Karen Johnston, CCSFP, CIA, CISA, CCSFP-CHQP

Principal

Karen Johnston has more than 20 years of experience in public accounting and private industry. She applies her experience in risk advisory services and assists her clients in protecting and tailoring their business environment to mitigate risk, identify trends, increase efficiencies, and gain a competitive advantage. Karen assists clients with assessing, testing, and improving the security and privacy of their information systems.

Certifications

Certified CSF Practitioner
Certified Internal Auditor
Certified Information Systems Auditor
Certified Common Security Framework Practitioner
Certified HITRUST Quality Professional
ISO 27001 and 27701 Lead Auditor

Professional Memberships and Activities

HITRUST Alliance Assessor Council
The Institute of Internal Auditors (IIA) – Member
Information Systems Audit and Control Association (ISACA) – Member

Recent Insights

Articles

Enhance your financial institution’s cybersecurity with HITRUST
Aug 24, 2023

Add HITRUST calculators to your HITRUST assessment toolkit
Nov 29, 2022

HITRUST scoring 101: How scoring works and how to self-score
Dec 09, 2020

SOC 2? HITRUST? Which of these 7 third-party assurance audits should you choose?
Nov 20, 2019

Areas of Focus

HITRUST Assessments
ISO 27001 and 27701
SOC 1 and SOC 2 examinations
HIPAA Risk Assessments
Internal control assessments
Internal audits
Information technology (IT) audits
IT governance

Education

Bloomsburg University

Bachelor of science degree in business administration

© 2022 Wipfli LLP. "Wipfli" refers to Wipfli LLP, a Wisconsin limited liability partnership, and its subsidiaries. Assurance, tax and consulting services are offered through Wipfli LLP. Investment banking and related services are offered through Wipfli Corporate Finance LLC. Wipfli LLP is a member of Allinial Global, an association of legally independent firms. ”Wipfli CPA” is the DBA name of Wipfli LLP in New York state, and refers to Wipfli LLP.

Partners, principals and associates