Raymond Vankrimpen

Partner | CISA, CISM, CISSP, CRISC, QSA Write to Raymond Vankrimpen
Raymond Vankrimpen

Knowledgeable, diligent, personable.

Ray Vankrimpen genuinely enjoys delivering his boutique brand of consulting, implementation and audit expertise in the areas of cybersecurity, privacy, IT risk management and data quality.

With over 20 years’ worth of proven knowledge and experience, Ray advises his clients on the implementation of cybersecurity solutions.  He is able to scale solutions for large, complex organizations and at the same time bring practical, value-oriented solutions to smaller sized organizations.

Ray has helped many organizations develop their cybersecurity strategy and programs. His technical solution expertise includes Security Information Event Management (SIEM), Data Loss Prevention (DLP), Cyber Threat Intelligence and Data Classification. He has considerable knowledge and experience implementing the NIST Cyber security framework (NIST CSF) and is able to leverage informative resources such as ISO27001, COBIT and other NIST standards.

Ray has many years of experience delivering IT audits of complex information technology architectures that typically include cloud, application, database, network, server and virtual infrastructures. He delivers controls solutions and audits against statutory and compliance standards such as ISO 27001, CPA Canada’s Trust Services Criteria (SOC1, SOC2, CSAE3416, SSAE16 and WebTrust for CA).

Ray’s experience assisting world class organizations protect their digital assets, uniquely positions him to help business owners protect their legacy in this vastly expanding technological landscape. The solutions he provides are practical and effective for business owners and their families.

Fields of expertise

  • Cyber Security solutions
  • Cyber Threat Intelligence solutions
  • Cloud Security solutions
  • Privileged Access Management solutions
  • Security Information Event Monitoring solutions
  • Information security, privacy and threat risk assessments
  • Readiness assessments and service auditor reports under AICPA/CPA Canada guidelines (SOC 1, SOC 2 and SOC 3)
  • Public Key Infrastructure audits (WebTrust for CA, Certipath)
  • PCI Readiness Assessments and Audits
  • ISO 27001 Readiness Assessments and Audits
  • Implementation and audit against statutory and compliance standards and frameworks


  • Financial institutions,
  • Public sector including healthcare, government ministries and agencies
  • Technology, media and telecommunications

Academic background

  • Payment Card Industry – Qualified Security Assessor, PCI-QSA, 2016
  • Certified in Risk and Information Systems Control, CRISC, 2010
  • Certified Information Security Manager, CISM, 2009
  • Certified Information Systems Security Professional, CISSP, 2004
  • Certified Information Systems Auditor, CISA, 2003
  • Diploma in Computer Science, Niagara College, 2000
  • BBA, Brock University, 1999

Professional and community involvement

  • International Information Systems Security Certification Consortium (ISC2) – Member, since 2004
  • Information Systems Audit and Control Association (ISACA) – Platinum member, since 2000

Public recognition

  • Quoted in “Oversharing on social media especially risky for the wealthy”, Canadian Family Offices , June 2021
  • Quoted. “Taking aim at workplace tech” CPA magazine, July 2017
  • Lead presenter. “Data Classification and Data Governance,” ISACA Toronto Annual Summer Conference, June 2016
  • Lead presenter. “Implementing Cyber Security aligned with the NIST framework,” ISACA Fall Conference, November 2015
  • Provided comment to The Globe and Mail on the Ministry of Education website security issues, March 2015
  • Provided comment to The Globe and Mail on the Home Depot breach, September 2014
  • Provided comment to various print and broadcast media on the “Heartbleed Vulnerability,” including The Globe and Mail, Toronto Star, CBC, BNN and 680 News, April 2014
  • Presenter. “Privacy and Security Monitoring Solutions for Health Care,” Hospital CIO/CPO Symposium on ePHIPA, Toronto, January 2013
  • Lead presenter. Cyber Security, various executive boards, since 2010
  • Lecturer. “Electronic Data Processing Auditing,” Laurentian University, 2010-2013
  • Lead presenter. “Managing Outsource Vendors,” ISACA IT Audit Day, Toronto, since 2009
  • Lecturer. “Management Information Systems,” University of Toronto, since 2008