Shared Assessments strives to be the trusted source for thought leadership, best practices, and solutions for third party risk management. Trust is built on our member community and the diverse perspectives practitioners and experts bring to solving risk management challenges in our committees, awareness and working groups, and special projects.
About Shared Assessments Steering Committee
The Shared Assessments Steering Committee provides governance on Committees and Tool development, helps to set the annual agenda for the Program, and provides leadership for all major initiatives undertaken by the Shared Assessments Program Committees.
We are thankful for Nasser Fattah’s and Philip Bennet’s leadership over the past year and we are pleased to announce new leadership for 2022:
- Chair, US: Philip Bennett, Manager, Information Security Governance Horizontal Services, Navy Federal Credit Union
- Vice-Chair, US: Paul Kooney, Managing Director, IT Security & Data Privacy, Protiviti, Inc.
- UK Liaison to the US Steering Committee: Sean O’Brien, Managing Director, DVV Solutions
- UK Liaison to the US Steering Committee: Martin Freeman, Cyber Security & Compliance Managing Director, Calastone
US Steering Committee Chair: Philip Bennett
Philip Bennett is Manager, Information Security Governance Horizontal Services at Navy Federal Credit Union, Vienna, Virginia.
Philip has led cyber security advisory and assurance teams in the financial sector since 2002. He has driven innovation in best practices for cyber security third party risk management at a top ten financial sector company. He also led the cyber security team providing input into M&A transactions. In March 2020, he joined the Navy Federal Credit Union in Vienna, Virginia to lead cyber security horizontal governance functions including: metrics and related C-suite reporting, data security event management, phishing, education and awareness, and communications.
Philip is passionate about making certain the implementation of cybersecurity-related governance and risk management solutions, and their operational processes, are practical to consider the organization’s business drivers, culture, risk appetite, size, and budget.
Connect with Philip via LinkedIn.
US Steering Committee Vice-Chair: Paul Kooney
Paul Kooney is Managing Director of Protiviti, Inc’s IT Security & Data Privacy practice, with extensive knowledge and experience in the following:
- Developing information security programs
- Performing compliance assessments
- Developing vendor risk management programs
- Providing information security assessment services.
In his over twenty years in the information technology and information security fields, Paul has managed and delivered security services for client organizations in the financial, healthcare, manufacturing, retail, entertainment, energy, transportation, and other industries to assess information security needs and implement solutions.
Paul is experienced in assessing information security policy, procedures, and standards against compliance and regulatory requirements such as ISO 27001 and 27002, PCI DSS, NIST Cyber Security Standard, and numerous other federal and state regulations concerning information security.
Connect with Paul via LinkedIn.
UK Liaison to US Steering Committee: Sean O’Brien
Sean O’Brien is Managing Director for DVV Solutions. Sean has over 25 years of hands-on experience in delivering IT security and GRC managed services and remains a practicing Certified Third-Party Risk Professional (CTPRP) and Assessor (CTPRA). Sean leads the DVV Solutions consultancy team in defining the operational and regulatory requirements required to deliver a robust program of risk assurance and third-party due diligence. Sean is an active member of the Shared Assessments community holding the post of co-chair of the EMEA Best Practices Steering Committee and sits on Global Risk and ESG committees to provide a regional perspective into the development of Shared Assessments’ global standards and practices for third-party risk frameworks and compliance.
Connect with Sean via LinkedIn.
UK Liaison to US Steering Committee: Martin Freeman
Martin Freeman is the Cyber Security & Compliance Managing Director at Calastone.
A dedicated and very experienced Information Security Professional, Martin Freeman, Cyber Security, and Compliance Managing Director, Calastone, is passionate about his subject matter with demonstrable ability to work under pressure, independently or as part of a team combining and utilizing excellent negotiation, interpersonal, management and presentation skills. He is acknowledged internally and externally as a subject matter expert. Martin has proven knowledge of appropriate common requirements and standards such as Data Protection and ISO27001 as well as extensive experience in audit and third party vendor risk management. A member of the Institute of Information Security Professionals (MCIIS), Martin has attained ISACA – Certified Information Security Manager (CISM) and ISC2 – Certified Information Systems Security Professional (CISSP) certification.
Connect with Martin via LinkedIn.
About Shared Assessments Committees, Awareness and Working Groups, Vertical and Cross Vertical Strategy Groups
The risk management industry itself is shaped through best practices, tools, and thought leadership (blogs, papers, and studies) established by our committees, awareness, and working groups.
Participants earn Continuing Professional Education credits (CPEs) as they benefit from networking and collaboration.
Taking into consideration member feedback and third party risk management industry trends, Shared Assessments has organized several new thought leadership groups.
Visit our committees’ page to find the committee, strategy group, awareness, or working group for you.