Wipfli logo

Partners, principals and associates

Johnson_Dennis Minneapolis

150 S 5th Street
Minneapolis, MN 55402



Email: djohnson@wipfli.com

Dennis M. Johnson, CISSP

Master Consultant

Dennis Johnson is a master consultant in Wipfli’s Technology Consulting-CyberTech-Advisory Services practice. He has been a valued contributor and advisor in helping to ensure GLBA regulatory compliance for numerous financial institutions since 2002. Dennis also assists clients in the areas of HIPAA, HITECH Act, SOX, and PCI DSS. For cybersecurity, he has developed and delivered assessment services for many regulatory and statutory requirement frameworks.

With Dennis’s use of methodologies grounded in the National Institute of Standards and Technology (NIST) and International Organization for Standardization (ISO) standards, along with detailed attention to specific guidance from regulatory bodies such as the Federal Financial Institutions Examination Council (FFIEC) and Health Information Trust Alliance (HITRUST), clients are assured of a comprehensive information security framework rubric for issues that are identified and solid steps for moving forward with confidence related to regulatory compliance and the security of their critical systems and information.


  • Certified Information Systems Security Professional (CISSP)
  • Cisco Certified Internetwork Expert (inactive)

Professional Memberships and Activities

  • International Information System Security Certification Consortium [(ISC)2] - Member
  • InfraGard - Member

Areas of Focus

  • Information security risk assessment, vulnerability assessment and audit
  • Information security program governance and policy development
  • Cybersecurity assessments (NIST, FFIEC and other regulatory/statutory frameworks)
  • Critical Security Controls for Effective Cyber Defense (V5.1)
  • Center for Internet Security (CIS) Controls® Version 7.1 internal corporate use assessment and audit
  • Regulatory compliance (GLBA, FFIEC, SOX, HIPAA, HITRUST, PCI DSS and 23 NYCRR Part 500 Cybersecurity)
  • NIST 800-30 and 800-53
  • Network engineering and security architecture, design, testing, planning, implementation and support
  • Technologies (routers and switches, firewalls/IPSs and VPNs and LAN and WAN protocols)
  • Customer services