On Demand Events

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

Andy has more than 30 years in data communications/information security and is familiar with all types of systems and transport technologies. Using this knowledge, Andy has conducted hundreds of vendor assessments and implemented vendor risk management programs for several large clients.

Nasser has 20+ years as a Cybersecurity, Supply Chain, and IT leader. With a focus on customer-first and team-building approaches, Fattah is able to align programs to support company strategies, regulatory requirements, and growth initiatives. He drives cybersecurity, supply chain, and IT as enablers for enterprise-wide transformation initiatives. He partners with executives to identify and select strategic external partners to deliver essential IT and cybersecurity services to the business. Nasser worked with global parent companies and subsidiaries to establish technology standards to maximize investments and operations efficacy to best support business needs and growth. Nasser has a strong, consistent record working successfully with Business and IT executives, regulators, auditors, and risk partners. Nasser also teaches cybersecurity at several colleges and is the chair for North America Shared Assessments – an industry best practices for the supply chain.

Ken Wolckenhauer is the head of Vendor Management at Nordea Bank’s International Corporate Branch network. Prior to that, he worked for the major FinTech, FIS, in its Financial Crimes solutions division, and in the retail money services business. At Nordea Bank, he built out the vendor management program for the International Division, helping to build a responsible supply chain in areas outside the Nordics. He worked with both building management and suppliers to develop environmentally sustainable programs at the branch. Wolckenhauer is a graduate of Bucknell University with an Associates from the University at Buckingham (UK), a Certified Third Party Risk Professional and a Certified Anti-Money Laundering Specialist.

Persio Reyes is currently a Cybersecurity & Technology Risk Management Executive for Société Générale in the Americas Group Chief Risk Office. Prior to joining Société Générale, Persio was the Americas BISO for all CTO aligned applications for three (3) years. Persio has extensive cybersecurity experience in both the First and Second Lines of Defense. Previously, he was the Head of Endpoint Security & Risk Management at a major investment bank. In these roles, Persio participated in various Working Groups as a key stakeholder in driving the Bank’s new Security Architecture. Persio is an accomplished Information Technology Executive with more than 15 years of technology experience in the financial services industry, and holds various industry certifications in InfoSec, cybersecurity and risk management Persio received his Bachelor of Arts in Economics from the City College of New York (CCNY) and his M.B.A. degree in Technology Management from the University of Phoenix.

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Joe Toley is responsible for assisting organizations in operationalizing and maturing their Third Party Risk Management Programs. He joined Prevalent from 3GRC where he was instrumental in defining the services and deliverables to support the use of the risk management technology and prides himself in taking client requirements and translating them into achievable plans. He comes from an IT security background, with an original focus on data security and data loss prevention, before shifting his efforts to the Third Party Risk Management space 5 years ago.

Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.

Avani Desai is a Chief Executive Officer at Schellman, the largest niche cybersecurity assessment firm in the world that focuses on technology assessments. Avani is an accomplished executive with domestic and international experience in information security, operations, P&L, oversight, and marketing involving both start-up and growth organizations. She has been featured in Forbes, CIO.com, and the Wall Street Journal, and is a sought-after speaker as a voice on a variety of emerging topics, including security, privacy, information security, future technology trends, and the expansion of young women involved in technology.

Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.

John is Chief Evangelist & Chief Risk Officer with Supply Wisdom, the leading patented continuous risk intelligence and monitoring solution for third parties and locations. He is recognized as a global financial industry executive and risk subject matter expert, in vendor/third-party risk management, AML/CTF, KYC, and anti-fraud programs. Prior to joining Supply Wisdom, John held senior positions globally for Citi and Deutsche Bank covering corporate, investment, commercial and consumer banking. John is a member and co-moderator for RiskBoard.org, a member of the Shared Assessments US and UK Steering Committees and Co-Chair of the Financial Industry Vertical Strategy Group.

Michelle Clement is an experienced risk professional that has led global teams across the first and second lines of defense for many years. Her focus is on transforming third party risk frameworks to continue to meet the demands of large enterprises. At BlackRock, she led the Global Third Party Risk division and the Governance Infrastructure for Global Provider Strategy. Her career started in the Securities Lending within trading. She holds an MBA from San Francisco State in Strategic Management and a BA in Management Information Systems.

Charles has more than 25 years of experience in senior risk, technology and transformation roles at global banks, a Big 4 consultancy and at international organisations. He has extensive experience in designing, transitioning and leading risk and transformation programmes to drive efficiency and regulatory compliance. Currently, Charles is Head of Operational Risk at Nomura EMEA for Global Markets and Investment Banking.

John is Chief Evangelist & Chief Risk Officer with Supply Wisdom, the leading patented continuous risk intelligence and monitoring solution for third parties and locations. He is recognized as a global financial industry executive and risk subject matter expert, in vendor/third-party risk management, AML/CTF, KYC, and anti-fraud programs. Prior to joining Supply Wisdom, John held senior positions globally for Citi and Deutsche Bank covering corporate, investment, commercial and consumer banking. John is a member and co-moderator for RiskBoard.org, a member of the Shared Assessments US and UK Steering Committees and Co-Chair of the Financial Industry Vertical Strategy Group.

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Paul Poh is a Managing Partner at Radical Security with over 25 years of technology and information security experience. He provides advisory CISO services for several public and private companies. His past roles include Chief Technology Officer and Head of Information Security and Software Architecture.

Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.

Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy, data protection and information security practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management (RIM) framework. Security Magazine named him one of the “Most Influential People for Security.”

Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years of experience in product management, consultancy, and operations deliverables.

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

A strategic thought leader with extensive expertise in cybersecurity, Jeffrey Wheatman is regarded foremost as an expert in guiding public sector clients and Fortune 500 companies in connection with their cyber risk management programs. In his current role as Cyber Risk Evangelist at Black Kite, Jeffrey works to get the message out about the business impact of third-party risk and solutions to treat those risks. Prior to joining Black Kite, Jeffrey was a Vice President in Gartner’s Research and Advisory Group for 15 years, where he worked with clients to build and improve their security programs, assessing risk, focusing on reporting on program status, stakeholder engagement, and bridging the connection between technology and cybersecurity risk. Jeffrey has authored approximately 150 research notes read by more than 6,000 clients. For four years, Jeffrey also served as the Chair of the North America Security and Risk Management Summit, Gartner’s 2nd largest conference with 4000 attendees annually. Earlier in his career, Jeffrey contributed as Practice Manager, Information Security for Gotham Technology Group, and as a Principal Consultant, Information Security, with ThruPoint, Inc.

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.