Sarah Mirzakhani


Sarah Mirzakhani, CISA, is a partner with over 20 years of experience in information technology audit/information assurance and information security solutions. Sarah serves federal agencies with varying, complex IT systems and environments. Her experience includes leading information technology internal control reviews and security audits, such as the Federal Information Security Modernization Act (FISMA), and overseeing vulnerability assessments and penetration testing.

Sarah is also skilled in conducting and leading system and organization controls/SSAE18 audits and readiness assessments, regulatory compliance reviews, and system implementation reviews for not-for-profit, commercial, and governmental entities. She has extensive knowledge of the National Institute of Standards and Technology (NIST), Federal Information Processing Standards (FIPS), and Office of Management and Budget (OMB).


  • Information Systems Audit and Control Association
  • Association of Government Accountants


  • Bachelor of Science in Business Administration, Management Information Systems, West Virginia University
  • Certified Information System Auditor (CISA)