Kimberly “Kim” Garcia, CPA, CISA, is a director in the Audit Department at MBAF focusing on information technology (IT) risk. She has been in the public accounting profession since 2000.
Kim has extensive experience in information technology auditing, security and risk management, SSAE 16/SOC reporting and information technology advisory services as well as managing the IT portion of publicly-traded and privately-held company audits in various industries for small to Fortune 500-size organizations. Specifically, she has served many South Florida companies in advisory/internal audit co-sourcing arrangements, managing several SSAE 16/SOC reviews for companies and conducting several process integrity reviews during ERP implementations to identify operational and applications risks, including segregation of duties rules and analysis as well as governance development.
In addition, Kim has also worked with many public companies, including international and multi-location, on a number of IT audit-related projects to comply with the provisions of Section 404 of the Sarbanes-Oxley Act and led numerous general control reviews and application controls testing over IT and business processes.
American Institute of Certified Public Accountants
Certified Information Systems Auditor
Certified Public Accountant
Florida Institute of Certified Public Accountants
Information Systems Audit and Control Association
Florida Atlantic University – Master of Accounting in Information Systems
Florida Atlantic University – Bachelor of Science in Accounting
On 16 May 2017, the FASB issued ASU No. 2017-10, Service Concession Arrangements (Topic 853): Determining the Customer of the Operation Services. The FASB issued this ASU to eliminate diversity in practice in how an operating entity determines the cu ...
The Super Bowl, The World Series, The NBA playoffs – most of us thrill to watching our favorite teams vie for the championship. But, did you ever stop and think about what it could be like to own a sports franchise? It can be as challenging as ...
In response to growing market demand from customers, vendors, business partners and regulators for useful information about an entity’s cybersecurity risk management efforts, the AICPA has expanded the options available for organizations to vol ...