Tiffany is a Director in the national Risk and Advisory Services Practice for CBIZ who brings extensive IT audit, consulting, and cybersecurity experience across the private and public sector – including many education, commercial, healthcare, and government clients. Her experience includes leading projects focusing on controls and security, primarily on assessing the security and reliability of automated systems and compliance with state and federal laws and regulations, and industry best practices. She has led a variety of engagements including risk and security assessments, cybersecurity risk assessments, IT general and application control reviews, SOC 1 and SOC 2 audits, vulnerability assessment and penetration testing services, compliance attestations, and performance audits.
She has also successfully executed various audits and consulting engagements for large organizations, including internal audit divisions at higher education institutions, as well as other types of assessments for a range of industries, including oil and gas, manufacturing, industrial markets, investment firms, and financial services.
Tiffany has abundant knowledge and experience with the HIPAA Privacy, Breach Notification and Security Rules, as well as other criteria such as FISCAM, NIST, PCI, CIS, FERPA, and IRS Pub 1075 requirements. Tiffany also has in-depth experience in conducting and leading IT audits and consulting engagements under IIA, AICPA and Government Auditing Standards.