Management Risk

Robert (Bob) Broda

Mobile Phone: 919-***-****

E-mail: *******@*******.***

[pic]

SUMMARY

Ability to implement measures, controls and accountabilities to reduce

risk, automate processes and improve team members effectiveness. Ability to

bridge the gap between business and technology.

Have succeeded at extensive diverse roles in Information Technology from

programmer to general manager of a software company. Helped numerous

clients, infrastructure and software vendors in a variety of roles

including analysis, design, process improvement, implementation, governance

in infrastructure, software development and marketing roles to bring to

market various technical solutions to mitigate risk and solve regulatory

challenges including:

. Long term Archival of data (email and files) including creation of a

TCO/ROI comparison model

. Work flow automation for HIPPA/HITECH, PCI, SOC (SAS70)

. Comparison tools to create Audit Trails for Excel and regulatory

sensitive documents

. Cost effective Enterprise Risk Management scoring and tracking

. Various energy billing and banking related regulatory requirements

Extensive Project Management experience ranging from small teams to

complex, multi-year, multi-site, off shore projects. Variety of

technologies including .Net, Php, C#, ObjectStar, Ultimus, Cobol,

Assembler, MSSQL, Oracle, DB2, dotNet, VisualBasic, etc.

[pic]

WORK EXPERIENCE

Visage Solutions, LLC Managing Partner 1/2002 Present

Created methodologies for risk management, compliance and internal

controls. Heavy experience in Regulations (Sarbanes-Oxley (SOX), SAS70, SOC, ISO27001, Healthcare (HIPAA), Business Continuity and Financial

regulations. Assisted several vendors with strategy and business

development to enter compliance vertical. Assisted over 30 organizations

prepare for SAS70, trained over 100 organizations in Risk Management and

Internal Controls. Served as Interim COO for Risk and Compliance Management

services implementing Six Disciplines company hitting record revenues and

profits for each of the last 3 months of assignment. Assisted client in

establishing a PMO. Served as Fractional Compliance Officer.

IMSofTech (Invensys) VP & GM 11/1998 - 1/2002

Total P&L responsibilities and management for this multi-location (NC,

Texas and UK) business. Directed all operational activities of this

acquisition, which had a poor track record delivering quality dependable

products. Turning a profit and increasing customer satisfaction.

DMR Consulting (Amdahl) Director 7/1994 - 11/1998

Key player of the acquisition and integration team purchasing and combining

two services companies into the Amdahl family. Project Sponsor (responsible

for direction with final approval) for creation of Rapid Application

Development (Agile) methodology used on projects world-wide.

Previous Experience:

VP Product Development, Severn Trent Systems (CS&A). Houston, TX

Programmer/Analyst, Tres Computer Systems. Commonwealth Telephone Company

[pic]

EDUCATION

Southern Methodist University, Executive MBA

Kings College, Information Systems, Bachelor's Degree

Robert (Bob) Broda

Mobile Phone: 919-***-****

E-mail: *******@*******.***

Compliance specific supplement to resume

Over 10 years of compliance and risk management expertise for various

organizations. Heavy experience in Sarbanes-Oxley (SOX), SAS70 (SOC),

ISO27001 (Information Security), Business Continuity, HIPPA and Banking

regulations. Served as Interim COO for Risk and Compliance Management

services company hitting record revenues and profits for each of the last 3

months of assignment.

Extensive and diverse hands-on compliance related experience including:

. Subcontracted to Big-4 company performing SOX activities for numerous

Fortune 500 companies

. Performed Q/A work on all SOX documentation being sent to External

Auditors for multi-national services company

. For multi-national Fortune 100 company

o Developed SOX walkthrough and testing procedures

o Developed SOX training materials and training plan

o Performed SOX financial and IT controls remediation and testing

o Managed GCR tool implementation, modification, training,

reporting

. Created two methodologies for risk management, compliance and internal

controls testing for IT and financial controls

. Trained additional 100+ people from various organizations on Internal

Controls and COSO Framework

. Develop tools and methodology to support and conducted Enterprise Wide

Risk (ERM) Assessments for organizations of various sizes

. Served as Accountability Coach for numerous organizations

. Combined Six Disciplines accountability coaching with risk management

principals

. Assisted clients establish a PMO (Project Management Office)

. Designed HIPAA controls for service provider for healthcare industry

. Developed processes and reporting for FCPA (Foreign Corrupt Practices

Act)

. Assisted community bank(s) prepare for state and FDIC audits

. Helped over 30 organizations obtain SAS70 (SOC) certification in

various capacities including IaaS and SaaS service providers

. Participated in Control Testing for over 10 datacenters including

strategy, planning, design, assessments, remediation, and testing

. Built matrix for service providers to communicate regulatory

compliance for HIPAA, SOX, ISO2005, FISMA, FedRAMP, FINRA, PCI, SOC(2)

. Served as Fractional Compliance Officer for SaaS/IaaS service

providers

. Created dozens of policies and procedures for various entities and

regulations including Information Security, Availability, Privacy,

Confidentiality, Processing Integrity, Change Management, Access

Control, Device and Media Controls, Data Backup, Incident Response,

Business Continuity, etc.

Contact this candidate