Summary
Overview
Work History
Education
Skills
Certification
Specialized skills
Systems
Timeline
Hi, I’m

TIFFANY CALLOWAY

Atlanta,GA

Summary

Using legal mastery and business savvy, I create thriving compliance programs that are fiscally advantageous to the bottom line of any organization. I serve as a collaborative resource for both management and fellow employees, with a strong focus on developing a compliance culture that enables others to detect and mitigate risk. I have 14+ years of experience in people management, and I take great pride in developing a strong, impactful team. Member of the Senior Leadership team, reporting directly to the CEO.

Overview

16
years of professional experience
1
Certification

Work History

Engle Martin and Associates, LLC

Director of Compliance
04.2020 - Current

Job overview

  • Formulated detailed recommendations based on audit findings to support annual planning and definition of goals.
  • Created and maintains an up-to-date electronic catalog of policies, procedures, documents, and evidence commonly required for security and compliance audits.
  • Responded to employee inquiries regarding compliance regulations and procedures.
  • developed a plan to mitigate areas of risk saving the company ~$5M in fines and potential lawsuits.
  • Assisted with internal and external audits to confirm compliance with applicable laws and regulations.
  • Implemented technical tools including, automating compliance processes and workflows. Improved compliance, risk mitigation, confidentiality, data integrity, and availability by 80%
  • Manage a team of 25 professionals, including recruiting, professional development, performance management, and resource allocation.
  • Leads Ethics, Risk, and Compliance Committee
  • Maintained up-to-date knowledge of current and emerging compliance regulations.
  • Review of contracts for compliance, confidentiality, and privacy-related issues, identified areas of concern and makes recommendations for modifications
  • Act as the company’s Subject Matter Expert in interpreting laws, rulings, and regulations – serve as a collaborative resource for all personnel
  • Research, develop and perform compliance reviews based on a broad and complex range of regulations and controls.
  • Manages business’ penetration (PEN) testing and vulnerability scan compliance, including related documentation.
  • Prepared and presented comprehensive reports to upper management and audit team, covering issues and recommendations.
  • Conducts GAP Analysis and developed a remediation plan for internal and external risks. (Annual cost avoidance ~$20M)
  • Develops and delivers compliance training for over 8,000 employees in a cross-departmental collaborative manner .
  • Implemented improvement initiatives and developed compliance testing program to monitor and identify gaps in new and existing practices.
  • Collaborated with HR and IT to develop and implement code of business and ethics and anti-harassment policies and related personnel training.
  • Reviewed, revised and updated compliance policies and procedures to confirm continual compliance with applicable laws.
  • Collaborated with internal and external stakeholders, auditors and legal counsel to confirm compliance with applicable laws and regulations.

The Middle Georgia Consortium, Inc

Compliance Specialist
12.2018 - 04.2020

Job overview

  • Maintained effective working relationships with regulatory authorities, suppliers and customers.
  • Assisted with training sessions to educate management personnel on compliance and regulatory standards.
  • Prepared and presented comprehensive reports to upper management and audit team, covering issues and recommendations.
  • Reviewed documents, files, transcripts and other records to assess compliance and potential risk.
  • Prepared records and data for regular audits.
  • Played instrumental role in company-wide risk assessment efforts, supporting enhancements in business processes and controls.
  • Delivered subject matter expertise for internal and external customers on compliance best practices and quality control.
  • Served as project manager for all process improvements and regulatory initiatives.
  • Performed and documented controls audits to maintain compliance with company initiatives, and to uncover workflow and communication issues.
  • Maintained and archived regulatory paperwork.
  • Wrote or updated standard operating procedures, work instructions or policies.
  • Interpreted regulatory rules or rule changes and communicated with others through corporate policies and procedures.
  • Prioritized project-related tasks to efficiently complete essential tasks.
  • Received, researched and resolved consumer inquiries.
  • Provided pre-, ongoing, and post-inspection follow-up assistance to auditors.

ITC Management Group

Compliance Officer
08.2007 - 06.2018

Job overview

  • Managed compliance efforts, reporting and audits.
  • Enforced compliance with complex state and federal laws, rules and regulations for industry.
  • Drove data security and information privacy efforts.
  • Kept company informed regarding pending industry changes, trends or best practices.
  • Developed risk assessment models to identify potential compliance risks.
  • Maintained effective working relationships with regulatory authorities, suppliers and customers.
  • Assisted investigation and risk management teams with fraud investigations and risk identification.
  • Developed improvement and corrective action plans to bring operations in line with requirements.
  • Helped create training programs to handle system-wide issues and maintain compliance.
  • Reviewed documents, files, transcripts and other records to assess compliance and potential risk.
  • Delivered subject matter expertise for internal and external customers on compliance best practices and quality control.
  • Advised division leaders of regulatory risks in business processed and provided recommendations for improvement.
  • Drove optimization of regulatory risks management, control testing and process improvements.
  • Managed full life cycle of assigned audits in alignment with departmental procedures, delivering progress as well as closing reports to senior management and clients.
  • Collaborated with contract team to review client contracts and facilitate personnel compliance training.

Education

Emory University School of Law
, Atlanta, GA

Juris Master (J.M) from Corporate Law
06.2014

Clark Atlanta University
, Atlanta, GA

Bachelor of Science (B.S) from Political Science
06.2010

University Overview

  • Dean's List 2009

Skills

  • Compliance Reporting
  • Third Party Due-Diligence
  • Data Privacy, Confidentiality, Integrity, Availability
  • Compliance program Creation & Talent Cultivation
  • Internal Audits
  • Knowledge of GDPR, CCPA, HIPAA, NIST, ISO 27001
  • Project Management
  • Strategic Thinking
  • Change Management
  • Risk Management
  • Stakeholder Management
  • Communication Skills
  • Training and Mentoring
  • Negotiation and Influencing

Certification

ISO/IEC 27001 Senior Lead Auditor - PECB

Specialized skills

  • System & Organization Controls (SOC2).
  • ISO/IEC 27001.
  • US Sarbanes-Oxley Act (SOX).
  • NIST.
  • CCPA.
  • CPRA.
  • HIPAA.
  • GDPR.
  • OFAC.
  • 21 CFR, 11.
  • Medicare.
  • Stark Law.
  • AKS
  • Project Management.
  • Federal, State, and Local cybersecurity regulations.
  • Enterprise Risk Management.
  • Risk Mitigation Strategies.
  • Data Confidentiality.
  • Data Privacy.
  • Business Continuity Planning.
  • Third-Party Vendor Compliance.
  • Contract Compliance.


Systems

Amazon Web Services (AWS), Microsoft 365, Purview, Defender, OneTrust GRC, SAI360 GRC, Knowbe4, Microsoft Office (Word, Excel, PowerPoint), Power BI Analytical

Timeline

Director of Compliance

Engle Martin and Associates, LLC
04.2020 - Current

Compliance Specialist

The Middle Georgia Consortium, Inc
12.2018 - 04.2020

Compliance Officer

ITC Management Group
08.2007 - 06.2018

Emory University School of Law

Juris Master (J.M) from Corporate Law

Clark Atlanta University

Bachelor of Science (B.S) from Political Science

ISO/IEC 27001 Senior Lead Auditor - PECB

TIFFANY CALLOWAY