Terry Grafenstine is the 2023–24 Senior Vice Chair of the Global Board of Directors of The Institute of Internal Auditors (IIA) and Chief Audit Executive with Pentagon Federal Credit Union (PenFed). She was recognized by The IIA as one of the “Top Ten Audit Thought Leaders of the Decade” and inducted into The IIA’s Hall of Distinguished Audit Practitioners. She currently serves on both the IIA’s North American and Global Boards of Directors.

Terry has over 25 years of experience in the internal auditing and information technology profession. As CAE at PenFed, Terry is responsible for leading internal audit teams covering all aspects of operations at the second largest credit union in the US. Prior to joining PenFed in May 2023, Terry was the global chief auditor for Technology and Critical Business Services at Citi where she was responsible for leading internal audit teams covering technology infrastructure, cyber, resilience, platforms and applications within businesses and functions, and global business services.

Before joining Citi, Terry was a Managing Director in Deloitte’s Risk and Financial Advisory practice, where she provided strategic advisory services to Chief Audit Executives across all commercial industries and IT audit, risk, and governance advisory services to first line executives in the defense and national security space. Prior to joining Deloitte, Terry served for eight years as the appointed Inspector General of the U.S. House of Representatives, where she designed, managed, and delivered audit and investigative services, including the annual financial statement audit and a comprehensive cyber assurance program.

Terry has held numerous leadership roles to support the auditing, accounting, and information technology profession, including serving as ISACA’s Global Chair (2017-2018) and a member of the AICPA board of directors. Terry speaks globally on a wide range of subjects, including cyber security, internal auditing, accounting standards, resilience, leadership, and risk.
Terry earned a Bachelor’s degree in Accounting from Saint Joseph’s University. She is a Certified Internal Auditor (CIA), Certified Public Accountant (CPA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified In Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), and Certified Government Auditing Professional (CGAP).