Aaron Kerr

Director of IT Risk Advisory

Aaron Kerr

Director of IT Risk Advisory

Overview

Aaron is the Director of IT Risk Advisory Services at Clearview Group. Aaron serves clients ranging from local not-for-profit organizations to the Fortune 50 across all industry verticals, with specialized experience in the energy/utilities, financial services, healthcare, hospitality and professional services. He is a Certified Information Systems Auditor (CISA), a Certified Information Systems Security Professional (CISSP) and a nationally recognized speaker by the Institute of Internal Auditors (IIA) on IT audit and security related topics.

He has expertise in IT audit, IT risk management, regulatory compliance, process improvement, ISO readiness and compliance, IT security reviews, and special projects. He also co-developed Clearview’s proprietary Security Assessment methodology which integrates modern IT audit techniques with market leading security products and services. Prior to joining Clearview, Aaron managed the IT and regulated audit teams for Constellation Energy and Exelon.

Aaron is a board member for the Baltimore Chapter of the Institute of Internal Auditors, and a member of the Information Systems Audit and Control Association and the International Information Systems Security Certification Consortium. He is an active volunteer with the Maryland SPCA and the Ronald McDonald House.

Education

Aaron attended Penn State University where he graduated with a Bachelor of Science in Information Sciences and Technology.

Aaron's Latest Insights

October 09th 2018

Third-Party Vulnerability Assessments: Why They Are Still So Important

IT Risk Advisory & Security

In-house vulnerability management programs can pose a serious security risk. Studies show that 70% of breaches are detected by a third-party. That’s why third party vulnerability assessments are always a good idea. Read more in today’s post.

Read More
Aaron Kerr, Director of IT Risk Advisory
September 06th 2018

Five Crucial Elements to Manage Third-Party Risk

IT Risk Advisory & Security

Implementation of a third-party risk management program is critical to¬†ensure your entire technology ecosystem is adequately protected. Here’s how to get started.

Read More
Aaron Kerr, Director of IT Risk Advisory
July 26th 2018

Why CIS Top 20 List of Security Controls Gets It Right, And You Should Follow It

IT Risk Advisory & Security

If you want to know where your organization should start in terms of protecting itself from cyber threats, look no further than the Center for Internet Security (CIS) Top 20 Controls (CT20). Here’s our take on why it’s the best resource available.

Read More
Aaron Kerr, Director of IT Risk Advisory