Michael Maertz

Versatile and resourceful manager with extensive, hands-on ITGC audit experience combining a background in external audit, internal audit, information technology risk management and project management with demonstrated cross-functional team leadership. Adept at managing diverse teams to deliver successful client engagements of all sizes while collaborating with executive management to ensure that strategic objectives are attained. Dynamic interpersonal skills required to interact with clients in defining objectives, gathering requirements, and executing plans.

• IIA – Institute of Internal Auditors
• ISACA – Information Systems Audit and Control Association
• ISACA - 2019 Volunteer of the Year Recipient – NY Chapter

• Manager experienced in all phases of audit engagements including internal/external audit and SOC reporting. The engagements included scoping analysis, risk assessment, controls identification and analysis, effectiveness testing, remediation, and report generation covering a variety of regulatory requirements (SOX, FFIEC, HIPAA, NAIC, SSAE)
• Experienced project manager involved in all phases of technology implementations including cost/benefit analysis, implementation planning, vendor selection, detailed design, project rollout, and ongoing maintenance and support
• Experienced information technology professional with over twenty years of experience in technical infrastructure audit, implementation and support
• Adept at leveraging communication skills to develop cross-functional solutions to complex problems combining excellent technical analysis, verbal communication, and writing skills

• Managed the overall IT audit engagements and control assessments for clients in finance services (banking, broker/dealer, insurance) and manufacturing/distribution. The clients range in size/complexity from mid-market to global corporations
• Managed the IT engagement teams for clients in various business types including manufacturing, distribution and personnel management. The engagements included audits of IT General Controls and IT Application Controls. The ERP systems evaluated included SAP, Oracle, PeopleSoft, and Great Plains supported by Oracle, SQL, DB2, and proprietary databases
• Performed numerous information technology examinations covering a range of regulatory organizations.
• Project Manager for an ERP/systems implementation project at a publicly held distribution company. The 20-member project team consisted of client, vendor and consulting resources.

• ISACA - Certified Information Systems Auditor (CISA)
• ISACA - Certified in Risk and Information Systems Control (CRISC)
• ISACA - Cybersecurity Fundamentals (CSX-F)
• ISACA – Cybersecurity Audit
• CompTIA - Cybersecurity Analyst (CySA+)

• Internal Audit
• External Audit / SOC reporting
• Engagement Management
• Strategic Analysis and Solution Delivery
• IT Risk Assessment and Recommendation
• HIPAA/HITRUST/Cybersecurity Assessment