Norman Comstock advises clients on enterprise risk management, information technology governance, technology assurance, program management, and cyber security. Mr. Comstock has experience leading complex, high-profile projects and initiatives for investment due diligence, integration, divestitures, and program management for high-risk, multiyear, multi-vendor projects. He has advised clients across diverse industries and geographies including construction, energy, financial services, healthcare, higher education, high technology, and manufacturing, as well as state, local, and federal governments.
Mr. Comstock advises clients on aligning IT with business strategies, creating clear IT roadmaps to support organizational business objectives, and transforming business processes to optimize outcomes. He facilitates requirements definition among key stakeholders to reduce surprises and foster sustainable change management that is technology agnostic. As a nationally recognized business intelligence (BI) professional, Mr. Comstock is also proficient in data warehousing, analytics, and reporting solutions.
In the past decade, Mr. Comstock has specialized in cyber security risk mitigation. He has advised clients on network and application vulnerabilities, penetration testing, social engineering exploits, and growing compliance requirements that blur the lines between security and privacy concerns.
Mr. Comstock has been a lecturer at the University of Houston’s C.T. Bauer School of Business since January 2007. He teaches courses in Business Ethics, Advanced Internal Audit, and Governance Risk and Compliance. He also served on Microsoft’s Business Intelligence Advisory Council in 2001 and 2002 and is an alumnus instructor of The Data Warehousing Institute.
Mr. Comstock was previously president of a professional services firm, director of a Finance and Accounting practice, and a principal providing technology and management consulting services to Fortune 1000 companies.
Mr. Comstock’s certifications and designations include Certified Internal Auditor (CIA), Certified in Control Self-Assessment (CCSA), Certified in Risk Management Assurance (CRMA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in the Governance of Enterprise IT (CGEIT), Qualified Security Assessor (QSA), Approved Scanner Vendor (ASV), and HITRUST Certified Common Security Framework Assessor (CCSFA).
University of St. Thomas, Cameron School of Business
Master's of International Business
University of St. Thomas
University of Houston
K. Wayne Snipes Award - Best Very Large Chapter, 2013
ISSA, Senior Member, 2013
Brio Excellence in Partnering Award, 2001
News & Insights
Seminars & Speaking Engagements
- June 8-9, 2016
- March 9, 2016
- November 18, 2015
- October 29, 2015
- September 17, 2015
- August 25, 2015
- May 28, 2015
- May 13, 2015
- May 12-14, 2015
- February 24, 2015
- November 6, 2014
- October 16, 2014
News & Commentary
- BRG press releaseOctober 13, 2015
- HackSurferMarch 6, 2015
- Houston ChronicleJanuary 22, 2015
ISACA Houston Chapter
Information Systems Security Association
Audit Committee chair
Institute of Internal Auditors - Houston Chapter
Vice president, Technology
Association of Certified Fraud Examiners
Greatwood Aces Team Tennis