Matt is a Managing Director in Protiviti’s IT Internal Audit and Financial Advisory Solution with 13 years of uninterrupted service to Protiviti and their clients. Specifically, Matt’s experience is in helping his clients manage their annual audit plans, working extensively with executive management and audit committees, and providing guidance on meeting regulatory expectations.
Matt regularly presents to executive management and audit committees on high priority IT related issues and emerging risks.
In addition, Matt has delivered a number of projects on behalf of his client’s Information Technology and Compliance organizations implementing internal control frameworks, sustainable compliance programs, and readiness assessments and remediation of service organization control reports (e.g., SSAE16).
Matt is a member of Protiviti’s National Financial Services practice and has supported the national office develop thought leadership material related to IT Audit, FFIEC Cybersecurity Assessment Tool, Sarbanes-Oxley, and the NAIC’s Model Audit Rule. Matt holds CISA, PMP, and ITIL certifications and is an active member in his professional associations.
- Matt served as the Interim Head of IT Audit for a Top 20 US Bank for 7 months during a period of Internal Audit transformation that followed the integration of two Banks. Reporting directly to the General Auditor, Matt was responsible for managing a plan that consisted of 40+ IT Audit plan items, managing a staff of 41 IT auditors, providing IT Audit support on integrated business-led audits, working with audit clients on open issue management activities, performing IA validation of MRA remediation, interfacing with multiple federal and state-level regulatory agencies, and developing Board Committee and Executive Committee presentations. Under Matt‘s leadership in the first 6 months, the department issued 20+ IT audit reports, while providing direct audit support for more than half of the 76 business-led audits completed during the same period.
- Matt has provided IT Internal Audit services to over a dozen clients in need in need of Internal Audit co-source services. Examples of IT Audits and related activities Matt delivered include IT risk assessments, system implementation reviews, infrastructure audits, application control and data integrity audits, user access and segregation of duties reviews, IT governance audits, cybersecurity audits, and IT vendor management audits. Matt is proficient with COSO 2013, COBIT 5, NIST Cybersecurity Framework, FFIEC Cybersecurity Assessment Tool, and the Shared Assessments framework for 3rd party vendor audits.
- Matt has managed numerous Sarbanes-Oxley, Section 404, compliance engagements. His experience is in assisting management navigate all areas of IT SOX compliance, which include working with the client and business team on scoping process and systems, designing controls, creating control documentation, evaluating control effectiveness, providing recommendations, evaluating impact of control deficiencies, and coordinating with external auditors on behalf of our clients to maximize reliance and improve overall efficiency in the compliance process.
- Matt has led public company readiness assessments to determine our clients’ current IT capability maturity and preparedness to meet requirements and demands of being a public company. The results of the IT assessments were aggregated with business process assessment results, which were key inputs to the development of a comprehensive road map and project plan for management execution.
Areas of Expertise
- IT Audit Services
- Internal Controls – Financial Reporting
- B.S. – Information Systems, Saint Joseph’s University
Professional memberships and certifications
- Certified Information Systems Auditor (CISA)
- Project Management Professional (PMP)
- IT Infrastructure Library (ITIL) Foundations
- Member, Institute of Internal Auditors (IIA)
- Member, ISACA
- Member, Securities Industry & Financial Markets Association (SIFMA)