All Posts By


Caroline S. Alleslev-Cserhati

Senior Director, Risk Assurance Services. PwC

Caroline Alleslev-Cserhati leads PwC Canada’s National Information Technology IA & Risk Assurance Services practice. She has over twenty years of experience where she has helped businesses reduce risk, increase productivity and create opportunities for growth. Caroline works collaboratively with clients to provide value-added IT internal audits, IT risk projects and privacy risk assurance assessments.  Her clients top issues, that she assists with, include:

  • Assessing cybersecurity risk landscape and providing recommendations to improve the client’s cyber resiliency. This includes the impact of emerging technologies (e.g. RPA, IoT, AI, Machine Learning, Blockchain).
  • Providing assurance oversight over large transformational programs (multi-million, multi-year, multi-vendor programs) with a focus on security, privacy and data governance.
  • Conducting IT and Security based audits/reviews to verify compliance with recognized industry frameworks, internal and government regulations.  (OSFI, NIST, ISF, PHIPA etc.)
  • Providing guidance to privacy programs and ensuring that an organization’s technical infrastructure & data management programs align (e.g. GDPR, Caribbean Privacy programs, Varying US State & Federal Privacy laws, PHIPA, PIPEDA, and CASL etc.)
  • Providing board reporting guidance and support
  • Providing CIO’s a better view of their IT Risk landscape and providing not only a gap analysis but real productive remediation recommendations.
  • Reviewing third party agreements.

Eric Au

MAcc, BMath, CPA, CA, CBV, CIA
Senior Manager, Grant Thornton LLP

Eric leads Grant Thornton’s data analytics and business intelligence initiative, which is the analysis of large volumes of information to support business decisions and to identify potential issues. His work involves providing insight through data in a variety of applications including strategic advisory, risk/fraud identification, compliance, and assurance.
Eric is currently leading projects to integrate industry-leading data analysis techniques into national methodology for Grant Thornton’s assurance practice. He applies his years of experience analyzing data to help various organizations with their respective business issues.

Eric holds a bachelor’s degree in mathematics and a master’s degree in accounting as well as a number of well-respected professional designations related to various areas of business advisory. He is also a member of the CPA Canada Audit Data Analytics Committee, which provides thought leadership in the area of audit analytics and assesses the impact of data analytics on the audit profession.

Mark Samson

CPA (Philippines), CISA
Senior Manager Hydro One

With over 20 years of international experience, Mark Samson is one of Toronto’s top IT Auditors, working on highly complex, technically advanced IT audits at Hydro One. He previously worked at Ernst & Young in multiple countries working on not only financial and IT audits, where he was also in high demand for sophisticated consulting engagements which helped leading clients detect and improve deficiencies in their IT environments. Through his years in the audit industry, he developed an enviable reputation as a strong people manager, mentoring many new auditors to operate at a high level of performance through the Y2K and Sarbanes-Oxley control boom. His teams have delivered industry-best quality results through diligent application of audit theory, and innovative application of the newest technologies to support more efficient audit delivery.

Matt Lemay

B.A.Sc. Electrical Engineering

With a strong background in management and engineering, Matt is a senior developer and project manager that has worked for multiple startups. Matt is presently CEO of, a firm specializing in the rapid deployment of machine learning and artificial intelligence solutions for clients in industries such as real estate, finance, stock trading, cryptocurrency, medical devices, food safety, human resources, marketing, government, and defense. provides solution architectures, technical reviews, datasets, software integration, development plans, deployment strategies, and ongoing technology audits.

Ram Balakrishnan

Managing Director, Protiviti

Ram Balakrishnan leads the Internal Audit & Financial Advisory practice in Canada. Ram has more than 20 years of experience helping global clients maximize the value of governance processes and evaluate and understand the risks associated with their use of technology. Ram has extensive experience in all facets of the audit lifecycle and has managed a variety of projects for clients in multiple industries. Ram has both Consulting and Industry experience including, positions with Workplace Safety & Insurance Board (WSIB) as the Chief Audit Executive, and as the global Technology Operations Audit leader at BlackBerry where he helped set-up the Risk Performance & Audit team.

Joshua Tang

Manager, Operational Risk Division, Office of the Superintendent of Financial Institutions Canada

Joshua Tang is a seasoned operational risk professional with over 18 years of experience in operational risk and management consulting in the financial services and telecommunication industries, with 9 years at OSFI as an Operational Risk subject matter expert. Joshua has extensive Industry knowledge of application development, information security, business continuity, and operational risk assessment practices. He currently provides support to the deposit-taking supervision sector at OSFI by monitoring and supervising operational risks including business continuity management, information technology and cyber security at the Systemically Important Banks in Canada. Joshua is a Certified Information Systems Auditor (CISA) and a Certified Information Systems Security Professional (CISSP).

Robert Parker

Advisory Consultant – Risk Masters International Inc LLC
Retired, Risk Masters International Inc. LLC – New York Based

He is a retired Deloitte partner where he had responsibility for the Firm’s Canadian privacy and business continuity practices and internal ERS risk management as well as providing technology audit support for a number of key financial, retail and manufacturing audit clients. He continues to provide security, privacy and risk management consulting services.

He is a past International President of the Information Systems Audit and Control Association and served on their International Board for 11 years. He continues to be active in the Association and the IT Governance Institute having served on many boards and committees, including, Research, Assurance, CobiT Steering, and Frameworks Committee. He was the principle architect of the Information Technology Assurance Framework

He was a founding member, and served for 10 years on the AICPA-CPA-Canada – joint US-Canada Privacy Task Force tresponsible for Generally Accepted Privacy Principlese a framework for assessing compliance with Canadian, US and other privacy legislation. He had rspecific esponsibility for developing the Privacy Maturity Model. He is a past chair of the CPA-Canada’s Privacy Advisory Group.

Past member of CPA’s Information Technology Advisory Committee and is a member of the Board of the University of Waterloo Centre for Information Integrity and Systems Assurance. Where he presents an annual update on the impact of technology, financial, legislative, political and other issues affecting business.

David Florio

Partner, Grant Thornton LLP

David is a Partner with the Grant Thornton Advisory Services practice and leads a team that helps clients understand the risks their businesses face, and what measures should be put in place to manage these risks to an acceptable level. David has over 27 years of experience in public accounting and professional services. He has significant experience in leading risk management, Internal Audit, and assurance engagements across multiple industries, gaining valuable experience in many areas, including IT process and controls reviews, risk assessments, and Cybersecurity. David has authored whitepapers and articles, and has been a presenter at a number of speaking engagements including previous sessions at CCITAGS, IIA, FEI Canada, along with other external and internal webinars and conferences on topic ranging from risk management, cybersecurity, and audit.