Michael W. Hammond, CISA, CRISC, CISSP, is Director, IT Audit Services for O’Connor & Drew P.C. (www.ocd.com), a full-service accountancy based in Braintree, MA. He has twenty years of extensive Information Technology expertise in various disciplines, including operations, control design, and testing. In addition to general IT control design and testing Michael’s work includes SOX and MA 201 testing, vulnerability assessment and penetration testing. He can be contacted at firstname.lastname@example.org.