Stephen is a risk, assurance and advisory leader with 18 years working within in the “Big 4” and a further five years of industry leadership experience. Alongside building and operating effective technology risk and assurance teams, Stephen’s skills span a number of services, including SOx and statutory audits; internal audits, regulatory reviews (e.g. Solvency II, s166, CASS, UCITS); IT programme assurance reviews; strategy reviews (e.g. IT Risk and Security); and attestation services (e.g. SOC reporting, ISAE 3000, AAF).Stephen leads Moore UK member firm Johnston Carmichael’s Technology Risk and Assurance offering, helping clients to address their Technology risks and improve their internal controls. This covers areas such as Statutory audits, SOC reporting, third party risk management, control remediation, operational resilience, and technology process improvement. Stephen works across a range of sectors, where clients have risk and control needs across their technology environment.