Tom Andreesen

Managing Director – Global Microsoft Alliance Leader

Tom is a managing director with over 33 years’ experience helping organizations develop and implement a variety of business and technology solutions to enhance their operations. Tom has also helped companies establish risk management capabilities and overall governance programs to help address operational risks, technology risks, and regulatory compliance requirements. Tom is the leader of Protiviti’s Global Microsoft Alliance program.

Major Projects

  • International Consumer Products Company: Implemented foundation control processes and risk management capabilities, including IT organization and governance practices
  • International Consumer Products Company: Drove improved cloud usage, implemented more robust cloud security governance and enabled greater resilience for IT operations
  • Regional Insurance Company: Performed a review of their enterprise risk management program and provided recommendations on addressing gaps as well as a better governance structure for the overall program
  • National Broker Dealer Company: Supported various risk management activities (business and IT) including annual risk assessment work. Also helped the IT function with design and testing of controls and rationalizing the key control environment. Assisted with vendor information security assessments and forensic analysis
  • National Broker Dealer Company: Led major integration efforts including establishing project management functions, adoption of required security standards and processes, creating roadmaps for major technical infrastructure changes and helping redesign data architecture for ongoing data warehouse needs

Areas of Expertise

  • IT process improvement
  • IT governance
  • IT organization transformation
  • Microsoft solutions implementation and support

Industry Expertise

  • Financial Services
  • Consumer Products and Retail
  • Technology and Media


  • BS - Computer Engineering, Iowa State University

Professional Memberships and Certifications

  • Certified, Governance of Enterprise IT (CGEIT)
  • Certified in Risk and Information Systems Controls (CRISC)
  • Member, Institute of Internal Auditors (IIA)
  • Member, Information Systems Audit and Control Association (ISACA)