Scott Nalley, CPA, CITP, CIA, CISA, CCSFP, CHQP, CHCO, CISSP

Member-in-Charge

Risk Assurance and Advisory Services

KraftCPAs PLLC

555 Great Circle Road, Nashville, Tennessee 37228

(615) 782-4252
Scott Nalley is the member-in-charge with the risk assurance and advisory services (RAAS) group

Scott Nalley is the member-in-charge with the risk assurance and advisory services (RAAS) group at KraftCPAs PLLC. He is responsible for overall management and oversight of the RAAS practice, including its staffing, daily operations, quality control, and client relationships.

Scott provides risk management, internal control, and regulatory compliance consulting services such as internal audits, system and organization controls (SOC) attestation examinations, HITRUST assessments, and HIPAA risk analysis. He has experience in the areas of risk assessments, network security assessments, network vulnerability assessments, IT audit, data privacy compliance, and risk management, as well as designing, implementing, and testing internal controls.

Scott works extensively with clients in the manufacturing/wholesale/distribution (MWD), government, utility, technology, healthcare, and professional services industries. As leader of the firm’s internal audit team, he works with internal audit departments and public accounting firms by providing quality assurance and peer reviews.

Scott has more than 15 years of experience in public and private accounting. His prior public accounting experience included performing external audits for nonprofit/governmental entities, dealerships, and MWD companies, as well as employee benefit plans. Scott also worked for six years as an internal auditor for Vanderbilt University.

Involvement

  • American Institute of Certified Public Accountants
  • Tennessee Society of Certified Public Accountants
  • The Institute of Internal Auditors, Academic Relations Committee; Board of Governors
  • Leadership Health Care
  • Tennessee State University, Accounting Advisory Board

Previous Involvement

  • Rebuilding Together Nashville, President, Treasurer

Professional Achievements

  • Practice Development and Internal Service Awards, KraftCPAs
  • Frequent guest presenter, including:
    • East TN IIA Chapter, Auditing Accounts Payable from an IA and Fraud Examiner Perspective
    • Public Utility Accountant Association, Effective Internal Controls
    • Fraud: When Truth is Stranger Than Fiction: Middle Tennessee ACFE, Lipscomb Accounting Conference, Association of Government Accountants
    • Keep Your Boat Afloat: Are You Cybersecure?
    • Lipscomb Accounting Conference: Auditing IT Internal Controls and IT Security
    • TSCPA Healthcare Conference, HIPAA Update: The 2020 Impact

Expertise

Industries

Healthcare Manufacturing, Wholesale, and Distribution Nonprofit and Governmental Private Equity and Venture Capital Professional Service Firms

Services

Audit and Assurance HITRUST Compliance Internal Audit IT Audit and Consulting Network and Cybersecurity Peer Review Regulatory and Compliance Frameworks Risk Advisory SOC Examination
Scott Nalley is the member-in-charge with the risk assurance and advisory services (RAAS) group

Certifications

  • Certified Public Accountant
  • Certified Information Technology Professional
  • Certified Internal Auditor
  • Certified Information Systems Auditor
  • HITRUST Certified CSF Practitioner
  • HITRUST Certified HITRUST Quality Professional
  • Certified HIPAA Compliance Officer
  • Certified Information Systems Security Professional

Education

  • BBA, Accounting,
    University of Memphis