Ms. Serafin joined Frazier & Deeter in 2007 and leads the Process, Risk & Governance service line. She provides her clients with assurance services including SSAE 16/SOC reporting and Agreed upon Procedures; Internal and IT audit co-sourcing, consultative risk and governance assessment services. She has extensive experience with Internal Audit, Enterprise Risk Management and consumer privacy, with a focus on IT governance, risk, and controls.
Sabrina's past experience includes serving as an Internal Audit Director for CheckFree Corporation, where she was responsible for developing and maintaining policies, standards and guidelines around CheckFree's approach to managing corporate-wide IT and operational risk. Additional responsibilities included implementing and supporting CheckFree's corporate privacy standards, processes, procedures and tools to build and maintain a privacy program to address compliance issues imposed on the electronic banking industry. She also managed CheckFree's Audit Management team, responsible for SAS 70, customer and federal regulatory agency non-financial audits.
Prior to CheckFree, Sabrina was a Manager for Deloitte & Touche's Enterprise Risk Services practice, where she performed internal control reviews of information systems departments and SAS70 audits for several of the South's leading financial, technology, communications and manufacturing firms.
Industry and Association Speaking Engagements
Cyber-Security: Considerations for Internal Audit, Institute of Internal Auditors, January 2015
2013 COSO Framework, Texas Society of CPAs, October 2014
Internal Control Considerations, Utility Finance and Accounting Conference, October 2012
Information Technology's Impact on the Financial Audit Process, The Georgia Society of CPAs, October 2012
Auditing Privacy in the Cloud (SOC 2 Reporting), Institute of Internal Auditors Atlanta Conference, September 2012
SOC Reporting Requirements, AICPA International Business Conference, June 2012
SOC Reporting Roundtable, ISACA Atlanta Chapter Meeting, June 2012
SOC Reporting Considerations for Investment Advisors, Barge Compliance Symposium, June 2012