Chuck Graves Cisa, Cissp, Crisc

Chuck Graves has extensive experience in the field of information technology compliance and auditing.

Chuck most recently worked at ATN International as an Information Technology Compliance Manager since September 2019. Prior to that, they held the same role at Thyssenkrupp Elevator Corporation from April 2016 to September 2019.

Before joining Thyssenkrupp, Chuck was a Senior Information Technology Auditor at MARTA - Metropolitan Atlanta Rapid Transit Authority from July 2014 to April 2016. In this role, they were responsible for audit management and audit life cycle management, including risk assessments, work program development, board level and senior management audit reporting, and remediation management. Chuck successfully completed several notable projects, including critical infrastructure audits, ASV audits and PCI risk consulting engagements, and information security program consulting engagements.

Chuck also worked as a Senior Information Technology Auditor at Synovus Bank from July 2013 to July 2014. In this position, they were responsible for audit management and life cycle management, including risk assessments, work program development, board level and senior management audit reporting, and remediation management. Chuck achieved significant accomplishments in areas such as SOX engagements with external auditors, firewall and endpoint audit and remediation, and yearly audit program planning.

Before joining Synovus Bank, Chuck was a Senior Information Technology Auditor at Blue Cross Blue Shield of Alabama from January 2011 to September 2012. In this role, they were involved in audit management and life cycle management, including risk assessments, work program development, senior management audit reporting, remediation management, and compliance with data privacy HIPPA/HITECH requirements. Notably, they worked on the Center for Medicaid and Medicare Services information security CMS and CMSR audit and compliance requirements.

Overall, Chuck Graves has demonstrated expertise in information technology compliance and auditing, with a focus on risk assessments, work program development, audit reporting, and remediation management.

Chuck Graves, CISA, CISSP, CRISC, CDPSE, holds a Bachelor of Science degree in Business Administration from Northeastern State University. In addition to their degree, they have obtained several certifications throughout their career. Chuck became a Certified Information Systems Auditor® (CISA) in September 2004, a Certified Information Systems Security Professional (CISSP) in September 2004, a Certified in Risk and Information Systems Control™ (CRISC) in February 2016, and a Certified Data Privacy Solutions Engineer (CDPSE) in May 2020. These certifications were obtained from reputable institutions such as ISACA and (ISC)².