Andrew Struthers-Kennedy is a Managing Director leading Protiviti’s global IT Audit practice. Based in the metro Washington D.C. area, Andrew works with clients to help drive efficiency, effectiveness, and enhanced risk mitigation in their IT and business operations.
Andrew works with clients across a cross section of industries to deliver outsourced and co-sourced internal audit services, as well as technology, and risk management consulting services. Andrew works with organizations to establish the platform for delivery of “next generation” internal audit services, through the use of analytics, automation, and other emerging tools. He is on the Board for his local IIA chapter and is a frequent speaker at IIA and other professional association events, as well as frequent speaker and thought leadership contributor for Protiviti.
Andrew serves on the Board of a Baltimore-based non-profit focused on providing financial literacy courses for middle-school students in under-served communities. During its inaugural year, Andrew also served on the advisory committee of American University’s Kogod School of Business Cyber Governance Center.
- Actively working with clients to identify, prioritize, & design automation solutions using robotic process automation (RPA) and other automation tools.
- Significant experience in various aspects of Information Technology – Strategy, Risk Management, Governance, Security, Privacy, Business Continuity / Disaster Recovery, Data Classification, Vendor Management, and Controls having led and been involved in numerous audit and consulting projects in these areas.
- Work stream lead for a project tasked with establishing an IT Risk Management program at a global financial services institution with a focus on designing and implementing a risk framework to link the Bank’s principal operational risks to specific components of the IT environment.
- Leads internal audit outsource, co-source, and Sarbanes-Oxley services for several organizations in the metro-DC market. In this capacity Andrew frequently interacts with executive management, Board and Audit Committee members.
- Managed a wide range of data analysis projects, from the development of point-solution analytics and scripts to development and deliver of analytics training, to design and establishing of analytics functions. Performed training, speaking engagements, and authored articles on the topics.
- Protiviti’s firm wide lead for RPA, Process Mining, and other emerging technologies for internal audit use.
Areas of Expertise
- Internal Audit & IT Audit
- Sarbanes-Oxley / Financial Controls
- Information Security
- Governance & Risk Management
- Data Analytics
- Project Risk Management
- Emerging Technologies
- Financial Services
- Professional Services
- BSc Physics, University of Bristol, UK
- MSc Information Security, University of Westminster, UK
Professional Memberships and Certifications
- Board of Governors, Baltimore Chapter, Institute of Internal Auditors (IIA)
- QAR Accredited by the IIA
- Certified Information Systems Auditor
- Certification in Risk Management Assurance
- ITIL Practitioner
Read Protiviti Blog Posts from Andrew