Please note: This website includes an accessibility system. Press Control-F11 to adjust the website to people with visual disabilities who are using a screen reader; Press Control-F10 to open an accessibility menu.

Thomas Brown, CISA, CIA, Security+, CAPM

Supervisor, Risk & Advisory Services

Home / Leadership Team / Thomas Brown, CISA, CIA, Security+, CAPM

Biography

Thomas Brown is a supervisor in GRF’s Risk & Advisory Services department. He interacts with clients to show them potential weaknesses in their cybersecurity posture and provides guidance on next steps. Mr. Brown is responsible for performing IT Audits, fraud and forensic investigations, co-sourced internal audits, policy and procedure benchmarks, and third-party risk assessments. Additionally, he presents key observations and findings to clients and senior executives.

He also conducts risk assessments to identify, analyze, and review information technology, fraud, and other security risks and vulnerabilities facing organizations both externally and internally. This includes collaborating with clients to efficiently complete assessments and help identify the best ways to implement changes. Additionally, Mr. Brown manages the cybersecurity awareness training and phishing simulation programs for GRF and multiple clients. He recently achieved Certified Information Systems Auditor (CISA) certification.

Before joining GRF, Thomas worked as a Project Manager for managing the configuration and implementation of EMR systems at Epic.

Education and Certifications

B.S. in Management Information Systems and Marketing, Le Moyne College
Certified Information Systems Auditor (CISA)
Certified Internal Auditor (CIA)
CompTIA Security + ce
Certified Associate in Project Management from PMI (CAPM)
Certificate of Competency: ISO 27001:2013 Internal Auditor (TPECS)
- IS- Information Security Management Systems
- AU- Management Systems Auditing