Back To Top
IT Audits

Grow Confidently

Whether you are being driven by regulatory requirements, or are just concerned about proper governance over your internal controls, we can design a level of service to fit the needs of your institution.

YHB’s Risk Advisory Services Team includes Certified Information Technology Professionals (CITPs) and Certified Information Systems Auditors (CISAs), as well as CPAs. Also, all team members are focused on auditing, testing and consulting on internal controls and information technology systems for clients, which range from startups, family businesses and healthcare organizations to franchisors, community banks and large public companies.

As a result, YHB offers a depth of expertise and understanding that enables us to provide an exceptionally high level of service scalable to your particular needs. This translates into the peace of mind of knowing that your systems and controls are fully documented and in tip-top shape.

Information Technology Services:

  • IT Audits (SysTrust & COBIT)
  • Business IT Evaluations
  • Sarbanes Oxley (404) Testing
  • Vulnerability Assessments
  • Social Engineering

Compliance Services:

  • ACH Compliance Audits
  • Investment Adviser Custody Examinations
  • GLBA Examinations
  • HIPPA Compliance Examinations
  • Service Organization Control (SOC)

Other Services:

  • Security Assessments
  • Business Continuity Consulting
  • Computer Forensics
  • IT Governance Consulting

Let's Talk

Contact us when it’s time to move forward.

Bryan Newlin
X
Bryan Newlin
CPA.CITP, CISA
Connect:
Industries
About Bryan

Bryan began his career with Yount, Hyde & Barbour in 2005, and has been a key leader in YHB’s respected Risk Advisory Services practice since 2007. In his role as IT Audit Principal, Bryan is responsible for IT audit program design, engagement quality, IT audit staff training and development, and the firm’s Vulnerability and Penetration testing practice.

He has authored articles for The Community Banker, Virginia Business, and is a regular contributor to YHB’s deTECH newsletter. He has been a featured speaker at banking industry conferences in Virginia. Bryan became a Certified Information Systems Auditor and Certified Public Accountant in 2008, and Certified Information Technology Professional in 2011.

Stephen M. Weber
X
Stephen M. Weber
MBA, CISA
Connect:
Industries
About Stephen

Stephen joined YHB in 2018 with extensive experience in IT Audit and Advisory Services.  His background includes internal and external IT Audit services for state and federal agencies and  Fortune 500 companies in retail, manufacturing and financial lending. Most recently, he was an instructor at Virginia Commonwealth University focusing on technology-related courses in the Accounting Department’s graduate and undergraduate programs.

 

Expertise

His expertise spans financial statement audits, SOX, project management, legal and compliance and data analytics.  Stephen earned his Masters of Business Administration from the University of Richmond and Bachelors in Business Information Technology from Virginia Tech.  He is actively involved in ISACA.

Stephen also completed ISACA®’s Cybersecurity Audit Certificate Program.

cybersecurityaudit-logo

ISACA’s Cybersecurity Audit Certificate Program provides security professionals with an understanding of the audit process, and IT risk professionals with an understanding of cyber-related risk and mitigating controls.

R. Curtis Thompson
X
R. Curtis Thompson
CPA.CITP, CISA
Connect:
Industries
About Curtis

Curtis joined YHB in 1995, with a B.S. degree in accounting from Shepherd University. He is a member of the American Institute of Certified Public Accountants, the Virginia Society of Certified Public Accountants and the ISACA (Information Systems Audit and Control Association.)

Experience

Curtis developed his business acumen through owning a retail store and serving as the general manager of a regional oil company. At YHB, his work in the tax department and consulting with small businesses continued to develop this experience.  Throughout his time at YHB he has provided IT audit and consulting to clients, even while holding the position of the firm’s IT director for several years. Now, as head of the YHB Risk Advisory Services Team, Curtis focuses on assisting organizations in a variety of industries with SOC Audits, internal audits, and IT-related audit and consulting services. He frequently speaks and gives presentations on Cybersecurity, internal controls, and IT issues.

Expertise

As a Certified Information Technology Professional (CITP) and a Certified Information Systems Auditor (CISA), Curtis brings highly specialized training and knowledge to bear on client needs. This expertise, as well as his real world business and technical experience, has given him a broad understanding of both IT and operational processes, which makes him especially effective at analyzing and evaluating the controls over these processes. Also, because he’s worked on the management as well as the technical side of IT, Curtis excels in explaining to management the business risks associated with various IT issues.

Approach

Curtis’ mantra is: “We do our best work when we’re having fun.” This attitude enables him to bring a fresh perspective to even the most challenging situations and find solutions that strengthen controls. He starts by first evaluating a system’s risks. Then figuring out how the company has mitigated them. But he doesn’t just look back and point out what’s “wrong” with a system. Instead, he strives to add value by helping clients look forward and proactively control the risks.

Other Interests

In his free time, Curtis enjoys antiquing, woodworking, and restoring his old VW Bug. Curtis is also an avid motorcycle enthusiast who rides a Harley Davidson Ultra Classic.

Brad Brosig
X
About Brad

A Western Pennsylvania native, Brad graduated from Indiana University of Pennsylvania in 2014 with Bachelor’s Degrees in Accounting and Management Information Systems. He joined YHB that same year and has since split his time between both the Bank team and the Risk Advisory Services team completing external and internal financial audits, SOX consulting services, and IT related audit and consulting services. Brad became a Certified Information Systems Auditor in early 2019.