Paula Chamoun

Paula is a results-oriented IT executive with an impressive track record of corporate and consulting experience in the Americas and Middle East. She has over 20 years of proven experience in assessing information technology vulnerabilities, reporting on compliance and instituting sound internal controls. Paula helps AAFCPAs’ clients to fully understand their technology risks by assessing control design, effectiveness and benchmarking to IT control frameworks such as 2013 COSO, COBIT, VAL-IT, and ISO 27000-series. This enables clients to manage risk and implement effective enterprise governance of information technology.

Paula’s expertise is highly sought after in IT auditing, special attestation reporting (SSAE 18, SOC 2, and SOC 3), IT risk assessments, IT security and penetration testing, IT strategy, IT risk management solutions, and business process improvement. Paula also advises clients on merchant compliance with the Payment Card Industry Data Security Standard (PCI), as well as Health Insurance Portability and Accountability (HIPAA) privacy and security rules.

Paula holds several globally recognized certifications for IT assurance and security, including: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), and Certified Information Security Manager (CISM). Paula is a highly sought-after trainer and lecturer at ISACA, ISSA and CISM conferences on diverse topics, such as: IT risks management, security assessments, business process improvement and controls development.