If you are not willing to risk the usual, you will have to settle for the ordinary. Jim Rohn

Jeffrey Johns, CISA, CRISC, CDPSE, CPSP is a Partner of Herbein Risk Management. He is charged with overseeing information technology audits, information security audits, cybersecurity analysis, vulnerability management, social engineering testing, social media reviews, information security awareness training, disaster recovery management, and vendor management services for our clients. Jeff also provides expertise in data mining for our audit teams and clients. Jeff’s information technology and cybersecurity knowledge has led to numerous speaking engagements at regional and national conferences. Prior to joining the firms Information Technology Risk Management services group, Jeff worked at a public accounting firm performing year-end audits, Sarbanes-Oxley compliance, and IT control assessments for private and publicly owned clients.

Jeff holds a Bachelor of Science degree in Business Administration from West Virginia University where he dual majored in Accounting and Management Information Systems. Additionally, Jeff has earned the highest rank attainable, Eagle Scout, with the Boy Scouts of America. He is a Certified Information Systems Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), and is also Certified in Risk and Information Systems Control (CRISC). When not keeping up with the latest technology, Jeff enjoys playing golf and spending time with his wife and 3 kids.

Herbein Risk Management is a division of Herbein + Company, Inc., formed in 2013 when Financial Outsourcing Solutions (FOS) joined Herbein.

Focused On

  • Banking and Financial Institutions
  • Accounting & Audit
  • IT Risk Management

Education & Certifications

  • West Virginia University – Bachelor of Science degree, Accounting and Management Information Systems
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Data Privacy Solutions Engineer (CDPSE)
  • Certified Payment Security Practitioner (CPSP)


  • Philadelphia Infragard Members Alliance - Member