Robin Basham

Robin Basham

CEO, Founder

Creator of Facilitated Compliance Management Software and founder of Phoenix Business and Systems Process, Inc, Robin leverages skills spanning security programs, networking and communications, enterprise security architecture and cloud applications, business process, data lifecycle, and systems security continuous monitoring, with proven ability to drive security strategy and management through technology program adoption, automated integrated audit, secure configuration baselines and business technology optimization.  Enterprise ICT GRC and compliance expert and early adopter in both certifying and offering certification programs for Cloud and Virtualization, Robin’s industry experience includes management of systems, controls and data for SaaS (IaaS and PaaS), Finance, Healthcare, Banking, Education, Defense and High Tech.   Robin is a “hands on leader” known for surprising depth in data architecture, programming languages, policy development, and business savvy technical implementations that satisfy all major regulatory requirements.

Barbara Davi-Frumenti

Barbara Davi-Frumenti

VP Business Continuity Services

Barbara Davi, MBCP, MBCI, PMP Barbara is a Business Resiliency Expert.   She has the highest level certifications in this knowledge space.  She has crafted and led numerous enterprise programs from varied business environments including those in Software and SaaS, Cloud Operations, Utilities, Finance, Retail, Hardware, Networking, Media and Health Services. She is a world class expert in developing end-to-end, audit-ready programs for industry.  Her work products include developing Policies, Standards, program Frameworks, Gap Assessments, Vendor Assessments, Business Impact Analysis’ (BIA), Disaster Recovery Plans, Business Continuity Plans, Crisis Management plans, Emergency Management, and Pandemic Planning. Barbara has built and chaired Governance Steering Committees.  She is familiar with multiple planning tools and the NIMS/Incident Command System (ICS) methodology. Barbara has led hundreds of tests to practice recoverability. She has presented her services to the highest levels of Executive Management and the Board.  Barbara is a published author and is available for speaking engagements.  Enjoy Barbara's BCP Blog PANDEMIC AND INFECTIOUS DISEASE PLANNING - New Rules for an Ongoing Threat

James McGee

James McGee

Advisory VP Security Services EMEA

James McGee came into the EnterpriseGRC family when he invited Robin to co-manage a LinkedIn group called Information Security Good News.  Over 15 years experience in information security, risk management, compliance and enterprise security, James is a strong leader who provides motivation, mentoring and vision, ensuring alignment of Business and Security whilst promotion Information Security as an Enabler. Specialties: Consultant, Architect, Manager, Enterprise Security Architecture / Solutions, Governance, Risk, Compliance, ISO27001/2 - COBIT (4.1 & 5.0). Information Security Policy, Standards, Process, Risk Management, Analysis & Assessments, Application / Web Security, Cloud / Cyber Security, Endpoint and Platform Security, Network and Mobile Security, Social Media guidance, Security Awareness & Training, ITIL, Service Delivery, Service Management. CCSK, CISA, CISM, ISMS Lead Auditor, CISSP, Trend Certified Technical Consultant, WSCE, CCSPA, CCSA, CCNA, CS

We recommend you follow Jim a Rebel Mouse rebelmouse.com/infosecexpert/ 

William (Bill) Franklin

William (Bill) Franklin

Sr. Security Consultant

Bill Franklin is an innovative technology and financial professional with experience in compliance, quality assurance, business continuity/disaster recovery, project management, IT internal controls assessments, security & risk management, policy governance, training, application development, combined with superior financial problem-solving skills. His ability to juggle multiple projects while maintaining focus and direction even under quickly changing priorities makes him the exact solution to our customer's security program needs. We've known Bill for a very long time, working side by side at McKesson and witnessing his direction to accomplish the following:

  • Development of an “Enterprise Business Continuity and Disaster Recovery Program Management Office”. 
  • The orchestration of Sarbanes-Oxley strategy and compliance implementation.  
  • PCI compliance including vendor contract negotiation
  • ISO 27001 certification efforts
  • Strategic planning and tactical implementation of a vendor assurance program.
  • The design of the Enterprise firewall program. 
  • Authoring of the enterprise Information Security and Awareness program and Enterprise phishing program for US, Canada, and European subsidiaries.
  • Manage engagements including HiTrust, HIPAA, ISO, and SOC.
  • Document and evolve a "Catalog of Services" specific to Healthcare
  • Performed security, risk, and compliance assessments against regulatory standards including HITRUST, HIPAA/HITECH, MARS-E, NIST 800-53, NIST 800-66, and NIST 800-30. 
Larry Brown

Larry Brown

VP Internal Audit

Larry Brown is an accomplished Internal Audit Leader with extensive experience as a Chief Audit Executive and progressive experience with a Big 4 public accounting firm. EnterpriseGRC Solutions knows Larry as an engagement sponsor and financial industry leader. We are extremely lucky to now benefit by his excellent written and oral communication skills, enabling our company to explain complex issues in easy-to-understand terms. He is recognized for developing strong relationships with executive management, audit committee chairs and others in the organization. 

Having worked for Larry in his role of Chief Audit Executive, First Vice President – Internal Audit at The Options Clearing Corporation (OCC), we've witnessed his tremendous steering of the world's largest equity derivatives clearing organization. Larry reported to the Audit Committee and executive management. The scope of this activity included a primary focus on governance-level activities, core clearing and settlement operations, risk management and the supporting information technology infrastructure. This wealth of experience is now extended to clients of EnterpriseGRC Solutions.

Tony Zirnoon

Tony Zirnoon

VP Security, West Coast

Tony Zirnoon is a seasoned cybersecurity professional with 20 years of experience in enterprise IT architecture and information security at Fortune 500 companies. Tony has a dynamic and 360-degree view of the security landscape and brings a fresh new customer-focused perspective to cybersecurity vendors. He is passionate security evangelist ready to help define viable strategies, design and deploy pragmatic solutions to mitigate cyber risk and compliance requirements.

Tony is a trusted advisor to cybersecurity startups, incubators and accelerators in the Silicon Valley with extensive experience.  He has proven track record defining security strategies, exceeding goals as security sales overlay leader, delivering solutions and consulting services across key industry vertical Financial Services, Manufacturing, Healthcare, Medical Devices, Cloud Services, and IoT.  He has in-depth cybersecurity domain expertise driving security risk assessments, GRC, security architecture, go-to-market strategy, sales enablement, technology alliance & business development for emerging cybersecurity startups as well as Fortune 100 IT technology and security solution providers. 

Tony has BS in Computer Science from California State University; CISSP and CCSA, PCI-QSA certifications and is fluent in Spanish, Catalan, Farsi, English.

Margaret Gesualdi

Margaret Gesualdi

Business Advisor, Senior Executive, Professional Services

Margaret is known for her amazing success in closing and delivering multi-million dollar consulting, audit and compliance engagements in the public, private and governmental sectors on a global basis. Former co-owner of Control Solutions International, Inc, (CSI) which was sold to Staffing 360 Solutions, a Nasdaq company, Margaret grew the Mid –Atlantic region from a few million to $20+M. Margaret has known EnterpriseGRC Founder, Robin Basham, since 2005 when they collaborated to deliver services to Sharp, CA and The OCC.  Robin brought the Facilitated Compliance Management product from Phoenix Business & Systems Process to CSI and throughout the dozen years since their business collaboration has never stopped. 

Areas of Focus:

  • Private Equity, C-Level, & BOD Decision Makers (Public, Private & Governmental)
  • Evaluation & Implementation of Audit, Compliance & Risk Management Frameworks
  • Solution Sales/P&L Management/Growth/Strategy/Optimizing Performance
  • Building and Maintaining Client Relationships
  • Building Successful Partner Alliance Channels
  • Marketing & Key Talent Acquisition
  • Strategic Planning/Building Pipelines 
Jayaraman Swaminathan

Jayaraman Swaminathan

Partner ERP & Business Regulatory - CEO AppWrap LLC

Jay has been an associate and colleague of EnterpriseGRC Solutions CEO for the last ten years. Fintech and RegTech expert, Jay is a Risk Management executive with extensive business, security and audit experience, and certification. Currently, Jay's new company leads a practice supporting companies in their security, compliance, and risk management efforts, with an emphasis toward business optimization across all technology and financial systems. Past Partner at SOAProjects and Past President for ISACA Silicon Valley Chapter, Jay is well known and respected across the East Bay. He is a CPA and has CISA and CRIC certifications.

Coming soon: http://www.appwrap.tech/

Paul Bayne

Paul Bayne

Senior Executive, Technology Transformation

Paul is an experienced change agent known for re-engineering and implementing process improvements to reduce stress, reduce expenses, increase revenue, and streamline operational activities. His ability to quickly develop a vision of the ideal future state allows him to design and implement a roadmap to successful change. He is known for his collaborative working style and the breadth of knowledge his experience across multiple industries brings to his clients in financial services, consulting technology, and manufacturing.

EnterpriseGRC Solutions has partnered and worked with Paul for over a decade, respecting his steering as Senior Vice President, Compliance Data Management, and SVP Enterprise Data Management for a major US Bank, and sharing responsibilities in Compliance Consulting for a major New England Accounting and Audit firm.

Areas of Focus:

  • project management
  • process redesign and implementation
  • planning and forecasting
  • change management
  • organizational design
  • internal controls design and evaluation
  • risk management
  • performance measurement
  • benchmarking and best-practices.

Paul's experience extends across public and privately held companies in the financial services, manufacturing, technology, hospitality, healthcare, and consulting industries in finance, sales, and operations.

Denny Dean

Denny Dean

VP Security, Mid Atlantic

Advisory partner and management member to both Phoenix Business & Systems Process and EnterpriseGRC, Denny is recognized for deep understanding and commitment to Cybersecurity/information security program development and operations.  Ranked #117 on ExecRank’s “Top Security Executive Rankings” for 2012, and Co-recipient of "Best Security Team" award 2007, SC Magazine, Denny Dean is known in many security and high-tech circles as a doer who is not afraid to operate at any level of the organization. Chief Information Security Officer (CISO) for The Hanover Insurance Group, Inc., Denny lead information security with responsibility for risk management, policy development, awareness & education, compliance, litigation support, information lifecycle governance and security incident investigation.

John Peterson

John Peterson

Executive Advisor Cloud Security Solutions and Sales

John Peterson is known and trusted within the inner-most circles of FinTECH, RegTECH, and HealthTech.  With an understanding of the real CISO use-case, he offers strategic direction to clients needing to make the right security architecture choices, bringing knowledge of product and industry to the incredibly important acquisition process.  John has worked with us to package and represent security product, experienced in what makes things sell and the real lifecycle to building relationships in an industry built on trust, loyalty, and patience.

As a highly-competitive and results-driven Enterprise Software Account Executive, John consistently surpasses sales goals, closing multi-million dollar agreements. He provides leadership and collaboration within the internal sales team while developing, managing and executing on multi-year strategic account plans. He is actively placing a wide range of partner technical resources, demonstrating product advantages that meet customer needs. John understands and navigates the customer’s VMO and buying process. We are fortunate to pair John with the Extended EnterpriseGRC Elastic Compliance Network. He's the guy executives want to meet and trust with their most critical technology investments.

Ruth Shirkey

Ruth Shirkey

Advisory VP Tax Services

Ruth Shirkey is a CPA with significant Big 4 experience and solid technical skills ranging from compliance to income tax accounting in federal, state, and international. Familiar with FAS 109, FIN 48, FAS 123R as well as SOX review. Strong experience in developing and working with integrated tax systems.  She has supported EnterpriseGRC Solutions since its founding as a colleague and as the Tax Accounting Advisor. Experienced in North American and US Federal Tax code, and exceptional in her business acumen and understanding of consulting as a practice, Ruth continues to be a treasured advisor and collaborator. 

Joe Byrne

Joe Byrne

Business Advisor, Experienced Leader of Global Technology Teams

Joe is an accomplished, resourceful, and goal-oriented professional with over 16 years of management experience and executive-level experience. He has a Master of Business Administration degree in Technology Management and a comprehensive software development lifecycle background.

Joe is a strong leader, adept at managing operations and leading development teams, with global experience across India and China. Serving in major industries as Vice President of Engineering, Director of Global Operations, and Senior Manager, Quality Assurance & Corporate Governance, Joe is positioned to drive offshore strategy and tactical delivery for all of EnterpriseGRC Solutions clients, from exciting start up to largest of the fortune five hundred.  

Are you looking for someone to lead the incubation of your multi-national practice, bringing your product to the East Bay or entire of California and US Markets?  Look no further.

Scott Sullivan

Scott Sullivan

Corporate Advisor, Partner Channels, Global Sales

Scott has a deep background in enterprise and cybersecurity spanning over 20 years from running a security practice for Coopers & Lybrand to running multiple companies focused within the networking and security space. Scott has been part of eight acquisitions in his career and focuses on developing the right strategy of how to bring security products to market globally. Scott has worked with all of the top system integrators, value-added resellers and ISVs with an eye always towards driving joint revenue. 

  • Board of Directors, Venture Capital, Private Equity
  • Enterprise Security Sales & Services
  • Channel Sales Development
  • M&A, Capital Raising
  • Global Sales Build-out
David Basham

David Basham

VP Engineering

David has been the secret weapon in solving every major technical problem faced by EnterpriseGRC Solutions, and previously by Phoenix Business and Systems Process. As partner and founder of these companies, David is our master problem solver, first to examine alternative technologies, to "Read the Manual" and make the magic happen. With over 15 years of experience in enterprise software development, product integration, and process automation, David has earned a perfect track record for leveraging automation to solve problems in an agile, cost-effective way.

Eric Taylor

Eric Taylor

Principle Systems Engineer - Cloud Services

Eric Taylor is a team leader and Infrastructure Engineer in Enterprise, Cloud, and SaaS Computing.  We've worked with Eric at State Street Bank and Ellie Mae, following and supporting his successful career spanning widely recognized and challenging companies and earning respect among all of his management and peer groups.  Eric specialties include:

  • IaaS
  • SaaS
  • VMware
  • Virtualization
  • Enterprise Systems Monitoring
  • Capacity Planning
  • Performance Management
  • Directory Services
  • LDAP
  • Identity Management
  • DNS
  • Citrix and so much more.

Join the Circle

Share your experience with a team that will really listen and act on your wisdom.  It's a labor of love among friends, and you are welcome.

Count Me In!


Mitchell Impey

Past Head of Information Security for Danfoss with responsibilities for more than 10K employees and serving the Engineering community, Mitchell is an Information Security-oriented/ business-aware IT Auditor with an IT operations background and a passion for computer forensics, memory/malware analysis, and incident response. With more than 15 years history collaborating with EnterpriseGRC Solutions founder, Robin Basham, Mitchell is known to continuously address business needs while explaining and raising the level of information security with clearly defined, pragmatic risk-reducing activities. Currently working in Internal Audit performing IT Audits reviewing IT General controls while performing forensics analysis of ethics cases, e-discovery and incident response tasks. He is a strong believer in continuous education that works on keeping up with the changes in InfoSec, Forensics and Incident Response. Hold and maintain various InfoSec and Forensics certifications; just completed a two-year online M.Sc. Digital Investigation & Forensic Computing at University College Dublin, graduated October 2016. Specialties: Information Security, IT Audit, Computer Forensics, Incident Response, Security Assessments

Sam Elmihi

Sam Elmihi is Global Strategic Executive Advisor and a business consultant.  Providing a global best practice recommendation, business portfolio management and solutions on Security Strategy, GRC, Identity and Access Governance and Risk Management.  Experience in creating and managing complex programs, sales enablement and people management.  He also has considerable international experience working with global clients in Europe, Middle East and Asia.  Sam’s career spans over 20 years in the Information Technology and Information Security organizations.  Sam has assisted global clients in Insurance, Financial Services, Banking, Retail, Telecom and Government.  Sam is very knowledgeable with regard to working with E-level leadership and company Board members, defining risk management and security strategies, transforming security management and IT control programs, evaluating regulatory compliance requirements and helping Fortune 500 organizations achieve greater levels of operational excellence.  He has excellent communication skills as well as Program Management and Project Management expertise. 

Frank Reid, CISSP

Frank is a strategic thinking IT and Information Security leader with an exemplary record of leading multi-million dollar information technology projects in the governmental and private sectors. Recognized by the Director of the National Security Agency and the U.S. Strategic Command Chief of Staff for outstanding architectural design and team leadership in support of the GISC CEO Roundtable.  Trusted partner in all areas of IT management, recognized for developing and implementing innovative solutions to meet the needs of complex business and military security challenges. International and national expertise with expert knowledge in planning, developing, and managing technology and cyber security projects, systems, operations, and personnel. 

Core Competencies - Information Security - Business Continuation and Disaster Recovery - New Technology Evaluation and Selection - Sarbanes-Oxley - Enterprise Resource Planning - P&L Responsibility - Budget Management - Policy Creation - IT Strategy - Seasoned Change Agent - Global Delivery - Change Control - Governance and Risk Management - Risk Management - Infrastructure, Processes, Services - Systems Integration and Migration - Developing or Reorganizing IS/Organization and Infrastructure

Jeff Riech

Startup Leader and Mentor, Public Speaker, we know Jeff Reich as an experienced public speaker with a strong history of entering situations where little to no security or risk management infrastructure exists, or an existing system needs updating. Extensive experience in building and leading high-performance teams. His background consists of building successful programs that have dealt with challenging problems, delivering prevention, recovery and turnaround solutions to the organization.

Skills and Expertise: Information Security, Business Continuity, Audit Management, Risk Management, Executive Strategy, Business Integration, Technology Acumen, Change Management, General Management Experience, Multi-$Million Budget Management, Large-Scale Project Management, Law Enforcement Liaison Expertise

Jeff has been an advisor to this firm and its predecessor, Phoenix Business & Systems Process.  He has been a gracious and supportive contributor to the Silicon Valley and California chapters of ISACA, ISSA, ISC2 and many other important organizations.

Kevin Kumpf

Security Architect / Solutions Engineer

  • Cyber Security: Successfully design, implement, recommend and deploy network, cloud and host based IT security technologies including UTM, SIEM, Firewalls, malware/email. APT, Network Access Control (NAC), Encryption / PKI, E-Discovery, Data Leakage Protection, wireless, IPS/IDS to name just a few.
  • Governance, Risk, Compliance & Auditing: Extensive knowledge of all current compliance and regulatory standards  and frameworks including ISO 27001, SOX, PCI DSS, FISMA, NERC CIP, HIPAA, Basel II, GLBA, SB 1386, COBIT, IT-GRC, ITIL / ITSM, SOC / SSAE 16, NIST 800-53, STIG, etc.  I have managed and overseen all aspects of auditing and pen-testing. Performed datacenter/system site reviews and developed GRC, Disaster Recovery / Business Continuity and Incident Response Plans
  • Sales & Sales Engineering: Consistently reach sales goals (in Millions). Key player in presenting technological, financial and ROI advantages versus competitors. Sold to all levels of key decision-making including C level staff. Responsible for sales, reseller relationships, forecasting as well as technical presentations, RFP’s and POC’s.
  • Critical Infrastructure Protection: Designed, oversaw and approved the security architecture for the rollout of a multimillion dollar EMS / OMS system and newly built fiber and cellular backbone to support it. The system design encompassed all areas including substations, control centers, SCADA components, backend systems, front end systems, data in transit and at rest as well as tie-ins into GIS, call center and other critical systems such as natural gas and hydro monitoring (which I also oversaw the security for also).
  • Project Management: Have managed software development and security projects in areas such as custom application development, web, front-end and backend development, SaaS, B2B / B2P, e-payments, e-commerce, WAP / WEP, connectivity, security compliance, DLP. etc. Have overseen systems, network, and infrastructure and security product/application rollouts. Completed coursework towards PMP certification.
  • Networking & Telecom: Working knowledge of all major platforms vendors including Cisco, Checkpoint, Juniper, Fortinet, etc. Configured routers, switches, firewalls, web servers, load balancers, proxies. Strong background in networking and telecom including wired, wireless, cellular, carrier networks, and data/voice/video over IP-based technologies and the need to design geo-dispersed HA networks. Well versed in routing protocols and OSI model.
  • Systems Hardware & Administration Experience: Working knowledge of all major hardware platforms including IBM, UNIX, Wintel, Apple, etc.  Performed systems tasks such as administration, configuration, capacity planning, break-fix, monitoring disaster recovery, etc.
  • Software Development / Life Cycle Management: Working knowledge of all major OS’s. Knowledge of design and functional roles of a wide range of software applications, databases, web applications, and development languages. Have overseen major development projects and implemented lifecycle management, regression testing, software patching, and deployment. Working knowledge of programming and languages including C, C #, Java, XML / HTML, OOP, Visual Basic, etc.
  • Training & Education: Have trained clients, internal staff and the general public in wide a range of security and compliance areas including CISSP, GRC, SSH, threat response / mitigation, forensics, fraud, identity theft, compliance, networking, auditing, accounting fraud, email security, physical and cyber threats, surveillance and regulatory topics. Have developed mock GRIDEX and active shooter scenarios that won board level accolades.

Ashok Kumar

Ashok Kumar CISSP, CISM, CEH, MCSD, ITIL is an Experienced Information Security Director with significant architecture/management experience across a number of service areas, technologies, and industries including eighteen years within the Insurance/Banking Domain. Consistently demonstrated successful implementations, having managed and executed the delivery of numerous large-scale security engagements. Viewed within the organization as a leader capable of security architecture, development, execution, growth and staff development. 

 

Joan Ross

Global technologist focused on cyber security, threat analysis and prevention, secure design, global services, virtual honeypots, incident response, software defined networking, encryption key management, privacy, infrastructure reliability, and successful technical implementation of industry leading cyber security strategy. Highly effective at recognizing and nurturing talent, improving an organization's security posture to increase revenue, and advising on security technologies to further customer and operational confidence.

Cyber Intelligence • Trusted Cloud • Software Defined Networking (SDN) • SDLC • Cryptography • Secure Design and Architecture • Cross-Platform Computing • Risk Management • Incident Response • BCP • Information Protections • Privacy • Resilient Operations • Governance, Risk & Compliance (GRC) • Effective Change Management • Flawless Global Security Certifications • Contractual Security Requirements. CAAP • CSA STAR • ITAR • FIPS 140-2 • ISO/IEC 27001:2013 • FedRAMP • PCI DSS ROC • COBIT 5 • SOC • C&A • FISMA • HIPAA • NIST

Larry Brown

xxxxxxxxxxxxxxxxxxxxxxxxx

Mike Villegas

Mr. Villegas is Vice President for K3DES, a technology consulting firm focused on the security of electronic payments systems. Mr. Villegas is a QSA, PA QSA, Certified Information Systems Auditor (CISA), a Certified Information Systems Security Professional (CISSP), a GIAC Security Professional (GSEC), and a Certified Ethical Hacker (CEH). He was the 2010-2012 President of the ISACA Los Angeles Chapter and the 2005-2006 President of the ISACA San Francisco Chapter. He has been Co-Chair for the SF ISACA Fall Conference since 2002 through 2008. He is currently Certification Chair for the ISACA Los Angeles Chapter, member of the LA Spring Conference Committee and COBIT Technical Review Committee for LA ISACA. He is also a member of ISSA, ISC2 and OWASP. Mr. Villegas is currently a contributing writer for SearchSecurity - TechTarget.  Specialties: IT Risk Management, IT Regulatory Compliance, IT Audit, Information Security (mainframe, C/S and web infrastructures), PCI DSS, HIPAA, ISO 27001.

Arshad

Arshad Noor is the CTO of StrongAuth (http://www.strongauth.com), a company admired by EnterpriseGRC and Phoenix Business & Systems Process as a leader an innovator in enterprise key management solutions. Significant experience in enterprise-scale IT architecture, cryptography, and open-source software. A strong business background, with an uncommon ability to think outside the box. Exemplary track record in execution and delivery.

Application Level Encryption & Strong-Authentication (ALESA), FIDO Alliance protocols for strong authentication, Data Protection Infrastructure (DPI), Regulatory Compliant Cloud Computing (RC3). Enterprise Key Management Infrastructure (EKMI), Public Key Infrastructure (PKI), Symmetric Key Management Systems (SKMS), Payment Card Industry - Data Security Standard (PCI-DSS), Cryptography tokens (TPM, HSM, smartcards, etc.), Open-source software, Java/J2EE/JEE5/JCE    Learn more about Arshad's companies and experience on our Partners page.

Dorian Cougias

Founder, Lead Analyst at Unified Compliance Framework (UCF), Dorian is responsible for three very important US patents -Compliance framework database schema, United States US8661059 B1, Methods and systems for a compliance framework database schema, United States 20140129593 and United States 9009197. "Generating a compliance framework. The compliance framework facilitates an organization's compliance with multiple authority documents by providing efficient methodologies and refinements to existing technologies, such as providing hierarchical fidelity to the original authority document; separating auditable citations from their context (e.g., prepositions and or informational citations); asset focused citations; SNED and Live values, among others." Among the many cool reasons that we work with Dorian is his contribution and oversight to Compliance Dictionary, a website to help everyone in the compliance space clearly define terms, and then leverage those terms in communicating shared compliance needs.  Learn more about UCF

Saurabh Misra

Saurabh helps business gain value and maximize their return on investment in risk management solutions.  He is experienced IT/GRC and a researcher with over 9 years of experience in diverse technical, leadership, advisory and Consultancy positions. Certified as ISO 27000, ISO 22301, ITIL and many others with experience in IT Service Management, information Security, Business Continuity Management, Disaster Recovery, Risk Management, ISO27001, CobiT, ISO20000, Digital Forensics and investigations, Fraud Investigations, Audit and implementations, Compliance & Governance.  He has managed PMO's, audit / fraud investigations / compliance efforts. Saurabh has traveled extensively across major cities in India and has led and executed several engagements across diverse industry segments – Banking, Financial, Insurance, IT and IT Enabled services, Telecom Manufacturing and Oil & Gas.

Gerard (Rod) Brennan

Dr. Rod Brennan has been an influence on all companies created by Robin, Phoenix Business and Systems Process and EnterpriseGRC, acting as a mentor and at times employing the companies to provide compliance services.  Among his many accomplishments, Rod has,

Published researcher (AICPA “Pink Book”, Info Sys. Control Journal) and graduate level teaching (Rutgers MBA Program) advanced analytic methods for auditing and business process monitoring; Developed and implemented a best in class risk management and internal control process for Siemens Corp. in NA; Directed worldwide integrated continuous auditing (audit automation) practice for Siemens AG leveraging automation to increase impact, detect/prevent fraud and reduce compliance effort/costs.  Established successful IT Audit Practice in North American for Siemens Corporation. Developed and helped implement continuous auditing research and technology at Siemens in cooperation with Rutgers Univ Continuous Auditing Laboratory (CAR-LAB).  Created, employed and managed a successful SAP Competency Center serving the Americas for Siemens in support of Legal Consolidation and Management Reporting. Delivered functional integration and process redesign for successful SAP (FI/CO, HR, & Logistics) implementation for a fortune 500 corporation. Provided functional support for $300 million site, with 350 employees -- including process definitions for several critical legacy system interfaces.  Managed Accounting and IT functions as Controller for successful business turnarounds and redesigns in manufacturing facilities around the US for a fortune 500 entity – P&L responsibility for up to $300M. Served as V.P. Finance for special projects with a startup regional jet manufacturing company. Learn more about Rod's companies and experience on our Partners page. 

Specialties: EXPERIENCE: ACFE Certified Fraud Examiner • Public Reporting (US & German GAAP, IFRS • IPO’s • Continuous Audit / Monitoring / SOX support/ Fraud Prev. • IT Governance / Audit Dev, Automation • Project Manager - large worldwide project experience. • SAP R3 Implementation (FI/CO, HR, Logistics) • Business development / Planning  • Building Finance Teams  • Tax Planning & Compliance Federal, State, & Sales & Use • SAP Legal consolidation • Government “Earned Value” • Treasury/Risk  • Operations • Turnarounds • Start-Ups

Barak Engel

Seasoned technology, operations, and business executive with over 25 years of experience, and established information security expert. Strong software security and cloud expertise, with deep architecture and operational experience in multiple verticals. Effective leader, communicator, and visionary, with a proven ability to execute and drive change in both established and high growth, dynamic environments. Extensively networked and frequent connector for top-talent searches. Energetic, focused and driven creative rule-breaker with a well-established track record in highly trusted roles across multiple companies and industries, and a kick-ass CISO.  Learn more about Barak's companies and experience on our Partners page.

Gabe Zubizarreta

Silicon Valley Accountants focuses on Financial Transformations that add significant value. This is not a traditional CPA firm; we guarantee results, savings, and complete satisfaction. We have worked extensively with public and non-public growth, technology, healthcare, and other companies and have developed a balanced approach to financial transformation that improves accounting processes, system integration, personnel training, compliance, change agility, and financial reporting.  Combine training, optimization, and technology to achieve integrated continuous improvement 

  • Deliver better processes with increasing speed, lower effort, and reduced costs
  • Sustainable and adaptive process improvement
  • Quick start, low disruption customized transformations implemented based on your timing needs
  • Leveraged transformations to costly manually intensive processes (tax, reporting, FP&A, audit & SOX)
  • Enhance embedded controls, improve risk management and reduce compliance costs
  • Leverage existing technologies with little IT involvement 

A CPA with over 9 years of PwC experience in various assurance capacities, and over 7 years as Asst. controller (SEC), Controller & VP Finance, and have led over 40 transformations including complete system implementations, restructuring, and merger integration based transformation projects. Recently, we have designed a set of Financial Effectiveness Solutions and Methodologies which deliver continuous improvement to optimize financial processes. We have extensive SEC reporting experience from external audit and industry perspectives, including SOX compliance and IT controls. Specialties: Accounting Close and Reporting, Financial Statement Audit and Preparation, Merger & Acquisition Integrations, Complex Revenue Recognition, Financial and Operational Accounting, LEAN Process Improvement and Optimization, Big 4 audit, SOX, Internal audit, MAR, and ORSA. Learn more about Gabe's companies and experience on our Partners page.