Dan Schroeder CPA.CITP, CIPP/IT, CISA, CISM, PCI QSA, ISO 27001 Auditor

Dan has over twenty five years experience in IT operational and risk management functions in both private industry and leading CPA firms. Dan leads the Information Assurance Service practice at HA&W which serves leading national and international tech based businesses to provide services such as:

• Service Organization Controls including readiness and audits/attest for SAS 70/SSAE 16 and trust services principles of security, confidentiality, processing integrity, availability, and privacy.
• Security and Privacy compliance risk management, e.g., PCI, GLBA, BSA/AML and other banking regulations, HIPAA/HITECH, and EU Safe Harbor, ISO 27001, NIST 800-53.
• Resiliency planning and assessment services including design and deployment of Business Continuity and Disaster Recovery Planning functions.
• Governance and CIO services such as enterprise IT risk management program definition and deployment, application and service provider due diligence, vendor management, business performance improvement, such as business process and workflow assessment and design, technology alignment, scorecard and performance evaluation systems.

Dan is a frequent speaker and author on IT risk management subjects including SOC, security, privacy, and cloud computing.