Speakers

Kelsey Bahadursingh is the Assistant Director for Audit, Risk & Advisory Services at Vanderbilt University. She is responsible for planning, performing and supervising audits of the university. She graduated from Seattle Pacific University with a B.A. in Accounting and a B.A. in Business Administration with a concentration in International Business. She also studied abroad in Chengdu, China as part of her minor in International Business. She is both a Certified Public Accountant (CPA) and Certified Information Systems Auditor (CISA). Before coming to Vanderbilt, Kelsey worked in Assurance Services for PriceWaterhouseCoopers and Internal Audit for Alaska Airlines in Seattle, Washington. Starting in the fall of 2019, she will start pursuing her M.B.A. degree at Vanderbilt University.

Erin Baker, CIA, CIDA, CISE, CFIRS - Erin is the Data Analytics Program Manager with the University of Texas System Administration internal audit team. In this role, she provides data analytic related services and support to internal audit departments around the System, including developing tools for use with their data, establishing a formal training curriculum, and assisting with data acquisition and analytics during audits.  Erin has BBAs in both Finance and Accounting from the University of Texas at Austin and San Antonio, respectively. Erin was first introduced to the power of data analytics at Frost National Bank in the audit department. She has also been a one-woman audit shop for a home health care company, where she developed scripts for operational, financial, compliance, and administrative purposes.

Mike joined Brown University as the Chief University Auditor in June of 2019.  Before his role at Brown, Mike held a leadership position with the MIT Audit Division as the Associate Director for Technology and Campus Audit Services. He holds a Bachelor of Science in Business Administration with a dual concentration in International Business and Accounting, and a Political Science minor, from Northeastern University and a Master of Business Administration (MBA) with a concentration in Public and Non-Profit Management from Boston University. Mike maintains his license as a Certified Public Accountant (CPA) within the Commonwealth of Massachusetts and holds designations as a Certified Internal Auditor (CIA) and a Chartered Global Management Accountant (CGMA).  Mike is also a member of the Northeastern and ACUA faculties.
 

Danielle Bundy is the Internal Audit Director at the Colorado Community College System (CCCS) with over 14 years of audit experience.  She worked for KPMG, a public accounting firm, in their assurance and forensic practices for 7 years.  In 2012, she began working at CCCS.  Danielle is a regular speaker across CCCS presenting best practices and common findings from audits.  As part of the State of Colorado’s administration of Career and Technical Education, the CCCS Internal Audit performs routine civil rights monitoring reviews of colleges and K-12 school districts.  These visits involve reviews of documentation and measurements of facilities to ensure compliance with Civil Rights laws.
 

Ann M. Butera, CRP, is President of The Whole Person Project, Inc., an organizational development consulting firm founded in 1983. She is a frequent speaker at IIA, MISTI (coordinator of Audit Leadership and founder of CAE Masters conferences), and ISACA conferences. She has worked with audit departments of all sizes to provide auditors with the tools and techniques needed to improve risk management practices within their organizations.  Ann is regularly cited in Who’s Who and has been honored by Women On The Job with the Business Achievement Award. She is a member of the IIA, the American Society for Training and Development, the Association of Government Accountants, and the National Association of Corporate Directors. She served as Supervisory Committee Chair for a financial services firm.  Ann received her Masters of Business Administration in Organizational Development from Adelphi University.  She holds a CRP (Certified Risk Professional) designation from BAI and is a Summa Cum Laude graduate of Long Island University/C.W. Post College.  Ann has published her first book, Mastering the Five Tiers of Audit Competency: The Essence of Effective Auditing. In it, she shares best practices for every stage of the audit and explains how and why the most effective auditors master five essential competencies. New and seasoned auditors will benefit from her insight culled from over 30 years’ experience training thousands of their peers.
 

Rob Carter is the Director of Internal Audit & Management Analysis at Baylor University, a private Christian University and nationally ranked research institution located in Waco, TX.  Over the past 20 years, Rob has worked within public accounting, publicly traded companies, and higher education with extensive audit experience over a broad range of areas.  Rob has also served on the board and as president of TACUA and the Kansas City IIA.  

Peter Cataldo is the Systemwide Associate Audit Director at the University of California – Office of the President (UCOP). UCOP is the system-wide headquarters of the University of California, located in Oakland, California. The UC System includes 10 campuses, 5 medical centers, a national laboratory, over 220,000 students and 170,000 faculty and staff. As the Associate Audit Director, Peter supports the UC systemwide audit program and works with all the 10 campuses and medical centers on various systemwide compliance and audit projects.  Peter started his UC career as an auditor at the UC Berkeley campus, and has been a part of the UC internal audit program for the past 30 years. Peter earned his undergraduate business degree from Siena College in Albany, New York; and is a Certified Internal Auditor (CIA), Certified Fraud Examiner (CFE), a Certified Compliance and Ethics Professional (CCEP), and a member of the Institute of Internal Auditors (IIA).
 

Albana Cejne is the Assistant Director of Sponsored Research Audit, in the Office of Audit and Compliance, of Princeton University.  In her role, Albana is responsible for performing audits focusing on compliance requirements and internal controls in processes for sponsored research, as well as acting as a liaison between Princeton Plasma Physics Laboratory and OAC for the review and oversight of cost allowability audits. Prior to this role, Albana worked in a central post award office and has ten years of experience in sponsored research administration including financial compliance, effort reporting, expenditure approvals, sub-recipient monitoring, and annual Uniform Guidance single audits reviews. Albana is an active member of National Council of University Research Administrators (NCURA), the Institute of Internal Auditors (IIA) and the Association of College and University Auditors (ACUA). Albana has held different volunteer roles with NCURA, as well as presented at several NCURA and Financial Research Administration meetings.
 

Aaron Cohen has a BBA in Accounting from the North Georgia College & State University and a Master's of Accounting from Georgia Southern. He has 3.5 years of experience as an investigative auditor with Georgia Medicaid Fraud Control Unit and 2.5 years of experience as a forensic auditor at Georgia Tech.  

Mike Cullen is a senior manager with Baker Tilly, a national accounting and advisory firm. Mike is the higher education cybersecurity and IT risk leader for the firm. For over 17 years, he has worked with a variety of institutions, leading myriad cybersecurity and IT risk assessments and audits, developing information privacy and cybersecurity programs, performing ethical hacking, and conducting digital forensic investigations. Mike has presented to a variety of local, regional, and national conferences, as well as multiple universities. Mike is a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), and Certified Information Privacy Professional (CIPP/US).

Brian Daniels is the Chief Audit and Compliance Officer at the University of Tennessee and has more than 15 years of audit, risk, and control experience in higher education.  With an original background in IT audit, Brian has held progressively responsible positions at the University of Virginia and Virginia Tech respectively, finally serving as the Director of Internal Audit.  In this capacity, he has had the opportunity to partner with the Athletics Department in establishing a robust and collaborative audit approach to ensure coverage in a wide variety of NCAA bylaws and other risk topics.  Brian received his undergraduate degree in Business Information Technology from Virginia Tech and an MBA with a concentration in Information Security from James Madison University. Brian is a Certified Internal Auditor, Certified Information Systems Auditor, and a GIAC Certified Forensic Analyst.

With more than 13 years of experience, Ashley assists institutions to achieve strategic and financial success, optimize operational effectiveness and enhance compliance. Ashley drives innovation through strategic and enterprise risk assessments, internal audit and compliance reviews and investigations and business process reviews. She has assisted clients in developing and reengineering infrastructures, governance practices, internal controls and business processes to mitigate risk and enhance efficiency, effectiveness and compliance in such areas as budgeting and resource management, financial management and reporting, sponsored research administration, compliance governance and international operations.

Carolyn D. Saint is the Chief Audit Executive for the University of Virginia, which includes the University of Health System and the University of Virginia’s College at Wise.  She joined the University in April 2015, with more than 20 years of external and internal audit experience.
 
Prior to joining University, Ms. Saint served as the Vice President of Internal Audit at 7-Eleven, Inc., a $28 billion global retailer.  In addition to her experience at 7-Eleven, she served as Vice President of Internal Audit for three Fortune 50 retail companies: Lowe’s, Sears Holdings, and Kmart.  Her career includes over eight years of experience serving clients while at Deloitte.
 
Ms. Saint holds a bachelor’s degree in political science from the University of Pittsburgh and a master’s degree in professional accountancy from Walsh College.  She is a Certified Public Accountant, a Certified Internal Auditor (CIA), and holds a Certification in Risk Management Assurance (CRMA).  She has held various leadership positions with the Institute of Internal Auditors (IIA), having chaired both the North American Board of Directors and the Global Advocacy Committee.  Ms. Saint served on the IIA’s Global Audit Committee, the North American Advocacy Committee, the North American and Global Nominating Committees, and is a past trustee of the IIA Research Foundation.  In her role as Global Advocacy chair, she led the creation of the IIA’s global advocacy platform, capturing the central role internal auditing plays in good governance and helping organizations achieve their goals.  Ms. Saint is currently a member of the IIA’s Global Perspectives and Insights Advisory Council.  She is a board member of ACL, a GRC software solution company headquartered in Vancouver, Canada. She is an active volunteer in the Charlottesville community where she co-chairs the Leadership Charlottesville Alumni Association board and is a member of the board of the American Red Cross Central and Shenandoah Region.
 
 

Joe Diaz, CIA, CFE, Bachelor of Business Administration, Finance, Master of Business Administration has 22 years of experience in internal auditing, including higher education and public accounting working specifically in the retail, oil and gas, service, manufacturing, and non-profit industries. Joe is a Certified Internal Auditor (CIA) and a Certified Fraud Examiner (CFE). He is a member of the Institute of Internal Auditors (IIA) and served as Research Committee Chair for the Dallas Chapter where he was awarded the Outstanding Committee Chair in 2013. He is also a member of the Association of College and University Auditors (ACUA) and the Association of Certified Fraud Examiners (ACFE). Joe has been a guest speaker for the aviation ethics course at Oklahoma State University and a guest speaker/instructor for the internal audit graduate course at the University of North Texas.

Ivy has over 20 years in IT Shared Services and IT Audit/Security experience working in several industries such as Financial services, Pet Health Care, Retail and University systems.  She is currently the IT Audit Manager at the University of New Hampshire the largest post-secondary provider in the Granite State where she plans and executes key audits across 4 campuses servicing 32,000 students annually.  Ivy joined the University System in December 2018. She was previously the Vice President and Director for Business Assurance Validation and Risk Assessment at Citizens Bank in Rhode Island.  In her previous roles she managed and trained teams specializing in IT and cybersecurity audits.  Ivy holds a Master of Business administration from Edinburgh University and a Bachelor of Science in Information Systems Management from Boston University. Ivy maintains professional certifications as a Certified Information Security Manager, a Certified Information Systems Auditor, Certified in Information Risk and Control and Cybersecurity Nexus Fundamentals.  She has a passion for continuous self-betterment especially in the area of IT Security and enjoys sharing ideas, knowledge and experience with her peers.

Michelle Finley, CIA, CFE, Bachelor of Business Administration, Accounting, has 23 years of experience in higher education, in which she has held several executive positions, including Chief Audit Executive and Executive Vice President/Chief Financial Officer at a private university and Chief Audit Executive at two public higher education systems. Michelle is a Certified Internal Auditor (CIA) and a Certified Fraud Examiner (CFE). She served on the Internal Audit and Compliance Monitoring Committee of the Texas Higher Education Coordinating Board and several other non-profit Boards. She is a member of the Institute of Internal Auditors (IIA) and was awarded the Jim Cobb Member of the Year for the Oklahoma City Chapter, where she served as president and member of the Board of Governors. Michelle is also a member of the Association of College and University Auditors (ACUA) and the Association of Certified Fraud Examiners (ACFE).

Kallie joined the Audit Division at MIT in 2007; with 21 years of research administration experience working in the central research administration offices at several major research universities, including MIT's Office of Sponsored Programs. Kallie received her Master’s in Criminal Justice from Washington State University.

La Donna is the Director of Internal Audit at Pittsburg State University in Pittsburg, Kansas.  She has been in this role for the past six years.  Prior to joining PSU, LaDonna was an Internal Auditor for 15 years in the healthcare and electric utility industries in Tacoma WA and Tucson AZ.  She earned a Bachelor of Business Administration from PSU.  She recently completed her MBA at PSU in the summer of 2019.  La Donna is also a Certified Internal Auditor (CIA), Certified Public Accountant (CPA), and Certification in Control Self-Assessment (CCSA).  LaDonna is an ACUA Board member at large.

Carrie Frandsen, MBA, ARM-E, RIMS-CRMP, is the Systemwide Director, Enterprise Risk at the University of California, Office of the President (UCOP). UCOP is the headquarters of the University of California – a world-class public research university system that includes 10 campuses, 5 medical centers, 3 national laboratories, with more than 238,000 students and 198,000 faculty and staff.  Carrie provides leadership, resources, and guidance to constituents across the University of California system on enterprise risk management. In this role, she develops and coordinates activities and programs that assess and manage risks to the University’s mission, strategies, and values. Ms. Frandsen is also an instructor in UCLA Extension's Enterprise Risk Management certificate program. She serves on the U.S. TC262 technical advisory group for ISO 31000, and on the RIMS CRMP Commission.

Chris Garrity, MBA, CPA, CIA, CFE, CGMA is the Director of Internal Audit at Saint Joseph’s University of Philadelphia, PA.  Chris has over 25 combined years of experience within the not for profit and healthcare industries. His experience includes performing and supervising numerous financial, operational, and compliance audits as well fraud investigations.  He has also provided risk advisory and consulting services to audit committees, boards, counsel, and management in business and issues such as endowments, enterprise risk management, process reengineering, and ERP implementations.

Gates Garrity-Rokous serves as Vice President and Chief Compliance Officer for the Office of University Compliance and Integrity at The Ohio State University.  Gates has over 20 years developing, assessing and managing ethics and compliance programs for complex institutions, with a broad expertise in higher education, healthcare and financial services. Prior to joining Ohio State, Gates served as Chief Compliance Officer for GE Capital Americas, where he oversaw its regulatory compliance program.  Before that, he was a white collar defense partner for Wiggin & Dana, LLP, advising universities, hospitals, and corporations on compliance issues. He also served as an assistant U.S. attorney and health-care fraud-enforcement officer with the Department of Justice.  Gates also clerked in the United States District Court of Connecticut and the United States Court of Appeals, Second Circuit. Mr. Garrity-Rokous earned his Bachelor of Arts degree from Trinity College and his Juris Doctor from Yale Law School.

Leigh Goller is the Chief Audit, Risk and Compliance Officer for Duke University and Health System. She has institutional responsibility for directing and coordinating an integrated internal audit, compliance and risk management function, both of which have enterprise-wide scope, and a federated university compliance function, as well as accountability to enhance the ability of these functions to advance the mission of Duke. Internal audit and compliance reviews make policy, process and internal control recommendations that help Duke reduce the risks of unintended operational outcomes, financial fraud or misappropriation, compliance violations and governance breakdowns. The risk management program raises awareness of the threat and opportunity environment while focusing leadership on risk tolerance decisions that enable sound business and risk management strategies. Leigh serves on institutional steering committees for financial and operational leadership, research administration, conflict of interest, policies, global initiatives, and other senior leadership priorities.  She holds a bachelor’s degree from the University of North Carolina at Charlotte and a master’s degree from Duke University.

Lynn is a senior auditor in the Office of Audit, Risk and Compliance at Oregon State University. She performs detailed audit fieldwork including the evaluation and testing of the audit client’s system of internal accounting controls. She is also responsible for managing complaints submitted through the OSU’s Accountability & Integrity hotline, including tracking the investigation process and/or referring the complaint to another, more appropriate area for review.  Lynn’s prior experience includes external auditing with Texas Guaranteed Student Loan Corporation (TG), the assistant director of financial aid at Thomas Jefferson School of Law, and lead intake finance counselor at the University of Phoenix. Last summer, Lynn earned a Master of Science in Accounting with a concentration in auditing. Lynn also has a Master of Science in Higher Education Administration and a Bachelor of Science in Business Management. She is a Certified Internal Auditor (CIA) and a Certified Government Auditing Professional (CGAP).

Patrick Graber is the Chief Audit Executive of the Board of the Swiss Federal Institutes of Technology (ETH Board) since 2008. The Internal Audit of the ETH Board covers the audit activities of the entire ETH Domain, a network of two universities and four research institutes. Patrick holds a Master of Science in Business Administration and a Master of Law of the University of Berne in Switzerland and is a Certified Internal Auditor. Prior to joining the ETH Board Patrick was Chief Financial Officer of the Swiss Federal Pension Fund and worked in different positions in finance and IT in the private industry.

John Grimes has over 50 years of law enforcement, criminal investigation, fraud examination, and teaching experience. John began his law enforcement career with the Baltimore City Police Department where he became a Detective in the Criminal Investigation Division . He retired from law enforcement in 2016 as the Chief Inspector with the Amtrak Office of Inspector General/Office of Investigation. John is a Certified Fraud Examiner and is a Past President of the Maryland Chapter ACFE. He is recognized as a Certified Forensic Interviewer by the Center for Interview Standards and Assessments, Ltd. John is an Adjunct Instructor at Stevenson University where he developed and teaches a graduate level course in Forensic Interviewing. Additionally, he provides training and speaks on a variety of fraud and forensic interviewing topics. John holds an AA in Criminal Justice, a BA in Business with an emphasis in Accounting, and an MS in Forensic Studies.

Eric Groen is a Managing Director with Protiviti, based in the Phoenix area. He has almost 20 years of experience in consulting and audit, including both internal and external audit experience.  Eric’s experience extends across a number of industries, however, he spends the majority of his time focusing on higher education and more specifically compliance and governance issues.  Eric has a B.S. degree in Accounting and Finance from Creighton University, is a Certified Public Accountant and a Certified Internal Auditor.  Eric is also the former President of the Phoenix Chapter of the IIA.

Damon Hacker, MBA, CCA, CISA, CSXF is President, CEO and a founder of Vestige Digital Investigations, a leading U.S. Electronic Evidence Experts company specializing in Digital Forensics, CyberSecurity and eDiscovery Services.  A pioneer in digital forensics and IT security, he has helped to shape this important and fast-moving industry having testified before the US Judicial Conference on proposed rule changes to Civil Procedure that affected the Digital Forensics and litigation industries. He continuously helps to improve the techniques, processes and technology in this specialized field.  He is a court approved Expert for testimony.  Damon aired on the Legal Broadcast Radio Network, was published  in Inc Technology magazine, Smart Business News and Crain’s Cleveland Business.  In addition, Mr. Hacker frequently consults for a number of television shows some of which include CSI: Cyber, Bones and The Blacklist.  He earned an MBA from the Weatherhead School of Management, and his undergraduate degree from  Case Western Reserve University.  Vestige has offices in Cleveland, Columbus, Pittsburgh and New York City.

Will is a Certified Public Accountant, Certified Internal Auditor, and Certified Fraud Examiner.  He currently works at Auburn University as an Audit Manager, and has previously worked as an Information Systems Auditor for Deloitte and the State of Tennessee Comptroller of the Treasury.  Will has 22 years of auditing experience, with 13 years in higher education.  Will was the Midyear Committee Director for 2017-2019, has served on the ACUA Fraud Best Practices Committee, and is a current member of the ACUA Membership Committee.  Will is an Eagle Scout, a Scottish Laird, and an ordained priest.
 

Matt Hicks is the Systemwide Deputy Audit Officer for the University of California.  In this role, Matt ensures overall execution of systemwide audit services, including effective resource deployment, professional development for UC audit staff, development and maintenance of methodologies and guidance, and monitoring and measurement of services.   He oversees the annual systemwide risk assessment and internal audit plan development for the UC system and reports on internal activity, risk priorities, and results to the Regents Compliance and Audit Committee and systemwide leadership.  Additionally, he serves as the Internal Audit Director for the Office of the President, overseeing a team of auditors responsible for conducting audit and advisory services at UCOP. He has over 16 years of internal audit experience and, prior to joining UCOP, he was a manager in KPMG’s Advisory Services Practice in San Francisco. He is a Certified Information Systems Auditor (CISA) and has a B.S. in Business Administration from UC Berkeley.

Tony Hubbard has 27 years of experience supporting public service cybersecurity initiatives. Tony leads KPMG’s Government Cybersecurity practice, which supports entities such as the Departments of Defense, Energy, Health and Human Services, Homeland Security, and Veterans Affairs, as well as many state and local government agencies and higher education institutions. Tony has authored many professional articles, appeared in media outlets such as “Government Matters” and “FedNewsRadio”, and frequently presents on cybersecurity topics. Tony has a Bachelor’s of Science degree from Shepherd University, is a Certified Information Systems Security Professional (CISSP), and Certified Information Systems Auditor (CISA).

Cathy Hubbs began her leadership in information security programs in 2002 at George Mason University. In 2007, she became American University’s first chief information security officer. At American she is responsible for identifying areas of risk and shaping the University's information security strategy, architecture, and vision. She partners with IT, Risk Management, Legal Counsel, and other campus stakeholders to meet compliance requirements, create policies, deliver security awareness, and discuss risk and options to limit liability. With the help of her talented team, risk assessments are performed on new and existing services, vulnerability management is implemented, and incident response is coordinated. She is an active volunteer in organizations that focus on the development of Security Professionals. She was American University's first Frye Leadership Institute Scholar in 2009 and is a Certified Information Systems Security Professional and holds a number of security credentials.

Dyan Hudson, CIA, CISA, CFE, CRMA, is Director of Specialty Audit Services for The University of Texas System, with over 30 years of combined audit and IT experience.  Dyan’s responsibilities include IT audit, data analytics, and special projects and investigations.  She previously held audit positions at the University of Montana and the University of Texas at Austin, spent several years as an IT Auditor in state and municipal government and the banking industry, and was a programmer and systems analyst before joining the audit profession. 

As Senior Auditor for Data Analytics with Virginia Tech, Trevor Hughes specializes in analyzing data related to established audit procedures and discovering new ways to use analytics to guide continuous monitoring, plan and perform audits, and to improve risk assessment efforts. Trevor previously worked at Virginia’s Auditor of Public Accountants as a Senior Auditor and Information Security Specialist.  Between Virginia Tech and the APA, he has over 11 years of audit experience.  In addition, he has spent more than 15 years in corporate and non-profit management, accounting operations, information systems management and development, and consulting.

Jake Johnson, CISSP, CISA, PCI-QSA, CPA is an Experienced Manager with Grant Thornton’s Cyber Risk practice in San Diego California. Jake has over 9 years of experience in information security audits for education services, technology, and not-for-profit clients. Jake has helped many companies through his proficiency in assessing security controls at the application, database, operating system and network layers.  He has provided his clients with audit and compliance support expertise around IT General Controls and best practices related to Cyber Security. 
 

Megan Kasimatis Singleton, JD, MBE, CIP is Assistant Dean for Human Research Protection and Director of the Human Research Protection Program at Johns Hopkins University School of Medicine. In this role she is responsible for oversight and direction of JHM’s 7 IRBs. Ms. Singleton is a licensed attorney in Pennsylvania. She earned her law degree from Temple University and her Masters in Bioethics from the University of Pennsylvania.In addition to her current role in leading the Johns Hopkins Medicine HRPP, she serves as the director of central IRB (CIRB) activities for the Johns Hopkins/Tufts Trial Innovation Center (TIC), leading the charge for innovations in operationalizing single IRB (sIRB) review. In addition to her role as TIC CIRB lead, she is heavily engaged in national efforts to streamline the implementation of sIRB review processes including as a member of the Federal Demonstration Partnership taskforce on sIRB review and as a member of the SMART IRB Harmonization Steering Committee. Ms. Singleton is the co-chair of the AER Conference Workshop/Didactic Subcommittee, is an AAHRPP, Inc. site visitor, and is a member of the Steering Committee for AEREO, a consortium designed to advance effective research ethics oversight through empirical research.

Kara Kearney-Saylor, Director of Internal Audit at the University at Buffalo (UB), leads a strategic and comprehensive risk assessment and internal audit program that supports UB’s mission, plans and goals. She is the University’s point of contact for all external audit activities and works actively with SUNY’s Audit and Enterprise Risk Management initiatives. She is implementing Enterprise Risk Management and serves on UB’s Information Security Privacy Advisory Committee. She has been an advocate for Information Security and Data Governance at UB, acting as the Interim Information Security Officer and chairing an international search for an Information Security Officer.  Currently, Kara is the Standards and Best Practices Committee Chair for the Association of College and University Auditors (ACUA).  She also participates in her local chapter of the IIA, co-chairing the academic relations committee.  Prior to UB, Kara was employed at Boston University,  as the Interim Director of Internal Audit and co-chaired the Enterprise Risk Management Steering Committee and the Information Security Committee. She was previously employed at Houghton Mifflin, PricewaterhouseCoopers, and Ernst & Young in various audit and tax consultant roles. She has Bachelor’s degree from Northeastern University and a Master’s Degree from Boston University. Additionally, Kara is a Certified Internal Auditor and has a Certification in Risk Management Assurance.

Ray Khan is the Senior Data Analytics Auditor at Texas Woman's University. He is a Certified Fraud Examiner and a Certified Data Analyst.  Ray received both his Bachelor's and Master's degrees in Accounting from University of Texas at Dallas. Ray currently serves as the ACUA Community Director helping drive engagement from ACUA members on the ACUA list serve. 



 

John Kiss is a Director in Baker Tilly’s higher education and research institutions industry consulting practice, as well as its national risk, internal audit, and cybersecurity services practice.  These practices provide assurance and advisory services in the areas of internal audit, enterprise risk management, institutional compliance programs, financial and operational risk management, construction audit, fraud investigation, cybersecurity and technology risk consulting, and organizational governance. John has focused on providing these services to higher education and academic medical center clients.

As the Director of Audit and Management Advisory Services for Tufts University, Seth leads a department of 4 auditors with responsibility for conducting internal audits, and compliance and risk assessment activities at 8 schools across three campuses. He also supervises the School of Dental Medicine compliance officer.  Seth began his auditing career at Brown University and worked as an audit manager at Boston College before moving to Tufts University as its audit director in 1998.  Seth has led university-wide initiatives to develop a code of conduct and the institution’s first anonymous reporting hotline. He also championed the development of the University’s new risk register and is an active member of the Tufts University Risk and Compliance Committee, responsible for developing its agenda. Seth is also a member of the University Administrative Council and the School of Dental Medicine Compliance Committee.  Seth has been active in ACUA having served as president in 2004. He also chaired past Annual Conference and Mid-Year Conference programs in addition to participating on various board committees and presenting at conference workshops. He has served on several teams that conducted quality assurance reviews of internal audit operations at several ACUA member institutions.  Seth is a graduate of Brandeis University (Economics/Psychology, 1980) and received his masters of business administration (MBA) from Babson College in 1988. Seth also holds the CIA and CFE certifications.

Sharon is the Executive Director of Audit, Risk, and Compliance at Virginia Tech, serving as the university’s chief audit executive for the university and reporting to the Compliance, Audit, and Risk Committee of the Virginia Tech Board of Visitors.  Sharon is an advisor and resource to senior leadership as it considers issues of controls, compliance, and risk across the university.  In addition to leading the internal audit function, Sharon has responsibility for facilitating and coordinating the university’s enterprise risk management and institutional compliance programs. 
 
Sharon received her MBA from Virginia Tech, bachelor’s degree in business administration (accounting) from Mercer University, and is a Certified Public Accountant and Certified Fraud Examiner.  Sharon served as President of ACUA, continues service as its Immediate Past President, and holds an appointment to the ACUA Faculty.
 

Adrienne is a senior manager in Baker Tilly’s risk, internal audit and cybersecurity practice specializing in providing services to higher education and research institutions. She has more than 15 years of industry and professional services experience. Adrienne has worked with over 28 institutions to provide guidance in the areas of internal audit, risk advisory, enterprise risk, grants administration processes, sponsored research compliance, and fraud investigation related services. She has managed several internal audit engagements for a variety of higher education clients in areas such as institutional data reporting, admissions, Title IX, Clery Act and student safety, conflict of interest, international programs, procurement, greek life and hazing, school/department-level operations. Prior to joining Baker Tilly, she worked in sponsored research at Temple University, the University of Pennsylvania and Thomas Jefferson University.

Andrew Lee is a Principal at ClifftonLarsonAllen (CLA).  Andrew has more than 14 years of experience specializing in governmental auditing and accounting with an emphasis on state and local government agencies and higher education. Andrew also has extensive experience developing audit plans and reviewing work performed by staff. This work includes the performance of internal control reviews to assure the effectiveness and efficiency of operations, reliability of financial reporting and compliance with applicable laws and regulations.

Johan Lidros is the founder and President of Eminere Group which provides IT Governance and Risk Management Services. Previously, Johan was the Florida and Caribbean Computer Risk Management practice leader at Andersen. He has specialized in providing IT governance, IT risk management, IT audit and information security assurance solutions for the higher education, and healthcare industries. Johan has a Bachelor of Science in Economics from the Stockholm University and he is a Certified in the Governance of Enterprise IT (CGEIT), Certified Information System Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), HITRUST CCSFP Certified Common Security Framework Practitioner, and certified in IT Infrastructure Library (ITIL-F).  He is also the previous President of the North and Central Florida HIMSS chapter and a 2012-2014 member of the ISACA CGEIT certification committee.

Laura Ling is an experienced audit professional with more than 15 years in internal and external auditing.  Prior to working with the University of Florida Office of Internal Audit, she worked for University of Florida Finance and Accounting and the University of Florida Performing Arts.  Prior to that, she worked as an Audit Manager for PricewaterhouseCoopers.  Ms. Ling has been involved in fraud investigations for the University of Florida for seven years, and recently launched a Fraud Awareness training for University staff.
 

As the Cybersecurity Audit Director, Greg established and leads the systemwide Cybersecurity Audit Team, which is deployed across the 10 campus and 5 academic health center system to deliver specialized cybersecurity audits and advisory services and serves to provide independent oversight, assurance and advice on systemwide cybersecurity initiatives and programs to senior UC leadership and the UC Board of Regents.  Greg has over 20 years of experience in IT, information security, and IT audit.   He started his career as a system administrator dealing hands on with cybersecurity related issues, and has previously held positions as an IT management consultant at Gartner focused on cyber risk, a mentor with the SANS Institute, and as an IT director for Colleges within the UC. Greg is a member of the SANS Advisory Board, and has an M.B.A from UC Davis, and holds the CIA, CISSP, CISA, and GSNA, certifications.
 

Ray Ly, a senior manager in KPMG’s Development and Exempt Organizations Tax Practice, has more than 18 years of experience in the nonprofit and tax-exempt space.  He provides advisory, consulting, and compliance services on complex tax matters to clients in the higher education, humanitarian, healthcare, private foundation, pension trusts, and other not-for-profit sectors.  Ray currently provides tax advice on a wide variety of issues including current developments in taxation, tax examinations, unrelated business income, alternative investment reporting, state and local tax matters, charitable contributions, international operation compliance matters, and executive compensation.  He has a BBA in Accounting from the College of William and Mary and a MS in Taxation from American University.

Kimberly is a senior manager in Baker Tilly’s risk, internal audit and cybersecurity practice with over ten years of experience. She regularly works with higher education institutions on auditing advancement operations, including developing gift acceptance frameworks, assessing spending in accordance with donor intent, and evaluating capital campaign procedures. She has presented at past ACUA Annual and Midyear Conferences as well as local internal audit related organizations. Related to advancement, she has presented on topics such as “Worth the Risk? The Advancement Services Role in Risk Management” for the Association of Advancement Services Professionals DC Regional Symposium and developed thought leadership on donor gift management: identifying risks and implementing leading practices. Kimberly is a Certified Internal Auditor and Project Management Professional.

Loretta Maguire, CPA, is the Director of Internal Audit at The College of New Jersey (TCNJ), Ewing, NJ. Loretta has 30 years of Internal Audit and Compliance experience comprised of 15 years in healthcare and 15 years in higher education.  Loretta also facilitates the Enterprise Risk Management program at TCNJ.  She has performed and managed financial, operational, and compliance audits throughout the years and served as a Compliance Officer for 3 of her years in healthcare.  In addition to being a member of ACUA, Loretta is a member of the New Jersey Society of CPAs and the AICPA. 
 

Brian Markham is an experienced IT risk and compliance professional with more than 12 years of experience in higher education and private industry. Prior to joining GW, he was a consultant for PricewaterhouseCoopers' IT security, privacy and risk practice, serving the homeland security and financial services markets. He also spent seven years at the University of Maryland at College Park in the areas of IT security, compliance and audit.  Mr. Markham oversees the compliance and risk services team, which is responsible for ensuring that the Division of IT is implementing IT services and solutions that comply with regulatory and contractual requirements. He also oversees the overall IT risk management program and various other information assurance initiatives within the division. Mr. Markham holds a B.A. and an M.B.A. from the University of Maryland at College Park.

Angela regularly speaks on fraud topics throughout the university, and has presented at the annual Texas Association of College and University Auditors conference. She has seventeen years of experience in internal auditing and accounting, and represents internal audit in fraud investigations. Angela holds the Certified Internal Auditor (CIA) and Certification in Risk Management Assurance (CRMA) certifications from the Institute of Internal Auditors.

Shane McQuitty is an Associate Director in Protiviti’s DC Metro office focused on IT Audit and IT Consulting.  Shane brings over 20 years of experience in information technology and internal audit across numerous industries and leads Protiviti’s IT Audit practice for the Metro DC, Baltimore, and Richmond markets.  He has served as an audit lead on many Internal Audit, Sarbanes-Oxley and Information Technology engagements for global clients across industries that include financial services, manufacturing, higher education, technology, real estate and others. Shane has extensive experience with IT processes development and implementation, regulatory, compliance, robotics and data process automation, merger and acquisition integrations, enterprise risk management, and IT governance development and enhancement.

Susan M. (Sue) Menditto joined the National Association of College and University Business Officers (NACUBO) in 2002. Ms. Menditto manages NACUBO’s accounting, financial reporting, and financial viability issues for higher education institutions.

Ms. Menditto is charged with fulfilling higher education advocacy needs with the FASB, GASB, AICPA, and Department of Education and has served on the Governmental Accounting Standards Advisory Council, where she represented the interests of public higher education institutions.

Ms. Menditto has degrees in psychology and accounting, and is a certified public accountant. Prior to joining NACUBO she began her career in public accounting, was the CFO and Controller of a non-profit organization, and as a vice president with Bank of America had progressively responsible positions in financial reporting, accounting policy, and organizational change management.

Megan Mesko joined Cotton & Company in July 2011 and was elected a partner with the firm in January 2019. Since joining the firm, she has participated in numerous performance audits, financial statement audits, consulting service engagements, and litigation support activities for both federal and non-federal agencies.  In particular, Ms. Mesko has performed audits of, and on behalf of, a number of federal and not-for-profit organizations and has extensive experience performing audits and compliance reviews of contract and grant funding awarded to institutes of higher education, hospitals, and not-for-profit entities. She is experienced in testing compliance with the Uniform Guidance (formerly Office of Management and Budget (OMB) Circular No. A-21 and 2 Code of Federal Regulations (CFR) 220), the Federal Acquisition Regulation (FAR), specific federal organization allowability criteria, and grant/contract-specific terms and conditions.

Lorrie A. Metzger, Clinical Assistant Professor, Accounting & Law Department; MBA , University at Buffalo; BS, Rochester Institute of Technology; CPA (New York), CISA.  Her teaching responsibilities include undergraduate courses in the area of accounting information systems, graduate courses in data analytics, and graduate courses in the area of information technology auditing.  Professor Metzger is also the Faculty Director of the School of Management Undergraduate Honors Program.  Prior to joining the UB faculty, Professor Metzger was a Senior Auditor in the Internal Audit Departments at both First Niagara Financial Group and at M&T Bank. She worked as a Senior Consultant for the Enterprise Risk Services group of Deloitte and started her career as an auditor for the Arthur Andersen firm.

Michael serves as the Chief Architect for Southern Methodist University (SMU) managing a broad portfolio across two campuses located in Dallas and Taos, New Mexico serving 12,000 undergraduate and graduate students.  He manages a multi-faceted 220 member team including operations, physical plant, energy management, real estate/property management, master planning, capital projects, design and construction.  Currently his division manages an annual portfolio value of $367,000,000.  He previously served 8.5 years as the Vice Chancellor of Facilities Planning & Construction for the Texas Tech University System managing the master planning through capital projects with a total portfolio valued at $2.4B during his service.  Michael is a member of the American Institute of Architects (AIA), Texas Society of Architects (TSA), The National Council of Architectural Registration Board (NCARB), Texas Board of Architectural Examiners (TBAE) and the Association of University Architects (AUA). 

Mike has more than 30 years of audit, compliance and financial experience in the public and private sectors. As Institute Auditor for the Massachusetts Institute of Technology, he is responsible for delivering assurance and advisory services for the Institute through a risk-based program to assess adequacy of internal controls, safeguarding of assets, compliance with laws and regulations, and ethical practices. He has held audit and compliance leadership roles at Northwestern University, the University of Illinois and the Illinois Office of the Comptroller.  Mike has earned the Certified Internal Auditor, Certified Information Systems Auditor, and Certification in Risk Management Assurance designations and completed the COSO Internal Control Certificate Program.  He is a former chairman of the Illinois Internal Audit Advisory Board and a former senior vice chairman for the North American Board of The IIA. Mike has also held numerous other volunteer positions in professional audit associations.

Lisa Nykolyshyn has spent over 18 years in the internal audit profession, including eight years in the post-secondary education sector at the University of Alberta and six years auditing at the municipal and provincial levels. Lisa complements her public-sector experience with five years of managing and leading the internal audit shop at Stantec, a publicly-traded global design company. Lisa has volunteered in various capacities with the Canadian Association of University Business Officers (CAUBO) internal audit working group and with the Institute of Internal Auditors.  She is passionate about finding more meaningful ways to engage clients, deliver value and be a catalyst for change.

John O’Brien is President and CEO of EDUCAUSE, an international nonprofit association whose mission is to advance higher education through technology innovation. Throughout his career in higher education, John has served as a leader in technology, academics, and institutional leadership. He was a faculty leader in instructional technology, a statewide IT project leader, and associate vice chancellor/deputy CIO at the system level. He has been a college provost and president in the Minnesota State Colleges and Universities system, the fourth largest higher education system in the United States with over 375,000 students. Prior to his appointment at EDUCAUSE, he served as the system’s senior vice chancellor of academic and student affairs. John holds a bachelor’s degree in English from Augustana University, a master’s degree in Anglo-Irish Literature from the University of Dublin (Trinity College), and a doctorate in English from the University of Minnesota.  

Christy Oppong is a Senior Auditor in the Office of Audit and Compliance for Princeton University.  In her role, Christy performs operational audits, contract compliance audits, regulatory compliance audits including sponsored research audits and business process audits across various departments at the University; providing tools to assist departments in improving key processes and to comply with laws and regulations. During her tenure at Princeton University, which spans over ten years, Christy has specialized in payroll and restricted funds audit.  Prior to this role, Christy Oppong worked as an Internal Auditor conducting financial and operational audits and Sarbanes-Oxley section 404 audits of internal controls over financial reporting. She has over 17 years of experience in internal audit. Christy is a Certified Internal Auditor (CIA) and holds a Certification in Control Self-Assessment, both awarded by the IIA. She is an active member of the Institute of Internal Auditors (IIA) and the Association of College and University Auditors (ACUA).

Bryan Paine is a Senior Associate with RSM US LLP aligned with their Risk Advisory Services function. Prior to joining RSM, Bryan was an Audit Manager with Northeastern University charged with overseeing the execution of compliance-, process- and IT-driven engagements.  He represented Northeastern’s Audit & Advisory Services team on several committees and cross-functional teams, and served as the team’s analytical “go-to” for generating meaningful data analysis.  Bryan maintains a professional certification as a Certified Internal Auditor (CIA) and holds a Master of Business Administration (MBA) from the D’Amore-McKim School of Business at Northeastern University.  Bryan is an active member of the Institute for Internal Auditors (IIA) and the Association of Certified Fraud Examiners (ACFE), and formerly a member of the Association of College & University Auditors (ACUA).

While only beginning his third year as an IA staff member, Parker has been intimately involved in risk identification, compliance, resource allocation, and reporting, for more than 25 years.  Following graduate school, Parker began his career in the field of college athletics administration at three NCAA Division I conference offices, serving as ComplianceAV Director, Assistant Commissioner, and Associate Executive Director, respectively.  In 1997, he accepted the job of Assistant AD for Compliance at Virginia Tech, beginning a 20-year run in the athletics department that would see him eventually achieve the position of Senior Associate AD.  In 2017, Parker joined the Virginia Tech Office of Audit, Risk, and Compliance, where he serves as a member of the special projects team, conducting fraud/waste/abuse investigations and advisory reviews.
 

Missy Peloso serves as the Associate Vice President and Associate Vice Provost for Research at the University of Pennsylvania. She is responsible for managing over $1 billion of sponsored research funds. Missy is a frequent presenter, author and contributor to National Council of University Research Administrators (NCURA) and Council on Government Regulations (COGR). She is a published author on topics including international research and export controls.

Menah Pratt-Clarke is the Vice President for Strategic Affairs and Diversity at Virginia Tech. She is also Professor of Education in the College of Liberal Arts and Human Sciences. She has almost 25 years of leadership experience in higher education, with a focus on large-scale institutional transformation.  Prior to joining Virginia Tech, she held senior positions at the University of Illinois at Urbana-Champaign and Vanderbilt University.  At Vanderbilt, she served as the University Compliance Officer, Assistant Secretary of the University, and University Counsel.  She has a bachelor’s and master’s degree from the University of Iowa, and a master’s degree, PhD, and law degree from Vanderbilt University.  She recently released A Black Woman’s Journey from Cotton Picking to College Professor: Lessons about race, gender, and class in America. (Peter Lang, 2018), which was awarded the American Education Studies Association Critics’ Choice Award for scholarship deemed to be outstanding in its field.

Carol Rapps is a member of the prestigious ACUA faculty and a top ranked presenter at many ACUA conferences.  She has 30+ years of combined Information Technology (IT), Information Security (IS) and IT Audit experience in the banking, publications, oil & gas, manufacturing, healthcare, insurance and education industries.  Her prior areas of responsibilities encompass building IT audit functions from the ground up, information security management, change management, business continuity, audit (IT, operational and financial), total quality management, IT quality assurance, conversion management, and system development (both as an Auditor and as a Project Manager).  She has lectured and provided consulting services both internally and externally for various professional organizations and is well known for her innovative thinking, technical skills and training abilities. Carol received a B.A. in Business Administration from California State University of Bakersfield with a math minor.  She is a CIA, CISA, CCSA, CRMA, CFE and holds a GLIT certificate from GIAC for Legal Issues in Information Technology.  She has served as the ISACA LA Chapter President and Chair of the ISACA International Audit Committee.  Additionally, she served three years as the Chairman of the Supervisory Committee for the South Texas Healthcare Federal Credit Union.

Joanna Rojas leads the university audit team, which provides an independent viewpoint on governance, risk management and internal controls for the university, DUMAC and related entities. Joanna and the team conduct financial, operational, compliance and information technology risk based audits.  Joanna joined the Duke Office of Audit, Risk and Compliance in 2008.  Joanna’s past experience includes auditing financial and information technology processes with PriceWaterhouse Coopers and Lowe’s Companies.

Mark Ruppert is currently the Chief Audit Executive at Northern Arizona University. He has more than 30 years of internal audit experience and previously held the chief audit roles as the Director of Internal Audit for the Cedars-Sinai Health System and for the Johns Hopkins Health System.  He has been speaking nationally since 2000, has been published in Compliance Today and New Perspectives on various audit and compliance topics, and has lectured on Internal Audit for the University of California Los Angeles and Riverside.   He is a CPA, CIA, CISA, and ACS.

Brenda is a signing director with the CliftonLarsonAllen (CLA) public sector group. She has more than 20 years of experience in auditing colleges and universities, including extensive experience in audits of federal grant programs, among them student financial aid. She serves as audit director for both public and private higher education institutions. Brenda heads up the training and knowledge management for the student financial aid programs at CLA. Brenda regularly speaks on topics related to student financial aid as well as other audit topics at various association meetings and through CLA webinars. 

In her role as the chief executive of audit, risk and compliance for Oregon State University, Patti leads a team that evaluates and improves the effectiveness of the risk management, control, and governance processes. The audit team provides independent and objective assurance and consulting services that improve operations and protect organizational value.  The compliance team continually improves the productivity and safety of the university environment by overseeing the university’s compliance and ethics program.  In addition, Patti facilitates the university's enterprise risk management, which evaluates mission-critical risks and formulates effective mitigation strategies for the university's board and senior leaders.  The chief audit, risk, and compliance executive reports administratively to the president and functionally to the Executive and Audit Committee of the OSU Board of Trustees through routine communication practices.

Toni Stephens, CPA, CIA, CRMA, is the CAE at UT Dallas.  She received her accounting degree from Texas A&M University and has over 30 years of higher education audit experience.  Toni’s professional activities include serving as the ACUA President, board and faculty member, PEC Chair, Annual Conference Director, and serving on the recognition committees.  She also serves as an audit committee advisor for the Dallas ISD and is a board and audit committee member for the Dallas IIA. She served as President and board member of the Texas Association of College and University Auditors.  Honors include receiving service awards from both ACUA and the Dallas IIA.  She is an advisory board member for the UT Dallas Center for Internal Auditing Excellence, and for the past 15 years she has mentored internal audit students, providing them with actual audit experience.

Ali Subhani is the Director for the Office of Audit Services at Texas Woman's University. His prior roles have included serving as an IT Audit Manager, and most recently co-led the Technical work stream to consolidate disparate Teammate systems from across UT System onto a single consolidated infrastructure.  Ali is a member of the ACUA faculty and has 14+ years of experience combined within the homebuilding and education industries. 

Ali holds a Master’s degree in Accounting and Information Management from the University of Texas at Dallas and is is a Certified Internal Auditor, Certified Information Systems Auditor and a GIAC Systems and Network Auditor.  He has served as a President for the Texas Association of College and University Auditors and also as a Webmaster for the local ISACA Chapter. 
 

David Summerlin is the Senior Internal Audit Manager at the Colorado Community College System (CCCS). He has over seven years of internal and IT audit experience with several institutions of higher education in Colorado and Louisiana.  He co-presented on planning investigations at the fall 2018 ACUA conference and has lead trainings on data extraction, data analytics, and internal control best practices.  Over the past year he has planned and conducted audits at five of the thirteen Colorado Community Colleges for compliance with the Clery Act, and presented findings and best practices to College and CCCS leadership.

Howard Teibel is founder of Teibel Education Consulting. Over the past three decades, Howard has worked with education leaders and their teams to develop new habits to coordinate actions in support of shared commitments.  As a public speaker and writer for numerous higher education associations, Howard contributes to the national discourse on emerging trends facing this industry. Additionally, his 10-year-old podcast “Navigating Change” brings together leaders to discuss innovations and new practices that can transform how teams in academia and business work together. His client roster includes institutions such as the University of Colorado, Rutgers University, The City University of New York, Cornell University, the NCAA and many others.  Having recently moved from Boston to Boulder, CO, Howard enjoys hiking, biking, and meditation and is passionate about guiding business leaders to create constructive discourse on regional and global issues facing our country.

David was appointed as Portland State University’s first Director of Internal Audit charged with establishing the Internal Audit Office in October 2014 following state university governance reform legislation in Oregon.  Prior to joining Portland State University, David established Portland Community College’s first internal audit function in 2011 and led internal audit for Portland Community College until coming to Portland State University.  David has also held various audit positions with the Secretary of State Oregon Audits Division and the Oregon University System Internal Audit Department from 2003 to 2011 and has 16 years’ experience auditing state government, local government, and higher education in Oregon.  David obtained his bachelor’s degree in Business Administration from Eastern Oregon University (EOU) and was EOU’s Presidential Scholar  in 2003.  David holds licenses as a Certified Public Accountant, Certified Fraud Examiner, and Certified Internal Auditor.  Moreover, David is an audit committee member on the Oregon Department of Education’s Audit Committee, Clackamas County Audit Committee, and he is a member of the Institute of Internal Auditors and the Association of College & University Auditors.

Goli A. Trump, MBA, CIA, CRMA, executes and leverages internal audits and enterprise risk management in her current role as the chief auditor of Montgomery College, where a major ERP implementation is currently underway. She has served as CAE of Fairfax County Public Schools, CRO at SourceAmerica, and has held CFO and board directorships in private firms and nonprofit organizations in the US and the UK. Goli is a co-author of The IIA’s Certification in Risk Management Assurance ® Exam Practice Questions book, teaches The IIA Learning Systems CIA Exam Prep Course, and teaches a course on “The Auditor’s Role in Effective ERM.”
 

As Chief Audit Executive for the Texas Tech University System, Kim leads a department of 17 auditors in three cities.  The institutions of the Texas Tech System comprise an annual operating budget of $2.3 billion with almost 55,000 students.  A former ACUA President, Kim received ACUA’s Outstanding Professional Contributions award in 2014. Kim is Co-Chair of the Risk Dictionary subcommittee and received the 2011 Excellence in Service Award for her work in developing and maintaining the Risk Dictionary.  Closer to home, Kim served as a board member-at-large on the state board of the Texas Society of CPAs (TXCPA) and as founding president of High Plains Chapter of The IIA.  A member of ACUA Faculty, Kim is a frequent speaker for such organizations as ACUA, URMIA, TXCPA, and SCCE. Kim has also served on a number of peer review teams to enhance the performance of internal audit functions both inside and outside of higher education.

Matt Unterman is a Principal within Grant Thornton’s Not-for-Profit and Higher Education Advisory Services Practice. Matt has led a variety of business and information technology initiatives in the not-for-profit and higher education industry. His engagement experience includes strategic planning, business plan development, business process analysis and reengineering, operational reviews and improvement, financial modeling, program costing, financial performance improvement, benchmarking and best practices reviews, reserves analysis, enterprise risk management, internal audit, reorganization and outsourcing assistance, board governance assessment, IT planning and strategy, IT effectiveness reviews, requirements development, project management office (PMO) services, data center reviews, post-implementation assessments, IT controls reviews, business continuity/disaster recovery, system and vendor selection, records retention policy creation, and training curriculum and materials design.

Jonathan Weinberg, a senior manager in KPMG’s state and local tax practice, has more than 20 years of experience in dealing with state and local tax issues.  He provides consulting, audit defense, and compliance services to both not-for-profit organizations and for-profit businesses.  In this capacity, Jonathan advises on both direct and indirect taxes.  Jonathan was recently named one of KPMG’s SALT liaisons to the Development and Exempt Organizations Practice.  In this role, he has spent significant time advising tax-exempt organizations on the effect of the Supreme Court’s Wayfair decision.  He has a B.A. in History and Sociology from Miami University and a J.D. and LL.M. (Taxation) from the Case Western Reserve University School of Law.

Bruce Weisman, CIA, CPA is the Associate Director for Audit, Risk & Advisory Services (ARAS) at Vanderbilt University.  He joined ARAS in January 2010.  Bruce is responsible for planning and performing audits of the university and overseeing the progress of the annual audit plan.  He works with the CAE and Assistant Director to manage a staff of six auditors. He graduated from the University of Evansville with a B.S. in Accounting and a B.S. in Business Administration with a concentration in Management and earned a M.B.A. from Lipscomb University.

Barry L. White, MBA, CISM, CISA, is the Director of Information Technology Auditing at Johns Hopkins Institutions.  Mr. White has over 38 years' experience in Information Technology.  For the past 31 years, Mr. White has been working for The Johns Hopkins Institutions in IT audit.  Prior to working at Johns Hopkins, he held positions as Systems and Applications Programmer, Systems Implementation Consultant and Management Information Consultant for Convergent Technologies Inc. and Alexander & Alexander Inc.  Mr. White has lectured on various IT controls and concerns at professional conferences including several annual and mid-year ACUA conferences as well as AHIA conferences.   He is also a former Associate Professor for a local community college in the Baltimore area where he taught IT courses for several years.

Joel Wuesthoff is a New York City based eDiscovery expert, a former practicing attorney, and a Certified Information Systems Security Professional (CISSP). The CISSP is a high-level security & privacy designation granted by the International Information Systems Security Certification Consortium (www.isc2.org) measuring expertise in ten domains of data integrity and security ranging from digital evidence issues and telecommunications security to encryption controls and security architecture.  Mr. Wuesthoff has been an Adjunct Professor at the University of Maine School of Law since 2006, where he teaches a unique eDiscovery and computer forensics course. He introduced in 2010 a new course on Cloud Computing, Social Media & Data Privacy  utilizing an innovative multi-media & web-based platform showcasing the tensions between technological progress and legal oversight. He is also the Director of the ESI Institute, a private initiative which promotes legal education to the nation's law schools, evaluates new technologies in the legal space, and serves as interactive and street level training center for lawyers, law students, and information technology professionals. He has advised the Securities and Exchange Commission, other regulatory agencies, members of the United States Congress, and Fortune 100 companies on data analytics, data mapping, and best practices in information management and litigation readiness, and has twice appeared before the New York Supreme Court advising on best practices for the management of electronic discovery issues, and participated in similar trainings for the Massachusetts Supreme Court.  Mr. Wuesthoff has participated in FRCP 26(f) Meet & Confers, advised on early strategies for collection and review of electronically stored information, and trained more than 3000 attorneys, paralegals and litigation support professionals from the Am Law 100 and Fortune 500. In addition to being a member of the Search & Retrieval Sciences Special Project Team of the Sedona Conference (WG1), he has served as a visiting lecturer at the College of William and Mary School of Law.

Vesna N. Zaccheo is Audit Manager, Campus Audit Services at the Massachusetts Institute of Technology. She joined the Audit Division in 2000 with five years of internal audit experience at Data General and ten years of overall professional experience. She holds a Bachelor of Science in Economics from the University Center of Economics Sciences, North Macedonia and a Master of Business Administration (MBA) with a concentration in Finance from Northeastern University.