Alexis K. Kennedy, CPA, CISSP, CISA, CCSFP, has more than 13 years of experience evaluating IT security in a broad range of environments. She has consulted with a wide range of clients, both large and small on security compliance and has performed and led over 150 audits across multiple industries and technology platforms. Her current focus includes SOC examinations, security risk assessments, regulatory compliance (including HIPAA Security, GLBA, privacy regulations), security governance utilizing industry leading frameworks (including COSO, COBIT, NIST-CSF, CIS 20 CSC, ISO 27001, HITRUST CSF), HITRUST Certifications, ISO 27001 Certifications, IT Audits, and other security compliance consulting services.
She has extensive experience in the executing and reporting on SOC 1 and SOC 2 engagements, leading teams that identify control objective areas, testing over control design and operation, and report writing. Alexis also has a deep understanding in testing entity level controls, general computer controls and application controls within financial transaction processing systems, health care billing organizations, document scanning repositories, loan origination systems and health care technology systems. Additional industry experience includes health care, professional and business services, technology services, and financial services.
Alexis is a member of the AICPA and Information System Audit and Control Association (ISACA) North Texas chapter. She is a CPA in the state of Texas and Michigan, a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), a Certified ISO 27001 Lead Auditor and Certified HITRUST CSF Practitioner (CCSFP). Alexis earned a Master of Science in accounting and information systems and a Bachelor of Arts in accounting from Michigan State University.