With a strategic mindset, a client-first approach and over 30 years’ experience, I specialize in transforming complex IT environments and regulatory challenges into opportunities for efficiency, clarity, and long-term value.
My mission is to provide actionable, high-impact audit and compliance solutions to:
- Enhance operations,
- Strengthen governance,
- and Reduce risk.
I take pride in being a trusted advisor—working collaboratively with clients to align IT controls with broader business goals and support their path to sustainable success.
Whether navigating regulatory frameworks or optimizing internal processes, I bring a proactive, business-minded approach to every engagement—committed to delivering excellence, insight, and impact at every step.
My mission is simple: help you turn audit, risk, and compliance into strategic advantages. I provide clear insights, close gaps, and support your teams in building a more secure, reliable, and compliant technology environment—without unnecessary complexity.
Let’s raise the bar on IT controls—together.
Oklahoma-based business
Expert Guidance
With a wealth of experience, I provide expert guidance in IT auditing, ensuring compliance and risk management are seamlessly integrated into your business strategy.
Tailored Solutions
I develop tailored solutions that address your unique challenges, enhancing operational efficiency and aligning IT controls with your business objectives.
Proactive Approach
My proactive approach focuses on identifying potential risks early, allowing for effective mitigation strategies that safeguard your organization.
EDUCATION & CERTIFICATIONS
⚡CISA – Certified Information Systems Auditor (Since 2013)
⚡CISM – Certified Information Security Manager (Since 2018)
⚡Former certified network engineer who installed & supported networks and systems around the country for over 10 years.
TECHNICAL & GOVERNANCE CAPABILITIES
IT Governance, Risk & Compliance Leadership
Enterprise GRC program design and oversight, regulatory alignment, risk-based audit planning, control rationalization, and executive reporting.
IT Audit & Assurance
Risk-based IT audit execution across infrastructure, cybersecurity, cloud, applications, and ITGC/SOX environments; external audit coordination and remediation leadership.
Third-Party & Vendor Governance
Vendor due diligence, contract risk review, ongoing compliance monitoring, and procurement control standardization.
Cybersecurity Program Oversight
Design and maturity assessment of cybersecurity programs aligned to NIST CSF, NIST 800-53, PCI, HIPAA, and privacy frameworks; current-to-target posture analysis and strategic roadmap development.
Cloud & SaaS Risk Management
Governance and control assessments of cloud and SaaS environments using NIST 800-53 and CSA CCM; third-party assurance and shared responsibility evaluation.
Regulatory & Data Privacy Compliance
Operationalization of regulatory requirements (SOX, HIPAA, PCI, GLBA, CCPA, SEC Rules, etc.); control mapping across frameworks to reduce redundancy and strengthen compliance efficiency.
Enterprise Risk & Control Management
IT and business risk assessments, control design and validation, remediation tracking, and continuous monitoring.
Business Continuity & Operational Resilience
Business Impact Analysis (BIA), BC/DR program development, resilience testing, and recovery strategy implementation.
Technology Infrastructure & Architecture Insight
Former certified network engineer and IT Director with deep understanding of enterprise networks, Active Directory, Windows/Linux systems, and secure architecture design.
Data Analytics & Audit Automation
Advanced Excel (Power Query, macros, dashboards), Power BI, analytics-driven auditing, continuous monitoring techniques, and process automation delivering measurable efficiency gains.
Enterprise Applications & Platforms
Governance, audit, and operational experience across SAP S/4HANA, Oracle NetSuite, ServiceNow, Salesforce, Workday, Origami Risk, SQL Server, and related enterprise systems.
IT Strategy & Executive Leadership
Former CIO/IT Director with experience in strategic planning, budgeting, organizational leadership, vendor negotiations, and aligning technology initiatives with business growth.
PRIOR IT EXPERIENCE ESTABLISHED CREDIBILITY, ENHANCING SUPPORT AND AUDIT EFFECTIVENESS 
THIRD-PARTY VENDOR REVIEW DELIVERED $350k SAVINGS & PROCESS EFFICIENCY 
EXCEL SCRIPT IDENTIFIED OVER $3M IN DUPLICATE VENDOR PAYMENTS 
HIGH-RISK ACCESS SECURITY ISSUES IDENTIFIED WITHIN HR SOX APP FOR 20+ EXECUTIVE MGMT. ACCOUNTS 
SUCCESSFULLY ESTABLISHED IT AUDIT PROGRAM AS THE COMPANY’S FIRST IT AUDITOR 
CROSS-TRAINED AUDIT TEAM ON IT AUDITS, ADDING TO RESOURCE CAPABILITIES & IMPROVING AUDIT EFFICIENCY 
LONG-TERM VALUE ACHIEVED WITH SOX DATA COLLECTION & REVIEW PROCESS AUTOMATION 
“HANDS-ON” AUDIT PREP ENHANCED AUDIT VALUE AND HELPED TO BUILD TRUST WITH IT SYSTEM ADMINS FOR INITIAL LINUX SERVER STANDARDS AUDIT 
AUDIT FINDINGS HELPED TO AVERT CRITICAL SYSTEM FAILURE 
IT SERVICE DELIVERY AUDIT ENHANCED WITH YoY KPI/KRI COMPARISONS DASHBOARD AND AUTOMATION, IMPROVING AUDIT EFFICIENCY & VALUE 
EFFECTIVE CLOUD COMPUTING AUDIT PROGRAM DEVELOPED FOR ASSESSING COMMON, HIGH-RISK AREAS WHERE CONTROL ISSUES ARE OFTEN IDENTIFIED 
STRENGTHENED IT RELATIONS | ENHANCED TRUST | VALUE ADDED— PARTNERED WITH IT IN CRITICAL SAP CLOUD MIGRATION PROJECT 
SUCCESSFULLY INCREASED AWARENESS & “RAISED THE BAR” ON APPLICATION CONTROLS BY PARTNERING WITH BUSINESS APP OWNERS IN PROJECT TO REVIEW 25 EXISTING SaaS SOLUTIONS 
INCREASED AWARENESS & MITIGATED RISK BY PROVIDING SOC1 / SOC2 REVIEW PROCESS TRAINING TO SaaS APPLICATION OWNERS 
SIGNIFICANTLY REDUCED TECHNOLOGY COST WITH ENHANCED PROCUREMENT PROCESS & CONTRACT STANDARDS FOR NEW AND EXISTING VENDORS 
CYBERSECURITY FRAMEWORK-BASED AUDIT PROGRAM, ANNUAL REVIEWS & COMPARISON REPORTING SUCCESSFULLY IMPLEMENTED (THANKS TO STRONG CISO & INFORMATION SECURITY TEAM SUPPORT!) 
BUSINESS CONTINUITY & DISASTER RECOVERY AUDIT GREATLY STRENGTHENED BUSINESS RESILIENCE 
SUCCESSFULLY HELPED CLIENT TO ACHIEVE FIRST YEAR SOX COMPLIANCE AFTER BEING BROUGHT WITH ONLY 6 MONTHS BEFORE COMPLIANCE DEADLINE 
ENHANCED AUDIT PROCESS FOR REVIEWING ACTIVE DIRECTORY USERS AND GROUPS 
IMPLEMENTED “COLLECT ONCE, COMPLY MANY” DATA COLLECTION PROCESS SAVING VALUABLE TIME AND MONEY