Author Archives: Natasha Barnes

About Natasha Barnes

Natasha Barnes is an IT risk and compliance professional with a focus on IT audit readiness and remediation. She has led large scale remediation efforts for federal clients responding to IT findings from Financial Statement Audits. On these engagements, Natasha became well known for her diplomatic efforts in facilitating discussions with stakeholders across IT and Financial departments. She established an understanding of complex technical issues with these functional team members and helped them to collaboratively execute remediation plans. She has also been involved with establishing and facilitating continuous monitoring programs, which contributed to the closure and severity reduction of several IT findings. In addition, Natasha has experience with security risk analysis, disaster planning, and project management. She holds Certified Associate in Project Management (CAPM) and Certified Information Systems Auditor (CISA) credentials. Natasha has led teams in executing Office of Management and Budget (OMB) A-123 compliance assessments and she has contributed to a Statement on Standards for Attestation Engagements (SSAE-16) engagement. She also led a third party system audit readiness assessment based on National Institute of Standards and Technology (NIST) 800-53 in anticipation of upcoming audit scrutiny. Natasha has developed and instructed trainings for her clients and colleagues on subjects related to Financial Statement Audit IT protocol, Federal Information Security Management Act (FISMA), Federal Information System Controls Audit Manual (FISCAM), NIST, and OMB A-123.

Natasha Barnes

Financial Statement Audits – IT Lessons Learned | Part III: Access, Passwords, Configuration, and Change Management

IT lessons

In today’s world, it is imperative that confidential information does not end up in the wrong hands. Only authorized users should be able to view and change information. Strong passwords are an essential component of effectively restricting access to deter compromise attempts from internal and external actors. Considering the confidential nature of financial data and […]

Read more ...

WannaCry Ransomware – What You Need to Do to Reduce the Risk and the Impact

ransomware attack

Last Friday May 12, 2017, approximately 200,000 systems located in 150 countries were impacted by WannaCry Ransomware attacks. WannaCry Ransomware is being regarded as the most damaging ransomware attack to date. This is due to the short amount of time in which a large quantity of systems were impacted over a wide spread of geographical locations. […]

Read more ...

How Can Cybersecurity SOC Reports Be Useful to Your Organization?

cybersecurity soc

Cybersecurity can be an organization’s catalyst to success and its Achilles’ heel. Due to the vital role cybersecurity plays within virtually all organizations, it’s also becoming the price of admission to initiate business relationships. Considering cybersecurity is a global challenge, it’s becoming more important than ever for organizations to communicate the quality of these programs […]

Read more ...

Insider Threat Realized: Morgan Stanley to pay $1M in SEC Settlement

Morgan Stanley will pay a $1M settlement to the Securities and Exchange Commission (SEC) for failing to protect its customers’ personally identifiable information (PII) from unauthorized disclosure. From 2011 – 2014, a former Morgan Stanley employee, Galen Marsh transferred Morgan Stanley client account data to his personal laptop via his personal website. The information was […]

Read more ...

View Archives

Blog Authors

Latest Webinar Videos