About Eric
Eric Andersen is a seasoned IT security and assurance expert with over 20 years of experience in public accounting and advisory services. Beginning his career in 2003, including seven years at a Big 4 firm, Eric has built a reputation as a trusted advisor in IT risk management, cybersecurity, and regulatory compliance. At Tanner, he leads IT assurance and advisory initiatives, specializing in SOC, HITRUST, ISO, NIST, HIPAA, and SOX audits. His work focuses on identifying and assessing risk, evaluating controls, and providing strategic recommendations to enhance internal IT and business processes and controls.
A recognized thought leader in the industry, Eric frequently speaks at conferences, executive roundtables, and cybersecurity panels, sharing insights on IT risk management, regulatory trends, and emerging security threats. His expertise has been instrumental in guiding a diverse range of clients, from Fortune 10 enterprises and multi-billion-dollar public companies to high-growth startups, helping them navigate the complexities of IT security and compliance. He also contributes to industry whitepapers and best-practice guides, further solidifying his role as a key voice in IT assurance.
Eric is a Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), HITRUST Certified CSF Practitioner (CCSFP), and holds a Certification in Risk Management Assurance (CRMA). A magna cum laude graduate of Brigham Young University, he is an active member of the AICPA, ISACA, and IIA continuously staying ahead of industry developments.
Beyond his professional endeavors, Eric is an avid outdoor enthusiast who enjoys mountain biking and skiing on Utah’s renowned trails and slopes. His commitment to excellence, both professionally and personally, makes him a valuable leader in IT security and risk management.
