Leveraging ISO/IEC 27001 for Compliance with Multiple Frameworks (T17) Sumit has over 14 years of information technology audit and internal controls experience and leads the firm’s IT Assurances Service Group. His experience spans across various security standards and frameworks, including SSAE 16, ISO 27001, SOX 404, FedRamp, regulatory compliance, and PCI. He has led such departments at two international accounting firms and for several companies in technology, retail and financial industries. He has served clients in many industries and in various stages/situations, from startups to fortune 100 companies and is and knowledgeable in a variety of Enterprise Resource Planning (ERP) solutions, and complex infrastructure implementations. He has developed security audit methodologies at BPM for evaluating security/compliance risks and exposures to complex on premise and cloud implementations.