Mark Riley

Mark, CISA, CTPRP, CTPRA is a Manager on the IT Risk Advisory team in Schneider Downs' Consulting practice. He has more than eight years of experience providing Cybersecurity Governance, Risk and Compliance (GRC) assurance and advisory services to clients across all major industries.

Mark is a leader within the Third Party Risk Management (TPRM) practice at Schneider Downs and has performed, led and managed numerous on-site and off-site vendor risk assessments to support various lines-of-business for a Global Systemically Important Bank (G-SIB). Mark has experience working with all the components of the master Standardized Information Gathering (SIG) Questionnaire, Application Control Assessment (ACA) questionnaire and the Vendor Building Security In Maturity Model (vBSIMM) and other custom vendor risk management frameworks and toolsets.

In addition to performing and leading third party risk assessments, Mark also has experience consulting, risk advisory and auditing services to clients across various industries both nationally and internationally. Mark brings a depth of audit and IT knowledge to his clients, especially in the areas of SOC 1 and SOC 2 control design/testing/report development, Sarbanes-Oxley 404 control design and testing, IT vendor risk assessment program design and testing, IT/IS general control review and testing, organizational policy and development, data center walkthroughs and reviews and HIPAA compliance assessments.