Brennan is a Managing Director in the Chicago office with over 23 years combined experience. Prior to joining Protiviti, Brennan spent 10 years of his career at a Big 4 accounting firm, focusing on external audit, internal audit, and internal controls compliance, helping companies understand and improve their operations and internal control structure. Brennan also spent 4 years at a Top 10 Property & Casualty insurance organization; 2 years as the Director of Internal Audit, focusing primarily on SOX and operational IT audit and 2 years as the Director of Financial Planning and Analysis (FP&A), supporting the entire IT organization in financial planning, forecasting and internal management reporting.
While at Protiviti, Brennan has led the Protiviti’s Chicago office Internal Audit service line for the Financial Services industry. Brennan has the overall responsibility for leading Financial Service resources and continuing to grow capabilities across existing and new Financial Service clients.
- Managed over 5,000 hours of audit activities annually for a multi-billion dollar insurance organization. Responsibilities include overseeing the execution of the annual audit plan, conducting annual risk assessments, periodic meetings with executive management, reporting to the Audit Committee.
- Managed the IT portion of the financial statement audits for both public and private companies ensuring reliance on underlying IT controls and reducing procedures performed by the financial statement audit team. IT components included operating systems, databases, and financially significant applications.
- Teamed with publicly traded financial audit organizations and developed and tested key SOX controls and reported on results of testing for annual SOX attestation.
- Conducted Enterprise Risk Assessments and IT Risk Assessments for various multi-billion dollar organizations in the financial services and insurance industries. Activities included identification and prioritization of key risks, development of annual Internal Audit plan and presentation to the Audit Committee.
- Managed both the business and IT process areas of SOC (formerly SAS 70) engagements including identifying with the client control objectives and related controls; testing the controls; and issuing final report. Industries included insurance, banking, benefits administration, professional services, and IT outsourcing.
- Led and managed all IT related SOX 404 compliance and external financial statement audit support, including internal coordination of work, as well as, challenging the external auditor budget and reliance strategy.
- Determined audit approach to help to assess the adequacy of the IT transformation process and vendor management controls to ensure that risks associated with the initiative were promptly identified and mitigated.
- Led macro risk assessment efforts on IT transformation initiatives to ensure appropriate senior management governance exists. Further IT transformation responsibilities included, but not limited to:
- Primary audit contact surrounding contract review to ensure the appropriateness of audit rights, data privacy, compliance, and BCP/DR clauses.
- Ensured appropriate transition methodology including knowledge transfer, control impact assessment on the process changes, and organizational change.
Areas of Expertise
- Technology Risk
- IT General Controls
- Internal Audit Services
- Sarbanes Oxley Implementation Solutions
- Financial Audit Support
- Financial Services
- Professional Services
- B.S. – Accounting, St. John's University
Professional Memberships and Certifications
- Certified Information Systems Auditor
- Certified in Risk and Information Systems Control
- Certified IIA Quality Assurance Reviewer
- Member, ISACA
- Member, IIA