Robert Ashcraft

Bob is a Risk/Cybersecurity consultant and has over 30 years extensive IT Risk, IT SOX, IT governance, ITarchitecture, IT auditing, IT instructor, Cybersecurity, Project management, SSPs, Business development, Vendormanagement, training and assessment experience in the banking, retail, healthcare, pharmaceutical, university,government, manufacturing, insurance and transportation industries. Bob’s has extensive experience in IT SOX, ITCloud, CMMC, VPN, WAN/LAN-based Cyber-fraud / Cybersecurity for the government, commercial, healthcare,insurance, finance and banking industries. He also has IT experience in enterprise application via architecture,project management (Waterfall and SAFeAgile), Cyber-risk, IT SOX alignment and deployment within the AWS,Cloud, Unisys mainframe, IBM mainframe/mini, SAP, MS2016, AIX, Linux, UNIX, DB2, Sybase, Oracle, Citrix andWindows enterprise environments. His IT SOX, IT Risk, SSP and governance analysis assisted client’s implementation for achievement of short term and long-term goals for process improvements-PO&AMS. With ITSOX engagements and government contracts, Bob trains the Risk / IT auditors, managers and directors. Bob alsoworks with clients in the financial industry providing services, including internal IT audits, COSO 2013, DFARS,CMMC, COBIT 5, SOX, FHFA, HIPAA, FFIEC, FIDICA, Basel III, Model Audit Rule, NIST Cybersecurity frameworkand advisory services. He has extensive experience in pre implementation and post-implementation enterprisesoftware reviews. Bob assists in the integration of vendor’s Disaster Recovery and Business Continuity plans /programs, while maintaining company BCP, Risk and Governance regulation standards and analysis that providesimproved workflow processes for client’s teamwork environments. He presented agile, periodic and annual checklistreviews that increased awareness of absent user control considerations and exceptions. His management of ITaudit responsibilities for IT SOX and other government regulated engagements has provided the maximum 75%acceptance usage rate for external audit firms, which resulted in reduction of external audit firm’s resources, billinghours, and on-site time.

Prior associations found Bob as an Accenture consultant where he fulfilled the CISO’s auditing and projectmanagement duties for a Top 3 international print firm’s digital pen project with Geisinger. Bob was also a CISO fora security firm, responsible for writing the company’s SOX security response, financial Performa’s and a 5-million-dollar appropriations bill for DHS, which was approved by the House and Senate. He also served as an InternalSenior Auditor for a $2 billion auto retail firm that utilizes IBM mainframe RACF technology. Bob provided supportfor Xerox Corporation projects in deploying diverse workflow processes within enterprise solutions for hospitals(code verification workflow forms), universities, commercial and government accounts with Citrix deployments ofapplications and intelligent medical process-flow forms. He also designed and implemented the first POS touchscreen application for KFC (PepsiCo).

Bob is on the Board for InfraGard and Kiwanis and belongs to ASIS, NDIA, InfraGard, ISACA and IIA. He is aCertified Information Systems Auditor (CISA), Certified HIPAA Security Professional (CHSP), and is Certified inGovernance Enterprise Information Technology (CGEIT) and Certified in Risk Information Systems Control (CRISC). He is a graduate of Kutztown University (B.S., Business Administration), where he studied mainframe programming languages.