Manager Management
Resume:
Dr. Bonita Best Coppedge
*** *********** ***** *****, ** 33613 Email:
**.***************@*****.***
Cell: 240-***-**** LinkedIn: http://www.linkedin.com/in/bonitabest
PROFILE
. Over 20 years of experience in full Software Development Life Cycle
(SDLC) for Infrastructure and Software initiatives; IT Project,
Program, and Portfolio Management; Strategic Organizational Change;
and Governance, Risk, and Compliance (GRC).
. Have a stellar record of accomplishment with establishing and managing
multi-million dollar Internal Control and Corrective Action Management
Plan (CAMP) programs within the federal/public sector: Federal
Emergency Management Agency (FEMA) and and Pension Benefit Guaranty
Corporation (PBGC).
. Over five (5) years of experience in helping organizations prepare for
annual internal control/IT audits and resolving vulnerabilities and
weaknesses (i.e., reducing the material weaknesses to significant
deficiencies). For instance: conducting internal assessments and
developed audit assessment reports; presenting findings and progress
to organizational internal control boards (ICB); overseeing business
process improvement (BPI) efforts; establishing and maintaining
enterprise-wide Corrective Action Plans (CAP), Integrated Master
Schedule (IMS), Plan of Action and Milestones (POA&M), and risk logs
(project-level and organizational); and leading cross-organizational
changes.
. Directed small (7-person) to large (100-person) teams: technical and
non-technical personnel (both geographically dispersed and local).
. Expertise in capital planning and investment control (CPIC), including
developing and submitting Exhibit 53 (capital planning) and Exhibit
300 (budget justification and reporting) to OMB as part of the annual
IT budget process.
RELEVANT QUALIFICATIONS
Program and Project Coach and Mentor Risk Assessment and Management
Management IT Strategic Regulatory Compliance
SDLC: Agile and Waterfall Planning CPIC OMB Exhibit 53 and 300
Organizational Change IT Governance IT Audit Support: SAS70/SSAE 16
Management Process Improvement
Business Effectiveness IT Audit Support: OMB Circular
Assessments IT Audit Support: A-123 (Internal Accounting and
IT Audit Support: FMFIA FISMA 800-53 and Administrative Controls -
Section 2 (programs and FIPS 200 (Security federal government version of
operations) and Section 4 Requirements for 17 Sarbanes Oxley (SOX))
(non-conformances with domains)
financial systems)
PROFESSIONAL EXPERIENCE
MedHOK Healthcare Solutions, Inc., 5550 W. Idlewild Ave. Tampa, FL 33634
06/2013-Present
Implementation Manager
Under the brand name of MedHOK, provides a customizable, cloud-based,
automated solution for health plans, accountable care organizations (ACOs),
patient centered medical homes (PCMHs), pharmacy benefit management (PBM)
entities, and Rx specialty organizations (i.e., single platform or by
module). Manages business implementation processes for MedHOK's production
clients who are in varying phases of an agile SDLC. Also is responsible for
fostering consistent customer satisfaction during implementation by
collaborating with executive sponsors, client teams, multiple business
units, and other key stakeholders; and ensuring that project deliverables
are consistent with statement of works (SOW) and/or agreements, service
level agreements (SLA), and project timelines. Accountable for successful
and timely client implementation; work effectively with key business
sponsors and integrating teams to accomplish goals. Key accomplishments:
. Successfully deployed MedHOK's Utilization Management (UM), Medical
Appeals, Grievance, and Case and Disease Management (CM/DM) products
with 1-4 week sprints based upon the executed SOW.
. Effectively served as the primary point of contact or liaison between
MedHOK geographic-dispersed technical staff and the clients in NC, SC,
and MI.
Pension Benefit Guaranty Corporation (PBGC), 1200 K ST NW, Washington, DC
20005 11/2010 - 06/2013
GS-2210-15, IT Project Manager
Served as the Corporation's CAMP Program Manager with a goal of integrating
industry best practices and public frameworks, enabling governance and
rigor during the organizational changes, and providing oversight and
management of a multi-year program focused on addressing PBGC's Enterprise
Security weaknesses and vulnerabilities. Accountable for a $28M+ program
that improved over 12 process/business areas based upon the National
Institute of Standards and Technology (NIST) 800-53 and FIPS 200 security
controls. Directed a 65-person cross-functional team to implement the
Corporation's Enterprise Corrective Action Plan (CAP), which included 14
process families (i.e., Physical and Logical/Network Access Management; IT
Service Desk Improvements; Asset Management; Configuration Management,
Change and Release Management; IT Governance Management (IS Security,
Enterprise Architecture, and Capital Planning, and IT Strategic Planning);
IT Delivery Solutions; Acquisition Management; Information Security
Continuous Monitoring; and IT Risk Management. PRINCE2 and Six Sigma
techniques were used to improve the Corporation's controls and processes.
Organizational changes included development of policies, procedures, and
processes; deployments of technology with improved application controls;
integrating public frameworks and standards (ITIL, RMF, COBIT, COSO, NIST,
and ISO); ensuring compliance with laws and regulations (FISMA, Clinger
Cohen Act, OMB Circular A-130, e-Government, and Privacy Act); and training
personnel. Key accomplishments:
. Established a new Program Management Office (PMO) in the Office of
Information Technology called the Corrective Action Management Program
(CAMP); it enables consistent reporting of program and project-level
cost, schedule, risks, and performance to executives and auditors,
governance of CAP activities; and audit advisory and project
management services.
. Served as an Advisor to the Agency's Senior Information Security
Officer (SISO) in the establishment of the Enterprise Information
Security Office (EISO) as well as a Continuous Monitoring Program; it
enabled PBGC to position itself to reduce the material weaknesses and
deficiencies.
. Facilitated pre and post-audit sessions with the Inspector General
(IG) and its independent auditors, CliftonLarsonAllen LLP, to enable
transparency of the Corporation's progress to address the material
weaknesses and deficiencies.
. Prepared the CIO, SISO, and other senior-level stakeholders for annual
audits by serving as a 'friendly internal auditor' and advisor.
o Assessed application/system controls including edit checks,
validations, interfaces, and approvals.
o Assessed IT general controls such as change management, logical
access, and transactional.
o Assisted in the identification, classification, and
implementation of controls as well as benchmarking, testing, and
determining the effectiveness of the controls.
o Examined audit evidence of implemented controls.
o Maintained enterprise-wide POA&M as well as a repository of
evidence for each audit finding.
. Developed and instituted a process improvement 5-phase Toll-Gate
Review technique, which enabled the executives to render a "Go" or "No-
Go" decisions throughout the life cycle of a project. This 5-phase
technique enabled improved communications, management control, and
monitoring of progress.
. Established a tool to track the progress of open audit findings and
POA&M items; the CIO adopted it to make this tool the PBGC's IT
Enterprise POA&M. This enabled strengthening the POA&M process, which
was reported the IG's independent evaluation report as a weakness.
. The measureable progress of the CAMP contributed to the Benefits
Administration and Payment Department (BAPD) and other departments to
adopt the CAMP procedures, processes, templates, and other resources.
Federal Leadership Institute, 8130 Boone Blvd., Vienna, VA 22182
07/2012 - 09/2012
Facilitator and Trainer (1099 Consultant)
Facilitated Time Management training courses to the Department of Homeland
Security (DHS) US Citizenship and Immigration Services (USCIS) employees
located in Burlington, VT and Buffalo, NY.
Federal Emergency Management Agency (FEMA), 500 C ST SW, Washington, DC
20472 07/2009 - 11/2010
GS-0343-14, Program Analyst - Internal Control
Served as FEMA's Mission Support Bureau Internal Control Program Manager.
Led a 7-person staff of web developers, technical writers, and
CPA/financial analysts. Responsible for assessing Bureau's internal
controls in accordance with the IT, acquisition, and financial-related
federal regulations, statutory mandates, and adopted standards such as
FISMA, FMFIA, OMB Circular A-123, HSPD-12, FIPS 199 and 200, NIST, and
FOIA. Key accomplishments:
. Served as an internal 'friendly auditor' and conducted assessments on
controls; the activities included evaluating application edit checks,
validations, calculations, interfaces, and authorizations. The audit
results and recommendations were presented to the Agency's
Administrators and C-level executives.
. Developed the first web-based, SCORM, Section 508-compliant Internal
Control Awareness Training (Course#: IS-165); the course was available
to all FEMA employees and later became accessible to all DHS
Components and their employees.
. Developed and published FEMA's first Management Directorate's Internal
Control Bluebook for FY 2009; it featured the Assistant Administrator
and C-level executives' Statement of Assurance memos for the
effectiveness of the internal controls.
. Successfully implemented other projects such as the Bureau's Employee
Recognition Program (non-monetary), Records Management's FOIA BPI, and
the Chief Administrative Officer's (CAO) SharePoint site data
migration from Windows SharePoint Service (WSS) 2.0 to Microsoft
Office SharePoint (MOSS) 2007.
. Served as the SharePoint Site Administrator for the CAO; and
established the governance structure, defined the user roles and
security levels, and designed the site's templates and styles.
BAE Systems, Inc., 2525 Network PL, MS5A60, Herndon, VA 20171
09/2008 - 07/2009
Senior Management Consultant (FEMA Contractor)
Served as an Advisor to FEMA's Assistant Administrator and was an onsite
staff augmenter while establishing the Management Directorate's PMO. Within
this PMO, managed a diverse team of 12: program and project managers,
budget and financial analysts, and system and business analysts. Key
accomplishments:
. Improved over 16 business processes (including automated and manuals)
controls within the following departments: Records Management;
Procurement; Human Capital; Information Technology; Occupational
Safety, Health, and Environmental Management; Security; Business
Management; Facilities Management; and Disaster Reserve Workforce.
. Developed a design for the Directorate's first annual Management
Directorate Internal Control Bluebook, which would illustrated the
Assistant Administrator, C-Level executives, and Division Managers'
annual Assurance Statements; this bluebook was the first of its kind
and released to the Department of Homeland Security (DHS)
Administrator, IG, and the independent auditors, KPMG. In addition,
Administrator included the Bluebook as an enclosure to his Statement
of Assurance.
o Conducted assessments to evaluate the effectiveness of the
Directorate's controls, the results were published in the above-
mentioned Bluebook.
o Provided advisory services after conducting an independent
assessment transactional, system, and controls, developed CAPs
and POA&M, and re-evaluated implemented controls as well as
evidence prior the annual audits. In addition, the
Administrator and C-Level executives solicited support to
review, evaluate, package and present evidence the IG and
auditors for open audit findings.
. Reduced the Directorate's audit findings from over 500 to
121 within a year.
. Provided role-based Internal Control training to over 120 employees
(i.e., a train-the-trainer concept). This training was the first of
its kind within FEMA, resulting to other FEMA Assistant Administrators
submitting requests to acquire the training and course material.
. Was the sole contributor to BAE System securing new business valued at
$500K; this allowed BAE acquire resources specifically for the
implementation of the OMB Circular A-123 and to design an OMB Circular
A-123 training course.
. Led the PMO's efforts to establish FEMA's Acquisition Review Process
for IT and non-IT programs; develop and maintain an IMS/enterprise-
wide project schedule; launch a Policy and Process Library that
included tools, templates, rules and reference material; and launch a
Directorate-level SharePoint site.
Creative Computing Solutions, Inc. (CCSi), 1901 Research Blvd. Rockville,
MD 20850 02/2008 - 09/2008
Program Control Office Manager (DHS Headquarters Contractor)
Served as the onsite Program Manager for the DHS IT Networking Operations
Virtual Alliance (IT-NOVA) contract; and provided oversight of DHS's Level
1 Program with lifecycle costs exceeding $1.86B. Led a 20-person team of
acquisition contract specialists, financial analysts, administrative, and
portfolio and project managers for the DHS Information Technology Services
Office (ITSO) Enterprise Services Division (ESD). Key accomplishments:
. Coordinated and oversaw the completion of DHS's integrated OMB Exhibit
300 for DHS-wide capital asset, DHS-Infrastructure, in accordance with
the OMB mandate for CPIC. The DHS-Infrastructure E-300 included a
consolidation of 20 IT capital investments from 14 DHS Components
using the IMS and nPRS.
. Served as an Advisor to ESD Chief and other DHS constituencies on
programmatic and systematic matters related to the consolidation
enterprise-wide initiatives: 20+ agency-specific data centers into two
DHS data centers, 40+ networks into DHS's OneNet, the use of Single-
Sign On, and over 20+ mail servers into DHS's Active Directory and
Exchange Server.
. Coordinated and facilitated monthly DHS-Infrastructure Program
Reviews; cost, schedule, performance statuses were provided to the
DHS's CIO, ITSO Director, ESD Director, 22 Components' executives, DHS
Departmental officials, and other key stakeholders.
. Trained the DHS-Infrastructure program managers on the DHS Acquisition
Life Cycle (ALC) and System Life Cycle (SLC) processes, Earned Value
Management (EVM) reporting, and project management methodologies
(including agile and waterfall).
BAE Systems, Inc., 2525 Network PL, MS5A60, Herndon, VA 20171
02/2004 - 02/2008
Principal System Analyst/Enterprise Architect (USCIS Contractor)
Served as USCIS Integrated Document Production (IDP) Division's senior-
level consultant providing Project Management, CPIC, and Enterprise
Architectural services. As an IT Advisor and Enterprise Architect, provided
the IDP Division Chief guidance on the Level 2 program; the Total Cost of
Ownership exceeded $100M. Key accomplishments:
. Successfully led several high-profile government initiatives such as
IDP's Center of Excellence (COE), USCIS HSPD-12 implementation, Secure
Mailing Initiative (SMI), Travel Booklet redesign, TSA's
Transportation Workers Identification Credential (TWIC) cards, TSA
Federal Air Marshals Service's secure identity credentials, IDP's
Technology Refresh, and Western Hemisphere Travel Initiative (WHTI)
government-wide planning activities.
. Provided direction and technical guidance to over 100 team members
within USCIS and other government agencies; teams included software
developers (USCIS, US Postal Service, Department of State, and TSA),
logistics specialists, call center representatives, card production
workers, facilities and physical security workers, warehouse
personnel, secure document designers (Government Printing Office),
marketing/PR, and secured consumable production teams.
. Rendered SDLC Phase-Gate Reviews "Go" or "No-Go" decisions, in the IDP
Division Chief's behalf. These decisions contributed to migrations of
IDP's technology solutions from Development, Testing, to Production
environments.
Computer Sciences Corporation, (CSC) Inc., 45154 Underwood LN, Sterling, VA
20166 10/2001 - 02/2004
Computer Scientist/Project Manager (USCIS Contractor)
Managed a 22-person team of system engineers and developers, testers,
database administrators, a quality assurance specialist, a configuration
management specialist, and a technical writer in a Capability Maturity
Model Integration (CMMI) Level 3 environment. Key accomplishments:
. Contributed to the establishment of USCIS' IT Governance structure due
to the dissolution of INS post-9/11. USCIS required its own IT
Governance, Risk and Compliance (GRC) framework; SDLC structure and
governing bodies (i.e., review and configuration boards); and
Certification and Accreditation (C&A) processes and procedures.
. Managed USCIS' biometric and name check systems: FD-258EE (programmed
in C and Visual Basic with an Oracle database) and FD-248 Mainframe
(programmed in COBOL). Over 25 systems deployments were delivered on
time, within cost, and 100% error-free into production using waterfall
project methodologies.
. Addressed the US Government's need to identify foreign-born pilots as
a post-9/11 effort by leveraging existing data stored in USCIS'
biometric and name check systems versus building a new system; this
creative tactic resulted to saving the US Government time and money.
Sabre Systems, LLC, 46655 Expedition DR, Lexington Park, MD 20653
03/2001 - 10/2001
Systems Manager (DOD NAVAIR Contractor)
Supervised a 95-person team of system engineers, testers, configuration
managers, database administrators, network administrators, quality
assurance specialists, and help desk. Maintained an operational environment
with Linux, Unix, Windows, Sun, HP, Compaq, C, C++, Java, Perl, and VMWare.
Assisted in the management of a $1B operation. Key accomplishments:
. Managed a 24x7x365 operation: Provided tiered help desk customer
support, disaster recovery, and back-up services.
. During the 9/11, successfully downed systems and ensured pilots were
airborne with the latest software release in their black boxes, and
coordinated coverage of the individuals categorized as essential
personnel.
EDUCATION AND CERTIFICATE
D.B.A., Business Administration, University of Phoenix, Phoenix, AZ, USA,
12/2010.
M.B.A., Technology Management, University of Phoenix, Phoenix, AZ, USA,
06/2004.
B.S., Computer Science, Saint Augustine's College, Raleigh, NC, USA,
05/1991.
Federal Acquisition Certification Contracting Officer's Representative (FAC-
COR) Level II, Federal Acquisition Institute, Fort Belvoir, VA, USA,
12/2010.
TECHNOLOGIES
Microsoft Office (Word, Excel, Access, PowerPoint, and Outlook), Microsoft
Visio, Microsoft Project, Microsoft Project Server, Microsoft SharePoint,
Alfresco, PlumTree Portal, Adobe Professional, Adobe Connect, Adobe
Captivate, Author-IT, HP Service Manager, Remedy, JIRA, Window XP/7, Mac OS
X, DHS IMS (investment management system), and DHS nPRS (Next Generation
Periodic Reporting System)
METHODOLOGIES, STANDARDS AND FRAMEWORKS
Cyber/Information Security Systems Compliance and Controls: NIST 800-53
(Federal systems security and privacy controls), NIST 800-137 (IS
continuous monitoring), SAS 70/SSAE 16 (Reporting controls at a service
organization), FIPS 200 (Security requirements/controls per FISMA) and FIPS
199 (IS Categorization), and FISMA (Act requiring federal agencies to
assess its IS Program)
Internal Control: COSO, GAO Standards for Internal Control in the Federal
Government (aka Green Book), and OMB Circular A-123 (federal government's
version of SOX), and OMB Circular A-130 (Management of federal information
resources)
Governance: COBiT, ITIL, ISO 27001 (IS Management Systems), ISO 17799
(Information Security), and ISO 20001 (IT Service Management)
Project Management: PMBOK and PRINCE2
Risk Management: NIST RMF (NIST 800-130, NIST 800-37, NIST 800-53, and OMB-
130)
Process Improvement: CMMI Level II/III and Six Sigma
Budget: CPIC Exhibit 300 and 53
Acquisition/Procurements: DHS Acquisition Life Cycle (ALF) and DHS
Acquisition Directive 102-01
PROFESSIONAL REFERENCES
PBGC Manager: Barry West 202-***-****
FEMA Manager: Delia Davis 202-***-****
BAE Manager: DuWayne Jones 703-***-****
Contact this candidate