Director, Financial Institutions Group – Audit and Information Technology Assurance
Over twenty-two years of experience providing audit and information technology assurance services.
Catherine evaluates and designs internal control processes and system management designs for financial institutions, service organizations, health care insurers, technology vendors and manufacturers. She has designed audit programs to comply with Federal Financial Institutions Examination Council, Sarbanes-Oxley Section 404, Model Audit Rule for Health Care Insurers, Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act of 1999, and various regulatory standards. She is also experienced providing internal and external vulnerability assessments, penetration testing, information technology general controls reviews, Sarbanes-Oxley Section 404 compliance assessments, Model Audit Rule assessments and SSAE 16 engagements (formerly SAS 70 – Reports of Third Party Service Providers).
Catherine is a current member of the American Institute of Certified Public Accountants (AICPA) Information Technology Executive Committee, and a former member of the AICPA Risk Assessment Task Force. She has published several articles on information security and internal controls and is a contributor to the AICPA Audit Guide "Assessing and Responding to Audit Risk in a Financial Statement Audit."
Bachelor of Science Degree – University of Detroit-Mercy
Master of Science Professional Accountancy – Walsh College of Accountancy
