Tony is a Managing Director in Protiviti's San Francisco office where he has provided risk management consulting and technology audit services to clients in a variety of industries for over 11 years. Prior to joining Protiviti, Tony worked for Arthur Andersen in its Technology Risk Consulting practice performing similar services, as well as supporting the external audit function in the technology area.
Tony currently serves as the leader of Protiviti’s IT internal audit practice for the West and leads delivery within the Bay Area of several IT related solutions such as business continuity planning, and information security and privacy.
Tony also has 10 years of experience in team and project management with the United States Navy as a Naval Aviator.
- Significant experience in the planning, management and execution for over 100 external and internal IT audits covering IT processes such as system and user administration, network management, security, change management, and business continuity / disaster recovery.
- Led a multiyear program to redefine the information security program for a major financial services institution which included establishing a performance baseline, defining a unified risk and control framework, and implementing several key processes designed to address key components of the new framework.
- Led a review and benchmarking exercise of information security practices for a global life-sciences company designed to compare current state to specific and relevant threats and risks.
- Assisted a global financial services company with an organizational and process review for its 50+ person information security department. The review and recommendations were key to several improvement initiatives that better integrated information security into the overall risk management function of the company.
- Led the technology portion of 50+ SOX 404 projects, assisting in the identification, documentation and evaluation of IT controls at the entity, pervasive and process levels.
- Led major IT operations reviews and overhauls for a number of dynamic organizations, including several rapidly growing digital content providers, designed to stabilize and mature the information technology environment.
- Led the evaluation and design of business continuity strategies for companies in the professional services, entertainment, life-sciences, and software industries.
Areas of Expertise
- Information Technology Audit & Compliance
- Business Continuity Management
- Enterprise Application Services
- Life Sciences
- Professional Services
- BS Mechanical Engineering
Professional Memberships & Certifications
- Information Systems Audit and Control Association (ISACA)
- Member, Institute of Internal Auditors
- Certified Information Systems Auditor
- IIA Quality Assessment