Francis Tam


Francis has practiced public accounting with a focus on risk and compliance consulting since 1994. He concentrates on risk mitigation activities relating to information technology and security. His expertise includes the application of industry-specific cybersecurity frameworks including the payment card industry (PCI-DSS) security framework, National Institute of Standards and Technology (NIST) cybersecurity framework, AICPA’s system and organization controls (SOC 1-2-3) guidance, and others.

Francis helps his clients develop a comprehensive approach to information security and technology controls, which may include cost-benefit or system analyses, compliance and internal controls reviews, project management and quality assurance, business process reengineering, penetration testing, external operational assessments, policy development, or financial audits. He works with clients in a variety of industries, including financial services, technology, communications, and life sciences.

Selected Publications

  • "How to Engage Finance Executives in Information Security Programs" (Moss Adams Insight, September 2020)
  • "Cybersecurity Checklist for Remote Work” " (Moss Adams Insights, April 2020)
  • "COVID-19 Can Lead to Cybersecurity Risks – Protect Your Organization" (Moss Adams Insights, March 2020)
  • "3 Tips to Stay Compliant with the California Consumer Privacy Act" (Moss Adams Insight, December 2019)
  • "How Aerospace and Defense Companies Can Mitigate Cyberthreats" (Moss Adams Insight, September 2019)
  • "Application Security for Technology, Communications, and Life Sciences" (Moss Adams Insight, May 2019)
  • "Conducting IT Audits Can Help Protect Data and Prevent Cybersecurity Breaches" (Corporate Compliance Insights, April 2019)
  • "Cyber Criminals Seek Security Weak Spots" (North Bay Business Journal, June 2017)
  • "Firm’s Data Storage Plan Out of This World" (Los Angeles Business Journal, quoted, January 2017)
  • "Banking Compliance and the Cloud: Can They Coexist?" (, August 2015)
  • "For Financial Institutions, the Risk of Cybercrime is as Real as Ever" (Moss Adams Insight, May 2014)

Selected Speaking Engagements

  • 2021 Planning Strategies for Construction & Real Estate
    (Moss Adams Webcast, November 2020)
  • How to Leverage California’s Consumer Privacy Act
    (Moss Adams Webcast with Crownpeak Technology, November 2019)
  • Retail Industry Outlook: Trends and Strategies for 2019
    (Moss Adams Webcast, March 2019)
  • Cybersecurity: Protecting Your Organization’s Critical Data from Theft and Disaster
    (Western Pension & Benefits Council 2018 Spring, May 2018)
  • Refocusing Retail: 2018 Industry Trends
    (Moss Adams Webcast, March 2018)
  • Five Challenges Every Chief Information Officer Faces
    (Moss Adams Webcast, October 2017)
  • 2017 Retail Outlook
    (Moss Adams webcast, June 2017)
  • Cyber Attacks: Spear Phishing, Ransomware and the Internet of Things (IoT)
    (Moss Adams Webcast, August 2016)

Professional Affiliations

  • Member, American Institute of Certified Public Accountants
  • Member, California Society of Certified Public Accountants
  • Member, Information Systems Audit and Control Association


  • BA, computer science and mathematics, University of British Columbia, Vancouver, Canada
  • MBA, accounting and finance, California State Polytechnic University, Pomona