David has a background in accounting, auditing, information technology and privacy. This diverse background allows David to develop creative solutions when solving problems to and bridge the gap that often exists between information technology, accounting and audit professionals.

He leads projects which focus on understanding, evaluating and mitigating IT risks and also assesses the effectiveness of application, IT-dependent and manual controls. David helps clients develop and implement: IT and application controls; effective processes; and compliance programs.

David has designed and lead a variety of different projects including the following examples: internal control assessments; privacy control assessment and implementation; E.U. – U.S. Safe Harbor certification initiatives; segregation of duties analysis; data analysis (e.g. payroll, disbursements, accounts receivable, user access, timekeeping etc.); Sarbanes-Oxley 404 compliance; Massachusetts data security law 201 CMR17.00 compliance; and development of policies and procedures.

Prior to forming the Company, David spent seven years with Ernst & Young, LLC supervising and performing: financial and information technology audits; data analysis projects; and other internal control projects. David is a Certified Public Accountant (CPA) and Certified Information Systems Auditor (CISA) and has a B.S. and M.S. in Accounting from Brigham Young University.

Colleen Wolf is a manager with Behunin & Associates and has been with the company since 2006. Her focus has included Information Technology (IT) assurance, internal audits, data analysis, data privacy, project management, and assisting companies with Sarbanes-Oxley 404 compliance. She provides IT internal audit and project management services to clients on an ongoing basis.

Colleen has helped clients develop and implement IT general and application controls. She is also responsible for developing audit programs, managing the performance of IT general controls and application controls testing; evaluating key risks and identifying mitigating control opportunities; and coordinating efforts with clients’ Internal Audit and Compliance departments. Colleen has also served as project manager for a Safe Harbor privacy compliance initiative. She specializes in data analysis procedures used to verify the effectiveness of business process controls, identify potentially fraudulent activities, and review data at the transactional level. In addition, Colleen serves a liaison between her clients and their external IT auditors.

Prior to her career with B&A, she worked for three years in IT assurance and audit with Ernst & Young’s Technology and Security Risk Services group and for one year in the Operational Risk Management department of the Corporate Internet Group at JPMorgan Chase. Colleen is also a Certified Information Systems Auditor (CISA) and has a B.S. in Management Science & Information Systems from Pennsylvania State University.