Amit Garg BERKELEY RESEARCH GROUP, LLC 1800 M Street, N.W. 2 nd Floor Washington, D.C Direct:

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Amit Garg BERKELEY RESEARCH GROUP, LLC 1800 M Street, N.W. 2 nd Floor Washington, D.C. 20036. Direct: 202.747.3483 agarg@thinkbrg."

Transcription

1 Curriculum Vitae Amit Garg BERKELEY RESEARCH GROUP, LLC 1800 M Street, N.W. 2 nd Floor Washington, D.C Direct: SUMMARY Amit Garg brings over 17 years of information security consulting, business development, customer relationship management, and program management experience in complex and highly visible projects with senior executive sponsorship. He has worked with clients including large federal civilian agencies, military organizations, and Fortune 500 companies in the banking, insurance and financial services, healthcare, life sciences, consumer products, and retail verticals. Mr. Garg s expertise includes enterprise security program management, enterprise governance, risk management and compliance (egrc), data protection, business resiliency, security culture awareness and training, project management, and cybersecurity due diligence for mergers, acquisitions, and divestitures. He has extensive experience with regulatory requirements including FISMA, HIPAA, NIST, and ISO/IEC 27001, as well as industry best practices across multiple verticals. Mr. Garg has had proven success in engaging with clients, understanding business objectives, identifying and analyzing business issues, laying out tactical and strategic roadmaps, and proposing and executing on those strategies. EDUCATION Certificate, Executive Education, Leadership Development, Yale University - Yale School of Management, 2008 M.S., Information Security Management/Engineering Management, George Washington University School of Engineering & Applied Science, 2006 B.A. Economics, Emory University, 1998 PRESENT EMPLOYMENT Director, Technology Advisory Practice, Berkeley Research Group, Present PREVIOUS POSITIONS Advisory Solutions Principal, RSA Security, the Security Division of EMC,

2 Manager in Security & Privacy Services, Technology Risk, Deloitte & Touché LLP, Information Security Consultant, e-management Consultants, Federal Account Manager, Cyberguard Corporation, 2004 Sales Engineer/Manager, Corsec Security Inc., Business Development Lead/Consultant, f3 Solutions Group, Business Development/Project Manager, Diginexo Inc., Government Account Manager, SCO Inc., SECURITY CLEARANCE 2009 DOD Secret PROFESSIONAL AWARDS 2014 Platinum Award for outstanding performance and service to RSA PROFESSIONAL AFFILIATIONS Present Certified Member, International Information Systems Security Certification Consortium (ISC2) Certified Member, Project Management Institute (PMI) Certified Member, Business Continuity Institute (BCI) Member, International Association of Privacy Professionals (IAPP) Member, Software and Supply Chain Assurance Working Group (SSCAWG) Member, Industrial Control Systems Joint Working Group (ICSJWG) Member, Information Systems Security Association Northern Virginia Chapter Committee Member, Engineer Alumni Association, George Washington University BUSINESS AND NOT-FOR-PROFIT AFFILIATIONS Member, egrc.com Advisory Board - a group of Fortune 500 entities dedicated to training the next generation of governance, risk, and compliance practitioners. Member, Engineer Alumni Association, George Washington University School of Engineering & Applied Science 2

3 Board Member, American Barber Workforces Foundation Volunteer member, American Red Cross, National Capital Region, Vice President of Sponsorship, Network of South Asian Professionals (NetSAP) DC Chapter, 2004 PUBLICATIONS & THOUGHT LEADERSHIP CONTRIBUTIONS Developed an IT Security Due Diligence Framework for assessing risk for acquisition targets for a Fortune 100 retail organization, 2013 Co-developed content and delivered a webinar on Managed Regulatory Compliance Outsourcing to fellow practitioners 2012 Led and served as client service ambassador at Welcome 2 Deloitte, a two day new hire orientation to 200+ new hires, Developed and presented data separation strategy workshops to senior executives of a Fortune 100 consumer retail organization, 2011 Developed a data separation strategy playbook for a Fortune 100 consumer retail organization, 2011 PUBLISHED REVIEWS Led the development of Deloitte whitepaper Meeting Compliance Challenges: Leveraging the Value of Outsourcing in support of launch of new service offering, 2012 SELECTED CONSULTING EXPERIENCE Project 1: M&A IT Security Due Diligence Client Organization: Fortune 100 Retail Organization Role: M&A IT Security Advisor Duration: February 2013 April 2013 Description: Led work stream for IT Security due diligence of potential acquisition targets. Contributions included developing IT Security Due Diligence Risk and Controls framework and playbook. Led the development of remediation plans for pre-sign, pre-close, and postclose activities. Project 2: Governance, Risk, Compliance (GRC) Vendor Evaluation Client Organization: Fortune 200 Financial Services Client Role: Project Manager / Security Lead Duration: September 2012 February 2013 Description: Led engagement to assess and select a GRC vendor for enterprise risk management solution. Facilitated vetting process with over 40 senior executive stakeholders from multiple business units including Finance, Risk, Compliance, BASEL, SOX, IT, 3

4 Technology Risk, Operational Risk, Model Risk Management, etc. Contributions included developing assessment methodology, managing vendor selection process, creating, collecting, and analyzing survey responses, and presenting at executive briefings. Project 3: I&TRM Security Strategy Client Organization: Various Fortune 500 financial services clients Role: Security Advisor Duration: July 2012 September 2012 Description: Led work stream around governance, risk, and compliance. Contributions included drafting security action plans, developing technology risk management transformation process, developing policies and standards aligned to BASEL, SOX and other financial service regulations. Project 4: Managed Regulatory Compliance Outsourcing Initiative Role: Project Manager Duration: October 2011 June 2012 Description: Managed the development of a new service offering targeting the Life Sciences and Financial Services industries. Project 5: Security Program Support Client Organization: Multiple Fortune 100 Financial Services Clients Role: Security Advisor Duration: August 2011 September 2011 Description: Provided support to several engagement teams in the areas of: project planning, risk management, workshop planning, security policy reviews, and risk assessments. Project 6: IT Carve Out Divestiture Planning Client Organization: Fortune 100 Commercial Retail Client Role: Senior M&A and IT Security Advisor for Divestiture Planning Duration: April 2011 June 2011 Description: Provided support to PMO for divestiture planning in the following areas: project planning, risk management, communications, workshop planning. Project 7: Confidential Information Containment Initiative Client Organization: Fortune 100 Telecommunications Client Role: Project Manager / Security Lead Duration: March 2011 April 2011 Description: Identification, assessment, and containment of confidential information (i.e., intellectual property) from being transferred in the divestiture of a business unit. Project 8: GSA ICAM Program Management Client Organization: General Services Administration (GSA), Office of the CIO - Identity, Credentialing, and Access Management (ICAM) Office Role: Project Manager Duration: August 2010 February

5 Description: Provided Project Management Office (PMO) support services to a 20 member team. Responsibilities included program operations, program metrics, quality assurance, communications, project management planning, earned value management, risk management, and reporting to client senior management. Project 9: Certification & Accreditation (C&A), and Risk Management & Compliance Client Organizations: Government National Mortgage Association (Ginnie Mae), US Department of Housing and Urban Development Role: Security Lead Duration: February 2010 April 2010 Description: Provided risk management and compliance support to client. This project included gap assessment, risk analysis of identified gaps and recommendations for risk management, certification and accreditation, and management of third-party vendor providing services to Client. Project 10: Systems Engineering and Information Assurance Program Management Support Client Organization: Military Health System (MHS) - Defense Health Information Management System (DHIMS) Role: Manager / Information Assurance Officer (IAO) / IA Lead Duration: June 2007 February 2010 Description: (DHIMS) provides information management and IT solutions that capture, manage and share healthcare data for the military's Electronic Health Record (EHR). Provided mission support services to DHIMS across a broad range of management and technical functions that support the full System Development Life-Cycle (SDLC) of these systems encompassing systems engineering, technical engineering support, systems security, information assurance (IA), enterprise architecture, and requirements management. SELECTED SPEAKING ENGAGEMENTS Presented Safe and Secure Online sponsored by ISC2 to 100+ high school students in Stafford, VA, 2012 How to be a Farmer: Learn to plant your egrc talent seeds from the ground up, RSA Archer Summit & Charge Conference, 2015 Cybersecurity Litigation, Software and Supply Chain Assurance Forum, December

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY CSCSS / ENTERPRISE TECHNOLOGY + SECURITY C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE CSCSS / ENTERPRISE TECHNOLOGY + SECURITY GROUP Information

More information

Panel Session: High Impact Workforce Initiatives Redefine the Government Information Security Workforce

Panel Session: High Impact Workforce Initiatives Redefine the Government Information Security Workforce Panel Session: High Impact Workforce Initiatives Redefine the Government Information Security Workforce Moderator: Lynn McNulty, CISSP Director of Government Affairs for (ISC)2 Co-Chair (ISC)2 Government

More information

Information Systems Security Line of Business (ISS LoB)

Information Systems Security Line of Business (ISS LoB) Information Systems Security Line of Business (ISS LoB) Information Security and Privacy Advisory Board George Washington University Washington, DC March 22, 2007 Agenda Background Status Next Steps Background

More information

Conducting due diligence and managing cybersecurity in medical technology investments

Conducting due diligence and managing cybersecurity in medical technology investments Conducting due diligence and managing cybersecurity in medical technology investments 2015 McDermott Will & Emery LLP. McDermott operates its practice through separate legal entities in each of the countries

More information

Private Wealth Solutions An exceptional experience for discerning clients

Private Wealth Solutions An exceptional experience for discerning clients Private Wealth Solutions An exceptional experience for discerning clients The client experience is everything. In today s financial services environment, where services and price can be quickly matched

More information

ISE Northeast Executive Forum and Awards

ISE Northeast Executive Forum and Awards ISE Northeast Executive Forum and Awards October 3, 2013 Company Name: Project Name: Presenter: Presenter Title: University of Massachusetts Embracing a Security First Approach Larry Wilson Chief Information

More information

IT-CNP, Inc. Capability Statement

IT-CNP, Inc. Capability Statement Securing America s Infrastructure Security Compliant IT Operations Hosting Cyber Security Information FISMA Cloud Management Hosting Security Compliant IT Logistics Hosting 1 IT-CNP, Inc. is a Government

More information

Corporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA 22153 Office: 703.636.2033 Fax: 866.761.7457 www.mindpointgroup.

Corporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA 22153 Office: 703.636.2033 Fax: 866.761.7457 www.mindpointgroup. Corporate Overview MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA 22153 Office: 703.636.2033 Fax: 866.761.7457 www.mindpointgroup.com IS&P Practice Areas Core Competencies Clients & Services

More information

Vendor Risk Management Financial Organizations

Vendor Risk Management Financial Organizations Webinar Series Vendor Risk Management Financial Organizations Bob Justus Chief Security Officer Allgress Randy Potts Managing Consultant FishNet Security Bob Justus Chief Security Officer, Allgress Current

More information

Customizing Identity Management to fit complex ecosystems

Customizing Identity Management to fit complex ecosystems Customizing Identity Management to fit complex ecosystems Advisory Services PwC Security - Identity Management 12 July 2011 Client s challenge One of the world s largest aerospace and defense corporations

More information

Cybersecurity The role of Internal Audit

Cybersecurity The role of Internal Audit Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government

More information

ArchSmart, LLC Capabilities Overview

ArchSmart, LLC Capabilities Overview ArchSmart, LLC Capabilities Overview Victoria Engel-Yamane CEO and Founder www.archsmart.net Introduction ArchSmart, LLC established September 2005 Small, Women-Owned (WO), Service-Disabled Veteran- Owned

More information

ISACA S CYBERSECURITY NEXUS (CSX) October 2015

ISACA S CYBERSECURITY NEXUS (CSX) October 2015 ISACA S CYBERSECURITY NEXUS (CSX) October 2015 DO2 EXECUTIVE OVERVIEW Will you be a Cyber defender? ISACA launched the Cybersecurity Nexus (CSX) program earlier this year. CSX, developed in collaboration

More information

December 8, 2011. Security Authorization of Information Systems in Cloud Computing Environments

December 8, 2011. Security Authorization of Information Systems in Cloud Computing Environments December 8, 2011 MEMORANDUM FOR CHIEF INFORMATION OFFICERS FROM: SUBJECT: Steven VanRoekel Federal Chief Information Officer Security Authorization of Information Systems in Cloud Computing Environments

More information

Cybersecurity Framework. Executive Order 13636 Improving Critical Infrastructure Cybersecurity

Cybersecurity Framework. Executive Order 13636 Improving Critical Infrastructure Cybersecurity Cybersecurity Framework Executive Order 13636 Improving Critical Infrastructure Cybersecurity National Institute of Standards and Technology (NIST) Mission To promote U.S. innovation and industrial competitiveness

More information

NICE and Framework Overview

NICE and Framework Overview NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to

More information

Governance, Risk, and Compliance (GRC) White Paper

Governance, Risk, and Compliance (GRC) White Paper Governance, Risk, and Compliance (GRC) White Paper Table of Contents: Purpose page 2 Introduction _ page 3 What is GRC _ page 3 GRC Concepts _ page 4 Integrated Approach and Methodology page 4 Diagram:

More information

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES Aligning information with business and operational objectives ESSENTIALS Leverage EMC Consulting as your trusted advisor to move your and compliance

More information

ALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage

ALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage ALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage VENABLE LLP Attorneys at Law Washington, DC/New York/San Francisco/Los Angeles/Baltimore/Virginia/Delaware November

More information

Competency Requirements for Executive Director Candidates

Competency Requirements for Executive Director Candidates Competency Requirements for Executive Director Candidates There are nine (9) domains of competency for association executives, based on research conducted by the American Society for Association Executives

More information

Risk Considerations for Internal Audit

Risk Considerations for Internal Audit Risk Considerations for Internal Audit Cecile Galvez, Deloitte & Touche LLP Enterprise Risk Services Director Traci Mizoguchi, Deloitte & Touche LLP Enterprise Risk Services Senior Manager February 2013

More information

RSA ARCHER AUDIT MANAGEMENT

RSA ARCHER AUDIT MANAGEMENT RSA ARCHER AUDIT MANAGEMENT Solution Overview INRODUCTION AT A GLANCE Align audit plans with your organization s risk profile and business objectives Manage audit planning, prioritization, staffing, procedures

More information

Michael Landry, MBA, PMP Chief Project Controller

Michael Landry, MBA, PMP Chief Project Controller Artistry of Project Management The Artistry Michael Landry, MBA, PMP Chief Project Controller Leadership is the art of accomplishing more than the science of management says is possible Colin Powell is

More information

Internal audit value optimization for insurance organizations

Internal audit value optimization for insurance organizations Internal audit value optimization for insurance organizations Webinar May 13, 2015 Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.

More information

Subj: CYBERSPACE/INFORMATION TECHNOLOGY WORKFORCE CONTINUOUS LEARNING

Subj: CYBERSPACE/INFORMATION TECHNOLOGY WORKFORCE CONTINUOUS LEARNING SECNAV INSTRUCTION 1543.2 From: Secretary of the Navy SECNAVINST 1543.2 DON CIO Subj: CYBERSPACE/INFORMATION TECHNOLOGY WORKFORCE CONTINUOUS LEARNING Ref: See Enclosure (1) Encl: (1) References (2) Responsibilities

More information

KPMG Internal Audit: Top 10 considerations in 2015 for technology companies. kpmg.com

KPMG Internal Audit: Top 10 considerations in 2015 for technology companies. kpmg.com KPMG Internal Audit: Top 10 considerations in 2015 for technology companies kpmg.com INTERNAL AUDIT TOP 10 CONSIDERATIONS IN 2015 1 Our annual compilation of Internal Audit considerations for technology

More information

EDWARD G. LEWIS 556 East Gill Way, Superior, Colorado 80027-8002 Tel: 303-494-6537; Fax: 303-494-0645; E-Mail: elewis@etgl.com

EDWARD G. LEWIS 556 East Gill Way, Superior, Colorado 80027-8002 Tel: 303-494-6537; Fax: 303-494-0645; E-Mail: elewis@etgl.com 556 East Gill Way, Superior, Colorado 80027-8002 Tel: 303-494-6537; Fax: 303-494-0645; E-Mail: elewis@etgl.com PROFESSIONAL EXPERIENCE 2001 - Present Member, Board of Directors, National Veterans Business

More information

iworks healthcare Managed IT services

iworks healthcare Managed IT services iworks healthcare Managed IT services SunGard s iworks HEALTHCARE: Managed IT Services Organizations around the globe face an array of critical issues in today s business environment. Economic conditions

More information

Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org

Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org October 2015 Collaboration Members Certification Matters The Cybersecurity Credentials Collaborative (C3) was formed in 2011 to provide

More information

Hosted by Lunarline: School of Cyber Security

Hosted by Lunarline: School of Cyber Security Hosted by Lunarline: School of Cyber Security Please Fax Government Purchase Orders and SF 182s To (22) 315-33 Cybersecurity is one of the hottest issues for today s Federal and DOD Agencies and commercial

More information

Strategy and Management Services (SAMS), Inc.

Strategy and Management Services (SAMS), Inc. Strategy and Management Services (SAMS), Inc. Exceeding Expectations with People Who Make a Difference! Strategy and Management Services (SAMS), Inc. 8117 Lake Park Dr. Alexandria, VA 22309 1 703-969-7949

More information

Corporate Membership. For Solution Providers

Corporate Membership. For Solution Providers Corporate Membership For Solution Providers Introduction Welcome to the Cloud Security Alliance. The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing

More information

Privacy Governance and Compliance Framework Accountability

Privacy Governance and Compliance Framework Accountability Privacy Governance and Framework Accountability Agenda Global Data Protection and Privacy (DPP) Organization Structure Privacy The 3 Lines of Defense (LOD) Model: Overview Privacy The 3 Lines of Defense

More information

April 28, 2014. Ms. Hada Flowers Regulatory Secretariat Division General Services Administration 1800 F Street, NW, 2 nd Floor Washington, DC

April 28, 2014. Ms. Hada Flowers Regulatory Secretariat Division General Services Administration 1800 F Street, NW, 2 nd Floor Washington, DC April 28, 2014 Ms. Hada Flowers Regulatory Secretariat Division General Services Administration 1800 F Street, NW, 2 nd Floor Washington, DC RE: Information Technology Sector Coordinating Council (IT SCC)

More information

www.pwc.com Third Party Risk Management 12 April 2012

www.pwc.com Third Party Risk Management 12 April 2012 www.pwc.com Third Party Risk Management 12 April 2012 Agenda 1. Introductions 2. Drivers of Increased Focus on Third Parties 3. Governance 4. Third Party Risks and Scope 5. Third Party Risk Profiling 6.

More information

DEPARTMENTAL REGULATION

DEPARTMENTAL REGULATION U.S. DEPARTMENT OF AGRICULTURE WASHINGTON, D.C. 20250 DEPARTMENTAL REGULATION SUBJECT: Identity, Credential, and Access Management Number: 3640-001 DATE: December 9, 2011 OPI: Office of the Chief Information

More information

Darden School. Commission/Schools/Darden/November 2007 1

Darden School. Commission/Schools/Darden/November 2007 1 Darden School The Darden School of Business recently celebrated its 50 th anniversary, reflecting the strong base on which to build toward its centennial. While the world in which the School operates has

More information

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments. Security solutions White paper Acquire a global view of your organization s security state: the importance of security assessments. April 2007 2 Contents 2 Overview 3 Why conduct security assessments?

More information

Job Description. Job Title Branch Business Group Reporting to Location. Purpose. Key Tasks

Job Description. Job Title Branch Business Group Reporting to Location. Purpose. Key Tasks Job Description Job Title Branch Business Group Reporting to Location Enterprise Architect Knowledge, Information, Research and Technology Government Technology Services Chief Architect Wellington Salary

More information

NIST Cloud Computing Program Activities

NIST Cloud Computing Program Activities NIST Cloud Computing Program Overview The NIST Cloud Computing Program includes Strategic and Tactical efforts which were initiated in parallel, and are integrated as shown below: NIST Cloud Computing

More information

U.S. CFO Program The Four Faces of the CFO. 2010 Deloitte Touche Tohmatsu

U.S. CFO Program The Four Faces of the CFO. 2010 Deloitte Touche Tohmatsu U.S. CFO Program The Four Faces of the CFO 2010 Deloitte Touche Tohmatsu CFOs Play Four Critical Roles in Companies Catalyze behaviors across the organization to execute strategic and financial objectives

More information

Building a Cathedral Managing Complexity in Mega Projects

Building a Cathedral Managing Complexity in Mega Projects Building a Cathedral Managing Complexity in Mega Projects easydaysnight.com/page_1233589968609.html Mike Ryal, PMP Edited version of RSC02 session presented by Laura Aziz, PhD, PMP Introduction Mega Project

More information

TESTIMONY OF STEVE COOPER DEPARTMENT OF COMMERCE CHIEF INFORMATION OFFICER BEFORE THE SUBCOMMITTEES ON

TESTIMONY OF STEVE COOPER DEPARTMENT OF COMMERCE CHIEF INFORMATION OFFICER BEFORE THE SUBCOMMITTEES ON TESTIMONY OF STEVE COOPER DEPARTMENT OF COMMERCE CHIEF INFORMATION OFFICER BEFORE THE SUBCOMMITTEES ON INFORMATION TECHNOLOGY AND ON GOVERNMENT OPERATIONS OF THE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

More information

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity Cyber ROI A practical approach to quantifying the financial benefits of cybersecurity Cyber Investment Challenges In 2015, global cybersecurity spending is expected to reach an all-time high of $76.9

More information

KLC Consulting, Inc. All Rights Reserved. 1 THIRD PARTY (VENDOR) SECURITY RISK MANAGEMENT

KLC Consulting, Inc. All Rights Reserved. 1 THIRD PARTY (VENDOR) SECURITY RISK MANAGEMENT 1 THIRD PARTY (VENDOR) SECURITY RISK MANAGEMENT About Kyle Lai 2 Kyle Lai, CIPP/G/US, CISSP, CISA, CSSLP, BSI Cert. ISO 27001 LA President of KLC Consulting, Inc. Over 20 years in IT and Security Security

More information

REQUEST FOR INFORMATION

REQUEST FOR INFORMATION Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services 3 September 2015 6506 Loisdale Rd, Ste 325

More information

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

The Changing IT Risk Landscape Understanding and managing existing and emerging risks The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015

More information

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration STATEMENT OF Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration BEFORE THE HOUSE COMMITTEE ON HOMELAND SECURITY SUBCOMMITTEE

More information

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics Developing and Enhancing Cyber Security Capabilities in the Region Khaled Gamo Technology Advisor Ministry of communication and informatics 1 Content 1 2 3 Cyber Security Strategy and Key Requirement Efforts

More information

Reliable, Repeatable, Measurable, Affordable

Reliable, Repeatable, Measurable, Affordable Reliable, Repeatable, Measurable, Affordable Defense-in-Depth Across Your Cyber Security Life-Cycle Faced with today s intensifying threat environment, where do you turn for cyber security answers you

More information

Panel: SwA Practices - Getting to Effectiveness in Implementation

Panel: SwA Practices - Getting to Effectiveness in Implementation Panel: SwA Practices - Getting to Effectiveness in Implementation (EMC s Evolution of Product Security Assurance) Dan Reddy, CISSP, CSSLP EMC Product Security Office Software Assurance Forum Gaithersburg,

More information

MARYLAND. Cyber Security White Paper. Defining the Role of State Government to Secure Maryland s Cyber Infrastructure.

MARYLAND. Cyber Security White Paper. Defining the Role of State Government to Secure Maryland s Cyber Infrastructure. MARYLAND Cyber Security White Paper Defining the Role of State Government to Secure Maryland s Cyber Infrastructure November 1, 2006 Robert L. Ehrlich, Jr., Governor Michael S. Steele, Lt. Governor Message

More information

A Blueprint for: Microsoft Dynamics CRM Success

A Blueprint for: Microsoft Dynamics CRM Success A Blueprint for: Microsoft Dynamics CRM Success An I.B.I.S., Inc. Whitepaper by Clinton Weldon VP, Professional Services Kevin Johnson VP, Professional Services I.B.I.S., Inc. 2015 All Rights Reserved.

More information

INTERNAL AUDIT GRC SERIES: CHALLENGES AND SOLUTIONS TO ALIGNMENT

INTERNAL AUDIT GRC SERIES: CHALLENGES AND SOLUTIONS TO ALIGNMENT INTERNAL AUDIT GRC SERIES: CHALLENGES AND SOLUTIONS TO ALIGNMENT Internal Audit (IA) is one of many organizational groups whose mission is to assess risks, evaluate controls, raise issues and improve processes.

More information

A Blueprint for Business Software Implementation Success

A Blueprint for Business Software Implementation Success A Blueprint for Business Software Implementation Success An I.B.I.S., Inc. Whitepaper by Kevin Johnson VP, Professional Services Clinton Weldon VP, Professional Services I.B.I.S., Inc. 2015 All Rights

More information

The CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II).

The CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II). Page 1 of 7 The CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II). Domain I provides a solid foundation for the governance of

More information

What drives the CIO agenda? The Growing Business Contribution of IT

What drives the CIO agenda? The Growing Business Contribution of IT What drives the CIO agenda? The Growing Business Contribution of IT Klaus Thomas Director Executive Programs Microsoft CIO Roundtable München, 21. Juni 2006 Page 1 The Gartner EXP CIO Survey is the largest

More information

EDWARDS PROJECT SOLUTIONS NORTH AMERICAN INDUSTRY CERTIFICATION SYSTEM (NAICS) CODES QUALIFICATIONS WITH FULL DESCRIPTIONS

EDWARDS PROJECT SOLUTIONS NORTH AMERICAN INDUSTRY CERTIFICATION SYSTEM (NAICS) CODES QUALIFICATIONS WITH FULL DESCRIPTIONS REVISED: J 5523920 PORTFOLIO MANAGEMENT SIZE STANDARD: $7.0M Edwards Project Solution ( ) provides portfolio management services through building enterprise project management solutions and providing portfolio

More information

Written Testimony. Mark Kneidinger. Director, Federal Network Resilience. Office of Cybersecurity and Communications

Written Testimony. Mark Kneidinger. Director, Federal Network Resilience. Office of Cybersecurity and Communications Written Testimony of Mark Kneidinger Director, Federal Network Resilience Office of Cybersecurity and Communications U.S. Department of Homeland Security Before the U.S. House of Representatives Committee

More information

Interagency Advisory Board Meeting Agenda, March 5, 2009

Interagency Advisory Board Meeting Agenda, March 5, 2009 Interagency Advisory Board Meeting Agenda, March 5, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Federal Identity, Credential, and Access Management (ICAM) The Future of the Government s IDM Strategy

More information

Welcome! Scaled Agile Reston, VA

Welcome! Scaled Agile Reston, VA Welcome! Scaled Agile Reston, VA Rally Software Eliassen Group 2012 Agenda 7:30-8:00: Breakfast + Registration 8:00-9:00: Meet local Agilists 9:00-9:15: Opening Remarks 9:15-10:00: Rafaa Abdalla Chief

More information

Technology Consulting Services

Technology Consulting Services Technology Consulting Services Building enterprise wide systems that make sense Streamlining your technology... to bring your busin next level 01 Technology Consulting Services 02 Our Leadership Team 03

More information

Reverse Due Diligence A New Trend In Financial M&A

Reverse Due Diligence A New Trend In Financial M&A Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Reverse Due Diligence A New Trend In Financial M&A

More information

IBM Internet Security Systems October 2007. FISMA Compliance A Holistic Approach to FISMA and Information Security

IBM Internet Security Systems October 2007. FISMA Compliance A Holistic Approach to FISMA and Information Security IBM Internet Security Systems October 2007 FISMA Compliance A Holistic Approach to FISMA and Information Security Page 1 Contents 1 Executive Summary 1 FISMA Overview 3 Agency Challenges 4 The IBM ISS

More information

Department of Defense DIRECTIVE

Department of Defense DIRECTIVE Department of Defense DIRECTIVE NUMBER 8140.01 August 11, 2015 DoD CIO SUBJECT: Cyberspace Workforce Management References: See Enclosure 1 1. PURPOSE. This directive: a. Reissues and renumbers DoD Directive

More information

Using Organizational Change Management Principles to Create a Scalable OCM Methodology

Using Organizational Change Management Principles to Create a Scalable OCM Methodology Using Organizational Change Management Principles to Create a Scalable OCM Methodology Cynthia Onstott John Spurrell May 16, 2016 2 Today s Learning Objectives How to develop a new Organizational Change

More information

Develop annual action plans, goals and accountability Identify demographic focus and in demand jobs

Develop annual action plans, goals and accountability Identify demographic focus and in demand jobs State Energy Workforce Consortium Implementation Checklist Structure and Support Develop a consortium strategic plan Develop common purpose and objectives for consortium Define leadership and consortium

More information

Our Service Offering to SASOL

Our Service Offering to SASOL Our Service Offering to SASOL MEMBER FIRM ALIGNED WITH LIKE-MINDED FIRMS IN OVER 70 OFFICES ACROSS 25 COUNTRIES Giving our clients a competitive advantage by providing access to best practice. A BRIEF

More information

ISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services

ISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services ISSUE BRIEF Cloud Security for Federal Agencies Achieving greater efficiency and better security through federally certified cloud services This paper is intended to help federal agency executives to better

More information

How to Use the Federal Risk and Authorization Management Program (FedRAMP) for Cloud Computing

How to Use the Federal Risk and Authorization Management Program (FedRAMP) for Cloud Computing How to Use the Federal Risk and Authorization Management Program (FedRAMP) for Cloud Computing Warren S. Udy, CISSP Senior Cyber Security Advisor Office of Cyber Security 301-903-5515 warren.udy@hq.doe.gov

More information

LNC provides its partners with flexible capital solutions and the strategic support to drive value creation for all stakeholders

LNC provides its partners with flexible capital solutions and the strategic support to drive value creation for all stakeholders LNC provides its partners with flexible capital solutions and the strategic support to drive value creation for all stakeholders LNC Partners is a Northern Virginia based investment firm with over $235

More information

The Digital Identity Ecosystem of the States: Securing the Enterprise

The Digital Identity Ecosystem of the States: Securing the Enterprise The Digital Identity Ecosystem of the States: Securing the Enterprise Security Industry Alliance September 28, 2011 Doug Robinson, Executive Director National Association of State Chief Information Officers

More information

People & Change Strategies for Success

People & Change Strategies for Success People & Change Strategies for Success 2014 1st Quarter Meeting & Vendor Fair: IHRIM Jasmine Langevine, Senior Associate March 2014 Contents Page Introduction 3 People & Change Overview 4 Change Management

More information

Mergers and Acquisitions Operational Synergies Perspectives on the Winning Approach

Mergers and Acquisitions Operational Synergies Perspectives on the Winning Approach Mergers and Acquisitions Operational Synergies Perspectives on the Winning Approach Part 1 of the Miniseries on Mergers and Acquisitions Operational Synergies Mergers and Acquisitions Operational Synergies

More information

We Focus Our Energy On Delivery BOXLEYGROUP.COM

We Focus Our Energy On Delivery BOXLEYGROUP.COM We Focus Our Energy On Delivery Bridging The Gaps Boxley Group consultants help to bridge the gaps that can exist between the four cornerstones of a business - Strategy, Operations, Commercial and Technology

More information

Wealth management advisory. Ernst & Young Financial Services Office

Wealth management advisory. Ernst & Young Financial Services Office Wealth management advisory Ernst & Young Financial Services Office Wealth Management Advisory Overview Financial services is Ernst & Young s largest global industry group. We deliver wealth management

More information

Cybersecurity: The Legal, Legislative and Regulatory Outlook

Cybersecurity: The Legal, Legislative and Regulatory Outlook Cybersecurity: The Legal, Legislative and Regulatory Outlook Jamie Barnett Rear Admiral USN (Retired) Co-Chair, Telecommunications Partner in Cybersecurity Practice Cybersecurity Impact and Costs Direct

More information

MANAGEMENT CONSULTING ENTERPRISE SOLUTIONS IT OUTSOURCING. CAPABILITY briefing

MANAGEMENT CONSULTING ENTERPRISE SOLUTIONS IT OUTSOURCING. CAPABILITY briefing MANAGEMENT CONSULTING ENTERPRISE SOLUTIONS IT OUTSOURCING MILESTONES 1999-Present 8(a) / SDB Certified Woman-Owned Certified GSA Schedule 70 GSA STARS II NAICS Codes 541511, 541512, 541519, 541618, 541611,

More information

The Role of Governance, Risk Management & Compliance in Organizations

The Role of Governance, Risk Management & Compliance in Organizations The Role of Governance, Risk Management & Compliance in Organizations Study of GRC practitioners Sponsored by RSA, The Security Division of EMC Independently conducted by Ponemon Institute LLC Publication

More information

Strategic Progress Update July 2014 March 2015

Strategic Progress Update July 2014 March 2015 Strategic Progress Update July 2014 March 2015 Presented to the SUS Board of Governors By Sri Sridharan, FC 2 Managing Director and Chief Operating Officer March 18, 2015 Mission / Goals 1. Position Florida

More information

Re: Joint Working Group on Improving Cybersecurity and Resilience Through Acquisition [Notice- OMA- 2014-01; Docket No. 2014-0002]

Re: Joint Working Group on Improving Cybersecurity and Resilience Through Acquisition [Notice- OMA- 2014-01; Docket No. 2014-0002] April 28, 2014 Ms. Hada Flowers General Services Administration Regulatory Secretariat Division (MVCB) 1800 F Street, NW, 2 nd Floor Washington, DC 20405 Re: Joint Working Group on Improving Cybersecurity

More information

Pillsbury Global Sourcing BETTER DESIGN. BETTER DECISIONS. BETTER RESULTS. Pillsbury Winthrop Shaw Pittman LLP

Pillsbury Global Sourcing BETTER DESIGN. BETTER DECISIONS. BETTER RESULTS. Pillsbury Winthrop Shaw Pittman LLP Pillsbury Global Sourcing BETTER DESIGN. BETTER DECISIONS. BETTER RESULTS. Pillsbury Winthrop Shaw Pittman LLP 2 Better Design. Better Decisions. Better Results. Creating value isn t easy. Creating value

More information

Impact of New Internal Control Frameworks

Impact of New Internal Control Frameworks Impact of New Internal Control Frameworks Webcast: Tuesday, February 25, 2014 CPE Credit: 1 0 With You Today Bob Jacobson Principal, Risk Advisory Services Consulting Leader West Region Bob.Jacobson@mcgladrey.com

More information

PCI DSS READINESS AND RESPONSE

PCI DSS READINESS AND RESPONSE PCI DSS READINESS AND RESPONSE EMC Consulting Services offers a lifecycle approach to holistic, proactive PCI program management ESSENTIALS Partner with EMC Consulting for your PCI program management and

More information

NIST Cybersecurity Framework Overview

NIST Cybersecurity Framework Overview NIST Cybersecurity Framework Overview Executive Order 13636 Improving Critical Infrastructure Cybersecurity 2nd ENISA International Conference on Cyber Crisis Cooperation and Exercises Executive Order

More information

The HIPAA Security Rule: Theory and Practice

The HIPAA Security Rule: Theory and Practice Presentation for HIPAA Summit X Baltimore, MD April 7, 2005 The HIPAA Security Rule: Theory and Practice Sam Jenkins Privacy Officer TRICARE Management Activity (TMA) Dan Steinberg Senior Consultant Booz

More information

Beyond risk identification Evolving provider ERM programs

Beyond risk identification Evolving provider ERM programs Beyond risk identification Evolving provider ERM programs March 2016 At a glance PwC conducted research to assess the state of enterprise risk management (ERM) within healthcare providers and found many

More information

THE AMERICAN LAW INSTITUTE Continuing Legal Education

THE AMERICAN LAW INSTITUTE Continuing Legal Education 1 THE AMERICAN LAW INSTITUTE Continuing Legal Education Mobile Technology, Health Care, and Data Security: Minimizing the Risks and Leveraging the Benefits June 26, 2014 Telephone Seminar/Audio Webcast

More information

GRC Program Best Practices & Lessons Learned

GRC Program Best Practices & Lessons Learned GRC Program Best Practices & Lessons Learned Steps to Establishing and Maturing a GRC program Carl Sawicki, American Express Kathleen Randall, RSA Archer 1 Abstract In today s world, few organization s

More information

How to use the National Cybersecurity Workforce Framework. Your Implementation Guide

How to use the National Cybersecurity Workforce Framework. Your Implementation Guide How to use the National Cybersecurity Workforce Framework Your Implementation Guide A NATIONAL PROBLEM The Nation needs greater cybersecurity awareness. The US workforce lacks cybersecurity experts. Many

More information

IT Transformation for Health Care

IT Transformation for Health Care Health Care strategy consulting to the country s leading hospitals and health systems. OVERVIEW IT Transformation for Health Care Transform IT develops a new target model to promote operational efficiency,

More information

2014 Vendor Risk Management Benchmark Study

2014 Vendor Risk Management Benchmark Study 2014 Vendor Risk Management Benchmark Study Introduction/Executive Summary You can have all the security in the world inside your company s four walls, but all it takes is a compromise at one third-party

More information

Privacy by Design Setting a new standard for privacy certification

Privacy by Design Setting a new standard for privacy certification Privacy by Design Setting a new standard for privacy certification Privacy by Design is a framework based on proactively embedding privacy into the design and operation of IT systems, networked infrastructure,

More information

Our Expertise and Commitment Driving your Success MISMO Solutions

Our Expertise and Commitment Driving your Success MISMO Solutions Our Expertise and Commitment Driving your Success MISMO Solutions 1 Offices in New York and Northern VA Table of Contents Actualize Consulting Overview MISMO Overview Actualize MISMO Transformation Solution

More information

International Sign Associations Vice President, Education & Technical Initiatives

International Sign Associations Vice President, Education & Technical Initiatives International Sign Associations Vice President, Education & Technical Initiatives International Sign Association is seeking a Vice President, Education & Technical Initiatives for this $6 million budget,

More information

Using Enterprise Governance, Risk, And Compliance (EGRC) Tools For Improved Management Of Security And Privacy. June 23, 2015

Using Enterprise Governance, Risk, And Compliance (EGRC) Tools For Improved Management Of Security And Privacy. June 23, 2015 Using Enterprise Governance, Risk, And Compliance (EGRC) Tools For Improved Management Of Security And Privacy June 23, 2015 What is egrc? A management system for compliance requirements, policies, risk

More information

Standardize, streamline, simplify: Applications rationalization during M&A Part of the Wired for Winning series on M&A technology topics

Standardize, streamline, simplify: Applications rationalization during M&A Part of the Wired for Winning series on M&A technology topics 1 Deloitte M&A Institute Standardize, streamline, simplify: Applications rationalization during M&A Part of the Wired for Winning series on M&A technology topics Most companies tend to accumulate a large

More information

An RCG White Paper The Data Governance Maturity Model

An RCG White Paper The Data Governance Maturity Model The Dataa Governance Maturity Model This document is the copyrighted and intellectual property of RCG Global Services (RCG). All rights of use and reproduction are reserved by RCG and any use in full requires

More information

Developing a Project Management Office:

Developing a Project Management Office: 1 Developing a Project Management Office: 10 lessons learned in the trenches By: Philip Felt, PMP, MBA & Colin Konschak, MBA, FHIMSS, FACHE Research into initiated projects at over 500 companies concludes

More information