Mike Nyman



Mike has more than 20 years of experience in planning, developing, performing, supervising, and reviewing information system audits for external financial audits and co-sourced internal audit departments. This includes leading and managing Sarbanes/Oxley Internal Control audits from both management's assessment and the external audit. Mike has served as a specialty advisory services signing director in the Phoenix office since 2008. Prior to joining CLA, Mike was with Ernst & Young in Phoenix, serving as a Technology and Security Risk Services staff to senior manager from 1997 to 2008.

Mike has a working knowledge of the information systems auditing standards as published by the Information Systems Audit and Control Association. He has significant knowledge and experience with the concepts, terminology, capabilities, and application of business and control risk associated with various information systems architectures. Mike has an in-depth understanding of complex business processes with the underlying information security and control issues and is able to concisely and effectively communicate them to the internal and external parties. In addition, he has a well-rounded IT background of infrastructure and development management.

Technical experience

  • Signing Director for CliftonLarsonAllen LLP for the System and Organizational Control (SOC) reporting group.
  • Senior Information Technology Assurance Manager for the Mountain West/West Region of CliftonLarsonAllen LLP and Arizona leader of the Technology Assurance practice.
  • Supervised and performed other IT services like internal audits, IT general and application controls assessments and IT risk assessments for various industries
  • Performed data conversion reviews and application upgrade reviews.
  • Managed the information technology audit portion including the SOX portion of external audit for 20 SEC clients and managed the information technology audit portion including the SOX portion of internal audits for 5 clients.
  • Managed SOC 1 and 2/SAS 70 engagements for 30 different SOC 1 and SOC 2/SAS 70 reports where we evaluated internal controls at various types of industries.  Served as quality reviewer on numerous SOC reports.
  • Supervised IT audits (performed over Government Audit Standards) of governmental agencies and nonprofit agencies.


Bachelor's of science in accounting from Brigham Young University, Provo, Utah

Master's degree in information technology from Brigham Young University, Provo, Utah

In the community

  • American Institute of Certified Public Accountants
  • Certified Public Accountant in the state of Arizona
  • Arizona Society of Certified Public Accountants
    • Information Technology Steering Committee Member (2011-present)
    • Information Technology Steering Committee Chair (2014-present)
  • Certified Information Systems Auditor
  • Certified Information Systems Professional
  • Certified Information Technology Professional
  • Certified in Risk and Information Systems Control
  • Information Systems Audit Control Association (ISACA)
  • International Information Systems Security Certification Consortium ((ISC)2)
  • Brigham Young University College of Information System's Advisory, Board Member (2008 - present)
  • Arizona State University College of Information System's Professional Advisory, Board Member (2003 - present)
  • Boy Scouts of America, Scout Leader (2006 - present)

Resources and events