Skip to Content

Experience

Tim is an audit partner with Plante Moran's security assurance team specializing in Service Organization Control (SOC), which provides SOC 1 (formerly called SAS 70), SOC 2, and SOC 3 audits to outsourced service organizations. He also manages financial statement audits for technology companies and emerging enterprises.

Tim understands that technology and outsourcing facilitate efficiencies while introducing new financial, operational, and compliance risks. He works with his clients his team to assess those risks and identify ways to improve the internal control environment. The result is greater reliability of information, which allows management and stakeholders and allowing them to make more confident decisions. 

Tim’s nearly 15 years of experience includes two years as an internal audit manager for a small public company, which gives him insight into how SOC reports can be used by the service organization and its client to address each entity’s risk management needs.  Most recently, his focus has been on (1) leading audits and risk assessments in accordance with the SOC reporting framework issued by the American Institute of Certified Public Accountants, (2) overseeing the performance of risk assessments and identifying opportunities to improve internal controls, (3) leveraging his in-depth knowledge of accounting standards and revenue recognition for multiple-deliverable arrangements to manage financial statement audits for technology companies and other service organizations, and (4) advising emerging enterprises on accounting for complex equity instruments such as warrants, derivatives, and stock options.

Tim regularly shares his knowledge on SOC reporting and risk assessments through presentations to trade organizations such as the Insurance Accounting & Systems Association. He is the author of articles and white papers on SOC audits and matters affecting service organizations. Tim received a B.S. in business with an emphasis in accounting from Virginia Polytechnic Institute and State University (Virginia Tech).

Specializes In

Additional Thoughts

Assess enterprise-wide risk management with SOC for Cybersecurity
SOC for Cybersecurity offers businesses a general-purpose attestation report on the design and effectiveness of cybersecurity risk management programs. Here's what you should know to meet business objectives, satisfy stakeholder expectations, and allay their cybersecurity concerns.
Tim Bowling
Article August 15, 2017 6 min read
Achieving a competitive advantage and high ROI through security compliance
Want to move beyond meeting regulations and strategically leverage IT security compliance to generate revenue, boost ROI, and differentiate your business? Here are four areas to consider.
Tim Bowling
Article November 02, 2016 3 min read