Versions Compared

Version Old Version 1 New Version Current
Changes made by

Steven Piliero

Steven Piliero

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Name: David "Dave" Kim Dr. Emily Davis

Age: 38 42

Education: Master's in Accounting from the University of Illinois at Urbana-Champaign Ph.D. in Computer Science with a specialization in Information Security from MIT, B.S. in Accounting Computer Science from Indiana Stanford University

Professional Background:

  • 1215+ years of experience in public accounting, focusing on audit and assurance services for large commercial and public sector organizationscybersecurity research, standards development, and industry collaboration.

  • Focus areas: Leading audit teams, managing client relationships, developing audit plans, executing audit procedures, and reviewing workpapersCloud security, risk management frameworks, security controls assessment, and secure software development.

  • Previous roles: Audit Manager Senior Security Researcher at a Big Four accounting firm, Senior Associate at a national accounting firm, Staff Accountant at a regional accounting firmmajor technology company, Lead Architect for a cybersecurity standards organization, Consultant for government agencies on cybersecurity best practices.

  • Special certifications or skills: Certified Public Accountant (CPACISSP (Certified Information Systems Security Professional), Certified Internal Auditor (CIA), Project Management Professional (PMPCCSP (Certified Cloud Security Professional), OSCP (Offensive Security Certified Professional)

Industry: Accounting Cybersecurity Standards and AuditFrameworks

Responsibilities:

  • Plan and execute audit engagements, overseeing the work of audit teams and ensuring adherence to professional standards and deadlines.

  • Manage client relationships, addressing client concerns and questions, and providing updates on audit progress.

  • Review audit work papers for accuracy, completeness, and compliance with auditing standards.

  • Identify and assess audit risks and control deficiencies, and develop recommendations for improvement.

  • Mentor and develop junior audit staff, providing guidance and feedback on their work.

Goals:

  • Deliver high-quality audit services that meet or exceed client expectations and regulatory requirements.

  • Build strong relationships with clients and colleagues, fostering trust and collaboration.

  • Develop and mentor a high-performing audit team.

  • Advance within the firm and take on increasing levels of responsibility.

Challenges:

  • Balancing multiple audit engagements with tight deadlines and competing priorities.

  • Managing and motivating audit teams, especially during busy season.

  • Staying up-to-date on evolving auditing standards and regulatory requirements.

  • Communicating complex audit findings and recommendations to clients in a clear and concise manner.

Motivations:

  • Solving complex problems and uncovering the "truth" behind financial information.

  • Helping organizations improve their internal controls and financial reporting processes.

  • Building a successful career in public accounting and becoming a trusted advisor to clients.

  • Mentoring and developing junior audit staff and contributing to their professional growth.

Tech-Savviness:

  • Proficient in using audit software, data analytics tools, and collaboration platforms.

  • Comfortable with leveraging technology to automate audit procedures and streamline workflows.

  • Open to exploring new technologies that can enhance audit efficiency and effectivenessLead research and development efforts for new and evolving security standards and frameworks.

  • Collaborate with industry experts and stakeholders to gather feedback and ensure relevance.

  • Write and publish technical documentation, whitepapers, and guidelines related to the standards.

  • Present at industry conferences and workshops to promote awareness and adoption of the standards.

  • Provide technical guidance and support to organizations implementing the standards.

Goals:

  • Develop and maintain high-quality, practical, and effective security standards that address real-world risks and challenges.

  • Foster industry-wide adoption of the standards to improve overall cybersecurity posture.

  • Establish the organization as a leading authority and trusted source for cybersecurity guidance.

  • Contribute to a more secure and resilient digital ecosystem.

Challenges:

  • Balancing the need for rigor and technical accuracy with practicality and ease of implementation.

  • Keeping pace with the rapidly evolving threat landscape and emerging technologies.

  • Gaining consensus and buy-in from diverse stakeholders with competing interests.

  • Securing adequate funding and resources for research and development.

Motivations:

  • Making a meaningful impact on cybersecurity by developing and promoting effective security standards.

  • Collaborating with a talented and passionate team of security professionals.

  • Sharing knowledge and expertise with the broader cybersecurity community.

  • Staying at the forefront of cybersecurity research and innovation.

Tech-Savviness:

  • Highly tech-savvy with deep cybersecurity principles, technologies, and methodologies expertise.

  • Proficient in programming languages, security tools, and risk assessment frameworks.

  • Adept at analyzing complex technical information and communicating it clearly to diverse audiences.

Behavioral Traits:

  • Detail-oriented and organizedmethodical, with a strong focus on accuracy and quality.

  • Analytical and critical thinker, able to identify potential risks and weaknesses in financial informationCollaborative and open-minded, willing to listen to different perspectives and incorporate feedback.

  • Passionate about cybersecurity and committed to improving industry security practices.

  • Excellent communicator and collaboratorpresenter, able to build rapport with clients and team members.

  • Decisive and able to manage multiple priorities effectively.

  • convey complex technical concepts clearly and concisely.

Sources of Information:

  • Professional auditing standards and guidelines (e.g., PCAOB, AICPA).

  • Industry publications and research on audit and compliance (e.g., The Journal of Accountancy, Compliance Week).

  • Regulatory updates and guidance from relevant agencies (e.g., SEC, PCAOB).

  • Networking with other audit professionals and attending industry eventsAcademic research papers and publications on cybersecurity.

  • Industry threat intelligence reports and vulnerability databases.

  • Feedback from industry experts and practitioners.

  • Conferences, workshops, and webinars on cybersecurity topics.

Quote:

"Audit is about more than just numbers; it's about understanding the story behind the financial statements and ensuring that it's accurate, complete, and reliableSecurity standards are not just theoretical documents but essential tools for helping organizations protect themselves from real-world threats. By working collaboratively with our clientsthe cybersecurity community, we can help them strengthen their controls, mitigate risks, and achieve their business objectivesdevelop practical and effective standards, raising the bar for security across the industry."