CPA, CITP, CISA
Managing Principal - SOC
Jeff is a Managing Partner at Fortreum Associates and the Engagement Partner for all SOC and AICPA-based engagements. During his career, Jeff has worked extensively on financial statement and information system audits (including SOC 1, SOC 2, SOC 3, and SOC for Cybersecurity) in addition to providing ITGC support for financial statement audits. Jeff also has functional knowledge of ISO standards, CSA STAR, C5, FISMA, and FedRAMP. Spanning a 20+ year professional services career, Jeff has a background that includes accounting firms from the (then) big 5, regional mid-sized accounting firms, cybersecurity and IT audit based professional service firms, and audit software firms. At these firms, Jeff has risen to upper management levels, developed and built new (IT audit and SOC) practices, and helped the firms grow and scale. During his career, Jeff has served in the CFO role, understanding what IT and GRC means financially to organizations. Jeff is also heavily involved with the AICPA, volunteering with development of the SOC and CITP programs. Jeff is a part of the SOC 2 working group (which helps develop the AICPA SOC 2 guide), has developed numerous trainings for the AICPA, teaches the AICPA SOC school, and is a prior recipient of the AICPA IMTA Standing Ovation Award for outstanding professional achievement in the IT specialization area. Jeff is also a SOC peer review specialist. Jeff's other AICPA efforts include the AICPA CITP credential committee, the AICPA IMTA SOC task force, and the AICPA ASB Technology task force. Jeff is also a Board Member for Community IT, a Washington, DC based managed service provider for non-profits, and a prior board member for the Maryland Association of CPAs. Jeff earned his Bachelor of Business Administration in Accounting from Loyola College in Maryland and a Master of Science in Information Assurance from the University of Maryland University College. He is a lead auditor for the ISO 22301 standard and holds certifications as a CPA, CITP, CISA, CIPT, and CCSK.