Brandon Sherman CISA
Las Vegas, NV Nashville, TN
ServicesCompliance - Advisory, Cybersecurity, HITRUST, Internal Audit, IT Audit, PCI, Process, Risk & Governance, Sarbanes-Oxley, SSAE 16/SOC Examination (Formerly SAS 70), Transaction Advisory Services,
IndustriesHealthcare, Hospitality & Leisure, Manufacturing & Distribution, Restaurants, Retail, Technology,
Brandon Sherman leads the firm’s Tennessee Process, Risk & Governance practice. Brandon provides risk assurance and consulting solutions to a variety of organizations, from entrepreneurial startups to large global public companies. He assists clients in managing their current and anticipated technology, business and regulatory compliance risks:
- Cybersecurity, Confidentiality & Data Privacy
- IT Assurance & Governance
- Service Organization Control (SOC) Reporting
- Merger & Acquisition Integration, Optimization, & Due Diligence
- Business Process Improvement
- Internal Audit Transformation, Cosourcing, and Outsourcing
- Public Company Requirements: SEC, PCAOB, & Sarbanes Oxley Act (SOX)
- Healthcare requirements: HITRUST, HIPAA, Meaningful Use, etc.
- Payment Card Industry (PCI) Requirements
- Gaming Jurisdictional Requirements
Prior to Frazier & Deeter, Brandon was a Senior Manager in Deloitte’s Enterprise Risk Services group, where he led risk consulting, internal control, and regulatory compliance assessments of business processes and information systems for clients in various industries spanning across technology, healthcare, payment processing, hospitality, casino gaming, retail and manufacturing. He developed industry and technical training programs for global use, sharing industry knowledge with Deloitte offices across North America, Europe, Asia, the Middle East, and Africa. Brandon served on the national Public Company Accounting Oversight Board (PCAOB) response project team, and was nominated by an industry regulator to serve on the feedback committee for the proposed guidelines for internal audit and CPA regulatory procedures. He also served on the national team developing revenue recognition methodology for new ecommerce revenue streams, including leading clients through an Initial Public Offering (IPO) and interaction with the SEC on related communications.
Prior to Deloitte, Brandon spent three years in IT systems development and analysis, where he collaborated with organizational leaders to create innovative online solutions.
Speaking Engagements at Events/Associations:
- Expert panel seminars: Cyber security best practices to prepare, contain and respond
- External webcasts: Business model and organizational considerations for brick-and-mortar companies pursuing ecommerce
- International regulatory bodies & governments: Economic impacts, best practices, and lessons learned in implementing business regulations across other jurisdictions
- Society of Certified Public Accountants (CPAs): Industry-related financial, operational, and compliance risk considerations
- Institute of Internal Auditors (IIA): Internal audit considerations related to impacts of recent legislative and technology developments
- Inside Social Gaming: Revenue recognition and internal control considerations for new ecommerce revenue streams
- Airlines for America: Managing the risks of customer loyalty programs
Professional and Civic Organizations
American Association of Healthcare Administrative Management (AAHAM)
American Institute of Certified Public Accountants (AICPA)
Health Information & Management Systems Society (HIMSS)
Health Information Trust Alliance (HITRUST)
Institute of Internal Auditors (IIA)
Information Systems Audit and Control Association (ISACA)
Information Systems Security Association (ISSA)
Information Systems Security Certification Consortium (ISC2)
Nashville Entrepreneur Center
Nashville Healthcare Council
Nashville Technology Council
Masters in Business Administration, The University of Mississippi.
Bachelor of Business Administration, Majors in Risk Management and Management Information Systems, The University of Mississippi.