Polly Berthelot, CISA

Director, IT Compliance



Polly Berthelot, CISA is a trusted authority in SOX IT governance and control design, known for her technical precision, clarity, and disciplined approach. As Director of IT Compliance at Sunesis, she works closely with enterprise clients to design and optimize IT general controls that safeguard financial-reporting integrity, prevent material-weakness risks, and sustain long-term audit readiness.

Beginning her career in IT operations, Polly developed a deep understanding of how systems function in practice, insight that now informs her practical, detail-driven work in IT governance and control design. She has led enterprise-wide ITGC design and remediation programs for publicly traded organizations, advancing access-governance, change-management, and system-operations practices across integrated technology environments.

Grounded in COBIT and globally recognized IT governance and security standards, Polly aligns modern control expectations with the realities of business and audit demands. Her precision and objectivity have earned lasting trust from executives, auditors, and IT professionals alike.

A Certified Information Systems Auditor since 2004, Polly combines hands-on technical expertise with a deep understanding of control environments, helping organizations build resilient, audit-ready systems that withstand evolving risks with confidence.