Michael Sobczyk
IT Risk & Compliance
Michael Sobczyk
IT Risk & Compliance

Michael enjoys helping clients meet compliance requirements as painlessly as possible. He excels at evaluating IT-related risks, developing and implementing new internal control frameworks, evaluating and streamlining existing control frameworks and drafting information technology policies.

As part of both the firm’s audit and advisory practices, Michael works on client engagements that involve IT risks and internal controls, such as SOC reporting, SOX assistance, and HIPAA and FFIEC compliance. He offers multiple solution options for his clients instead of a one-size-fits-all approach.

Michael’s experience spans a multitude of industries with a notable focus in Software as a Service (SaaS), Colocation facilities and banking or healthcare service providers. Some of his clients include American Campus Communities, RetailMeNot, Silicon Labs, SolarWinds and SailPoint.

Michael started his accounting career more than 15 years ago and has previously worked at Deloitte’s San Jose, California office as well as their Austin office. He earned his bachelor’s degree in management information systems from California Polytechnic State University-San Luis Obispo. As a member of ISACA, Michael is a Certified Information Systems Auditor (CISA), and is Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC). Additionally, Michael holds the Advanced SOC for Service Organizations certification from AICPA which he received in 2018. He is also a member of Financial Executives International and a frequent speaker on the topics of cybersecurity, governance and IT General Controls best practices.

Although Michael hails from California, he has fully embraced Texas since moving here in 2005. One of his favorite ways to spend a weekend in Austin is out on Lake Travis with his wife.

Advanced SOC for Service Organizations







The Shift to SSAE 18: Five Ways Your Company May Be Affected

8 Practical Tips to Avoid Being the Victim of a Business Email Compromise Scam

Q&A With Michael

Your clients might say that you…
Can bridge the gap between management, internal audit and information technology personnel.

What is something many people don’t know about you?
I am first generation Polish, fluent in Polish and can cook Polish food.

What is something you are known for?
Cooking tri-tip.

When you retire…
I hope to live on a boat (at least part of the time).

Our team provides the technical experience and industry depth that your team can trust.