Ashley Sudderth
About Ashley Sudderth
Ashley Sudderth serves as the Director of Risk and Compliance Strategy for the Sans Securing the Human Program, bringing extensive experience in information security and compliance from previous roles at various organizations, including Michigan Technological University and Pioneer Surgical Technology.
Current Role at SANS Institute
Ashley Sudderth serves as the Director of Risk and Compliance Strategy for the SANS Securing the Human Program. In this role, which she has held since 2016, she focuses on developing and implementing strategies to enhance risk management and compliance within the organization. Her responsibilities include overseeing compliance reviews and ensuring adherence to various regulations relevant to information security.
Previous Experience in Higher Education
Before joining SANS Institute, Ashley Sudderth worked at Michigan Technological University, where she held the position of Chief Information Compliance Officer from 2013 to 2016. In this role, she was responsible for overseeing information compliance and security initiatives. Additionally, she served as the Information Compliance Officer at the same institution from 2009 to 2013, contributing to the university's information governance framework.
Professional Background in Information Security
Ashley Sudderth has a diverse professional background in information security. She began her career as an Internal IT Auditor at Dana Holding Corporation in 2005. She later worked as an Information Security professional at Pioneer Surgical Technology for a brief period in 2009. Additionally, she served as an IT Consultant at Plante Moran from 2006 to 2008, where she focused on IT governance and compliance.
Education and Academic Qualifications
Ashley Sudderth holds a Bachelor’s degree in Management from Michigan Technological University, which she completed from 2001 to 2005. She further pursued her education at Capella University, where she earned a Master of Science degree from 2013 to 2015. Her academic background supports her expertise in risk management and compliance within the information security sector.
Expertise in Compliance and Risk Management
Ashley Sudderth specializes in IT Governance, Risk, and Compliance (GRC) with a strong focus on conducting compliance reviews for various regulations, including SOX 404, JSOX, GLBA, HIPAA, FERPA, and PCI. She possesses skills in IT General and Application Control reviews, risk assessment, business impact analysis, and business continuity planning. Her expertise also includes control design, policy development, and remediation efforts.