Cybersecurity Considerations for Employee Benefit Plans (Employee Benefit Plans Conference)

Troy Fine, CPA, CITP, CISA - Senior IT Auditor:

Troy joined Schneider Downs in 2011 as an information technology auditor in the Internal Audit practice. He has experience performing information technology and financial internal audit co-outsourcing and consulting services across various industries. Services that Troy has provided include Sarbanes-Oxley 404 control design and testing, AT-101 (SOC 2 and 3) control design and testing, SSAE16 (SOC 1) control design and testing, HIPAA security and privacy assessments, network security assessments, malware defense audits, software implementation audits, GLBA assessments, information technology general control design and testing, incident response program development and general financial control design and testing. In addition, Troy has utilized the SANS

Institute’s Critical Security Controls for Effective Cyber Defense and NIST’s Cybersecurity Framework to assist clients with preventing, detecting and responding to cybersecurity incidents and threats. He has also performed third-party risk assessments for various financial institutions in support of their vendor risk management programs.

Systems that Troy has experience with include Windows, Active Directory, Unix/Linux, Oracle (database and E-business suite), SAP, SQL Server and MySQL.

∙ Member—Information Systems Audit and Control Association (ISACA)
∙ Member—The Institute of Internal Auditors (IIA)
∙ Member—American Institute of Certified Public Accountants (AICPA)
∙ Member—Pennsylvania Institute of Certified Public Accountants (PICPA)
∙ Member—Young Professionals Board of Junior Achievement of Western Pennsylvania
∙ Pennsylvania CITP Champion
B.S.B.A.—Accounting, The Ohio State University
B.S.B.A.—Management Information Systems, The Ohio State University
Minor—Economics