Peter is a director with Baker Tilly’s risk advisory public sector practice. He has more than 25 years of information technology (IT) audit and IT risk and compliance consulting experience with three top 10 firms, and industry experience in the public sector and Fortune 500. Stays current on new industry technologies, risks and regulatory compliance requirements. Experienced in leading managers and other team members and serving as a client relationship manager.
In addition to his experience working with three top 10 firms, Peter has served in various IT audit roles for state government agencies and a Fortune 500 retailer, where he led and supervised multiple IT security audits, IT general controls audits and IT systems development audits.
- Led and supervised IT risk and compliance projects with more than 40 public sector entities, including IT security audits for sensitive systems and independent assessments for third-party cloud hosted sensitive systems, to assess compliance with industry best practice standards such as NIST (Publication 800-53 and NIST Cybersecurity Framework)
- Led and supervised multiple annual IT audits for internal audit outsourced public sector clients
- Led and supervised a business resiliency project for a public sector client that included more than 50 project stakeholders, and focused on delivering a revised business impact assessment (BIA), business continuity plan (BCP) and disaster recovery (DR) plan for the client
- Led and supervised multiple Independent Verification and Validation (IV&V) engagements for public sector clients to assess compliance with project management standard (CPM 112) requirements
- Led and supervised a general controls IT risk and compliance engagement, which resulted in improvements to the organization’s IT security governance framework
- Led and supervised annual third-party IT supplier security assessments at a Fortune 500 client, in which the project team performed up to 70 security assessments per year
- Managed multiple projects at a top 10 bank, to measure IT risk health and support MRIA remediation
- Led multiple SOC 1 and SOC 2 Type 1 and Type 2 Audits in the technology, healthcare and insurance industries
- Led and supervised multiple SOX IT general controls assessment engagements for clients in the banking and insurance industries
- Information System Audit and Control Association (ISACA)
- Institute of Internal Auditors (IIA)
- Association of Government Accountants (AGA)
- Association of Local Government Auditors (ALGA)
- Delivered numerous IT risk and compliance focused presentations at CPE events across multiple states for organizations such as ISACA, IIA and the AGA
- Authored an IT whitepaper focused on the best practices for IT systems development
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Manager (CISM)
