Background – Sara has worked with clients in various industries including quick service restaurant (QSR), entertainment, retail, technology, and insurance. She has extensive experience designing and performing various privacy and security related assessments and remediation activities, including for CCPA, CPRA, GDPR, POPIA, PDPA, NIST CSF & PF, and ISO 270001. Sara has wide-ranging expertise with the development of data subject request response programs and data mapping efforts. Prior to working in Data Privacy, Sara worked in internal IT audit. She assisted in SOX IT testing for both financial and ITGC controls for technology clients. She also assisted in operational sales audit and Enterprise Risk Management projects. Previously, Sara worked for PricewaterhouseCoopers (PwC)’s Core Assurance team in the technology market, performing external audits for SEC filings, including IPO and carve-out filings.
Experience – Sara has broad experience in managing projects, creating solutions, leading assessments, and delivering training on a range of privacy domains and regulations. As part of leading client remediation efforts, she has designed and implemented data subject rights response programs, including providing guidelines and training, technology enhancement, and process enhancements for requests received from data subjects in different jurisdictions, including those made under POPIA, PDPA, CCPA and GDPR. Sara has also developed subject matter expertise in data mapping (including meeting GDPR Article 30 requirements for a Record of Processing Activities, Data Protection Impact Assessments (DPIAs), and Privacy Impact Assessments (PIAs). Sara’s skills also include third-party risk management methodology development for onboarding, monitoring, and offboarding third parties. She has also overseen the management of complex third-party risk engagements to ensure timely completion of third-party assessments, and that appropriate reporting and remediation action items were communicated to client senior management.
Certifications and Education – Sara is a Certified Information System Security Professional (CISSP) and a Certified Information System Auditor (CISA). She holds a master’s in accounting from Binghamton University.
OneTrust Certifications – Sara is a OneTrust Certified Privacy Management Professional (OTCP), Targeted Data Discovery and Governance Risk and Compliance Expert, and Administrator.