James Jumes, MBA, M.Ed.

Partner, Business Process & IT Consulting

James joined AAFCPAs in 2013 to lead the firm’s Business Process & IT Consulting practice. He leads a team of senior technologist in the delivery of solutions related to business intelligence & productivity, information risk management and cybersecurity, and special IT attestations, compliance, and certifications. His goal is to strengthen the links between people, process, and technology, which increases productivity and drives business growth.

James has more than 30 years of experience working with information technology systems and diverse business operational processes. He is highly experienced in IT controls and assurance, SOX 404, and System and Organization Control (SOC) reports: SOC 1 (SSAE 18), SOC 2, SOC 2+ and 3 attestation reporting. James developed a unique methodology to delivering SOC reporting services, and he is an AICPA-approved Peer Review SOC Specialist, assisting peer review teams to review SOC 1, 2, 2+ and 3 engagements. He is a HITRUST Certified Common Security Framework (CSF) Practitioner, providing HITRUST CSF self-assessment consulting, or SOC 2 + HITRUST for assessing against the evolving compliance landscape shaped by HITECH, HIPAA, CMS and various other federal, state and business requirements.

James is a leader of the firm’s ESG Task Force, charged with exploring emerging standards and frameworks associated with environmental, social and governance (ESG) corporate reporting and related attestations.

He has authored two books and various whitepapers focusing on Windows Security Audit and Control. His advisory experience includes systems strategy planning, application selection studies, and implementation of enterprise resource planning (ERP) solutions. In addition, James is an adjunct professor at Boston College and a visiting lecturer at Bentley University.

Prior Experience

Grant Thornton, LLP – Senior Manager
CCR, LLP – Partner
IBM Business Consulting Services – Associate Partner
Deloitte – Senior Manager
KPMG – Senior Manager
PwC – Director

Education

Lehigh University – Master of Business Administration
Boston College – Bachelor of Arts and Master of Education

Publications

Contributed Insights

How to Right-Size Cybersecurity to Fit the Small Nonprofit

Organizations rely on technology for communicating, managing our work, assisting us in making accurate and timely decisions, assisting customers, and staying in the know wherever we go. But along with this comes a mounting risk of data breach. Particularly susceptible are small nonprofit organizations with fewer technical safeguards, outdated security protocols, and modest IT budgets. […]

October Designated National Cybersecurity Awareness Month

October kicks off National Cybersecurity Awareness Month (NCSAM), which is dedicated to raising public awareness on the importance of cybersecurity. Launched in 2004 by the U.S. federal government, NCSAM aims to encourage businesses and individuals to investigate potential risk along with strategies to improve the security of critical infrastructure. Where To Start The threat landscape […]

FQHCs Prepare for National Cybersecurity Awareness Month

FQHCs are faced with an ever-shifting cybersecurity landscape due to emerging technologies and shifting internal and cloud vulnerabilities. Adding to this are regulations designed to keep pace as well as the data (health and personally identifiable) that live through their systems. The U.S. federal government has designated October as National Cybersecurity Awareness Month (NCSAM). AAFCPAs […]