Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.

As a director in MorganFranklin Cyber’s Operational Resilience practice, Joe brings nearly 30 years of industry and management consulting experience where he has led numerous organizations through the process of planning, developing, and embedding risk management programs. With a focus on the integration of risk disciplines, Joe specializes in business continuity, operational risk management and crisis management. Most recently, Joe led the development and implementation of an Operational Risk and Resilience Program for a US-based, Global Asset Management firm. As a new program within the organization, the project focused on the development of an operational risk governance structure, risk assessment framework, policies, and procedures. Joe also leveraged existing business continuity plans to develop, organize, and facilitate a global tabletop exercise for the Macro and Equities Trading functions spanning the firm’s Chicago, New York, and London offices. Prior to joining MorganFranklin, Joe served as the Global Director of Business Continuity and Crisis Management for a large, multinational organization, where he successfully led the development and implementation of an Enterprise-wide Operational Resilience Program across the US, Middle East, Europe, South America, and Asia. Joe earned a Bachelor of Science in Accounting from the University of South Carolina and a MBA from the University of Miami. He is a Certified Business Continuity Professional (CBCP), and holds an Associate in Risk Management (ARM) designation from the Insurance Institute of America (IIA).

Robert is a Senior Manager in Morgan Franklin's cybersecurity practice where he assists his clients in enhancing their resilience posture across all key operational resilience domains. With over 20 years of experience, Robert specializes in designing and implementing effective solutions to mitigate business disruptions, ensuring continuance of operational continuity for his clients.

Chris is a Senior Advisor to Shared Assessments where he focuses on healthcare, financial services, and emerging technologies. He has more than 25 years of experience helping clients effectively manage risk while exhibiting a passionate and dynamic leadership style. Prior to joining Shared Assessments, Chris led third party risk management and information technology initiatives at Bristol Myers Squibb, Bank of America, Merrill Lynch, KPMG, and Marriott International.

Jennifer Hancock is a third-party risk management professional with more than 20 years of experience in third-party risk management. As owner of Hancock Consulting LLC, a consultancy she founded to provide specialized advisory services, Ms. Hancock has been able to help organizations develop effective third-party risk management strategies and improve their overall resilience. Her expertise has been sought after by a wide range of clients across industries, and she is dedicated to helping organizations of all sizes manage their third-party risks effectively. As a thought leader in the field of third-party risk management, Ms. Hancock has been a featured speaker at numerous industry events and conferences. She is both a Certified Third-Party Risk Professional and Certified Third-Party Risk Assessor (CTPRA).

Nasser is passionate about risk management, including cybersecurity, IT risk and assurance, TPRM, and regulatory compliance. He brings 25+ years as a practitioner deploying and standardizing enterprise-wide risk programs to align and support business drivers, including digital transformation and new markets.

Chad Freese is a distinguished Information Security Professional with over 20 years of experience, excelling as a Lead Information Security Advisor at USAA. In this role, he skillfully manages cloud security risk reviews and leads the development and integration of innovative risk assessment, security, and automation tools. His past achievements include several leadership roles on the Third-Party Cyber Risk Assessments team at USAA and serving as a Principal Cybersecurity Architect at Honeywell Aerospace, where he developed critical security architectures for the aviation industry and NASA.

Chelsea Stevenson is a seasoned Information Security Professional with over 10 years of dedicated experience, currently making her mark as an expert in third-party risk management and due diligence. Her role encompasses the critical evaluation of partnership risks and the formulation of strategic due diligence processes, ensuring the utmost security in business collaborations. Chelsea's career has been highlighted by her innovative approach to risk management, where she has successfully implemented comprehensive risk assessment frameworks that significantly bolster organizational resilience. Before her current focus, Chelsea played pivotal roles in enhancing information security postures within various sectors, contributing her expertise to establish robust security infrastructures and policies. Her academic background includes an MBA and a Bachelor’s degree in cybersecurity, along with certifications such as CISSP, underscoring her commitment to professional development and excellence in the field of information security. Beyond her professional achievements, Chelsea is an active participant in the Shared Assessments community, where she currently holds a CTPRP.

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

Jennifer Hancock is a third-party risk management professional with more than 20 years of experience in third-party risk management. As owner of Hancock Consulting LLC, a consultancy she founded to provide specialized advisory services, Ms. Hancock has been able to help organizations develop effective third-party risk management strategies and improve their overall resilience. Her expertise has been sought after by a wide range of clients across industries, and she is dedicated to helping organizations of all sizes manage their third-party risks effectively As a thought leader in the field of third-party risk management, Ms. Hancock has been a featured speaker at numerous industry events and conferences. She is both a Certified Third-Party Risk Professional and Certified Third-Party Risk Assessor (CTPRA).

Andrew is the CEO of Shared Assessments, a global membership organization that supports hundreds of companies, risk programs, and thousands of associated third-party and other risk professionals. As a risk practitioner and executive, he has driven a culture of accountability and diligence in safeguarding information and other assets for organizations and their third parties. He has more than 25 years of experience in risk management and information security.

Sophie has over 5 years’ experience advising and supporting clients with the design, build and implementation of their Third Party Management Frameworks for the identification, assessment, management, and ongoing monitoring of third party risks to cover the end to end third party lifecycle. Sophie has worked across multiple industry sectors but specialises in Financial Services specifically on regulatory requirements relating to outsourcing and third party risk across multiple jurisdictions.

Danny is a Partner in our UK Risk Advisory practice. He has over 16 years’ experience advising his clients on a variety of topics encompassing Third Party Risk Management (TPRM), Outsourcing and Operational Resilience. He has worked extensively in the Financial Services sector and is recognised as a thought-leader through his hosting and participation in industry forums as well as co-authoring our annual global survey on TPRM.

John, a seasoned professional with 20 years of experience in Security, Audit, Third Party Risk, and Product, serves as VP, Security, Risk and Compliance at Whistic. In this role, he safeguards Whistic's assets, data, and systems from cybersecurity threats and works to improve the risk and compliance posture at Whistic. As a dedicated thought leader, John contributes to shaping the future of Third Party Risk Management (TPRM) and is currently serving a second term on the Shared Assessments US Steering Committee, bringing a wealth of expertise.

Elizabeth joined Shared Assessments in May 2023 as a TPRM SME after 15 years as a TPRM practitioner. She has experience designing holistic programs and delivering assessment work within the cybersecurity, financial services, manufacturing, and healthcare sectors. Outside the office, Elizabeth takes full advantage of the beaches and outdoor activities enjoyed by so many Floridians.

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

Innovative, Data Governance, Privacy & Security Leader | Writer | Speaker and Shared Assessments Data Governance Committee Chair

Nathan Hickey, CISM is an experienced cybersecurity professional specializing in Third Party Risk Management (TPRM) for KPMG's Cyber Security Practice where he has delivered a broad range of TPRM services to clients across several industries. Nathan is also responsible for helping write the latest version of the Shared Assessment SIG's Artificial Intelligence controls. Based out of Atlanta, GA, Nathan brings enthusiasm, dedication, and a wealth of industry insights to help businesses stay ahead of the curve in the ever-evolving domain of cybersecurity.

Ed Thomas is a Senior Vice President at ProcessUnity, with an extensive background in Third-Party Risk Management. A seasoned expert in the field, Ed has years of experience guiding organizations on their journey to establish efficient and effective risk management programs. Combining his deep industry knowledge with practical insights, Ed aims to assist organizations in realizing the full potential of their TPRM programs.

Elizabeth recently joined Shared Assessments as a TPRM SME after 15 years as a TPRM practitioner. She has experience designing holistic programs and delivering assessment work within the cybersecurity, financial services, manufacturing, and healthcare sectors. Outside the office, Elizabeth takes full advantage of the beaches and outdoor activities enjoyed by so many Floridians.