Skip to main content
People angle Timothy M. Grace

Timothy M. Grace

Director of Technology Risk Advisory Services


As the Technology Risk Advisory Services leader for Mueller Prost, Tim brings more than 30 years of business experience delivering solutions that drive business innovation, optimization, and change within world class organizations. He is a leader in the fields of cybersecurity, information technology, internal audit, privacy, compliance, and risk management. Tim has brought best practices to global organizations and helped drive solutions that strengthen and enhance current technology practices. Through innovation and process improvement, Tim has been able to drive change to ensure organizations remain focused on key business issues. His deep information technology background and deep understanding of business processes allow him to bring technology and business processes together.

As a leader in the information technology industry, Tim is a former President of the St. Louis ISACA chapter, serving on several local and international ISACA committees, is an active participant in the St. Louis Institute of Internal Auditors (IIA) chapter, serving on and chairing numerous committees, and was involved in re-invigorating the local Association of Government Accounts (AGA) chapter. In addition, he is an Advisory Board member for SecureWorld Expo St. Louis and Kansas City, has served on the cybersecurity program Committee for local trade colleges, and was an adjunct professor for Webster University’s School of Business and Technologies’ Information Technology Master Program.


Organizations & Awards

Professional Organizations
  • Institute of Internal Auditors (IIA)
  • Information Systems Audit and Control Association (ISACA)
  • Information Systems Security Association (ISSA)
  • Missouri Society of Certified Public Accountants (MOCPA)
  • Association of Government Accountants (AGA)
  • Healthcare Information Management Systems Society (HIMSS)
Civic Organizations
  • USO of Missouri, St. Louis, MO – Advisory Board Member
  • Foster Adoption Support Team (FAST), St. Charles, MO
  • Boys and Girls Club, St. Charles, MO
  • Adoption Exchange, Bridgeton, MO
  • Missouri Baptist Children’s Home (MBCH), Bridgeton, MO

Speeches & Publications

Tim is a preferred speaker for various local and national organizations. Tim has presented on numerous cybersecurity, technology audit, internal audit, and leadership subjects. Please call 314.862.2070 or contact us to book Tim for your event.

Speaking Topics
  • Government & Regulatory Related Subjects
  • Federal Information Security Modernization Act (FISMA)
  • Controlled Unclassified Information (CUI)
  • NIST SP 800-053 – Security and Privacy Controls for Federal Information Systems and Organizations
  • NIST SP 800-171 – Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
  • NIST SP 800-37 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST Cybersecurity Framework
  • How to Apply the NIST Cybersecurity Framework Manufacturing Profile Implementation Guide
  • How to Implement and Control Technology Access to Systems, Applications and Critical Infrastructure
  • Developing a Cyber Security Roadmap
  • System Development Life Cycle (SDLC) Processes
  • Project Assurance Methodology
  • Why Companies Adopt Cybersecurity Methodologies
  • California Consumer Privacy Act (CCPA) & General Data Protection Regulation (GDPR)
  • Cybersecurity and Privacy Considerations for Manufacturing Environments
  • Cybersecurity and Privacy Considerations for Healthcare Environments
  • Developing a Business Continuity Plan
  • Developing a Technology Governance Model
  • Improving and Optimizing a Cybersecurity and Privacy Program
  • Building a Technology Risk Assessment and Gap Analysis Process
  • Vendor Assessment – Are Your Vendors Putting Your Organization at Risk?
  • Where is My Data – And How to Protect It
  • Building the Business Development Sales Cycle
Recent Publications

“Technology Risk Assessment, Not Just for the Audit Department,” CIO Applications Magazine

“Do a Technology Risk Assessment to Protect Your Shop,” MoldMaking Technology

White Papers

  • Complying with the Controlled Unclassified Information Executive Order 13356
  • Protection of Manufacturing Process Data
  • Technology Risk Management
  • How Vishing Works and 8 Ways to Protect Yourself
  • False Resumes are on the Rise: Top 5 Best Practices to Avoid Costly Hires