Professional Bio

 
 

 
 
Michael Porier
Managing Director
michael.porier@protiviti.com
+1.713.314.5030
Business Card(vCard)
 
 
Professional Background
Michael Porier is a Managing Director in Protiviti’s Houston office specializing in executing and managing information technology risk consulting engagements since 1994. His expertise includes evaluating the risks and controls related to managing a company’s enterprise-wide technical processes, performing detail security assessments, and implementing business continuity solutions. He has experience in various industries, but has specific expertise in the energy and government services areas.
 
He leads the IT Security, Privacy, and Business Continuity Management solution segments, overseeing related assessments and remediation projects for clients. On these topics, he has presented at numerous conferences, published various articles, and has been interviewed by industry periodicals and local newspapers.
 
Representative Engagements Include
  1. Has performed detailed technology security audits and business continuity projects for multiple Oil & Gas companies evaluating controls related to various aspects of the organization’s technical infrastructure. These projects consisted of an analysis of the existing control structure, reviewed for vulnerabilities, and assisted in the implementation of remediation solutions. Security evaluations consisted of internal and external IT vulnerability assessment, privacy reviews, Active Directory evaluations, and Internet application security assessments
  2. Worked with multiple Oil & Gas companies to create, evaluate, and test technical controls related to Sarbanes-Oxley compliance. This involved working with external audit and client personnel to derive appropriate controls for each client’s unique environment
  3. Worked with a large governmental agency to assist them in implementing security controls and applications to comply with PCI standards for secure credit card processing. Additionally performed privacy review, implemented new change control procedures, and provided continued risk management consulting regarding their major initiatives and projects
  4. Consulted with various organizations to provide remediation assistance for PCI and related privacy requirements. This has entailed activities such as quarterly vulnerability scans, internal and external vulnerability assessments, developing applicable policies and procedures, and reengineering IT processes to ensure PCI and privacy compliance activities are appropriately designed
  5. Has performed an enterprise-wide assessment of a company’s security administration procedures related to managing user access and permissions for networks and critical applications
  6. Oversaw major business continuity projects in the Middle East for clients in energy, financial services, and manufacturing. These projects involved multi-disciplinary teams to ensure high quality technical solutions were implemented for recovering clients’ critical business processes and supporting technologies
Education
  1. B.B.A. – Management Information Systems, University of Houston
Professional Memberships & Certifications
  1. Member of IIA and ISACA
  2. Certified Information Systems Security Professional (CISSP)
  3. Certified Information Security Manager (CISM)
  4. Certified Information Systems Auditor (CISA)
  5. Certified Business Continuity Prof. (CBCP)
  6. Qualified Security Assessor (PCI-QSA)