Tiffany is a Director in the national Risk and Advisory Services practice and leads the national Cybersecurity Practice for CBIZ. She has extensive IT audit, consulting, and cybersecurity experience across the private and public sectors. Her experience includes leading projects focusing on controls and security, primarily on assessing the security and reliability of automated systems and compliance with state and federal laws and regulations, and industry best practices. She has led a variety of engagements including risk and security assessments, cybersecurity assessments, IT general and application control reviews, SOC 1 and SOC 2 audits, vulnerability assessment and penetration testing services, social engineering campaigns, and compliance and performance audits.
She has also successfully executed various audits and consulting engagements for many large organizations, including internal audit divisions for a range of industries, including oil and gas, manufacturing, industrial markets, investment firms, banks and financial services.
Tiffany has abundant knowledge and experience with the HIPAA Privacy, Breach Notification, and Security Rules, as well as other criteria such as FISCAM, NIST, PCI, CIS, FERPA, ISO 27001, and IRS Pub 1075 requirements. Tiffany also has in-depth experience in conducting and leading IT audits and consulting engagements under IIA, AICPA, and Government Auditing Standards.