Shawn Lafferty 

Principal, KPMG in the United States
Feature image

Shawn Lafferty
Principal, KPMG in the United States

Mr. Lafferty is a Principal with the Advisory practice of KPMG LLP.   Mr. Lafferty has 24 years of experience with technology environments including the security of corporate networks, Smart Grid and AMI networks, SCADA and PCN networks, computer operations, software evaluations, system development, and NERC CIP risk assessments and compliance audits.  

Professional and Industry Experience

Smart Grid / AMI Assessment

Directed a security review of the communication and data flow from the Home meter, across communication networks to the Meter Data Management system. 

We have provided clients detailed risk and vulnerability assessments with gap analysis reports, observations and recommendations to mitigate technology risks and improve the security posture.

Directed detailed security audits of SCADA equipment for a regional utility. 

 This included addressing areas such as policies & procedures, user administration, logical and physical security, and operations. 

NERC Critical Infrastructure Protection Assessments

Directed Critical Infrastructure Protection readiness assessments and reviews.  In the areas of Transmission and Generation Owners/Operators, we assessed the appropriateness of the approach, progress, and posture of the project in place to address government regulations NERC V3 and V5. 

Provided key insight on several NERC CIP projects focused specifically on interpretation of existing requirements and the most recent guidance from NERC regarding CIP-009.  This included performing gap analyses on existing client methodologies versus the suggested guidance.

IT Controls and Audit

Directed numerous risk based Information System audits on computer systems and application user departments to detect operational, system, or application control weaknesses.   Directed multiple Financial systems Pre & Post Implementation control and business integration reviews of the Sales & Distribution, Purchasing, General Ledger, Cash Management and Financial Reporting business cycles. 

Directed the ERP audit work programs, supervised day-to-day tasks and monitored the progress towards project milestones.  ERP systems include SAP, Oracle Financials, PeopleSoft, HFM, Hyperion Enterprise, JD Edwards, Lawson, plus ETRM and GRC software’s. 

Cyber Maturity

Directed numerous risk based Information Protection reviews Corporate and PCN / DCS computer systems.  Security Maturity Model Assessments aligned Company Board and Audit Committee expectations.  Utilizing principals and standards from NIST 800, SAN 20 Critical Controls, Department of Homeland Security C2M2, NERC CIP, COSO, COBiT, and Forrester… 

4th annual KPMG Global Power & Utilities Conference
7-8 October 2014
Park Plaza Riverbank
London, United Kingdom

Register a delegate

register now

Book your room

Take advantage of preferential delegate rates at the Hotel Park Plaza Riverbank London.


For enquiries regarding the KPMG Global Power & Utilities Conference please contact:

Peter Kiss

Peter Kiss

Head of Power & Utilities, EMEA



Peter Kiss


David Gascoigne

Partner and Head of Power & Utilities, KPMG in the UK

Follow us

Linkedin icon