Tiffany is a Managing Director and the National Cybersecurity Practice Leader for CBIZ. She brings extensive IT audit, consulting, and cybersecurity experience across multiple sectors. Her experience includes leading IT audits focusing on controls and security for the government and private sectors, primarily on assessing the security and reliability of systems and networks, and compliance with state and federal laws and regulations, various security frameworks and best practices. She has led a variety of engagements including risk and security assessments, cybersecurity assessments (internal and external network, and web application vulnerability assessments and penetration testing), wireless network and mobile device security assessments, social engineering assessments, IT general and application control reviews, Systems and Organization Controls (SOC) 1 and SOC 2 reports, compliance attestations, and performance audits.
She has successfully executed various IT and cybersecurity engagements for small, mid-size, and large organizations for a range of industries, including financial services, healthcare, education, utilities, manufacturing, telecommunications, construction, and several types of state and local government clients.
Tiffany has abundant knowledge and experience with the HIPAA Privacy, Breach Notification, and Security Rules, as well as other criteria such as FISCAM, NIST (800-53 and Cybersecurity Framework), PCI, CIS, FERPA, CJIS, and IRS Pub 1075 requirements. Tiffany also has in-depth experience in conducting and leading IT audits and consulting engagements under IIA, AICPA, and Government Auditing Standards.