As a principal in CohnReznick’s Cybersecurity, Technology Risk, and Privacy practice, Thomas (Tom) McDermott has nearly 20 years of experience in IT, SOX compliance, security, financial, internal control audits, and advisory services. He provides specialized risk and advisory services to clients in a variety of areas including IT governance, IT security, data confidentiality and privacy, and compliance, as well as in IT general and application controls. 

Tom has extensive experience across various industries including technology, financial services, consumer products, manufacturing, not-for-profit, and life sciences. His internal audit and SOX experience spans the entire life cycle of the control assessment process and leverages the use of the COSO and COBIT frameworks. He has overseen numerous domestic and international engagements, helping clients identify, mitigate, and manage risks through improved technology, processes, controls, and resource management. 

As a certified information systems auditor (CISA), Tom works in the areas of system development, change control management, information security, computer operations, and disaster recovery. His experience in network, server, and application security, IT general controls, and application controls includes many different applications, IT platforms, and environments.

Tom is an industry thought leader who has presented seminars on IT governance, business continuity planning, the use of security tools to analyze organizations’ network and system vulnerabilities, IT auditing, and the use of ACL and other Computer-Assisted Auditing Techniques. 

His professional designations include Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Certified in the Governance of Enterprise IT (CGEIT).

THOUGHT LEADERSHIP

9 Mar 21: How to assess risk for emerging technologies – before you use them

19 Nov 20: The importance of incident response plans in protection of data, finances, and reputations