Audit and Compliance
Audit and Compliance don’t have to be “four letter words”! For many, the terms audit or compliance have a negative connotation and are considered necessary “evils” for security professionals. During this discussion, I will shed some light (and truths) on the myths surrounding this complex space. My hope is that this talk will have you humming a different tune about your audit/compliance program.
About the Speaker:
Kristen Wilbur is a Senior Manager with Schellman & Company LLC, with over 10 years of experience in providing IT attestation and compliance services. Kristen has evaluated risk and controls for Global 1000, Fortune 500, and regional companies during the course of her career with a strong focus in the technology sector. Kristen currently leads the New York City practice at Schellman where she specializes in SOC 1, SOC 2, ISO 27001, and HIPAA reporting. In her portfolio she also manages large scale engagements that include FedRAMP, HITRUST, and Privacy.
Kristen majored in Criminal Justice and Spanish in her undergrad and completed her MBA with an IT Management Concentration. She began her career at a Big 4 CPA firm in the advisory group where she spent three years supporting integrated SOX 404 audits as well as performing SOC 1 reporting before moving to Schellman.
She has a strong passion for giving back and recently helped to establish the corporate social responsibility program at Schellman called SchellmanCARES. She has the following technical certifications: CPA, CISSP, CCSK, CISA, Advanced SOC and ISO 27001 Lead Auditor. When she isn’t working or studying, her hobbies include spending time with family and exercise.