
Danny is responsible for planning and overseeing the fieldwork on projects for private and publicly owned clients in a wide range of industries, including financial services, technology, consumer products, industrial products and health care. His thorough knowledge of organizational risks and internal controls, combined with a wide range of experiences, serves to help companies identify and address their risks. Danny serves as the Rocky Mountain regional leader for risk consulting services and specializes in addressing business and technology risks, System and Organization Controls (SOC) reports, internal audits, data analytics and IT controls.
Danny’s representative experience includes the following:
Danny’s skills include analyzing client internal control systems and helping clients address business and technology risks, including information technology security systems, business process optimization, evaluating established controls and procedures, security processes and procedures, substantiating and documenting discovered control weaknesses, and formulating and presenting recommendations for improvement to management. Danny’s experience in this area includes analysis and reviews of the following:
- FFIEC, National Institute of Standards and Technology, HIPAA, GLBA, HITRUST, compliance assessments
- SOC 1 and SOC 2
- Sarbanes-Oxley (SOX), Federal Deposit Insurance Corporation Improvement Act controls
- Data and intellectual property security and integrity
- Corporate security policies and procedures—security governance
- Third-party assurance and vendor management