Board of Directors
| Position | Name | Background |
|---|---|---|
| President Program Coordinator |
Peter Spier |
|
| Vice President Membership Director |
Evan Routenberg |
Evan Routenberg is a Senior Associate at PricewaterhouseCoopers in Rochester, NY, in the Systems and Process Assurance department. As an IT auditor working for PricewaterhouseCoopers, Evan conducts audits of ITGCs and business process/application controls, post and pre implementation reviews, and internal audit staff augmentations. Prior to joining PricewaterhouseCoopers, Evan has worked in the IT industry performing various roles, including Help desk, IT Project Management, and Network Consulting. Evan holds a Bachelors degree in Political Science and Economics from the University of Rochester and an MBA with a concentration in Management Information Systems from the Rochester Institute of Technology. He is a Certified Information Security Auditor (CISA).
|
| Treasurer | Chandra Wilson |
Chandra is a Manager in the Rochester, New York SPA practice at PricewaterhouseCoopers, which concentrates on the assessment of information technology (IT) systems based risks and controls for clients within various industries. Chandra has significant experience in the conduct of General Computer Controls and Application Controls reviews, as well as, experience in the conduct of Sarbanes-Oxley and SAS 70 assessments. Chandra was formally a licensed Life Insurance Agent and brings experience and knowledge of the Insurance Industry. Chandra is a Certified Information Systems Auditor (CISA), holds a BA degree in Economics from the State University of New York At Albany, and is currently working on the completion of her Thesis Project, the final requirement of her Master’s degree in Information Technology at Rochester Institute of Technology. |
| Secretary |
Alex Douds
|
Alex Douds is a Senior Consultant at Freed Maxick & Battaglia’s Enterprise Risk Management Group in Buffalo, New York. Prior to joining Freed Maxick, Alex was an IT Security Analyst for Science Applications International Corporation (SAIC) in Washington D.C. Alex is a graduate of George Washington University's School of Engineering Management and Systems Engineering having attained his Master of Science in Engineering with a concentration in Information Security Management. He also holds his Bachelors in Political Science from James Madison University. He is a Certified Information Security Auditor (CISA), and a Certified Information Systems Security Professional (CISSP). |
| Director | Salim Alani |
Salim M. Alani has 25+ years’ experience in higher education and public accounting. He is currently the Chief Audit Executive at University of Rochester. His responsibilities include managing the audit risk assessment function for the University, Strong Memorial Hospital, Highland Hospital, Nursing Homes and Visiting Nurse Association. Previously Mr. Alani held Director of Audit positions at the University of Pennsylvania and Tufts University. At UPenn, Mr. Alani was part of the leadership team to upgrade the university’s internal controls, risk management and compliance functions. At Tufts University, Mr. Alani was responsible for formalizing the internal audit function and directing all internal audit activities. Mr. Alani received his B.S. in Business Administration from Northeastern University and is a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA) and Certified Fraud Examiner (CFE). He has served on numerous task forces, search committees and business process reengineering projects. He is the past president of the New England Chapter of ISACA. |
| Director | Michael Martell |
Mike is an Executive Director in the North Central Area Technology and Security Risk Services (TSRS) practice of Ernst & Young, LLP. Mike has over 16 years of audit experience including IT audit, internal audit and other related advisory services. Mike is based out of the Rochester New York office and leads the Upstate New York TSRS practice. Mike has extensive familiarity with key regulatory requirements and provisions of Section 404 of the Sarbanes-Oxley Act of 2002 and the Public Company Accounting Oversight Board (PCAOB). Mike has experience in the following areas and subjects - General Computer Controls reviews as part of numerous financial audits, SAS 70 reviews of third party processor’s internal controls, Data Analysis, 404 audit procedures, Internal Audit projects and operational reviews. Mike earned an Accounting degree from the University of Akron. Additionally, Mike is a Certified Public Accountant (CPA), Certified Information System Auditor (CISA) and Certified Bank Auditor (CBA.) |
| Director | Farah Sammour |
Farah received her Bachelor in Management Information Systems from McGill University, Montreal, Canada. . She possesses a strong IT background and has more than 7 years of IT Audit experience in Systems implementation reviews, applications security and internal controls and she is currently a Senior Auditor in the North Central Sub-Area Risk Advisory Services (RAS) practice at Ernst and Young. Farah’s experiences include IT audits ranging from general computer controls (e.g. logical security, physical security, system development / implementation, change management, computer operations) to focused technical reviews (e.g., Systems pre-implementation reviews, disaster recovery/business continuity planning, Information security Analysis). In addition, Farah has experience assisting large, complex clients with their SOX404 initiatives. Farah has experience with enterprise-wide platform JD Edwards; various operating system environments including UNIX, OS400, Mainframe, and Windows; and various database environments including Oracle/SQL. Farah is a Certified Information Systems Auditor (CISA). She is also a CISSP and CIA Candidate in 2009. |
| Director | Carolann G. Lazarus |
Carolann G. Lazarus, is an ITAuditor for University at Buffalo, Internal Audit. Lazarus has over 24 years of industry experience and holds her CISA certification. A chapter member for over 20 years, she has recently served as chapter Treasurer and sits on the Board of Directors. In the past, she has also served in President and Vice President roles. |
| Director | Paul Schneider  |
Paul Schneider is the IT Audit Manager with the Office of University Audit at the University of Rochester, New York. Paul has over 30 years business experience in Academics, Health Care, Industry and Government and specializes in information system process, controls and compliance audits. A graduate of Hamilton College, Paul has graduate degrees from Princeton University and the University of Rochester including an MBA from the Simon School of Business where he was Operations Supervisor of their data center. Paul holds the CISA, CISM, CGEIT, CIA and CCP certifications in addition to specific technical competency credentials. His vita includes service as a Senior Consultant with Ernst and Whinney, Project Director and Analyst at Xerox, and Executive Director of Operations for Preferred Care (an HMO). In the government arena, Paul served as Special Agent with the Naval Investigative Service (NIS). He was also a regional director of logistics for the Defense Investigative Service (DIS). Before rejoining the University of Rochester, Paul was the managing partner of a Rochester based firm that specialized in performing information system control evaluations. Paul holds state teaching licenses in New York and New Jersey. He also was appointed to the adjunct faculty of several local colleges as an Assistant Professor of Information Systems and a Lecturer in Mathematics and French. |
| Director |
Paul Lasly |
Paul T. Lasly is an experienced IT professional with over forty years in the IT Industry in Western New York. He currently holds the position of Internal IT Audit Manager at Wegmans Food Markets. Paul is responsible for supporting all Internal Audits via an integrated audit process. He has developed an Internal IT General Controls program that works with Wegmans Financial and Operational Audit Team. Paul is also involved in Wegmans PCI compliance process, HIPAA compliance and most recently is working on a team reviewing State Privacy concerns. Previously Paul has held positions as a Compliance Contractor, General Manager of a Network Integration organization, Director of Client Services for an outsource providing, Director and Vice President of IT in a retail department store and grocery retail/distribution company. He is a graduate of Bryant and Stratton and last year achieved his certification as a Certified Information Systems Auditor (CISA). |
| Director | Liam Downward | Liam Downward is a recognized expert in the security industry, having helped hundreds of organizations make significant improvements in their Security initiatives. Liam's experience includes the design, implementation, testing, and maintenance of Security Programs in most industries, and in particular those regulated by the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI), Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), State Security Breach Notification Requirements, and Securities and Exchange Commission Rule 17a-4 (SEC 17a-4). Liam has been awarded numerous Certifications and Awards in recognition for his outstanding capabilities in the IT Security realm. In his current role, Liam serves as the Chief Security Officer for Pervasive Solutions, a company he co-founded in 2005. Liam has developed a very successful and innovative security practice within Pervasive, and is frequently asked to speak at prestigious security-oriented engagements. |
