Andrew Pinnero, CISA, a director in Veris’ Red Bank, NJ office, provides IT assurance and consultative services to a variety of clients including companies in the financial services, pharmaceutical, and manufacturing industries. He focuses on assisting clients with evaluating IT general and application controls as part of their internal audit and Sarbanes-Oxley Act compliance program, performs network security reviews and vulnerability assessments and also assists external audit teams with IT controls testing.

Andrew has several years of experience in procedural and object-oriented program¬ming, network security assessments, enterprise resource programming, and information system auditing/consulting.

Andrew was a member of the COSO task force responsible for drafting the recently released Information Technology Control framework, which was part of COSO’s “Guidance for Small Public Companies Reporting on Internal Controls over Financial Reporting.”

Before joining Veris, Andrew was a manager at KPMG in its Information Risk Management practice and managed two of the largest IT-centric global engagements in the northeast practice group. Prior to KPMG, he was a senior in Ernst & Young’s Risk Assurance Services practice.

Andrew holds a B.S. in financial accounting from Rutgers University and continued his professional education at Chubb Institute of Computer Technology. He is a Certified Information Systems Auditor (CISA) and a member of the Institute of Internal Auditors.