Joseph Spoolstra, CISSP

Joseph Spoolstra is a Certified Information Systems Security Professional (CISSP) with over 15 years of experience serving the financial services industry. As Director of Testing Services, he supports clients and internal staff with data analytics and reporting solutions. These resources are utilized to efficiently and effectively perform audit, risk, and technical testing products.  In addition to performing technical testing, Joseph provides information technology services and consultation to the financial community. Joseph has been instrumental in building and enhancing Information Technology Programs as he is very knowledgeable of Regulatory Compliance, Budgeting, Project Management, Disaster Recovery, Policy Updates, and Systems Maintenance. He has a strong ability to design and complete a variety of testing and audit programs.  Joseph holds a Bachelors of Science in Information Systems from Grand Valley State University.


Chris Shields is a seasoned professional with a remarkable track record in providing expert guidance on IT auditing, risk management, and Model Validations. His career spans over 25 years, during which he has played a pivotal role in ensuring the operational and security compliance of Long-Haul Communications and Information Technology for the Department of Defense, Intelligence Community, and Federal Agencies. Chris’s expertise extends to auditing community-based financial institutions across the United States. His comprehensive approach encompasses risk-based auditing, risk management, internal operational audit support, and Bank Secrecy Act and Anti-Money Laundering Model Validations. Additionally, Chris has provided IT Security advisory services for a diverse range of information systems projects. Specializing in the certification and testing of financial management systems. Chris holds a variety of InfoSec, AML, and Cybersecurity Certifications, along with additional compliance and quality assurance certifications. His educational background includes a Bachelor of Science Degree in Computer Studies from the University of Maryland University College. Chris is an active member of several professional organizations, including the Information Systems Audit and Control Association (ISACA), International Information Systems Security Certification Consortium, Inc., (ISC)², InfraGard, BSA Coalition, and the Association of Certified Anti-Money Laundering Specialists. His unwavering commitment to excellence, coupled with his extensive experience and certifications, makes Chris Shields a sought-after professional in the field of IT auditing, BSA Support, risk management, Model Validations, and Scenario/Agent Analysis.

Alan Alai, CISA, CDPSE

Alan Alai is a Certified Information Systems Auditor (CISA) and Certified Data Privacy Solutions Engineer (CDPSE) with 17+ years of experience in information technology practices and auditing. Alan has worked as a Senior IT Audit Manager for private industry and is a subject matter expert on internal controls for IT organizations and financial applications. As an accomplished corporate internal auditor, Alan has lead numerous audit engagements including overseeing identification and discovery of financial and HR systems, development and implementation of IT audit test strategies, and support of remediation plans and projects. Alan has experience in developing and performing audits using COBIT and COSO Frameworks to meet FFIEC and NCUA regulatory requirements. In addition, Alan has performed control assessments based on state-specific cybersecurity and data privacy requirements for financial institutions in New York and Massachusetts. In his role at NETBankAudit, Alan has evaluated FDICIA controls to meet Sarbanes-Oxley (SOX) standards. Alan experience includes IT security projects, Business Continuity Management (BCM), Disaster Recovery (DR) programs, and IT and Operational Risk Assessments. Alan has a B.S. in Biochemistry from California Polytechnic State University in San Luis Obispo and is a member of the Information Systems Audit and Control Association (ISACA).

Michael Young, CISA, CISSP, MCSE: Security

Mike is a Certified Information Systems Auditor (CISA), a Certified Information Systems Security Professional (CISSP), and a Microsoft Certified Systems Engineer with a focus on security (MCSE: Security). Mike has over 35 years of experience in Information Technology, with the last 20 focused on Information Security Management. In addition to his community banking IT audit and management credentials, his expertise lies in Security Management, Incident Response, Disaster Recovery, vulnerability assessment, GLBA, SOX, PCI, Microsoft Active Directory and group policy management and network infrastructure auditing. He is the former Director of Technology for a community bank in Florida and Information Security Engineer for a major US Airline. Mike has a MS in Management from Troy University and is a member of the International Information Systems Security Certification Consortium, Inc., (ISC)², and the Information Systems Audit and Control Association (ISACA).

Dennis Rowan, CISA

Dennis Rowan is a Certified Information Systems Auditor (CISA) with over 30 years of experience in the execution of enterprise technology audits within large banking environments. Prior to joining NETBankAudit, Dennis led a team of Information Technology Auditors at Capital One. His audit experience includes retail & commercial bank applications, systems development & integration projects, IT governance, information security, network services, data center services, enterprise architecture, middleware, integrated production support, asset management, business continuity, and third party assurance programs. Dennis also has extensive experience with risk management, regulatory risks mitigation, Sarbanes Oxley compliance, PCI-DSS, and GLBA privacy related processes and requirements. Dennis is a member of the Information Systems Audit and Control Association (ISACA). Dennis holds a Bachelor of Science degree in Accounting from Ball State University.

Chris Poteat, CISA, CISM

Chris Poteat is a Certified Information Systems Auditor (CISA) with over 16 years’ experience in information technology practices and information technology auditing. Prior to NETBankAudit, Chris worked with a regional accounting firm as a Senior IT Audit Manager. His client focus was financial institutions, healthcare companies, private industries, and government agencies in the Southeast. Chris also served as IT Manager at Deloitte and Touche. Over his well-established career, Chris has assisted numerous financial institutions with internal and external auditing needs including SAS 70/SSAE16 type reviews. He has also consulted on various IT related projects including but not limited to Information Security, Business Continuity, Vendor Management, and Regulatory Compliance. Further, Chris brings real world, hands-on knowledge to each job with prior experience in application development, system development lifecycle, and security administration. Chris has a B.S. in Accounting from the University of South Carolina.

Harold B. Garrett, Jr., CPA, CIA, CISA

Ben is a Certified Public Accountant (CPA), Certified Internal Auditor, (CIA) and a Certified Information Systems Auditor (CISA). Ben has over twenty five years of experience in the financial service industry primarily serving in the role as the Chief Executive Audit Officer for community banks, mortgage and trust companies. In this role, he managed and performed all the elements of the bank’s risk management function that includes financial and operational internal audits, assessing information technology controls, and regulatory compliance.

Ben has experience in developing and performing risk based internal evaluations of financial, operational and information technology controls using the COSO Framework as well as applicable audit standards as set forth by the AICPA, PCAOB, IIA, ISACA and COBIT. He has also assisted many community banks in coordinating their FDICIA and Sarbanes-Oxley efforts. Additionally, Ben has extensive experience in directing internal investigations on the behalf of management and/or the board of directors for community banks as outlined by their corporate governance policies. He has also assisted with strategic planning; project management; BSA/ AML Program testing; vendor management responsibilities; and internal control development.

Ben has a B.B.A. in Accounting from James Madison University and a Master of Science in Management of Information Systems from the University of Virginia. Ben has also attended and participated in numerous banking, accounting, security, compliance, and information technology seminars and schools. Ben is active with the Institute of Internal Auditors- Tidewater IIA Chapter, Virginia Society of Certified Public Accountants, and Information Systems Audit and Control Association (ISACA). He was a member of the Virginia Banker Association- Compliance Committee, and served as a compliance instructor. Ben also served on a sub-committee on the Bankers’ Affinity Group, to assist community bankers in obtain continuing education opportunities on current banking topics.

Joanne Bennett, CAMS, CAFP

Joanne Bennett has over 30 years of experience in banking, including operations, compliance and audit. Prior to joining NETBankAudit, Joanne held positions of BSA/AML Compliance Officer, Internal Control Consultant, Senior Retail Operations Manager, BSA Administrator, and Security Officer at various community banks. Joanne has experience in developing and maintaining all components of a strong BSA/AML Compliance Program and is successful in working with all levels of bank staff. She has developed program documentation and overseen implementations. Joanne’s experience also includes working closely with regulatory agencies to ensure sound examination results. Joanne is a Certified Anti-Money Laundering Specialist (CAMS) and a Certified Bank Auditor (CBA). Joanne is a member of the Association of Certified Anti-Money Laundering Specialists (ACAMS), and has served on the Compliance Committee of the Virginia Bankers’ Association. Joanne holds a Bachelor of Arts degree in Business with Specialization in Accounting from St. Leo University in Florida.