North American Financial Services Industry Leader, Internal Audit and Financial Advisory
Michael Thor is a Managing Director in the Internal Audit practice of Protiviti. He has over 21 years’ experience in providing internal audit as well as operational, financial, and IT consulting services to organizations across a variety of companies within financial services, including banking, insurance, and asset management. Michael leads the North American Internal Audit practice for Financial Services and serves on Protiviti’s financial services leadership team globally.
- Served as interim Chief Audit Executive at a $180 Billion financial services organization. In this role, Michael led a function responsible for Enterprise Risk Assessment, Internal Audit, Sarbanes-Oxley compliance, and Continuous Monitoring and Data Analysis. Primary responsibilities included providing direction to individual area leads, overseeing execution of functions responsibilities, and reporting to executive management and the board.
- Internal Audit Leading Practices and Quality Assessment: Led several assessments of internal audit practices against leading industry practices, IIA IPPF, and regulatory requirements as outlined in the Federal Reserve Supplemental Policy Statement on the Internal Audit Function and its Outsourcing (SR 13-1), OCC Heightened Expectations, Basel Committee guidance on the management of internal audit, and various applicable international guidelines.
- Internal Audit Advisory: Provide strategic insight and advice on Internal Audit strategy, methodology, reporting, and alignment with other control functions for several GSIB banks. Focus on meeting internal and external stakeholder expectations, providing insights to the organization, and leveraging leading practice methodology and tools to drive audit effectiveness and efficiency.
- Risk Assessment Redesign: Provided oversight on risk assessment redesign efforts for clients in the financial services industry with the objective to align the risk assessment process with the regulatory requirements from the FRB and OCC. Enhancements include direct alignment to risk appetite, streamlined data-driven risk assessment, dynamic nature of risk assessment to respond to changes in risk on a near real time basis, and simplified reporting and tracking for management and coverage purposes.
- Member of management team responsible for the planning and management of the Internal Audit function at a $170 Billion financial services organization. Responsibilities include risk assessment and planning, management and definition of audit scope and approach, and reporting audit results to executive management and the audit committee. In addition, served as the IT Lead responsible for the planning and management of the Sarbanes-Oxley compliance effort.
- Audit Lead for an $12 Billion Regional Bank. Responsibilities include risk assessment and audit planning in coordination with Bank IA and Enterprise Risk Management teams, management and definition of IT audit scope and approach, and reporting IT audit results to executive management and the audit committee.
- Lead projects providing strategic Internal Audit direction for several Fortune 100 diversified insurance companies. Strategic direction included providing enhancements to the governance, methodology, and resource management of the internal audit organization. Projects resulted in a redesign of IA structure including development of more robust talent management process. In addition, furthered the use of data analytics within IA to drive risk based testing and provide increased assurance over traditional sampling approach.
Areas of Expertise
- Internal Audit
- Risk Consulting
- Financial Services
- B.S. – Accounting, Indiana University
- B.S. – CIS, Indiana University
Professional Memberships and Certifications
- Certified Public Accountant (CPA)
- Project Management Professional (PMP)
Read Protiviti Blog Posts from Michael Thor