Adam Ross

Executive summary

Adam Ross is an Advisory Services Principal at Grant Thornton, the U.S. member firm of Grant Thornton Ltd., one of the world’s leading audit, tax, and advisory services firms. Ross has over twenty years of experience working with domestic and international organizations across a number of industries to increase awareness on risk, improve internal controls, and enhance the efficiency and effectiveness of their business and information technology (IT) environments, operations, and organization structure.

Ross specializes in providing several impactful services to his clients, including:

• Business and IT process and internal control assessment and design
• Sarbanes-Oxley (SOX) compliance program assessment, design, implementation, and operation (co-sourcing and outsourcing)
• Internal audit (including IT audit) function assessment, design, implementation, and operation (co-sourcing and outsourcing)
• Enterprise, IT and cyber risk assessment
• Enterprise risk management program assessment, design, and implementation
• Third party risk management program assessment, design, and implementation
• Cybersecurity risk management program assessment
• HIPAA compliance assessment
• Independent program and project assurance / program risk management
• Software evaluation and selection
• Lease accounting standard (ASC 842 and IFRS 16) implementation

Ross serves a number of firm roles including national co-sponsor of Grant Thornton’s Advisory Women program, and national leader of our internal control over financial reporting (ICFR) and Sarbanes-Oxley (SOX) compliance services. In addition, Ross is a member of the Board of Governors of the Intstitute of Internal Auditors – Philadelphia, PA Chapter.

Ross is a Certified Internal Auditor (CIA) and a Certified Information Systems Auditor (CISA). He received a Bachelor of Science degree in Business Administration from the University of Delaware.

In addition to his time at Grant Thornton, Ross spent ten years with Ernst & Young LLP and Arthur Andersen providing various advisory and audit services.

Professional qualifications and memberships

• Certified Internal Auditor (CIA)
• Certified Information Systems Auditor (CISA)
• Board of Governors, The Institute of Internal Auditors (IIA) – Philadelphia, PA Chapter
• Advisory Board, University of Delaware - Accounting and Management Information Systems (MIS)
• American Institute of CPAs (AICPA)
• AICPA Cybersecurity Examination Working Group
• Information Systems Audit & Control Association (ISACA)

Presentations and Publications

Adam regularly develops and delivers publications and presentations on relevant industry topics. Examples include: 

• Reporting on an Entity’s Cybersecurity Risk Management Program and Controls (AICPA Examination Guide, May 2017)
• Leveraging internal controls to differentiate and add value • Sarbanes-Oxley (SOX) compliance for Special Purpose Acquisition Companies (SPAC)
• Developing and enhancing an enterprise risk management (ERM) program
• Developing and enhancing a cybersecurity risk management program
• Improving business performance through effective risk management and internal controls
• Improving integrated risk management through a lines of defense model
• Interpreting business risk disclosures in financial statements
• Third party risk management
• Importance of mentorship and allyship

Education

• Bachelor of Science, Business Administration, University of Delaware