Aaron Kerr

Director of IT Risk Advisory

Aaron Kerr

Director of IT Risk Advisory

Overview

Aaron leads Clearview’s Advisory Services practice and is responsible for setting the strategic objectives of the practice, enabling high performing teams, and ensuring client satisfaction. Additionally, he provides subject matter expertise in creating innovative IT audit, data analytics, cybersecurity, and compliance solutions for his clients. Aaron is a nationally recognized speaker by the Institute of Internal Auditors (IIA) and was recognized as a Top 50 Information Security Professional by OnConferences. Prior to joining Clearview, he led the IT and Regulated audit teams for Constellation Energy and Exelon.

Aaron has served clients ranging from local to not-for-profit organizations to the Fortune 500 across all industry verticals, with specialized experience in the energy/utilities, financial services, healthcare, hospitality, and professional services industries. He has technical expertise in IT audit, IT risk management, cybersecurity, advanced analytics (e.g., R, ACL, Workiva WData), regulatory compliance (e.g., FFIEC, HIPAA, SOX, CIS Top 20, CMMC, ISO, NIST), process improvement, SOC 1 & 2 readiness and assurance engagements, and special projects.

On the personal side, Aaron is a wine enthusiast and enjoys hosting wine tastings and educational sessions for friends, families and neighbors and he passed the WSET Level 2 with distinction in 2019. Aaron enjoys giving private wine tastings and opening people’s minds to new wine experiences. Aaron often bases his travel plans on wine when possible, including trips to Bordeaux, Tuscany, Napa, Sonoma, Washington State, the New York Finger Lakes and of course Virginia. He recently visited wine regions in Alsace, France, Mosel, Germany and the Hunter Valley in Australia.

Education

Aaron attended Penn State University where he graduated with a Bachelor of Science in Information Sciences and Technology. He is also a Certified Information Systems Auditor (CISA) and a Certified Information Systems Security Professional (CISSP).

Aaron's Latest Insights

October 09th 2018

Third-Party Vulnerability Assessments: Why They Are Still So Important

IT Risk Advisory & Security

In-house vulnerability management programs can pose a serious security risk. Studies show that 70% of breaches are detected by a third-party. That’s why third party vulnerability assessments are always a good idea. Read more in today’s post.

Read More
Aaron Kerr, Director of IT Risk Advisory