Headshot of Angela Appleby

I held the triple jump record for a period of time at the University of Notre Dame. Interestingly enough, I broke that record after taking a few months off from training while completing a semester abroad in London.
Angela Appleby
Partner, CPA, CITP, CIA, CISA, CISSP, QSA, ISO 27001 Lead Auditor

Experience

As a cybersecurity leader within the Rocky Mountain region, I advise clients on cybersecurity compliance initiatives to help them manage risk. This includes facilitating risk assessments, providing internal control and best practice recommendations, and performing independent third-party assessments. With more than 20 years of experience, I’ve served clients with service organization control (SOC) examinations; payment card industry (PCI) assessments; Sarbanes-Oxley (SOX) 404 internal and external IT audits; IT security assessments; ISO 27001 gap assessments and certification; privacy assessments; Microsoft Data Protection Requirements (DPR) assessments; and security audits. I’ve worked in almost every industry including oil and gas, financial services, technology companies, and hospitality. I’m currently the industry technical leader for the SOC practice, where I oversee the quality control process over the reports issued throughout each year.

My clients appreciate that I keep their best interests in mind. For example, I advise them not to jump into new controls and compliance initiatives until they’re ready to fully implement and comply with them.  I also brainstorm with them on what makes the most sense for their organization based on their industry risks, corporate culture, and risk tolerance.

My greatest source of pride with our firm was establishing and growing our practice in the Rocky Mountain region. When identifying and understanding business opportunities, I’m genuine in all my interactions, and I consult with my clients to ensure moving forward is in their best interest. Even in an area that may not be my expertise, my clients reach out to me because they know I can direct them to someone who will know the answer.

I’ve been very involved with the AICPA for many years and am often asked to assist in AICPA-related initiatives. Most recently, I was appointed to the AICPA’s Assurance Services Executive Committee (ASEC), a senior executive committee whose mission is to serve the public interest by continuously anticipating, assessing, and addressing evolving market needs and demand for assurance and advisory solutions.  I’ve also assisted with both the CITP exam as well as the SOC certificate program, supported the Privacy Task Force, was on the AICPA SOC 2 Working Group, chaired the Information Technology Management Assurance Executive Committee, co-chaired the Third-Party Risk Management Conference, and served on the ENGAGE Conference Planning Committee.

In addition to working with the AICPA, I belong to ISACA, the International Association of Privacy Professionals, the International Information System Security Certification Consortium, the Denver chapter of the Information Systems Security Association, the Association for Corporate Growth, and the Colorado Technology Association. I received my B.B.A. in accounting and computer applications from the University of Notre Dame.

I spend time outside of work with my husband and two boys. We enjoy camping, hiking, skiing (I snowboard), venturing into the mountains, and traveling the world on vacations. I also enjoy tennis, working out, reading, and anything wellness related.