Professional Headshot of Michael Tepper

Michael Tepper

Third Party Attestation Principal


Executive Summary

Michael is BDO’s Third Party Attestation Specialty Practice leader of ISO and Microsoft SSPA services. He has more than 13 years of experience in evaluating risk and internal controls, and his areas of focus include, ISO, Microsoft SSPA, System and Organization Controls (SOC) examinations (including SOC 1, ISAE 3402, SOC 2, and SOC 3), and HITRUST validated assessments. 

Michael has a strong focus on clients within the technology, healthcare, fintech, and financial services industries.

Prior to joining BDO, Michael held positions at Grant Thornton and New York Life Insurance Company. At Grant Thornton, he was responsible for managing the Northeast region’s Attest Services practice which provided SOC 1, SOC 2, SOC 3, and HITRUST services to its clients within the technology, media, financial services, and healthcare industries. Michael had also performed internal control audits, information systems audits, Sarbanes-Oxley compliance reviews, and operational and compliance audits. At New York Life Insurance Company, he performed system pre-implementation reviews and control analysis, security policy reviews, and control reviews across various divisions, including corporate technology, investment management, actuarial services, and finance.

  • American Institute of Certified Public Accountants
  • HITRUST Alliance
  • Information Systems Audit and Control Association (ISACA)

  • B.S., Accounting, University of Albany