Larry Candler

Larry is an accomplished governance, risk and compliance professional with over 35 years of experience in information technology, communications strategy, information assurance, program management, business continuity, and training programs. He has focused on the strategic application of technology and associated controls to achieve business objectives.

Larry has been involved in several successful startup ventures including 4FrontSecurity, Network Equipment Technologies, and new lines of business at AT&T and IBM Eastern Europe. Larry has extensive experience in assessing and leading ISO/IEC 27001 Information Security Management System certification efforts. He has consulted with several IT and information security professional services firms and previously led the systems engineering functions for three telecommunications/network services firms. He has held responsibility for Policy and Compliance with a major professional services firm and served as Chairman of their Information Security Management Committee providing governance and oversight to the enterprise information security program. He served in this capacity through the firm’s IPO and assured the firm’s compliance with Sarbanes Oxley and HIPAA. He has advised clients across multiple industries and geographies on compliance with several legal and regulatory requirements including GLBA, FDCRA, FFIEC, GAPP, global privacy regulations, NERC, FERC, PCI and several others for both commercial and government accounts. Larry has provided subject matter expertise by commenting on proposed changes to NIST and ISO standards on several occasions. Larry holds the CRISC professional certification and is a Certified ISO 27001 Lead Auditor, Lead Auditor instructor, and implementation instructor. He has a Bachelor of Arts degree in Economics from the University of Michigan.