Protiviti Contact

Protiviti Contact

Jason Maslan

Managing Director

Jason is a Managing Director in the Chicago Internal Audit practice assisting clients in identifying and evaluating technology and business process risks. Jason is the Central Region IT Audit Leader for Protiviti responsible for leading IT audit initiatives across the Midwest United States. 

Jason has extensive experience in the areas of Risk Assessments, Strategy / Governance Assessments, IA Transformation, Quality Assurance Reviews, Technology Audits, Technical Security Assessments, SOX Compliance and Board Reporting. With more than 18 years of experience, Jason has led some of the largest engagement teams in the Chicago office and has presented at a variety of global and local conferences. Jason serves a variety of private and public companies in industries including insurance, distribution, manufacturing, consumer products, higher education and not-for-profit.  

Jason currently serves as the acting Chief Audit Executive at a mid-sized manufacturing company as well as a private insurance company.  Additionally, Jason is part of Protiviti’s Central Region Public Company Transformation Leadership team, where he assists clients with a variety of activities related to their private to pubic transformation.

Representative Experience

  • Serves as the Internal Audit Director at a large public distribution company where responsibilities include managing the Internal Audit budget, completion of the annual IA risk assessment, coordination of the global audit plan, generation of an annual audit calendar, and preparation and delivery of Internal Audit updates to the Audit Committee.
  • Leads Internal Audit activities annually for multiple private and public insurance organizations (auto, life, property/casualty, and commercial). Internal Audits include: enterprise risk assessments, various security assessments, IT general controls, disaster recovery, application interfaces, system implementation and SOX compliance.
  • Manages a co-sourced Internal Audit relationship with a $19 billion professional services firm, consisting of 4,000 hours of audit work annually. Responsibilities include coordinating resources globally, obtaining client feedback and providing monthly resource/quality reporting to the Vice President of Internal Audit. 
  • Conducted Enterprise Risk Assessments and IT Risk Assessments for various multi-billion dollar organizations in the financial services, insurance, retail and manufacturing industries. Activities included identification and prioritization of key risks, development of annual Internal Audit plan and presentation to the Audit Committee.
  • Led IT governance reviews for several organizations and not-for-profit institutions to confirm IT sustains and supports the organization’s strategies and objectives. Specifically, evaluated the policies, procedures, and organizational structures that support the five focus areas of IT governance, as defined by CobiT 5. 
  • Managed Internal Audit Quality Assessment Reviews (QARs) and IA strategy reviews for numerous global organizations in a variety of industries. Responsible for all assessment aspects, including executive interviews, documentation review, and reporting.
  • Managed numerous internal/external attack and penetration tests, red team exercises and network architecture reviews across various industries. Evaluated processes that manage the overall network architecture, vulnerability management, security awareness, security monitoring, data loss prevention, cloud security and workstation security. 

Areas of Expertise

  • Internal Audit 
  • Sarbanes-Oxley
  • Public Company Transformation

Industry Expertise

  • Financial Services / Insurance
  • Manufacturing / Distribution 
  • Consumer Products / Retail
  • Professional Services

Education

  • B.S. – Accounting & B.S. – Computer Science, Northern Illinois University 
  • Professional Memberships & Certifications
  • Certified Internal Auditor (CIA)
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certification in Risk Management Assurance (CRMA)
  • Certified Quality Assurance Internal Assessor/ Validator
  • Member, IIA
  • Member, ISACA