IT Compliance vs. Security: Why Compliance Doesn't Equate to Data Protection (Financial Institutions

Sudhir K. Kondisetty, CISSP, CISA, QSA
Principal, Risk Advisory Services
RSM US LLP

Sudhir Kondisetty leads the Philadelphia region risk advisory practice. In this role, Sudhir oversees projects over a wide range of services, including internal audit/SOX, IT risk, financial regulatory compliance, security, enterprise risk management, and more. Additionally, Sudhir serves as the managing partner of the Philadelphia office. Lastly, Sudhir services as RSM’s northeast leader of Culture, Diversity, and Inclusion (CDI), an important initiative to increase employee and client engagement.

Prior to leading the risk advisory practice, Sudhir was involved in leading IT risk advisory projects, including IT risk assessments, IT general controls reviews, network infrastructure security testing, Sarbanes-Oxley IT reviews, Payment Card Industry (PCI) audits, Service Organization Control (SOC) attestation engagements, and IT project management. He has 20 years of consulting experience in various industries.

Sudhir carries many professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Payment Card Industry Security Standards Council Qualified Security Assessor (QSA), Certified in the Governance of Enterprise IT (CGEIT), CheckPoint Certified System Administrator (CCSA), and Microsoft Certified Systems Engineer (MCSE).

Received 7/2016