Francis Tam
Partner
CPA, CISM, CISA, CITP, CRISC, PCIP, PCI QSA
francis.tam@mossadams.com
(310) 295-3852
My Profile

Industry Expertise

Cross-Industry E-Commerce

Practice Focus

CybersecurityFinancial Services ConsultingInternal Audit IT ComplianceIT ConsultingProcess & ControlsSOC AuditsSoftware Applications

Biography

Francis has practiced public accounting with a focus on risk and compliance consulting since 1994. He concentrates on risk mitigation activities relating to information technology and security. His expertise includes the application of industry-specific cybersecurity frameworks including the payment card industry (PCI-DSS) security framework, National Institute of Standards and Technology (NIST) cybersecurity framework, AICPA’s system and organization controls (SOC 1-2-3) guidance, and others.

Francis helps his clients develop a comprehensive approach to information security and technology controls, which may include cost-benefit or system analyses, compliance and internal controls reviews, project management and quality assurance, business process reengineering, penetration testing, external operational assessments, policy development, or financial audits. He works with clients in a variety of industries, including financial services, technology, communications, and life sciences.

External Publications

Selected Speaking Engagements

  • 2021 Planning Strategies for Construction & Real Estate
    (Moss Adams Webcast, November 2020)
  • How to Leverage California’s Consumer Privacy Act
    (Moss Adams Webcast with Crownpeak Technology, November 2019)
  • Retail Industry Outlook: Trends and Strategies for 2019
    (Moss Adams Webcast, March 2019)
  • Cybersecurity: Protecting Your Organization’s Critical Data from Theft and Disaster
    (Western Pension & Benefits Council 2018 Spring, May 2018)
  • Refocusing Retail: 2018 Industry Trends
    (Moss Adams Webcast, March 2018)
  • Five Challenges Every Chief Information Officer Faces
    (Moss Adams Webcast, October 2017)
  • 2017 Retail Outlook
    (Moss Adams webcast, June 2017)
  • Cyber Attacks: Spear Phishing, Ransomware and the Internet of Things (IoT)
    (Moss Adams Webcast, August 2016)

Professional Affiliations

  • Member, American Institute of Certified Public Accountants
  • Member, California Society of Certified Public Accountants
  • Member, Information Systems Audit and Control Association

Education

  • BA, computer science and mathematics, University of British Columbia, Vancouver, Canada
  • MBA, accounting and finance, California State Polytechnic University, Pomona

Insights from Francis Tam

Article
Navigate Payment Card Industry (PCI) Data Security Standard 4.0 Requirements
The payment card industry data security standard (PCI DSS) is being updated with new requirements and compliance approaches.
Article
Article
The 6 Intangible Costs of a Cyberbreach
Breaches can cost more than just lost data or access to systems. Learn tips to protect your organization.
Article
Article
6 Steps to Help Implement a Cost-Effective Information Security Program
Take these 6 steps to strengthen your information security program while keeping costs low and controls effective.
Article
Article
How to Engage CFOs in Information Security Programs
Learn steps finance executives and technology teams can take to strengthen information security programs.
Article
Article
How to Engage Finance Executives in Information Security Programs
Learn steps finance executives and technology teams can take to strengthen information security programs.
Article
Article
Cybersecurity Checklist for Remote Work
Record numbers are working remotely. This list is a starting point to help review security considerations during COVID-19.
Article
Article
COVID-19 Can Lead to Cybersecurity Risks—Protect Your Organization
Learn how to protect your organization against cyberthreats while hackers take advantage of the COVID-19 pandemic.
Article
Article
3 Tips to Stay Compliant with the California Consumer Privacy Act
Most companies with operations or customers in California will need to comply with new rules for collecting consumer information. Learn how to prepare.
Article
Article
How Aerospace and Defense Companies Can Mitigate Cyberthreats
Aerospace and defense companies face unique cybersecurity challenges. Learn how to reduce your company’s risk.
Article
Article
Application Security for Technology, Communications, and Life Sciences
Technology, life sciences, and communications companies have similar concerns when it comes to application security. Here’s what they need to know.
Article