On Demand Events

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Paul Poh is a Managing Partner at Radical Security with over 25 years of technology and information security experience. He provides advisory CISO services for several public and private companies. His past roles include Chief Technology Officer and Head of Information Security and Software Architecture.

Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.

Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy, data protection and information security practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management (RIM) framework. Security Magazine named him one of the “Most Influential People for Security.”

Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years of experience in product management, consultancy, and operations deliverables.

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

A strategic thought leader with extensive expertise in cybersecurity, Jeffrey Wheatman is regarded foremost as an expert in guiding public sector clients and Fortune 500 companies in connection with their cyber risk management programs. In his current role as Cyber Risk Evangelist at Black Kite, Jeffrey works to get the message out about the business impact of third-party risk and solutions to treat those risks. Prior to joining Black Kite, Jeffrey was a Vice President in Gartner’s Research and Advisory Group for 15 years, where he worked with clients to build and improve their security programs, assessing risk, focusing on reporting on program status, stakeholder engagement, and bridging the connection between technology and cybersecurity risk. Jeffrey has authored approximately 150 research notes read by more than 6,000 clients. For four years, Jeffrey also served as the Chair of the North America Security and Risk Management Summit, Gartner’s 2nd largest conference with 4000 attendees annually. Earlier in his career, Jeffrey contributed as Practice Manager, Information Security for Gotham Technology Group, and as a Principal Consultant, Information Security, with ThruPoint, Inc.

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

Ronald Parham is the Vice President of Risk Regulations & Compliance at Shared Assessments where he manages regulatory mapping where he provides members with materials to assist them and their third-party partners in navigating the risk and regulatory landscape.

Tom Cornelius currently serves as both the Senior Partner at ComplianceForge and Senior Director at the Secure Controls Framework (SCF) Council. He brings over two decades of leading teams of professionals and innovating solutions to complex problems in both the public and private sectors.

Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.

Tom Garrubba, Vice President, is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

John is Chief Evangelist & Chief Risk Officer with Supply Wisdom, the leading patented continuous risk intelligence and monitoring solution for third parties and locations. He is recognized as a global financial industry executive and risk subject matter expert, in vendor/third-party risk management, AML/CTF, KYC, and anti-fraud programs. Prior to joining Supply Wisdom, John held senior positions globally for Citi and Deutsche Bank covering corporate, investment, commercial and consumer banking. John is a member and co-moderator for RiskBoard.org, a member of the Shared Assessments US and UK Steering Committees and Co-Chair of the Financial Industry Vertical Strategy Group.

Fiona O'Brien Is the Head of Outsourcing Oversight and Governance for the New Ireland Assurance Company part of the Bank of Ireland Group. She is responsible for the development and embedding of third-party risk management activities and raising the risks at Operational, Executive and Board Risk Committee levels to ensure clear visibility on the identification, assessment, monitoring, and reporting of third party risks. Her role also involves providing support and guidance to the leadership team and business on sourcing decisions and risk management and engaging with the regulator as required. Fiona has a history of working in the financial services industry and has wide and varied experience in managing risk in senior roles within Change, IT, Risk, Compliance, and Mortgage and Investment operations. In recent years she set up the Group Supplier Due Diligence function responsible for the oversight and assessment of all the Groups material suppliers. Prior to that, she set up and led the Group's 3rd Party BCM assurance function.

Teresa is a Senior Consultant with Shared Assessments specializing in Resilience and Continuity and Third Party Risk Management. T (as she is called) has more than 30 years of experience developing business resilience, continuity and incident management best practices within the financial services industry. T is also a serial retiree having most recently retired in 2019 from Citizens Financial Group (CFG) where she served as Executive Vice President and Head of Resilience, Recovery and Crisis and Chief of Staff in Corporate Security & Resilience (CS&R). T served as the thought leader shaping the Resilience agenda for Citizens Financial Group, including Business Resilience and Continuity, IT Resilience, Disaster Recovery and Incident Management. T’s chief responsibility was to ensure the continuity of operations should any event or situation disrupt – or threaten to disrupt – the delivery of financial services, and/or profoundly and negatively impact public confidence in the Group. T also served as Chief of Staff to the Bank’s Chief Security Officer, serving as her delegate in protecting the bank’s physical and digital security. Upon her retirement, T received certificates of appreciation from the Governor of the State of Rhode Island, the Rhode Island Alliance for Business Resilience and the Head of the Federal Emergency Management Agency (FEMA). Prior to joining CFG, T had retired from RBS Group in 2009, where she was the Global Head of Business Continuity.

Robert is a Senior Manager at Citizens Bank specializing in Business Resilience and Disaster Recovery for the organization. Bob has more than 35 years of experience in the financial services industry developing technology solutions to support the recoverability, availability, and needs of the business. In his current role at Citizens bank, Bob is responsible for ensuring internal compliance with the bank’s disaster recovery program and for compliance by critical third parties with the bank’s disaster recovery policies. Bob is also a key contributor to the data center strategy and architecture teams as well as the Cloud governance and oversight board. Prior roles at Putnam Investments, included disaster recovery compliance, data architect, and imaging design lead. Bob is an active member of the Rhode Island Alliance for Business Resilience and his local Community Emergency Response Team (CERT). 

Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.

Charlie Miller is a frequent speaker and a recognized expert in third party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

Andrew D'Angelo is an Associate Director in Protiviti’s New York Data Security and Privacy practice, with a focus on third-party risk management and data security. In addition to helping lead Protiviti’s third party risk managed service offering, he has supported clients along the journey of designing, implementing, and monitoring a variety of information security and compliance management programs across different industries. Andrew is also a regular participant in third-party risk thought leadership at the Shared Assessments.

Jill leads SEI’s Third Party Risk Management Program. Jill has 10 years of experience with third party risk management in the financial services industry. Her background includes oversight of activities across the entire vendor lifecycle, as well as responsibilities related to program design, regulatory examinations, and third party systems implementation. Jill is also a Certified Third Party Risk Professional (CTPRP.)