Paul Johnson

Risk Advisory Senior Manager

Paul Johnson works with clients to assess, improve, and test the security of their information systems.  He also helps clients determine their compliance with the Payment Card Industry Data Security Standard (PCI DSS) and health care security compliance including HIPAA and HITECH.

Prior to joining Wipfli, Paul led the Vulnerability Assessment and Project Office teams at NetSPI, a regional Information Security Consulting firm.  He also served as the Information Security Director at HealthEast Care System, the largest health care provider in the Twin Cities’ East Metro area.

Professional Organizations and Activities
Paul is a member of the American Institute of Certified Public Accountants (AICPA).  He is also a member of the Information Systems Security Association (ISSA) and the Minnesota Chapter (MN-ISSA), as well as the International Information Systems Security Certification Consortium, Inc.

Recent Insights
Paul Johnson

Paul Johnson

Risk Advisory Senior Manager
St. Paul
8665 Hudson Blvd. North
Suite 200
St. Paul, MN  55042
Tel: (651) 766-2895
Areas of Expertise
  • Information security consulting
  • Risk assessments
  • IT audits
  • PCI data security compliance
  • Health care security compliance
  • Perimeter vulnerability assessments
  • SOC engagements
  • Network and application penetration testing
  • Internal network vulnerability assessments
  • Policy compliance assessments using social engineering techniques

  • Certified CSF Practitioner (CCSFP)
  • Certified Information Systems Security Professional (CISSP) designation
  • Certified Public Accountant (inactive license)
  • University of Wisconsin-River Falls; bachelor of science degree in computer information systems and accounting