Jerry Hughes CISA, QSA, CRISC, MCPM
VP of Operations, Managing Partner, Sr. Executive IT Auditor
Jerry Hughes, a founding member of Compass IT Compliance, LLC, has over 25 years of experience helping companies become compliant with internal, industry and government regulations such as PCI-DSS, Sarbanes-Oxley, HIPAA and GLBA. Mr. Hughes, a Certified Information Systems Auditor (CISA), Qualified Security Assessor (QSA), and Certified in Risk and Information Systems Control (CRISC), has extensive IT auditing experience, especially within the financial industry and the retail sector.
Mr. Hughes has helped develop Compass IT Compliance, LLC into one of the Nation's premier consulting firms in the area of IT Governance, Assurance, Security and Compliance services. His team of CISA-certified auditors, all certified in the international framework called Control Objectives for Information and related Technologies (COBIT), offers a full suite of IT Compliance services within the banking, insurance, retail, higher education, and healthcare sectors.
Managing Partner, VP of Sales
William DePalma is a founding member of Compass IT Compliance, LLC. Prior to founding Compass, William spent eight successful years as Manager of Sales for the Lighthouse IT Compliance Group. In this role, William was instrumental in driving year over year revenue gains and positioning Lighthouse IT Compliance Group as one of the premier IT Security Consulting firms in the Northeast.
At Compass, William is responsible for driving strategic revenue growth while overseeing Compass IT Compliance's national sales and marketing efforts. Under his direction, Compass has consistently experienced double-digit year over year sales growth while ensuring the highest level of customer satisfaction to Compass' growing list of clients. William brings real-world knowledge of customer challenges with over 17 years of sales and customer support experience having previously worked for Lighthouse Computer Services, Sullivan and Cogliano, and Cabletron.
William holds a Bachelor of Science in Business Administration from University of New Hampshire and is a retired reservist in the United States Coast Guard with 21 years of successful service.
Adam Cravedi, CISA, CISSP, QSA
VP Information Security Practice
Adam Cravedi is an original member of Compass IT Compliance, LLC. He brings over 26 years of experience in the Information Technology arena including Financial, Higher Education and Healthcare industries to the Compass team. He holds a Masters of Science in Management Operations and Information Technology and a Bachelors of Science in Electrical Engineering both from Worcester Polytechnic Institute.
Mr. Cravedi has worked in the IT Services arena since 1989 and during his career has provided solutions in the Financial, Health Care, Higher Education, and Small Business sectors. As a Senior IT Auditor for Lighthouse Computer Services, he headed up the PCI ASV scanning and Internal/External Vulnerability and Penetration testing functions for the organization. He also contributed to PCI, IT and Information risk and security audits. His work includes the role of Information Security Officer where he developed an in-depth Information Security Program that included Information Security Awareness Training as a baseline for information security for the organization and their employees. He also has extensive experience in planning, directing and implementing large scale Information Technology projects including WAN/LAN infrastructure, Information Systems architecture, VMware, Storage, Security and Compliance. Additionally, Mr. Cravedi has been involved in the planning, coordinating and execution of several Business Continuity and Disaster Recovery projects.
Mr. Cravedi holds several industry certifications including ISC2 Certified Information Systems Security Professional (CISSP), ISACA’s Certified Information Systems Auditor (CISA), PCI Qualified Security Assessor (QSA), GIAC Web Application Penetration Testing (GWAPT), GIAC Mobile Security (GMOB), GIAC Certified Incident Handler (GCIH), and GIAC Information Systems Professional (GISP).
Derek Boczenowski, CISA, QSA
AVP IT Audit
Derek Boczenowski is AVP of IT Audit with Compass IT Compliance. Derek has over 20 years of IT experience in a variety of vertical markets, including Financial Services, Higher Education, and State/Local Government. Prior to joining Compass IT Compliance, Derek was the VP of Technology for a credit union in Massachusetts with approximately $700M in assets under management. With an MBA in Technology Management as well as industry leading certifications, such as being a Certified Information Systems Auditor (CISA) and a Qualified Security Assessor (QSA), Derek works with clients of all sizes and in all vertical markets to help them identify gaps in their IT Security strategies and provide relevant, attainable solutions to ultimately mitigate their overall risk.
Derek has spoken at numerous conferences throughout his career, including the Fiserv national conference and New York Banker’s Association Annual Meeting, and is recognized as a thought leader in the field of Information Technology and Information Security.