms. Siero’s career includes ten years in healthcare as a Chief Information Officer and five years in the gaming industry as Vice President of IT Operations, both heavily regulated industries. She has over 40 years’ experience in engineering and technology from industries such as Healthcare, Government, Education, Gaming and Hospitality, Consumer Products, and Manufacturing.Ms. Siero is active in the information system security community and has provided testimony on the record for the State of Nevada Information Technology Board regarding The Current and Future Cyber Threat. She routinely presents at national conferences on information technology topics; holds several professional IT security certifications including CISSP, CISM and CRISC; and is the author of Safeguarding Your Organizations Data: A Call to Action. She is a Charter Member of the FBI Citizen’s Academy Alumni Association in Las Vegas, , and is a member in good standing of the International Information Systems Security Certification Consortium (ISC)2, the Information Systems Security Association (ISSA), , the Information Systems Audit and Control Association (ISACA), and the North Carolina Technology Association She is a graduate of the University of Detroit with a Master’s Degree in Polymer Chemistry and a graduate of Michigan State University where she obtained her Bachelor’s Degree in Chemistry.

Marilyn Stanton, MSOD, ICC

Marilyn-Stanton-3Ms. Stanton is the Managing Partner of Illuminated Consulting LLC a leadership coaching, strategic change, and people development firm based in San Francisco. She specializes in coaching global leaders on reaching their full potential and in customized consulting with worldwide clients on implementing strategic change, aligning their organization to achieve business strategy, and on building productive workplaces with effective interpersonal interaction and with cross-functional and intact teams. Ms. Stanton’s 25 plus years of international and North American experience includes working on management and infrastructure strengthening, implementing a systems-wide internal controls framework (COSO) and Talent Management Strategy at the 12th District Federal Reserve Bank, and consulting to Fortune 500 firms in the manufacturing, retail, high-tech, and bio-tech sectors on developing global leaders and workforce, strategic change initiatives such as SOX implementation, private payments network installation, global supply chain redesign, key meeting facilitation, and IT systems implementation. Her firm also specializes in assessing and developing intercultural leadership competencies to reduce business risks associated with miscommunication and mistrust in critical international or domestic multicultural business relationships. Ms. Stanton has also been an instructor at the college and university level for 20 years where she taught various courses on organizational change and doing business globally. She holds a MSOD (Masters of Science in Organization Development), certified ICF PCC Leadership Coach trained by ICC and CTI with over 2500 hours of coaching, and is a member of both the US and European Organization Design Forum (ODF).

Alan Sugano

Alan-Sugano-3Alan Sugano is a Sr. Instructor for MISTI. He attended California State University, Northridge (CSUN) and graduated with a double major in Management Information Systems (MIS) and Management Systems Analysis (MSA). After graduation, he worked at Coopers & Lybrand (now Price Waterhouse Coopers) for several years in their Microcomputer Advisory Services Group (MAS) as a consultant. Mr. Sugano is now the President of ADS Consulting Group, Inc. (ADS) and ADS Cloud. Founded in 1991, ADS specializes in Security, Networking, Server Virtualization, Workstation Virtualization, Application Virtualization, Exchange, Custom Programming, PCI Compliance, Web Development, SharePoint and SQL Server Development. Mr. Sugano has given talks on Virtualization, Storage, Network Audits/Security, Troubleshooting, Server Selection, Network Documentation, Network Management, Network Design and Topologies, SQL Databases, Disaster Recovery and Cloud Migration. He speaks at IT/DevConnections Conferences, sponsored by Windows IT Pro Magazine. ADS Cloud was started in 2013 and is hosted at Switch Las Vegas. It is a private Cloud and Backup Service that is VMware vCloud Director based and has 100% uptime since 2013. Mr. Sugano leveraged his IT Infrastructure expertise to build a highly secure, scalable, customizable and flexible Cloud Infrastructure for ADS Cloud Clients.Mr. Sugano is a Contributing Editor for Windows IT Pro and has articles published in the magazine several times a year. He wrote a book titled the Real-World Network Troubleshooting Manual, which is a practical guide to network troubleshooting. Mr. Sugano was a Microsoft Most Valuable Professional (MVP) in Connected System Developer from 2004 to 2008. Mr. Sugano teaches Virtualization and Active Directory Security Classes for MISTI several times a year.

Sarah Swanson

Swanson Sarah 3Sarah Swanson is the founder of Tumbleweed Writing and a consultant for MIS Training Institute. As a professional writer and editor, she has 17 years experience in technical, marketing, and audit report writing. In 2005, Ms. Swanson joined Hewlett Packard’s Internal Audit team. At HP, she saw that auditors often struggled to write final reports. She committed herself to making the writing experience better. Sarah takes a simple, formulaic approach to writing with focus on content, grammar, and brevity. Her goal is to empower auditors to take command of their writing and create impactful reports that get released on time. The trainings she created for HP led her to working with other companies including Corporate Executive Board, Audit Directors Roundtable, various chapters in The IIA, and multiple private and public corporations throughout the world.

Kenneth Tanner

Ken TannerKenneth is an IT professional with 20+ years of extensive hands-on experience in networking, telecommunications, systems administration, and the security thereof. Kenneth has provided training on systems he deployed to audiences including both non-technical end users to highly technical support personnel. He has worked for Hughes Training, a division of Hughes Electronics Ltd, the University of Alabama System, LSU Health Sciences Center, and various private companies as a consultant. Kenneth received his BSEE & MSEE from The University of Alabama at Birmingham. He has certifications in CISSP, CEH, ITIL Foundation, CompTIA CSAE, CSAP, CSA+, Security+, Network+, Cisco CCNA Routing and Switching, CCNA Voice, and CCDA, & Rapid 7 Metasploit Pro Certified Specialist Nexpose Certified Administrator. LeaderQuest logo

Jim Tarantino, CISA, CRISC, ACDA

Jim-Tarantino-3Jim Tarantino is a Manager at RSM, one of the largest accounting and consulting firms in the world. He has over 20 years of information technology, analytics, audit and GRC experience with a recognized expertise in developing solutions to enable data-driven auditing, risk assessment and investigations. Prior to joining RSM, he was the Client Solutions Director for High Water Advisors, a consulting firm specialized in using technology to help organizations improve governance, risk management, compliance (GRC) and audit processes. He has also held a number of GRC practitioner roles including Solution Lead/Practice Manager for ACL Services, Senior Auditor at RTI International, and various management positions at Nortel Networks implementing a HR analytics program. Mr. Tarantino holds a bachelor’s degree in Psychology and master’s degree in Industrial/Organizational Psychology from North Carolina State University. As a member of the IIA, ISACA and ACFE, he participates in local chapter activities, including serving as an instructor for CISA certification exam preparation seminars.

Richard Tarr, CISA, CIA

Richard-Tarr-3Richard H. Tarr is an audit and information systems (IT) veteran. As an audit and information systems consultant and President of Richard Tarr and Associates, his consulting practice specializes in: the development and training of integrated internal auditing functions; internal audit quality assurance reviews; and application and general control reviews. His extensive experience includes the development, training, and evaluation of internal audit departments in government, industry and higher education with more than 100 external quality assessment reviews over the past 20 years. Previously, he was the Manager of Quality Assurance Review Services for the Institute of Internal Auditors (IIA) and was with the Walt Disney Company for 10 years.

John Verver CPA, CISA, CMC

John-Verver-3John Verver is the Global Director of Analytics Strategy with High Water Advisors. Previously, he was a vice president with ACL, with overall responsibility for ACL’s product and services strategy, as well as for relationships with key organizations in the audit, compliance, risk, and control market. His responsibilities at ACL included leadership and growth of ACL’s professional services organization, including consulting, training and technical support. John is acknowledged as an expert authority and domain thought leader on audit analytics and continuous controls monitoring and led the overall development of ACL's original CCM product suite. He is regularly asked to speak at global audit and control conferences and is an inaugural member of the Center for Continuous Auditing's advisory board. John was a key contributor to the Institute of Internal Auditor's Global Technology Audit Guide #3 on continuous auditing and controls monitoring. Prior to joining ACL, John spent 15 years with Deloitte in the UK and Canada. During his tenure, he was director of computer services, with responsibility for IT audit and security services, as well as accounting systems consulting and implementation. He subsequently became a principal, responsible for building and managing the business system development and implementation practice in British Columbia. John is a Chartered Professional Accountant, Certified Management Consultant and Certified Information System Auditor. He has served on the Council of the Institute of Management Consultants of B.C. and on a variety of committees of the Institute of Chartered Accountants of B.C. He has an honors degree from King's College, University of London, England.

Leonard Vona, CPA, CFE

L Vona-3Leonard W. Vona is the CEO of Fraud Auditing and cited by Wiley as a world- renowned authority in fraud auditing. He is the author of Fraud Risk Assessment: Building the Fraud Audit Program, The Fraud Audit: Responding to the Risk of Fraud in Core Business Systems, and Fraud Data Analytics Methodology: The Fraud Scenario Approach, published by Wiley. A forensic auditor with more than 38 years of diversified forensic auditing experience, he has provided more than 1,500 days of fraud training around the world in over thirty-seven countries and 48 states. Mr. Vona has provided fraud auditing consulting services regarding fraud risk assessment, fraud auditing, and fraud data analytics for some of the largest organizations in the world. He has provided expert witness testimony in federal and state courts and consulted with corporations around the world. His financial investigation experience includes embezzlement, economic damage, asset theft, bribery, intellectual property, and various disbursement schemes. Mr. Vona’s trial experience is extensive, including appearances in federal and state courts. He has been cited in West Law for the successful use of circumstantial evidence as establishing evidence of embezzlement. He previously has instructed for the National Association of Certified Fraud Examiners, Lally School of Management at Rensselaer Polytechnic Institute, and wrote the class ‘Auditors Responsibility for Detecting Fraud – SAS 99’, used by CPA societies across the country. His international training experience spans five continents and includes training through interpreters in the languages of Spanish, Portuguese, and Russian.Mr. Vona graduated from Siena College with honors, receiving a Bachelor of Business Administration in Accounting. He is a member of the American Institute of Certified Public Accountants and the National Association of Certified Fraud Examiners. He was the 1994 President of the N.Y. Capital Chapter of the Association of Government Accountants and the founding President of the Albany Chapter of Certified Fraud Examiners.

Tom Winson, CPA, ACDA

Tom-Winson-3Tom Winson is a consultant with RSM, a global accounting firm. As part of RSM’s data analytics practice, his focus is on applying analytics to improve organizations’ risk assessment, governance, compliance, and internal audit capabilities. Prior to joining RSM, he was an external financial auditor for seven years at a regional public accounting firm based in Dallas-Fort Worth. Within the last five years, he helped establish the firm’s data analytics practice by developing all aspects: from establishing strategy and standards, to development of a cohesive set of processes. He has experience with developing analytics systems for audit organizations as well as developing specific analytics as a consultant to assist organizations in various areas such as inventory, expenditures, and fraud detection. Mr. Winson holds a Bachelor’s Degree in Electrical Engineering from the University of South Florida and a Master’s Degree of Professional Accounting from the University of Texas, Arlington. He is a CPA and an ACL Certified Data Analyst.

William Woodington, CPA, CIA

WWoodington-3Mr. Woodington is President of Woodington Training Solutions, LLC. He spent 18 years managing the Learning & Development (L&D) function for Wells Fargo Audit & Security before starting his own business, which delivers internal auditing and professional development training. He is based in Minneapolis and holds a CPA, CIA, and CRMA, with a bachelor’s degree in Accounting and a master’s degree in Finance. He is also a member of the Institute of Internal Auditors (IIA) and Association for Talent Development (ATD). Mr. Woodington spent four years as an Audit Specialist supervising audit projects prior to moving into the L&D position at Wells Fargo. Prior to that, he worked for First Bank System and Deloitte and Touche. In his position at Wells Fargo, he was responsible for teaching the core curriculum classes (New Hire Orientation, Auditor In-Charge Training, CIA Exam Review, Effective Writing, Situational Leadership, and Leadership 101) to Wells Fargo’s Audit staff. He was also responsible for developing and delivering virtual training related to audit topics, and managing Audit & Security University at Wells Fargo. Mr. Woodington has taught seminars for the Institute of Internal Auditors (IIA) and MIS Training Institute (MISTI) He is certified by the IIA to teach CIA Exam Review. He is also certified by the Ken Blanchard Companies to teach Situational Leadership II.