full screen background image
Towards Pervasive GRC
April 29 - May 01, 2014 | Four Seasons Hotel Las Vegas, Nevada, USA
MetricStream GRC Summit 2014

David R. Koenig

CEO, The Governance Fund Advisors

David R. Koenig is the Chief Executive Officer of The Governance Fund Advisors, LLC, leader of the Directors and Chief Risk Officers group (the DCRO), and the author of "Governance Reimagined: Organizational Design, Risk and Value Creation."

In 2010, David was chosen as a winner of Management Innovation eXchange's M-Prize competition – Reinventing Leadership. In 2008, he received the PRMIA top honor, the Higher Standard Award. In 2007, he was named by his industry peers as one of the first 100 members of the Risk Who's Who International Honorary Society.

Formerly an officer of the First National Bank of Chicago, GMAC/RFC, Principal Financial Group and U.S. Bancorp Piper Jaffray, Koenig has been active in the financial markets for over 25 years. He served as the Chair of the Board of Directors of PRMIA from 2002 to 2005, was a member of the association's Ethics Committee from 2002 to 2012 and was the Chair of that committee from 2011 to 2012. Koenig has been a featured speaker at 70+ events in 4 continents.

Dan Gunther

VP, Enterprise Risk Manager,
Sterling Bank

Mr. Gunther is the VP, Enterprise Risk Manager for Sterling Bank. Prior to his current role he served as the IT Audit Manager at Sterling Bank, where he helped develop the risk management processes and frameworks that allowed ERM responsibility to move out of the audit department and into a dedicated department. Mr. Gunther previously worked in public accounting including Big 4 experience.

Karin Carstensen

Food Scientist,
Woolworths South Africa

Karin Carstensen has been with Woolworths, South Africa (Woolies) for over 23 years. In her first 10 years, she was responsible for product development and quality control at the Woolies bakery department for their national bread production. Since, the year 2000, Ms. Carstensen has worked with the Woolies Central Foods Technology department. Her current responsibilities include, legal compliance management for foods area (monitoring legislation, submitting comment, driving implementation, and ensuring legal compliance); policy and guidelines development and management; handling and managing issues and crisis management; and champion for food technology IT systems such as the Metric Stream solution.

Ms. Carstensen holds a bachelors degree in Chemistry and Food Science from Stellenbosch University and a compliance management diploma from University of Cape Town.

Frank J. Santora

First Vice President,
Hudson City Savings Bank

Frank Santora is a senior level risk management executive at Hudson City Savings Bank, the largest thrift in the country. Headquartered in New Jersey, the bank serves customers throughout the surrounding metropolitan area with branches across New York, New Jersey, and Connecticut. In his current role, Mr. Santora has management responsibility over the Operational Risk Management Group, which consists of the Operational Risk Management, Vendor Risk Management, Information Security, IT Risk, and Business Continuity Planning departments. Prior to joining Hudson City Savings Bank, Mr. Santora spent eleven years at the Bank of Tokyo-Mitsubishi, where in his last role; he served as Director and Head of the Operational Risk Management Group.

Mr. Santora brings over 15 years of experience in the banking industry designing and implementing risk management frameworks, and throughout his career he has spearheaded multiple large-scale projects to reduce inefficiency, minimize risk exposure, and comply with regulatory requirements. Mr. Santora received the distinction of Certified Treasury Professional (CTP) from the Association for Financial Professionals and obtained the Certification in Control Self-Assessment (CCSA) from the Institute of Internal Auditors. Mr. Santora graduated from Swarthmore College with a BA in Economics, and received his MBA from the City University of New York, Zicklin School of Business.

Michael Rasmussen

JD, GRCP, OCEG Fellow,
and Chief GRC Pundit, GRC 20/20 Research

Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of enterprise GRC, GRC technology, corporate compliance, and policy management. With 18+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architecture, and select technologies that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester.

Michael has contributed to U.S. Congressional reports and committees, and currently serves on the Leadership Council of the OCEG and chairs the OCEG Technology Council, OCEG Policy Management Group, and the OCEG GRC Architect Group.

Michael is quoted extensively in the press and is respected for his commentary on broadcast news channels. He is an Honorary Life Member in The Institute of Risk Management for his contributions to risk management and GRC. In June 2007, Treasury & Risk recognized Michael as one of the 100 most influential people in finance with specific accolades noting his work in “Governance and Compliance: Saving the Planet and the Corporation” and as a “Rising Star in Rocky Times: Corporate America’s Outstanding Executives.”

Prior to founding GRC 20/20 Research, Michael was a Vice-President and ’Top Analyst’ at Forrester Research, Inc. Before Forrester, he led the risk/compliance consulting practice at a professional services firm, and prior to that has specific experience managing compliance and risk within commercial organizations.

Michael’s educational experience consists of a Juris Doctorate in law and a Bachelor of Science in Business. Michael is currently pursuing a Master of Divinity at Trinity Evangelical Divinity School with a research focus in ethics and church history. He is a GRCP (GRC Professional), CCEP (Certified Compliance and Ethic Professional), and a CISSP (Certified Information Systems Security Professional). OCEG has recognized him as an OCEG Fellow for his contributions and advancement of GRC practices around the world.

Denise DeAmore

EVP and Chief Administrative Officer,
State Street Corporation

As Executive Vice President and Chief Administrative Officer of State Street's Corporate Audit Division, Ms. Denise DeAmore is responsible for overall coordination and implementation of the Corporate Audit Strategic Plan and the Corporate Audit's transformation. Ms. DeAmore joined State Street in 1991 and has more than 30 years of experience in the areas of program & project management, operations and IT effectiveness, organizational design & change management. During her time at State Street, Ms. DeAmore managed the company's technology operations centers, established the IT relationship management and the service delivery program, and developed the corporate continuity program. Ms. DeAmore was also responsible for the design and development of State Street's GIS program and, in 2004, was named New England Information Security Executive of the Year.

Prior to State Street, Ms. DeAmore held technology and ops management positions at Shawmut National Corp, Orion Group, and Allstate Insurance Company. She holds a Bachelor of Arts degree from Boston College.

Bernard Tyson

Kaiser Permanente

William .S Cohen

Former U.S. Secretary of Defense,
CEO of The Cohen Group, & Board Director at CBS Corporation

Secretary William S. Cohen is the chairman and CEO of The Cohen Group, a strategic business consulting firm based in Washington, DC, which assists multinational clients from all sectors to pursue business opportunities and overcome problems in quickly changing markets around the world. The Cohen Group has a strategic alliance with DLA Piper, the world's largest law firm.

Cohen currently serves on the corporate board of CBS and on the advisory board of Barrick Gold International. Cohen is a senior counselor at the Center for Strategic and International Studies and was recently appointed the co-chair of the CSIS US-ASEAN (Association of Southeast Asian Nations) Strategy Commission with Hank Greenburg. He also serves on the board of directors of the US-China Business Council and US-India Business Council.

Cohen served as the 20th U.S. Secretary of Defense, from January 1997 to January 2001, where he oversaw the largest organization in the U.S. with a budget of $300 billion and three million military and civilian personnel. As Defense Secretary, he was responsible for: reversing a decade-and-a-half of continuous decline in the defense budget and the defense procurement budget, which he increased by nearly 50 percent; the largest military pay raise in a generation; and adoption of electronic commerce and other best business practices in the Defense Department. In addition, under his leadership, the United States military conducted the largest air warfare campaign (Bosnia/Kosovo) since World War II and conducted other military operations on every continent. His term as Secretary of Defense marked the first time in modern U.S. history that a President has chosen an elected official from the other party to be a member of his Cabinet.

As a three-term United States Senator (1979 to 1997), he was a recognized expert on defense and international issues, health care and government procurement. He also served in the U.S. House of Representatives for three terms (1973 to 1979) and as mayor of Bangor, Maine (1971 to 1972). While in Congress, he served on the House Judiciary Committee during the impeachment proceedings in 1974 and the Iran-Contra Committee in 1987.

He was born in Bangor, Maine and received a B.A. in Latin from Bowdoin College (1962) and a law degree from Boston University Law School (1965). He has written or co-authored twelve books—four non-fiction works, five novels and two books of poetry, including a book co-authored with his wife Janet titled Love in Black and White: A Memoir of Race Religion and Romance (2007). His most recent novel, Blink of an Eye, was released in 2011. He also wrote the novel Dragon Fire, published in August of 2006.

Yvonne Cagle, MD

Astronaut, NASA

Dr. Yvonne Cagle is a NASA Astronaut and Family Physician. In 2008 , Dr. Cagle retired as a Colonel in the USAF where she served as a Senior Flight Surgeon prior to her selection to the NASA Astronaut Corp in 1996. In 2005, Dr. Cagle was assigned to the NASA/ARC as the lead ARC Astronaut Science Liaison and Strategic Relationships Manager for Google and other Silicon Valley Programmatic Partnerships. Dr. Cagle’s groundbreaking work is preserving historic NASA space legacy data while, simultaneously, galvanizing NASA’s initiatives in global mapping, sustainable energies, green initiatives, and disaster preparedness. Dr. Cagle is advisor for the Commercial Reusable Suborbital Research Program (CRuSR). Previously, Dr. Cagle served on faculty as the NASA liaison and VP for space exploration and space exponential technologies with Singularity University.

Dr. Cagle was a Brussels TEDx Speaker for 2012. Historically holding adjunct professorships with Stanford University, UC Davis, and UTMB, Galveston, Dr. Cagle currently, in collaboration with NASA, is a Visiting Professor at Fordham University.

Bernard J. Tyson

Chairman and CEO of Kaiser Permanente

Bernard J. Tyson is the chairman and chief executive officer of Kaiser Permanente, one of America's leading integrated health care providers and not-for-profit health plans. With annual operating revenue of more than $50 billion, Kaiser Permanente serves more than 9.3 million members in eight states and the District of Columbia.

Tyson assumed the role of chairman in January 2014 and has served as CEO since July 1, 2013. His career at Kaiser Permanente has spanned nearly 30 years, and he has successfully managed all major aspects of the organization. He had previously served as president and chief operating officer of the Oakland, California-based health care organization since 2010.

Under Tyson’s leadership, Kaiser Permanente has delivered on its “Thrive” promise by bringing an innovative and fully integrated approach to health care and health care coverage that is helping members achieve their aspirations of total health. Tyson believes Kaiser Permanente’s demonstrated ability to deliver high-quality and affordable health care through a combination of prevention, innovation, and integration can serve as the model for the future of health care in America. In fact, the strength of Kaiser Permanente’s approach is evident today in the significant increase in partnerships between health plans, hospitals, and medical practices across the health care industry.

As Chairman and CEO, Tyson is dedicated to highlighting Kaiser Permanente’s role as an industry leader in preventive care and in treating serious health conditions. For example, Kaiser Permanente’s 175,000 employees and 17,000 physicians consistently deliver some of the best cancer care, cardiovascular care, and neuroscience outcomes in the nation while also leading the country in infection prevention, cancer screenings, patient safety, and quality. Tyson has been a strong advocate for the elimination of health care disparities among individuals by promoting the use of aggregated data from members’ electronic medical records to determine the most effective treatments for optimal clinical outcomes. He is also dedicated to upholding Kaiser Permanente's mission to provide high-quality, affordable health care services for the organization’s members and to improve the health of its members and the communities it serves.

Tyson has served in roles from hospital administrator to division president, leading Kaiser Permanente’s business in California and in its other regions. During his tenure as executive vice president for Health Plan and Hospital Operations, Tyson was responsible for both the care and health care coverage for members within one of the nation’s largest health plans and hospital systems — now 38 Kaiser Permanente-owned hospitals and more than 600 medical offices across America.

A San Francisco Bay Area native, Tyson earned a Bachelor of Science in health service management and a Master of Business in health service administration from Golden Gate University in San Francisco. He earned a leadership certificate from Harvard University. He serves on the board of directors of the American Heart Association. He recently completed service as chair of the Executive Leadership Council in 2012-2014.

Gunjan Sinha

Executive Chairman

As the Executive Chairman of MetricStream, Gunjan Sinha is responsible for leading the firm's overall strategy and execution. Over the course of his career, Gunjan has spent over 20 years in various entrepreneurial, board, and executive positions building innovative businesses. As an Internet pioneer, he was the Co-Founder and President of WhoWhere? Inc., a leading Internet directory services company that was acquired by Lycos in 1998, as well as eGain, an online customer service company which he built from inception to post NASDAQ IPO. Gunjan currently serves on the Board of Directors of several Silicon Valley companies, and in 2010, he was appointed to the Board of the US-India Science and Technology Research Endowment Fund by the US State Department to promote entrepreneurship and innovation. He also serves as the Chairman of CFHI.org which brings transformative healthcare education to under-served communities around the world.

Gunjan obtained his BS and MS degrees in Computer Science from the Indian Institute of Technology, New Delhi, and UC Santa Cruz, respectively. He also holds an MS in Industrial Engineering and Engineering Management from Stanford University. Gunjan has been featured as one of the 50 most successful immigrant entrepreneurs in the US by Silicon India.

Robert Gerden

SVP, Group Operational Risk Wealth, Brokerage & Retirement,
Wells Fargo & Company

With over 20 years of multi-industry experiences as a risk professional, Rob has been a senior operational risk manager at Wells Fargo for the past seven years, including five years in Regional Banking (Phoenix) and the last two years as Group Head of Operational Risk for Wealth, Brokerage and Retirement (Charlotte).

Rob's background includes leading risk teams across global organizations in banking, technology, consulting and government. Prior to joining Wells Fargo, Rob was a director involving corporate risk & security for Nortel Networks in Toronto where he directed investigations and streamlined complex risk operations including information & personnel protection, business continuity and incident management.

Rob was a senior consultant for global risk firm Kroll Associates, advising Fortune 500 clients across the continent on risk management, and also as an advisor to the Solicitor General Canada involving national security incident and crisis management planning & simulations. He has taught college law & security courses and authored a related textbook published by Prentice-Hall. He also served in the Canadian Armed Forces Naval Reserve.

His educational background includes an MBA from the University of Toronto, executive training at Harvard University, a degree in Criminology and Public Policy as well as additional graduate banking courses at the University of Washington. He is a Certified Information Security Professional and a frequent speaker on risk management best practices. Rob has also completed two full Ironman Triathlons.

He resides in Charlotte, North Carolina.

Bob Karchinski

SVP & General Auditor,
Boston Private Financial Holdings

Bob Karchinski is Senior Vice President and General Auditor of Boston Private Financial Holdings, Inc.

Bob brings over 35 years of financial services experience performing both audit and consultative roles. Bob has held senior level positions with multinational organizations, such as Citibank and Bank of America, where he managed audit activities of domestic and international banking functions. Bob served as General Auditor for Societe Generale in the Americas Region and most recently at Countrywide Bank, prior to its acquisition by Bank of America, when he assisted in the monitoring of the transition. Bob possesses his CPA, and is a certified financial services auditor and certified fraud examiner

Tom H. W. Harper

EVP and General Auditor,
Federal Home Loan Bank of Chicago

Tom Harper is the Executive Vice President and General Auditor for the Federal Home Loan Bank of Chicago one of twelve Federal Home Loan Banks, cooperatives which provide funding to small and large financial institutions across the U.S.. Tom also leads the FHLBank System Internal Audit group. Tom has been focused on developing and implementing a model of cooperative, integrated and strategically focused internal audit engagement, and partnering with executive management to enhance both the culture and infrastructure to support governance and risk management. Tom has lead an initiative at that resulted in the Federal Home Loan Bank of Chicago being recognized by Open Compliance & Ethics Group (OCEG) for its progress in enterprise risk management (ERM).

Prior to joining the bank as Audit Director in June 2005, Tom worked for JPMorgan Chase for twelve years. Prior to JPMorgan, Tom worked for Barclays deZoete Wedd and in the financial services sector with KPMG in London for five years. Tom has presented on emerging topics in Risk Management, Internal Audit and integration and has been quoted in professional journals.

Tom is a Chartered Accountant, Certified Information Systems Auditor, Certified Internal Auditor, and Certified Financial Services Auditor. He is a Fellow of the Institute of Chartered Accountants in England and Wales and a member of the Information System Audit and Control Association, the Institute of Internal Auditors, and the National Association of Corporate Directors. He is a graduate of the Imperial College of Science and Technology, London.

Tom Harper

EVP and General Auditor,
FHLB Chicago

Tom Harper is the Executive Vice President and General Auditor for the Federal Home Loan Bank of Chicago one of twelve Federal Home Loan Banks, cooperatives which provide funding to small and large financial institutions across the U.S.. Tom also leads the FHLBank System Internal Audit group. Tom has been focused on developing and implementing a model of cooperative, integrated and strategically focused internal audit engagement, and partnering with executive management to enhance both the culture and infrastructure to support governance and risk management. Tom has lead an initiative at that resulted in the Federal Home Loan Bank of Chicago being recognized by Open Compliance & Ethics Group (OCEG) for its progress in enterprise risk management (ERM).

Prior to joining the bank as Audit Director in June 2005, Tom worked for JPMorgan Chase for twelve years. Prior to JPMorgan, Tom worked for Barclays deZoete Wedd and in the financial services sector with KPMG in London for five years. Tom has presented on emerging topics in Risk Management, Internal Audit and integration and has been quoted in professional journals.

Tom is a Chartered Accountant, Certified Information Systems Auditor, Certified Internal Auditor, and Certified Financial Services Auditor. He is a Fellow of the Institute of Chartered Accountants in England and Wales and a member of the Information System Audit and Control Association, the Institute of Internal Auditors, and the National Association of Corporate Directors. He is a graduate of the Imperial College of Science and Technology, London.

Bill Richards

SVP, Senior Compliance and Risk Officer,
Sterling Bank

William (Bill) E. Richards II serves as the Senior Vice President, and the Senior Compliance and Risk Officer of Sterling Bank. Bill joined Sterling Bank in June of 2005, following three years as a financial services risk management consultant with RSM McGladrey. His prior experience includes twelve years with First Nationwide Bank, where he held various positions, including Audit Manager, First Vice President, Director of Internal Control and Residential Mortgage Quality Control. Bill also worked as Compliance Examiner II for the Federal Home Loan Bank of San Francisco, and the Office of Thrift Supervision.

Bill serves on the board and as an executive committee member of the Washington Community Reinvestment Association – a member owned community development & affordable lending consortium from Seattle. Bill also serves as a Board Member for the Greater Spokane Area YMCA. Bill has held a Certified Internal Auditor (CIA) designation since 1994, and received Bachelor's Degrees in Economics and Philosophy and a Master's Degree in Economics from San Francisco State University.

About PwC’s Risk Assurance practice
PwC understands that significant risk is rarely confined to discrete areas within an organization. Rather, most significant risks have a wide-ranging impact across the organization. As a result, PwC's Risk Assurance practice has developed a holistic approach to risk that protects business, facilitates strategic decision making and enhances efficiency. This approach is complemented by the extensive risk and controls technical knowledge and sector-specific experience of its Risk Assurance professionals. The end result is a risk solution tailored to meet the unique needs of clients.

About PwC US
PwC US helps organizations and individuals create the value they're looking for. We're a member of the PwC network of firms in 157 countries with more than 184,000 people. We're committed to delivering quality in assurance, tax and advisory services. Tell us what matters to you and find out more by visiting us at www.pwc.com/US.

Learn more about PwC by following us online: @PwC_LLP, YouTube, LinkedIn, Facebook and Google +.

Lexis Nexis

About PwC’s Risk Assurance practice

About KPMG
KPMG’s high-performing professionals use experience and insight to cut through complexity and deliver informed perspectives and clear methodologies that our clients value. Client focus, commitment to excellence, global mind-set, and consistent delivery build trusted relationships - core to our business and reputation. In essence, our competitive advantage is high-performing people cutting through complexity.

Bob Karchinski

Senior VP & General Auditor,
Boston Private Financial Holdings

Bob Karchinski is Senior Vice President and General Auditor of Boston Private Financial Holdings, Inc.

Bob brings over 35 years of financial services experience performing both audit and consultative roles. Bob has held senior level positions with multinational organizations, such as Citibank and Bank of America, where he managed audit activities of domestic and international banking functions. Bob served as General Auditor for Societe Generale in the Americas Region and most recently at Countrywide Bank, prior to its acquisition by Bank of America, when he assisted in the monitoring of the transition. Bob possesses his CPA, and is a certified financial services auditor and certified fraud examiner.

Sheila G. Talton

CEO & President,
Gray Matter Analytics

Susan Van Houten

Senior Director of Global Sourcing,
HD Supply

Dawn Ward

VP of Risk Management and Risk & Control Officer,
MidCountry Financial Corp

Dawn Ward is a risk management and internal controls professional with over thirteen years in the field. She holds the position of Vice President of Risk Management and Risk and Control Officer for MidCountry Financial Corp (MCFC), a financial services holding company based out of Macon, GA. Currently, she is focused on risk management at the enterprise level and is implementing an ERM process for MCFC, including an IT solution to support the ERM process. She holds an MBA from the University of South Dakota and a BA in accounting from the University of Washington. Additionally, Dawn has earned four certifications in the areas of audit, risk, and fraud.

Ken Robinson

Chief Risk Officer
Calpine Corporation

Ken has been with Calpine since January 2013 responsible for Market, Credit, Risk Control, Operational and ERM risk functions.

Prior to this role, he was with BP North American Gas and Power as the Chief Risk Officer located in Houston and responsible for all credit, market, operational, business risks, and ERM.

At BP, he also had a previous position as the IST Global Head of Market Risk in London where he was responsible for managing a diverse, global market risk function across all commodities and regions.

Prior professional experience includes:
Vice President for El Paso Corporation responsible for market, credit, operational risks, and ERM

Vice-President Risk Management at TXU North America responsible for market risk and product control.

Vice President and Controller - Enserch Energy (Acquired by TXU North America) responsible for accounting and finance activities for the non-regulated organization.

Past Board of Director for Committee of Chief Risk Officers (CCRO) and chaired several industry working groups and white papers.

Kevin Slane

Director of Enterprise Risk Management
Hancock Bank Holding Company

Kevin joined the Hancock Bank Holding Company (HBHC) as the Director of Enterprise and Operational Risk Management in 2013. He has over 25 years of Financial Services experience, with the last 13 years focused on the development of advanced risk management capabilities in both large and mid-size institutions. His experience includes aligning risk functions and governance structures, developing new risk management programs, implementing GRC solutions, and building integrated enterprise and operational risk reporting that supports Management and the Board. Prior to joining HBHC in 2013, he held various risk management leadership and consulting positions at First Horizon, Wells Fargo/Wachovia and Price Waterhouse. He is an active member of the Risk Management Association (RMA) and a member of their Operational Risk Council. Kevin is a graduate of Guilford College with a Bachelor degree in Accounting.

Robert Hildreth

SVP Enterprise Risk Management,
Brothers Harriman & Co.

Bob Hildreth joined Brown Brothers Harriman & Co. in October of 2006 and heads up the Enterprise Risk Management function. In this role, Bob is responsible for integrating and enhancing the identification, quantification and management of risk across BBH.

Prior to joining BBH, Bob had over 18 years of experience in risk management and in developing and managing oversight and internal control programs in the financial services industry. From 1988 to 1996 Bob worked in the Supervision and Regulation Department at the Federal Reserve Bank of Boston where he evaluated the financial condition and adequacy of risk management programs at banks and bank holding companies. From 1996 to 2003 Bob managed risk programs for Fidelity Investments brokerage and retirement services groups and held the position of Vice President - Risk Management & Information Technology. Bob joined Investors Bank & Trust in 2003 as Chief Risk Officer where he designed and implemented an enterprise-wide risk management program.

Bob also has an MBA and BS from Boston University and spent six years in the U.S. Navy's Nuclear Propulsion Program.

Jack Jones


Jack Jones has worked in technology for thirty years, and information security and risk management for twenty-four years. He has over nine years of experience as a CISO with three different companies, including five years at a Fortune 100 financial services company. His work there was recognized in 2006 when he received the ISSA Excellence in the Field of Security Practices award at that year’s RSA conference. In 2007, he was selected as a finalist for the Information Security Executive of the Year, Central United States, and in 2012 was honored with the CSO Compass award for leadership in risk management. He is also the author and creator of the Factor Analysis of Information Risk (FAIR) framework.

James Tilk

CMA, CPA, Internal Controls,

James Tilk is a part of Eaton’s Internal Control Program Office, responsible for Sarbanes Oxley compliance. In this role, Tilk manages all aspects of SOX 404 compliance, including oversight of design assessments, control testing, reporting, the annual risk assessment process, and coordination with internal and external audit. He is also the chief system administrator for the SOX compliance software that Eaton uses. Tilk joined Eaton in 2006, and has previous experience in accounting, audit and internal controls at Forest City Enterprises and Goodyear. Tilk holds an MBA from Case Western Reserve University in Cleveland, Ohio, and a Bachelor’s degree in finance from the University of Akron. He is a Certified Public Accountant, and also holds the Certified Management Accountant designation.

C. Lisa Rawls, CISA, PMP

C. Lisa Rawls, CISA, PMP


Lisa is a director in KPMG’s Advisory Services practice with more than nine years of risk consulting and risk transformation experience. Focusing on Governance, Risk, and Compliance (GRC) services, Lisa serves as the KPMG Champion for MetricStream’s GRC technology and KPMG’s relationship with MetricStream. She has extensive experience in leading projects encompassing GRC business process improvement and alignment across SOX, Compliance, Business Continuity, Policy Management, Regulatory Change Management, Information Security, and Internal Audit; GRC convergence and integration strategy; Integrated Reporting; Data and Analytics; GRC education; and GRC technology implementation.

Lisa’s experience includes providing services to clients across the full lifecycle of process improvement through enablement via technology and system implementation to help companies more effectively manage oversight and assurance functions. Lisa’s current and past clients include some of the leading entities in the healthcare, financial services, and energy and utilities industries.

Lisa holds a BS degree in Information and Systems Engineering from the University of Virginia’s School of Engineering and Applied Sciences, and both the Certified Information Systems Auditor (CISA) and Project Management Professional (PMP) designations.

Angela Hoon, CIA

Angela Hoon, CIA


Angela is a principal in KPMG’s Risk Consulting practice, serving as a leading principal in the global Governance, Risk, and Compliance (GRC) and Enterprise Risk Management (ERM) network. She has more than 19 years of ERM, GRC, and internal audit experience in a variety of industries, focusing on pharmaceutical and healthcare. Angela has worked with senior management and audit committees to develop and manage ERM programs. Angela’s areas of focus include the development of GRC strategic implementation plans, and providing assistance in a variety of areas during GRC technology implementations, including business process readiness, data quality review, business requirements development, and training support.

Angela holds a bachelor’s degree in commerce and accounting from the University of the Witwatersrand (South Africa), and the Certified Internal Auditor (CIA) designation.

Gene Fox, CPA

Gene Fox, CPA


Gene has more than 27 years of experience in a broad range of organizations and industries in the areas of internal audit, financial controls/SOX, enterprise risk management/GRC, information technology, process improvement, project management, organizational integration, fraud investigations/root cause analyses and regulatory compliance. For the past 12 years, Gene was with a Fortune 200 power and utility company where he was a lead in both the internal audit and financial control/SOX functions.

Gene has served as project manager with responsibility for planning, budgeting, execution, and delivery of software implementations, SOX compliance and unclaimed property compliance. He also has had experience implementing Governance, Risk and Compliance programs and the supporting software.

Gene holds a BA in accounting from the University of Baltimore, and a BA in business administration from Salisbury State University. He is a Certified Public Accountant in the state of Maryland.

Scott L. Mitchell

Scott L. Mitchell


Scott Mitchell is the chair of OCEG, global nonprofit with over 45,000 members. This community creates authoritative resources for achieving Principled Performance by integrating the governance, assurance and management of performance, risk, compliance and ethics (GRC).

Scott has been featured in the Wall Street Journal, and Institutional Investor as a business leader; and recognized for his work in corporate governance by Directorship, Business Finance, and Treasury & Risk magazines. He is also an angel investor with recent exits to NCSOFT, DHX Media, SkillSoft, and Dell.

Scott started his career at the Small Business Administration and Andersen Consulting. A technologist at heart, he founded his first software company in 1997 based on two patents.

Scott also serves on nonprofit boards of Children's Museum of Phoenix and Walk with a Doc.

Dianne Dieterle Judge

Dianne Dieterle Judge

System VP-Chief Compliance & Enterprise Risk Officer
Premier Health

Dianne has been the Compliance Officer with Premier Health since 1998. In that role, she has developed and implemented a compliance program and provides oversight for all compliance activities for the health system. Premier Health includes five hospital sites and numerous wholly-owned subsidiaries and joint ventures that include a physician network, home health, and surgery centers. The Premier Compliance department is also responsible for Privacy and Information Security.

She began working with enterprise risk management as a joint effort with Internal Audit and Risk Management. She is now responsible for the implementation of ERM and works with management to identify and prioritize risks to assess potential impact on the Strategic Plan.

Prior to her role in compliance, she worked in Business Development with physician recruitment and practice acquisition and as a staff attorney in the General Counsel’s Office.

She is a former special education teacher, an attorney and enjoys the company of her terribly spoiled dachshund and of course her husband.

Alison C. Lontz

Alison C. Lontz

Director, Corporate Compliance
Oglethorpe Power Corp

Alison Lontz has 14+ years of experience in the compliance profession. She is currently the Director, Corporate Compliance at Oglethorpe Power Corporation in Atlanta, GA. Upon starting at Oglethorpe Power in 2009, she led a cross-functional team in developing an enterprise-wide corporate compliance program. With the successful implementation of the program completed, she is now responsible for the day-to-day operation of the program, as well as continuing to lead the team in enhancing the program to evolve with Oglethorpe’s business and regulatory landscape.

Prior to joining Oglethorpe Power, she had 9+ years of experience in compliance management in the financial services industry, specifically in the retirement and brokerage sector.

She holds a B.A. History from the University of Mary Washington. She is also certified as a Certified Compliance & Ethics Professional (CCEP).

Vernon Emshoff

Vernon Emshoff

GRC Architect,

Vernon Emshoff began working at USAA a little more than 20 years ago on the business side in the Investments department. When internet trading started to gain speed he took a leap of faith over to IT to support the rapid development of USAA Investments online. As an IT developer, he supported investment trading until 2007 when he accepted an offer to take over the Anti-Money Laundering Architectural domain. Today, he plays the role of Enterprise/IT GRC Architect and his architectural responsibilities include Compliance, Audit, Ethics, General Council, Risk, and Office of the CEO.

Shalini Srinivasa

Shalini Srinivasa

Project Manager
Dow Agrosciences

Shalini Srinivasa is a Senior Business Analyst in the Information Technology and Data Analysis organization for one of the world’s leading agricultural companies Dow AgroSciences. Dow AgroSciences is a wholly owned subsidiary of The Dow Chemical Company that provides innovative agrochemical and biotechnology solutions globally. Shalini has been involved in business analysis, project management and implementation activities of software projects for Hewlett Packard, University of Pittsburgh Medical Center and Dow AgroSciences. She received her Master’s degree in Information Systems Management from Carnegie Mellon University. She is also a certified Project Management Professional (PMP)® currently residing in Indianapolis.

Mike Bardos

Mike Bardos

Program Manager
Hewlett-Packard Company

Mike Bardos is a Compliance Program Manager for Global Social and Environmental Responsibility (SER) within Hewlett-Packard Company’s Ethics and Compliance Office. He is responsible for managing a portfolio of projects to ensure compliance with current, changing and emerging product and supply chain social and environmental regulations and policies. In doing so, he and the project teams he supports drive advancements to business processes and their underlying IT architecture to mitigate risks and address the evolving regulatory landscape.

Mike joined HP in 1991. Prior to his seven years in the SER compliance function, his experience included leadership of process development programs in sales operations and supply chain operations and engineering roles in product development and manufacturing.

Mike holds M.S. and B.S. degrees in Mechanical Engineering from Columbia University.

Anthony Miller

Anthony Miller

Chief Operating Officer and Partner

Tony Miller is a founding partner and Chief Operating Officer of The Vistria Group, LLC, a private investment firm focused on building market leading companies in the education, healthcare, and financial services industries.

Before launching The Vistria Group, Mr. Miller was the Deputy Secretary and Chief Operating Officer at the U.S. Department of Education, a Cabinet level federal agency with a ~$77 billion budget and ~15,000 employees and contractors. In his role, Mr. Miller oversaw day-to-day operations for a broad range of management, policy and program functions spanning early childhood through post-secondary education. He was also responsible for ~$100 billion in one-time education program funding as part of the economic stimulus package. In addition to his operational responsibilities, Mr. Miller represented the U.S. Government at various education and workforce development international forums and led the Department’s missions to China, Korea, Japan, Singapore, Indonesia, Australia, New Zealand, Ecuador, Brazil and Russia.

Prior to his Presidential Appointment, Mr. Miller was a Director with Silver Lake, a global leader in technology investing, with over $12 billion in combined assets under management. Before joining Silver Lake, Mr. Miller was Executive Vice President Operations at LRN, a market leading provider of governance, risk, compliance and ethics eLearning software products and services, where he had overall responsibility for Operations, Product Engineering, Software Development, Content Development, Marketing, Business Development and Finance.

Before taking on an operating executive role, Mr. Miller was a Partner with McKinsey & Company where he worked for ten years serving healthcare and technology companies throughout the United States, Europe, and Asia. Mr. Miller began his career with Delco Electronics, a subsidiary of GM Hughes Electronics.

He holds an M.B.A. from the Stanford University Graduate School of Business where he completed his studies at Stanford’s Japan Center for Technology and Innovation and a B.S. in Industrial Engineering from Purdue University.

Karen M. Conway

Karen M. Conway

Associate Director, GCQA

Karen M. Conway, MT ASCP is an Associate Director Global Clinical Quality Assurance at Lundbeck LLC, Deerfield, IL. She is currently in the process of completing her Master of Science in Quality Assurance & Regulatory Affairs; with focus on the latest pharmaceutical quality issues, regulatory requirements, scientific concepts and research techniques. After a twenty-five year career as a Medical Laboratory Technologist, Ms. Conway decided it was time for a change and moved into Clinical Research involved at first in the conduct of clinical trials and then moving into Clinical Quality Assurance. She has been in Clinical Quality Assurance since 2007. In addition to auditing, Ms. Conway enjoys spending time with her grandchildren and is a true Chicago Bears and Chicago Cubs fan. She currently resides in Grayslake with her cats Tabby and Tinker. She can be contacted at [email protected].

Mohammed Shihadeh

Mohammed Shihadeh

Chief Audit Executive
Capital Guidance

Mohammed Shihadeh is the Chief Audit Executive with Capital Guidance. He has over 19 years of experience in external audit, internal audit, and investment companies. Throughout his career, he led substantial engagements as an auditor, worked on major mergers and acquisitions, established internal audit departments and Risk Management departments for large companies, created time saving programs, and managed due diligence assignments, for different companies.

Prior to Capital Guidance, he has worked for multinational companies including Zurich, Deutsche Bank, State Street Bank, and Deloitte & Touche. While at Deloitte & Touche, he managed the following engagements: JP Morgan, Fidelity Investment, Boston Globe, Fannie Mae, Muni Mae and helped in different tax seasons. Since Mr. Shihadeh joined Capital Guidance, he has been managing the internal audit process and risk management function of all CG’s core businesses in different industries (Mortgage, investment, distribution, Chemical, and real state) in United States, Africa, and Asia. Mr. Shihadeh is a CPA, CRMA, with a Bachelor of Accounting and Administration

John Noto

John Noto

Executive Director - Head of Operational Risk/ SOX / BCP
Mizuho Securities USA, Inc.

John Noto is an accomplished Operational Risk Management (ORM) Officer responsible for the identification, management, measurement, mitigation and control of operational risk and for directing the Sarbanes-Oxley Act (SOX) compliance requirements at Mizuho Securities USA. John serves on the Risk Management Committee, IT Management Committee, Operational Risk Management Committee, Liquidity Crisis Management Committee and reports to the Deputy President. John and his ORM Department staff members interacts with all business and support functional areas as well as other control functions such as Market Risk, Credit Risk, Legal, Regulatory Compliance, Finance, and Internal Audit within Mizuho and regulators. John partakes on global ORM and SOX initiatives together with Mizuho’s parent company and its’ subsidiaries management team.

Prior to joining Mizuho, John has extensive financial services operational, regulatory and audit experience with a concentration in the capital markets and broker-dealer industry. He has held several high-ranking positions in Internal Audit at financial service firms, including investment banks, broker/dealers, on-line securities trading companies and banking institutions and has established first time internal audit and ORM departments for organizations. John’s professional experience includes PricewaterhouseCoopers LLP, NatWest Markets, N.A., Datek Online Holdings Corp., Fortis Financial Services, and Friedman Billings Ramsey Group. John serves on the Executive Committee of The Risk Management Association – New York Chapter and was the President of The Securities Industry and Financial Markets Association – Internal Auditors Society for 2013. John has a Bachelor of Science Degree in Accounting from Fairleigh Dickinson University, is a Certified Financial Services Auditor of the Institute of Internal Auditors, and has Series 99 and several GARP SOX Certifications.

David Bohm

David Bohm

Managing Director
Global Consumer Compliance Testing, Citigroup

David has been with Citi for 26 years. He began his career in retail banking where he spent the first 10 years in sales as a branch manager. The next 10 years were in various Operations and Technology leadership roles, including US back office operations, US Branch Operations and for 3 years as the Head of Operations and Technology for Citibank Japan, a locally chartered bank headquartered in Tokyo. The remainder of his career has been in Compliance and internal control. He has served and the head of Compliance Control, as well as Control and Emerging Risk for Citi's North America consumer businesses. He now serves as Managing Director and the Global Co-head of Compliance Testing for Citigroup, as well the Compliance testing head for Citibank NA. He is responsible for all compliance testing policies, activities and programs, as well as the systems, programs and technology repository for all key regulatory requirements, controls and assessments across Citi's global businesses, as well as the related regulatory interactions.

Craig L. Wilson

Craig L. Wilson

Craig L Wilson, LLC

Mr. Wilson retired from public service as the Director, Intelligence Policy, Office of the Assistant Secretary of Defense (Command, Control, Communications and Intelligence), completing a 30-year career that began in the Defense Intelligence Agency and concluded with 21 years in the Office of the Secretary of Defense where he was the Special Assistant to successive Assistant Secretaries of Defense through three Administrations. Subsequently, Mr. Wilson joined private industry as a Program Director for Intelligence, Surveillance, and Reconnaissance Systems Development in the Space and Intelligence Systems Division of The Boeing Company, and more recently was the Vice President for Business Development, ManTech International Corporation.

He is currently the President, Craig L Wilson, LLC; member, Board of Directors, Sterling Global Operations; Board of Advisors, White Peak Capital; Board of Visitors, Defense Foreign Language Institute; and provides consulting services to developing companies in the national security business space.

Among other awards, Mr. Wilson has received the Secretary of Defense Medal for Civilian Service, the Defense Meritorious Civilian Service Medal, the US Army Distinguished Civilian Service Medal, the Defense Intelligence Agency Director’s Medal, the Director of Central Intelligence Distinguished Unit Citation, and honorary Master of Science degree from the Joint Military Intelligence College.

Sidhartha Shankar

Sidhartha Shankar

Epitome Blue

Sidhartha Shankar is the cofounder and President of EpitomeBlue, a boutique eGRC focussed consulting company. EpitomeBlue understands the framework for the fast moving world of eGRC. Mr. Shankar is responsible for the overall executive functions, business development and technology strategy of the company. He leads the Research and Development and Product Management team with development and growth, legal and regulatory initiatives, engineering and planning on software development, IT infrastructure, scalability and reliability issues.

Mr. Shankar has more than 16 years of Technology Management experience. Before epitomeBlue, Sidhartha was Managing Partner of iMedInvestments LLP, a crossborder advisory investment banking firm. Mr. Shankar was also VP of IT in a consulting capacity for Walkingspree Inc. a corporate wellness company based out of Calgary, Canada. Mr. Shankar was CTO of Remindo Inc.,a social network for workplace and before that Mr. Shankar was CTO for Cecilia Healthcare, a healthcare startup targeted towards providing services and portals to insurance companies based out of India.

Mr. Shankar has worked for the Enterprise Payments Industry leader, Metavante Corp(now FIS), where he held several key engineering positions with increasing responsibility focusing on Electronic Bill Presentment and Payments. He also supported Metavante's acquisition of Paytrust, where he was instrumental in integrating the payment engine. He was instrumental in establishing one of four Regional Operations Centers for Paytrust where he managed aspects of operations, benchmarking, and related methods and procedures.

Mr. Shankar has had numerous accomplishments thought his career, and has been recognized for his creativity and operational excellence and has received numerous department and customer citations for excellence in service and management.

Mr. Shankar is a graduate of the University of Pennsylvania with a Masters degree in Technology Management, from the Wharton School and the School of Engineering and Applied Science where he is also a Moore Fellow. He holds a BS in Computer Science and Engineering from National Institute of Technology, one of the premier technology schools in India. Sidhartha has also completed several courses in management and emerging technology, including certificate courses at the Hong Kong University of Science and Technology, in Logistics and Supply Chain Management. Mr. Shankar has also completed Executive Marketing Leadership training at the Indian Institute of Management, Calcutta.

Richard Adams

Richard Adams

Senior Vice President

Rich Adams is a Senior Vice President at global quality solutions provider Intertek, where he has led the company’s Electrical business since December 2012. He is responsible for creating and driving Intertek’s Electrical strategy in more than 24 countries to help customers meet safety, performance, environmental and quality requirements across a wide range of industries, including medical, lighting, renewable energy, HVAC/R, appliances & electronics, hazardous locations, industrial equipment, life safety & security, and IT, telecom and wireless.

In addition, he leads Intertek's global Engineering, Certification and Quality functional disciplines for the Electrical, Building Products and Transportation Technologies businesses, a role he has performed since 2008. Since joining Intertek in 1993 as a Project Engineer, he has held a number of positions within Intertek’s Commercial and Electrical Division, providing him comprehensive insight into the product safety and quality challenges faced by global manufacturers of electrical products.

Rich holds a Bachelor of Science degree in Engineering Technology – Electronics from California State University, Long Beach, and an MBA from the University of Redlands (California). He also earned postgraduate certificates in Leadership Development from UCLA and Japanese Business Strategies from the California Institute of Technology, Pasadena.

Kashif Latif

Kashif Latif

Global Security & GRC Officer

As the Global Security & GRC Officer at Capco-FIS, Mr. Latif is responsible to initiate, implement and oversee corporate wide Information Security, Risk and Compliance initiatives and also manages Capco's GRC program. Mr. Latif has over 15+ years of experience in information security management; IT services management, Portfolio and Program Management and IT Governance roles. Over the years, he has held several senior IT & Security Management positions at leading organizations including Depository Trust & Clearing Corporation, Tokio Marine Management, WestCon International , National Commercial Bank and Saudi Telecom.

Mr. Latif has a powerful business drive and his clarity of vision has carried multiple companies through rapid continuous growth. His hands on knowledge in both Tools and Technology and Policy and Frameworks Development, Control Gap Assessment, Risk Assessment, Process Maturity Assessment, Program and Project Management, Security Compliance Management makes him adept in this domain.

Mr. Latif holds a MS in Computer Science from FAST-NUCES and Double Master in Computer Science and Cyber Security from ZABIST. He has been Guest lecturer at mutiple universities in fields related to Information Security, IT Audit, IT Governance. He also holds a wide variety of industry certifications including CGEIT, CRISC, CISM, CIA and CISA.

Jannie Wentzel

Jannie Wentzel


Jannie is a Director in the GRC technologies practice, based in Chicago and has been with PwC for more than 19 years. His practical experience in GRC technologies, since 1999, includes risk, audit, control, compliance and security assignments for companies in South Africa, Botswana, United Kingdom, the USA and the Middle East.

He implemented GRC Technology solutions for clients in various industries. The scope of work included the pre-implementation activities (Governance, defining the framework for GRC, create a GRC technology roadmap) and the implementation of a number of process (ERM, Audit management, Vendor Risk Management, Compliance Management, Business Continuity, Conflict Minerals, etc). Some of his recent projects include the implementation of technologies to support ERM, NERC, Vendor Risk Management, SoX and Internal Audit processes. Jannie also assisted with the development of the Conflict Minerals technology approach for PwC.

Jannie received his Bachelors degree in Accounting from the University of the Free State (South Africa) and his Masters degree in Computer Auditing from the Rand Afrikaans University (South Africa). He is a Chartered Accountant, CISA and CRISC.

Michael Cover

Michael Cover

Blue Cross Blue Shield of Michigan

Michael Cover is a Manager within the Business Compliance Oversight Office at Blue Cross Blue Shield of Michigan. Michael and his team are responsible for designing and implementing the infrastructure to support National Health Care Reform compliance. Prior to joining BCBSM, Michael spent 8 years at Ernst & Young within their IT Risk and Assurance practice. While at E&Y he focused mainly on application implementations and business process redesign. He earned his Master of Business Administration from Wayne State University, his Bachelor of Science in Finance from Michigan State University, and is a Certified Information Systems Auditor. On the home front, Michael and his wife Danielle have two children Veronica (2 years old) and Benjamin (14 weeks).

Peter Maloney

Peter Maloney

Chief Legal Officer
QBE Insurance

Pete Maloney is the former Chief Legal Officer and Corporate Secretary of QBE North America. Earlier this month, he stepped down from that role after a decade of service. QBE is an international property and casualty insurer that grew substantially in the United States during Pete’s tenure. In that time, Pete built out and managed QBE’s US legal and compliance function, acted as CEO and Chairman of its wholly-owned agencies division, and executed over 15 acquisitions and integrations. Pete’s combined role as General Counsel, Chief Compliance Officer, Corporate Secretary and most importantly – business leader – made him an acute promoter of ethics within the QBE organization and an advocate for its primacy in the continuing roll-out of GRC.

Prior to his time with QBE, Pete was in private practice with a New York law firm, where he developed the practical foundation within which he situates his perspectives on governance, regulation and compliance.

Pete is a graduate of Columbia and St John’s Universities, and is admitted in New York. He is an advocate of pro bono legal work and corporate social responsibility, currently serving on the Advisory Board of Self Help Africa U.S. and volunteering with Boys Hope/Girls Hope – Brooklyn.

Michael R. Littenberg

Michael R. Littenberg

Schulte Roth & Zabel

Michael R. Littenberg is a partner in Schulte Roth & Zabel’s Business Transactions Group and heads the firm’s public companies practice. As a significant part of his practice, Michael counsels both domestic public companies and foreign private issuers and their boards, board committees, special committees, executive officers and investors in connection with ongoing compliance under the U.S. securities laws and with exchange requirements. His public company clients range from well-known large-cap companies to growing micro-cap companies and his experience spans every major industry. Michael also counsels a significant number of private companies in transactional and general corporate matters. As part of his practice, Michael also spends a significant amount of his time advising clients on corporate social responsibility matters.

Michael is listed in Who’s Who in Securities Law and in New York Super Lawyers for securities and corporate finance and was voted by his peers to New York Super Lawyers’ Top 100 Lawyers in the New York Metro area (multiple years).

Stephanie Fohn

President and CEO,
WhiteHat Security

Stephanie Fohn joined WhiteHat Security as president and CEO in 2004. Under her leadership, WhiteHat Security was recognized by Forbes as one of America’s “Top 100 Most Promising Companies” in 2013, and by Deloitte as one of the Top 10 fastest growing companies in Silicon Valley. Ms. Fohn’s accomplishments as an entrepreneur have been widely recognized by organizations such as the Forum for Women Entrepreneurs and Executives, Bay Area Businesswoman magazine, the Silicon Valley/San Jose Business Journal, and the Silicon Valley YWCA. Forbes also recognized her as one of 11 women executives that have started “amazing companies,” and she received a Stevie Award for Women in Business in 2012. She has a broad base of management and entrepreneurial experience, with particular expertise in information security, and has served as an advisor to numerous start-ups.

Prior to WhiteHat, Ms. Fohn was president and chief operating officer of SecurityFocus, a provider of enterprise security threat management systems. Ms. Fohn led the company to a dominant industry position, resulting in its acquisition by Symantec in August 2002. Ms. Fohn has held executive positions at other security companies including Tripwire and Pilot Network Services. Prior to joining Pilot, she spent six years in venture capital and investment banking in the technology arena. Ms. Fohn holds an M.S. degree in management from the Massachusetts Institute of Technology and bachelor's degrees in business and psychology from the University of Washington.

Linda McCarthy

Security Consultant and Author of Own Your Space

Linda McCarthy is the founder of Own Your Space and has 20 years of experience in security auditing, security research and development, creating new lines of business, and publishing. McCarthy has worked with organizations around the globe to help educate executive management on the risks, reducing the risks, and how to increase funding for security. McCarthy’s executive leadership includes: Senior Director of Internet Safety and Architect under the Office of the CTO at Symantec, VP of Systems Engineering at Recourse Technologies, and Manager of Security Research and Development at Sun Microsystems.

McCarthy, an industry-leading author, was the Executive Editor for Symantec’s “Security Threat Report,” and started Symantec’s security publishing business. McCarthy partners with industry leaders like: Microsoft and Facebook to make security education available for free. McCarthy’s books and guides have been translated into nine languages and downloaded over 3.4 million times. McCarthy’s published works include: Facebook Security Guide, An Online Reputation that Counts, Digital Drama: Staying Safe While Being Social Online, Own Your Space: Keep Yourself and Your Stuff Safe Online, IT Security: Risking the Corporation, and Intranet Security: Stories from the Trenches.

McCarthy is a recipient of the prestigious Women of Influence Award for Computer Security from CSO Magazine and Alta Associates, which honors outstanding achievement in security, privacy and risk management.

Tracey Dedrick

EVP and CRO,
Hudson City Savings Bank

Tracey Dedrick joined Hudson City Savings and Hudson City Bancorp in July of 2011 as Executive Vice President and Chief Risk Officer. From January 2010 to February 2011, Ms. Dedrick served as the Treasurer of PineBridge Investments, an asset management company with $83 billion in assets under management where her responsibilities included managing Treasury. Prior to that Ms. Dedrick was employed by MetLife, the largest insurance company in the United States, where she held three different roles during her 9 year tenure at the Company: Assistant Treasurer from June 2001 until July 2004, Head of Investor Relations from July 2004 until July 2007 and finally Senior Vice President and Head of Market Risk from July 2007 until September 2009. As the Head of Market Risk she was charged with the task of implementing both a new, market consistent economic capital and market risk model used to measure the market risk of the Company. Ms. Dedrick serves on the U.S. Advisory Board of the Royal Shakespeare Company of America. She is also a member of the Northern N.J. Board of Junior Achievement of New Jersey. Ms. Dedrick earned her undergraduate degree at the University of Minnesota.

Ann Michele Bowlin

Chief Information Officer

Ann-Michele was appointed Chief Information Officer of Intertek Group in September 2010. She is responsible for driving the Group's IT strategy and its alignment with the wider organisation. Ann-Michele joined as Global Vice President, Shared Services, having led the design and development of this program while working as lead consultant for Ernst & Young. Ann-Michele subsequently became the head of Intertek Group IT Business Systems and Infrastructure, where she collaborated with the business and financial leaders to establish the foundational elements of Intertek’s global IT strategy and improve the company’s IT support services.

Prior to joining Intertek, Ann-Michele held multiple leadership and operational positions in a variety of industries including manufacturing, technology, travel and professional services. Ann-Michele holds a BA from Wellesley College MA, USA

Michelle Nix

Vice President, National IT Compliance
Kaiser Permanente

Michelle Nix recently joined Kaiser Permanente as the vice president of National IT Compliance within the Technology Risk Office. In this role she is responsible for ensuring IT is compliant with relevant federal, state and local regulations. In addition, she leads teams responsible for corrective action plan monitoring and reporting, audit support and assessments, investigation, training, vendor & third party Assurance and controls sustainment.

Michelle’s prior roles include Relationship Leader for Information Risk Management at PayPal and the Director of IT Risk Management at Juniper Networks and at Fortune 14 McKesson Corporation.

In 2011 Michelle received the Executive Women’s Forum and CSO Magazine’s “Women of Influence Award” for Corporate Practitioner. In 2012 she concluded her work as co-chair of the California Office of Health Information Integrity (CalOhii) Privacy Steering Committee which provides state-level privacy standards for health information exchange, an effort she had been supporting for over seven years.

Michelle has over 20 years of healthcare technology experience in both the risk management space and the information security space. She holds a Master’s Degree in Healthcare Administration and certifications in the Governance of Enterprise IT (CGEIT), Security Leadership (GSLC) and Healthcare Privacy and Security (CHPS).

Dr. Modestus Kipilimba

Director of Risk Management,
Bank of Tanzania

Dr. Modestus Kipilimba is the Director of Risk Management at Bank of Tanzania, a position he has held since 2011. Prior to that, he served as the Manager of Systems Risk at Bank of Tanzania from 2009-2011, and prior to that, he served as the IT Advisor to The Governor at Bank of Tanzania from 2008-2009. Dr. Kipilimba has participated in the drafting of EA-MAC Harmonized Enterprise Risk Management Framework, which was approved in May 2013. He also led the development of Corporate Risk Management Framework, Policy, and Guidelines for Bank of Tanzania.

He has served as a Lecturer and the Head of the Department of Computing and Information Systems at Manchester College of Professional Studies (MCPS) in UK, and a part time lecturer in Computer Architecture at the University of Salford in UK. Dr. Kipilimba received a PhD in Computer Science from University of Canterbury, UK; a MSc. in Computer Science from University of Salford, UK; and BSc.(Ed.)Hons (Mathematics, Physics, Education) from University of Dar es Salaam in Tanzania.

He is a member of a number of professional organizations including the Chartered IT Professional - British Computer Society Member (MBCS CITP), UK; The Institute of Analysts & Programmers (MIAP), UK; and the Institute of Electrical and Electronics Engineering (IEEE), US.

Michael Urbanowicz

Manager, IT Risk & Compliance

Michael has 10+ years of experience in the identification, assessment, management and remediation of information technology and operational risks from a corporate, internal/external audit, and advisory perspective. Michael joined Walgreens as a Manager of IT Risk and Compliance where he was engaged in the design and implementation of the IT Risk program and is now responsible for the program’s maturity and execution. Prior to Walgreens, Michael was a Manager of Internal Audit at CVS Caremark where he managed a team responsible for executing IT, Integrated, and Operational audit engagements. Prior to CVS Caremark, Michael was an Information Risk Management Consultant with KPMG. Michael holds a M.S. Computer Science degree and a CISA designation.

Spyro Karetsos

Principal & Director of Enterprise Risk Management

Spyro Karetsos is a Vanguard principal and director of Enterprise Risk Management. He leads a team of risk professionals responsible for implementing Vanguard’s Enterprise Risk Management (ERM) framework.

Before joining Vanguard, Mr. Karetsos was global co-head of the Goldman Sachs operational risk management department responsible for the global operational risk management and measuring programs. Before Goldman Sachs, Mr. Karetsos spent ten years in the Federal Reserve System, where he worked at the Federal Reserve Bank of New York and became an assistant vice president of the Federal Reserve Bank of Philadelphia. He served as staff director of the credit risk management department and led the development of the Federal Reserve System’s ERM program.

Mr. Karetsos earned a B.A. in policy studies from Dickinson College and an M.B.A. from Pace University. He also holds a certificate in commercial banking form the Graduate School of Banking at the University of Wisconsin. At present, he serves on RMA’s operational and enterprise risk management advisory committees, SIFMA’s subcommittee on operational risk management, and ICI’s risk management committee.

Christopher McClean

Principal Analyst, Research Director,
Forrester Research

Chris leads a team of analysts covering topics including compliance and risk management, security management, security services, and metrics. He also leads the company's coverage of governance, risk management, and compliance (GRC). In this role, he helps clients around the world implement successful strategies, best practices, and technologies to support GRC programs as well as related functions such as enterprise risk management, corporate compliance, and corporate social responsibility. Chris is a frequent speaker on these subjects at vendor and industry events, and he has been quoted by top media outlets, including CFO Magazine, Compliance Week, and the Financial Times.

Previous Work Experience
His previous experience includes marketing and public relations for security, compliance, and risk management vendors.

Chris has an M.S. in business ethics and compliance from the New England College of Business and Finance and a B.S. in marketing from California State University, Fresno.

Sessions at this event have been approved by NASBA (National Association of State Boards of Accountancy) for CPE credits.
Event attendees are eligible for up to 20 CPE credits.

2014 Featured Summit Speakers

Towards Pervasive GRC

Pervasive GRC is MetricStream's vision for the future, representing our desire to help organizations build compliant, well-governed, risk-aware cultures, and to ultimately enable individuals, businesses, societies, and governments to thrive on risk. The MetricStream GRC Summit 2014 will bring together thought leaders, analysts, partners, and customers who at the forefront of making our vision of Pervasive GRC a reality.


  • MetricStream put on a great user conference. For a first time conference I was amazed at how well run and thought out the agenda, delivery, and management of the event was. It centered on customers. Customers were speaking, presenting, and on panels everywhere you turned. It also centered on partners - from many from the Big 4 down into software partners. It was very well done.

  • The Summit was very well planned, organized, and executed. The speaker and panel participants talked not just theory but provided practical examples of benefits and challenges of using GRC technologies to improve their risk management and compliance programs.

  • Overall Excellent Summit!! Very valuable and extremely useful to our GRC journey! I look forward to next year's event.

  • Well organized with many leaders in the industry present.

  • Very well done, especially for the first event of this size for Metric Stream.

  • Colin Powell was amazing. I would attend another summit.

  • One of the best events I have ever attended. Great venue, excellent content, great network opportunities.




2014 Summit Highlights