• We are technology risk experts, and we help companies assess risk, develop technology risk management programs, and implement eGRC systems.
  • We are cybersecurity experts and we help companies assess and improve their technology security posture.
  • We developed the SCential Security Incident and Event Management tool to provide companies better enterprise level network and host security awareness at a lower cost than other industry leading tools.

We have the resources to meet your needs. We’ve grown our team through first hand experience working with each other — we think that says a lot. We are deeply experienced professionals including former “Big 4” management, web technologists, system engineers, and industry professionals with hands on Information Security, IT Audit, and IT Risk Management/GRC experience.  This expertise allows us to both provide valuable and realistic services and advice to your business, and implement the processes and systems to support your technology security and technology risk management needs. Our seasoned professionals combine cutting edge tools, timely service, and customized skills in ways others do not.

Our story: After working together on multiple projects at multiple businesses where we interacted with large technology consulting firms, our team realized the value of our skills and offerings, and that we could help businesses more quickly and in a more adaptable manner than those other firms. We’re proud to say we’ve maintained our speed and flexibility as we’ve grown.

We decided we’d help large businesses handle technology security and risk with faster, lighter, more effective solutions. We decided we’d empower small and medium sized businesses’ technology departments with tools and services that were previously out of reach.

These decisions have helped form who we are today. We’re Cential, and we’re excited to work with you.

The folks at Cential are innovative business risk technologists. They use forward thinking design to align GRC technologies with efficient, sustainable risk management processes. Always focused on risk environment maturation, they provide top-notch technical expertise built on a solid foundation of years of risk and compliance experience. I’ve partnered with Cential because they deliver. Zachary Schaefer, PhD

Owner, Spark The Discusssion

David Ponder | Partner & Principal Consultant

Certified Information Systems Auditor and RSA Archer Certified Professional currently specializing in risk assessment, risk management process design, and GRC system design and configuration.

Technologist and Information Risk and Security professional experienced with multiple facets of technology. Highlights include “Big 4” IT audit and consulting experience, managing development teams and building web application testing for fortune 500 clients, implementing an Information Security Risk Management department and supporting eGRC system from the ground up at a major healthcare organization.

Skilled in IT risk management, risk assessment, control design and operation assessments, monitoring, reporting, process improvement, and application and infrastructure security. Seasoned as a liaison between management and internal/external audit functions.

Bryan Johnson | Partner & Principal Consultant

Certified Information Systems Auditor, Certified in Risk and Information Systems Control, and RSA Archer Certified Professional with a diverse and blended background in several facets of governance, risk, compliance, and assurance and over twenty years of experience in the information technology and security field. Successfully assisted organizations deploying enterprise risk management functions in healthcare, energy, and gaming industries through understanding of each industry’s unique technical needs and regulatory requirements.

Technology governance expert with senior level management experience. Highlights include directing IT functions for over ten years, directing IT Audit functions over seven years, and currently helping clients design and implement governance structures such as change management, project initiation management, and change and steering committee operations.

Andrew Gunter | Partner & Principal Consultant

A Risk & Compliance expert, with a Jurist Doctorate and an RSA Archer Certification, specializing in the assessment and development of enterprise Risk & Compliance programs, development of GRC technology enablement roadmaps, and GRC technology system design, configuration and implementation.

Prior experience includes “Big 4” GRC consulting, where he assessed organizations’ risk & compliance functions, developed multi-year risk & compliance technology implementation roadmaps, implemented GRC technology solutions, and developed GRC governance structures. Additionally, he spent five years at a Fortune 50 company, where he supported the Chief Compliance Officer in maintaining oversight of the various embedded business compliance functions through program reviews, the development of key program metrics, and the rollout of their GRC technology solution.

He is also a Corporate Compliance & Ethics subject matter specialist, having served as an Adjunct Professor at the University of St. Thomas School of Law, where he taught a course on the development of corporate compliance programs.

Adam Froemming | Senior Consultant

A GRC systems expert, with a degree in Management of Information Systems, and MBA and RSA Archer Certification.  Specialization in GRC process automation design, configuration and implementation.  Skilled in back-office platform architecture, systems upgrades and operational support.

Prior experience includes 8+ years support back-office systems as well as an additional 6+ years in fortune 50 and 100 companies, where he managed GRC systems support teams responsible for the rollout of GRC technology solutions including program governance, systems architecture, process automation design, configuration and deployment of toolsets.


Our Team

Utilizing seasoned technology security and risk experts, all with 10+ years of experience, each hand-selected project team is versed in cybersecurity, technology risk management, eGRC design and customization, and advisory services.

  • If you’re looking to improve your company’s technology security posture, Cential will provide a fast, expert assessment with actionable recommendations and we’ll help you see them through.
  • If you’re implementing or enhancing your Governance, Risk Management, and Compliance or Integrated Risk Management program, Cential will help your businesses evaluate, develop workflow, and automate functions from requirements gathering to deployment and operation.
  • If you’re performing an audit or compliance engagement, Cential provides experienced resources who know how to use technology and risk practices to drive an efficient and successful project through completion.

We partner with our clients to provide the toolsguidance, and the team for success.