"Government IT Regulations & Requirements Expert"
Jack develops and teaches formal course instructions for internal control related areas, as well as assists in the development of policies and procedures.
He specializes in providing related services such as general and application controls reviews (COSO, CoBIT, and FISCAM), SOX, SAS 70, SAS 99, SAS 103-112, FAM, OMB A-50, 123, 127, 130, FISMA, C&A, IPIA, and Vulnerability Assessments.
He co-authored a book on “Identity Management”, which was published by the ISACA organization. Jack also partook in the updated version of FISCAM as a collaborative effort with the GAO.
Jack Heyman CPA, CISA, CIPP, CAP, CGFM
Government Audit Leader / FISMA Expert / Trainer & Facilitator
Jack brings nearly 20 years of experience working with a multitude of Federal Government agencies and non-government organizations including Fortune 500 companies, state governments, and credit unions. He offers in-depth knowledge of physical and logical Information Technology (IT) controls, including financial audit controls and procedures. He also provides IT internal controls and consulting services to Federal agencies as well as publicly traded companies, including hands-on formal course instruction as a NASBA-registered educator.
He has been supporting several agencies with regard to completing SA&A and Annual Continuous Monitoring Security Controls Assessments. Jack is also a subject matter expert in the Federal Information Security Management Act (FISMA) and applicable NIST special publications including SP 800-18, 800-34, 800-37, 800-53, 800-53A, 800-60, and more. He has extensive experience in various facets of FISMA compliance including documentation preparation, security controls assessments & vulnerability scanning, POA&M management, configuration change control & security change management, business continuity & disaster recovery, interconnection security agreements, and the system development life cycle.
Jack has also been the lead IT auditor for many financial statement audits (Fortune 500 companies as well as Federal agencies) conducted in accordance with an array of frameworks such as FISCAM, FAM, CoBIT, and COSO. He has worked closely with audit firms and their managing partners to ensure that the respective financial audits were conducted appropriately as it relates to the IT controls in support of the material line items in the financial statement.
After receiving both his undergraduate degree in Accounting and graduate certification in Accounting, Auditing & Taxation from Florida International University, Jack earned his Master's degree in Information Technology and Information Assurance from the University of Maryland. He holds his CPA, CISA, CIPP, CAP, and CGFM certification designations.
Although Jack is completely dedicated to his profession, he brings other personal attributes to the forefront. He is an avid traveler and reader, and he enjoys the study of several languages having traveled to nearly every country in Europe, several countries in the Middle-East, as well as nearly every state. He also participated on a volunteer mission to Kenya, where he and his son dedicated a month to putting smiles on the faces of African orphaned children who are unfortunately living with HIV. Jack and his son performed magic shows all throughout Kenya while living with the children in their homes. He has also studied Hebrew, Arabic, Aramaic, and French, and enjoys engaging with people from all over the world!