With more than 25 years of experience as a cybersecurity and cyber defense practitioner and trainer, Director of CMMC Tom Cupples leads Sensiba’s CMMC (Cybersecurity Maturity Model Certification) practice. In that capacity, Tom heads the firm’s Registered Practitioner Organization (RPO) services and its efforts to become a C3PAO (Certified Third-Party Assessment Organization), including mentoring new Certified CMMC Professionals and Assessors.

Before joining Sensiba, Tom’s experience includes serving as CMMC assessor and trainer for several companies, as well as a cybersecurity instructor at colleges and universities.

Tom’s professional credentials include a Certification in Risk and Information Systems Control (CRISC), as well as the Lead CMMC Certified Assessor, Professional, and Provisional Instructor designations, and several others.

Tom holds an EdD in Higher Education Leadership from Nova Southeastern University, an MS, Management in Technology from Washington University in St. Louis, a BS Computer Information Systems/Computer Science from Missouri Baptist University, and a BA, Communication Arts, from Union University.

Outside of work, Tom is an active Freemason and church volunteer who enjoys spending time with his family, outdoor activities, reading, and sports including the Kansas City Chiefs and the University of Arkansas Razorbacks.

With over 7 years of experience, GRC Director Chris Roe specializes in delivering comprehensive Governance, Risk, & Compliance services and guidance to clients. He works with organizations of all sizes and industries, providing recommendations around IT Security, SOC Audits, HIPAA Compliance, and Cybersecurity. Prior to joining Sensiba, Chris held positions at RSM and A-LIGN, where he served clients primarily within the technology sector.

Chris received his Bachelor of Science in Management Information Systems from Penn State University. He is a Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and an active member of the Information Systems Audit and Control Association (ISACA). In his free time, Chris enjoys surfing, lacrosse, fishing, and snowboarding.

Mi Zhao is a Certified ISO 42001 auditor with more than 11 years of experience supporting multinational financial institutions across Australia and Singapore, with a focus on operational, technology, data, and third-party risk management. Mi spearheads audit innovation initiatives leveraging generative AI to streamline processes and boost productivity while also establishing new frameworks such as ISO/IEC 42001 within the team.

A Chartered Accountant, Mi holds a Bachelor of Accounting degree from Singapore Management University.

Outside of work, Mi enjoys staying active with bouldering.

With nearly seven years of experience, Audit & Compliance Strategy Manager Roghan McMahon plays an integral role in assisting enterprise clients through the development of strategic plans for their compliance needs aligned with their unique requirements and long-term goals. Roghan also brings significant expertise in conducting early-stage audits and readiness assessments, and is a qualified Chartered Accountant (ACA) and a certified ISO/IEC 27001 Lead Auditor with the PECB.

He holds a Bachelor’s degree with honors in Computer Science and Business from Trinity College Dublin.

Outside of work, Roghan is an avid sports fan and enjoys reading and playing the piano.

With more than 12 years of experience, including in big-4, Patrick Hegarty leads Sensiba’s EMEA team and supports the certification and assurance needs of clients managing cybersecurity, privacy, and sustainability risk. Patrick brings a systems design approach to Sensiba and believes growth comes from strategic partnerships. His previous experience includes leading consulting firms in a variety of innovation and sustainability roles.

Patrick holds an MSc degree in finance from Queen’s University Belfast and a Bachelor of Business Studies with honors from the University of Limerick.

Outside of work, he is a mentor with the Unreasonable Group, a Social Impact Community dedicated to leveraging business to solving the seemingly intractable societal and environmental challenges of our time. An avid sailor, Patrick was a member of the Irish national team for six years.

Uliana Kaumova helps clients achieve their Governance, Risk, & Compliance and compliance goals through certifications including SOC 2, CSA STAR, GDPR, and others. She is always curious to learn more, which led her to change careers and win a competitive Security Training Scholarship made possible by Google, Bloomberg, and Meta in 2021.  

Uliana holds a Bachelor of Science degree, International Law and Legal Studies, from Ural State Law Academy, as well as a Cybersecurity certificate from the University of Sydney and various certificates from SANS University. 

When not striving to be the next leading woman in cybersecurity, you’ll find her creating images using AI technologies or designing beautiful cards, often while enjoying fun-filled moments with her children.

With more than 10 years of experience in Big 4 and FinTech environments, Georgiana leads our EMEA team. She supports clients in SOC 1, SOC 2, implementation of enterprise risk management frameworks, and other Governance, Risk, & Compliance needs.

A Chartered Accountant, Georgiana holds a Bachelor’s degree with honors in finance and banking from Alexandru Ioan Cuza University, a professional diploma in international business studies from Dublin Business School, and a professional diploma in advanced operational risk management in financial services from Institute of Banking (IOB).

Outside of work, you’ll find Georgiana in the outdoors or learning about the mind-body connection.

With more than seven years of experience, Senior Manager Colin Larson supports clients with insights and analytics in business operations, IT security, and risk compliance. Colin collaborates with clients on IT assurance best practices in accordance with frameworks like SOC 1, SOC 2 (type 1 and 2), SOX, ISO, NIST, GDPR, WebTrust and more. His technology expertise includes blockchain, digital assets, SaaS, Cloud, AI, and other solutions across a variety of industries, which he developed in his tenure with a Big 4 consulting firm before bringing his skills to Sensiba, where he continues to hone them.

His professional experience includes tenure at two Big 4 consulting and accounting firms.

Colin is a CPA in Washington and California, and a Wharton Certified Blockchain Expert. He holds a double Bachelor of Arts in Business Administration, with focuses in both Accounting and Finance, from the University of Washington’s.

Outside of work, Colin loves to golf, ski, fish, or just generally be outside while enjoying a cold beer and good eats with his partner and friends.

With nearly 6 years of audit experience, manager Mark Kozer leads a portfolio of clients across a wide range of standards such as SOC 1, SOC 2, ISO 27001, HIPAA, CSA Star, and more. Mark works with clients ranging from multinational corporations to smaller enterprises across various industries.

Mark is an ISO/IEC 27001 Lead Auditor, a chartered accountant, and holds a bachelor’s degree in business, with a major in insurance and risk management from the University of Limerick.

Outside of work, Mark is a keen traveler, enjoys a round of golf, and a mad Manchester United fan.

A certified ISO 27001:2022 Lead Auditor with 5 years experience, Michael Precious (“Mike”) supports clients in achieving their goals across ISO/IEC 27001:2022, SOC 2, and affiliated audit engagements. Having graduated with a Bachelor of Security Studies from Macquarie University, Mike previously worked at a Big 4 consulting and auditing firm in the information security space. Across his work with companies from early-stage startups to multi-national tech unicorns, and mentoring our Australian audit team, Mike places strong emphasis on tackling performance, portfolio management and client experience through innovation and enjoyment.

Outside of work you’ll find Mike enjoying a live gig, watching sport or admiring his gin collection.