The CFO Playbook on Risk Management: Shadow IT and Sophisticated Risk Management for CFOs
Mon, Apr 22, 2013
02:00 P.M. ET
About CFO Playbook
CFO Playbook is a series of educational Best Practice Webcasts, eBooks, and events providing you with practical knowledge and insights from your peers.
The proliferation of mobile technology tools -- pretty much every employee these days has a smartphone, if not a tablet as well -- has created the phenomenon known as Shadow IT. As its macabre name implies, these tools are being used for work purposes without organizational approval. In some cases, business units are building their own IT solutions without the input or knowledge of IT. The result in either case is a murky flow of unofficial, uncontrolled data.
What's wrong with these independent, creative activities? Plenty. If IT did not develop the tools, is not aware of them, and does not support them, compliance with Sarbanes-Oxley and other regulatory initiatives including Basel II, PCI, IFRS and HIPAA is threatened.
While many organizations support BYOD -- Bring Your Own Device (to work) initiatives -- and understand that employees use Shadow IT because they think there is no other way to get the data they need to do their jobs, protocols must be established to address the security risks, version control issues, data consistency problems and wasted investments.
During this Webcast, you will learn why it behooves CFOs, to whom IT increasingly reports, to work closely with CIOs and especially company risk managers to understand what these risks are, how they can be mitigated and where they can be transferred to an insurance company.
About the Panelists
John A. Wheeler, Research Director, Gartner
John A. Wheeler is a Research Director with responsibility for covering compliance, risk management and leadership topics. His areas of specialty include enterprise risk management, internal audit, corporate governance and IT/operational risk. Mr. Wheeler is a recognized expert and frequent speaker/author on the effective use of risk management practices in large, complex organizations. He has more than 20 years of professional experience in a variety of financial operations, risk management and IT-related roles.
Prior to joining Gartner, Mr. Wheeler founded and led a management consulting firm specializing in enterprise risk management and control. Mr. Wheeler also has served as a senior vice president and senior risk officer within the Corporate Risk Management division at a major U.S. financial services company. In this role, Mr. Wheeler's responsibilities included providing leadership and corporate-wide oversight of the company's operational risk management and financial regulatory compliance program. In addition, Mr. Wheeler has directed financial reporting, financial shared services, and corporate accounting operations for companies in both the media/entertainment and healthcare industries.
Mr. Wheeler also has wide-ranging experience providing risk management, financial operations process improvement and IT advisory services with two global professional services firms.
Michael Versace, Global Research Director, IDC Financial Insights
Michael Versace is a Global Research Director at IDC Financial Insights, focusing on the global risk business and technology marketplace. The global risk research and advisory service covers credit, market, and operational risk management strategies in retail and corporate banking, cash and treasury management, payments, insurance, securities and investment services. With a team of analysts in all key global technology markets, the worldwide Risk practice is used by financial institutions to make mission-critical decisions on their investments in a variety of risk technologies and advises providers of these technologies on strategies for success in the market. Mr. Versace also serves as the Financial Services industry lead on the maturity and adoption of Big Data and Analytics technologies.
His 25-year career in financial services has included extensive interactions with central bankers, financial services agencies, corporate and retail banks, investment firms, and the risk technology communities at both an enterprise and industry level. As a risk management practitioner, consultant, industry representative, and analyst, Mr. Versace has the background and experience to bridge a wide range of business and technology challenges facing today's global risk managers and technology executives.
Mr. Versace's experience is drawn from the investment services and banking sectors through positions with Fidelity Investments, the Federal Reserve Banks, including a program of financial infrastructure innovation led by the United States Treasury Department Financial Management Service, and BayBanks. At Fidelity investments, he was a Director in Corporate Risk Oversight office, responsible for various risk and control activities of the institutional investment and brokerage services, transfer agent, management fee operations, and for Fidelity's strategic investment companies.
At the Federal Reserve Banks, Mr. Versace was part of the nationwide leadership team responsible for the design and launch of FEDNET and FedACH, the Federal Reserve Banks' payments network and central clearing and settlement hub. While at the Fed, he also founded and directed the Emerging Payments System office, working with the United States Treasury, commercial banks, and technology companies to design and prototype Internet and electronic money systems and related risk management policies, rules, and standards.
As a management consultant for ZEFER, NEC Global Financial Services, and PwC (formerly Coopers and Lybrand), Mr. Versace advised clients and led financial solutions design in a variety of risk disciplines, including cash and working capital management, B2B e-commerce, and cyber security.
Mr. Versace holds a B.S. in Accounting and Finance from Bentley University in Waltham, Massachusetts, and is a certified information security professional (CISSP). Through his career, he has held several high-level industry positions, including Managing Executive with the Financial Services Technology Consortium (FSTC), Chairman of the ISO Technical Committee on Information Security for Financial Services, Board member of the Accredited Standards Committee X9, and Advisor to the NACHA Internet Council. Mr. Versace is currently on the Board of the Information Systems Security Association (ISSA) in Boston, and contributing member to IBM's Information Governance Council.
Jerry Irvine, CIO and Executive Vice President of Sales, Prescient Solutions
Jerry Irvine provides strategic direction for Prescient Solutions' clients, overseeing product innovation and implementation of the highest quality of service. His expertise is an indispensable resource for clients developing IT plans.
Irvine has been deeply involved with the IT industry since 1987. As a result of his early experience, he became an expert in network communications and protocols when others in the industry were just learning how to use their first computers. Armed with this expertise, Irvine entered the consulting field working for companies like Network General and Advantis, performing detailed network analysis, design and troubleshooting.
Since then, Irvine has filled MIS and CIO positions at multiple facilities and has managed more than 100 technicians and thousands of devices. He has led multiple project teams, such as the largest Microsoft Directory migration project ever.
In 2008, Irvine was selected to join the National Cyber Security Task Force, a joint operation between the Department of Homeland Security and the U.S. Chamber of Commerce. This task force is responsible for advising federal decision-makers on cyber security policy and sharing best practices related to this urgent and ongoing need. His expertise on cyber security has been featured in a number of national and industry publications, including The New York Times, WGN Radio and Wired magazine.
Ariel Litvin, Risk Assurance Director, PwC
Ariel is a Risk Assurance Director with PwC's IT Risk & Security Assurance Practice. He has more than 20 years of experience delivering information security, information technology and forensics technology services for multinational organizations in a variety of industries, including financial institutions, technology vendors, telecom providers and others. In his previous role, Ariel was leading the IT Effectiveness, Security and Forensics practice for PwC Israel.
His primarily focused in on emerging technologies including mobile technologies, cloud computing and forensics technologies.
Prior to joining PwC, Ariel has held executive positions as a Chief Products Officer at a publicly traded company and as a CTO and VP of R&D with other start-up companies.
Ariel served his country for six years at an elite intelligence unit in the Israeli Defense Forces and in the Prime Minister's Office. He has a Bachelor of Business in Information Technology with a minor in Finance from The College of Management in Israel and an Executive Master of Science in Finance from Baruch College.
About the Moderator
Russ Banham is the Senior Writer at CFO magazine. Over the past three decades, Mr. Banham has written close to 200 feature stories for CFO and CFO.com, as well as thousands of articles for many other business publications, including Forbes, The Economist, The Wall Street Journal, Financial Times, Chief Executive, U.S. News and World Report, Journal of Accountancy, and many others.
He is the author of 23 books, including The Ford Century, the award-winning, international best-selling history of Ford Motor Company, translated into 13 languages, and The Fight for Fairfax, detailing the extraordinary economic growth of northern Virginia in the aftermath of World War II. His various books have led to several television appearances, including on the TODAY show and A&E's Biography. He is currently writing a history of aviation in Hawaii.