Paul Kooney

Managing Director

Paul is a Managing Director with over 25 years of experience in both the public and private sectors focused on innovative third-party risk management program development, payment card industry security, and cybersecurity and privacy compliance. Paul is a member of the Shared Assessment Steering Committee where he is the current Chair and helps lead and contribute to the development of third-party risk thought leadership, best practice and tool sets. Paul is the practice lead for the Third Party Risk Management team as well as the global OneTrust alliance partnership and implementation team.

Areas of Expertise

  • Third Party Risk Management
  • PCI Data Security Standard
  • Privacy
  • Security Assessment Services
  • IT Risk Management
  • Cybersecurity Governance Strategy 
  • Business Continuity Management

Industry Expertise

  • Financial Services
  • Hospitality, Leisure and Travel
  • Retail
  • Manufacturing
  • Consumer Products & Services
  • High Tech & Electronic


  • MS in Electrical Engineering, State University of New York at Buffalo 
  • BS in Electrical Engineering, State University of New York at Buffalo 

Professional Memberships and Certifications

  • PCI Qualified Security Assessor (QSA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Business Continuity Professional (CBCP)
  • Certification in Risk Management Assurance (CRMA)
  • Shared Assessments Certified Third Party Risk Professional (CTPRP)
  • Certified Information Systems Auditor (CISA)
  • Certified Data Privacy Solutions Engineer (CDPSE)