Steve has been at the nexus of business transformation and technology enablement for nearly 15 years. A passionate proponent of business-led IT, Steve has served various leadership roles in world-class organizations including IBM, Schlumberger and KPMG. For the past 8 years, Steve has focused his efforts on primarily serving the Energy Industry, consulting with senior executives across a wide swath of operational and functional challenges such as enterprise cost optimization, service management, process integration, vendor selection and operational controls. Currently with KPMG, Steve is partnering with technology executives supporting the advancement of today’s CIO Agenda.

Steve is well-known in the Houston marketplace and has served on Board of Directors of ISACA and Techxans. He is proud to chair the Board of the GRC Executive Summit.

Program Track:  BODAC01.2 - CIO In The Boardroom! Two-way Collaboration for Success - Using Information Technology to Gain Competitive Advantage

Mark Tackley has significant business management and advisory experience gained in blue chip organisations and global consulting firms. He now advises clients in business transformation, business process re-engineering, programme and project management, IS and IT strategy, IT value management and outsourcing. Mark was previously the CIO for a division of a major UK plc and prior to moving to the US he led the KPMG IT advisory practice in London for the commercial, industrial, and manufacturing sector and also the information, communications and entertainment sectors.

Program Track:  BODAC01.2 - CIO In The Boardroom! Two-way Collaboration for Success - Using Information Technology to Gain Competitive Advantage

Mr. Taylor is recognized as a leader in the convergence of controls monitoring, information security and the implementation of technology to boost corporate governance. As CEO of Oversight Systems, Patrick is responsible for understanding customer needs for operational governance and making sure those needs are met in Oversight's product development. Patrick recognized that most IT security and financial system controls focus on user access and role management but don't address the need to understand the integrity of what people do in their authorized roles and activities. After speaking with executives from across the country, Patrick launched Oversight Systems to pioneer the concepts and technology for transaction integrity monitoring.

Patrick worked in leading roles with ORACLE, ISS, Symantec, Red Brick Systems, GO, Air2Web and Fast-Talk. Patrick has a Bachelor of Mechanical Engineering with honors from the Georgia Institute of Technology and a MBA from the Harvard Graduate School of Business Administration.



Program Track:  CECFO2.5 - If You Know, Then They Will Know - Gaining Complete Oversight of Business Risks and Process Controls

Mr. Swindon is a nationally known author and speaker on security, risk, governance, and audit issues in industry and government.  He joined NEMEA Security Services, LLC as the Chief Operating Officer and oversees the day to day sales, marketing, software development and Information Technology efforts of the company.  Prior to joining NEMEA, he held senior positions in both the public and private sector: he was the COO for RiskWatch, Inc., producers of risk assessment software, CISO for Orlando Regional Healthcare, a large regional hospital group in central Florida, VP, Chief Security and Privacy Officer for WebMD, Director of the Office of Computing and Telecommunications for the state of Michigan and Principal in a private business development and consulting firm.  He has served as a Director for the ISACA CISM certification board and he served on the international panel that conducted the practice analysis for security certification for the same organization.  He holds a BA from the University of Dayton and an MBA from Boston University.



Program Track:  CIOCSO3.1 - Guiding Convergence – Getting Visibility and Representation at the BOD Level
Program Track:  COCQA8.1 - Creating Effective & Lasting Governance Programs

Terry Hirsch is the CEO of Security Weaver where he is responsible for the continued growth and success of the company. He has extensive knowledge of regulatory and compliance issues and has a wealth of experience working with complex financial systems and the SAP platform. Additionally, Hirsch brings first-hand insight into the challenges faced today by information technology (IT) organizations. Prior to Security Weaver, he has held executive level positions in well-known financial companies such as AIG Retirement Services, SunAmerica and Farmers Insurance Group.



Program Track:  CIOCSO3.3 Changing the Paradigm - From Information Security to Information Risk Management and Security Governance.

Brenda Piazza is a Director at CBIZ. She has over 20+ years Information Technology experience in diversified industries:  healthcare, banking, government, non-profit, real estate and manufacturing fields. Brenda has been project managing SAS 70 Type II audits for the last 6+ years for various industries. Brenda has recently completed a heavily automated integration of the claims adjudication system into the healthcare billing system for a major pharmacy benefit maintenance company with 600+ employees.  Brenda has also been involved in Sarbanes-Oxley auditing for the last 6+ years and internal controls for the last 10+ years in the areas of IT General Controls, IT Application Controls and Business Processes.

Brenda has an MBA in Technology Management and a BS degree in Information Systems.

Quinton consults with Qualys' clients like eBay, T-Mobile, Expedia, Disney, Washington Mutual, CNET, Kaiser Permanente, Adobe, Google, Mattel and the State of California on risk management best practices and security metrics. Quinton has served on the board of the Los Angeles ISSA, on an advisory board for a consortium of Southern California Colleges in curriculum development, and is a founding member of the Los Angeles InfraGard.  Quinton has presented on Vulnerability Management Best Practices at the West Coast Security Forum, WSA Security SIG, ISSA Chapters in Boise, Denver, Salt Lake City, Seattle and San Diego.

Program Track: CIOCISO3.7 Securing Your Information So You Don’t Make Headlines- You May Be Liable For Breaches - "Best Practies in Vulnerability Management & Policy Compliance"

Ms. Menown has supervised numerous forensic engagements, including corporate internal investigations, asset searches, fraud risk management and compliance and monitoring engagements.  She has over 17 years experience in providing services in the investigative and integrity advisory services, dispute advisory, mergers & acquisitions, evaluation, financial advisory, and auditing.  She has performed numerous forensic accounting assignments related to accounting irregularities. She has investigated earnings management, fraudulent transfers, employee theft and misrepresentations of financial allocations. She has prepared and provided for testimony for regulatory agencies.  She has been retained by an energy company to investigate allegations of aggressive revenue recognition regarding bill/hold issues in a manufacturing company.
Ginger has a - B.B.A from University of Houston with emphasis in Accounting and is a Certified Public Accountant; licensed in Texas.

Program Track:  CLOCCO4.3 Market /Pricing Manipulation - Manipulation in the Energy Markets

Sheila Slocum Hollis is chair of the Washington, D.C. office of Duane Morris LLP, serving on the firm’s Executive Committee and Partners’ Board.  Ms. Hollis specializes in domestic and international energy and environmental matters.  She represents governmental bodies and the energy industry.  Ms. Hollis was the first Director of the Office of Enforcement of the Federal Energy Regulatory Commission, establishing the office and its policies and procedures, serving from 1977 to 1980 and was a trial lawyer at the Federal Power Commission from 1974-1975.  Ms. Hollis was the first woman President of the Energy Bar, and was Chair of the American Bar Association’s Section of Environment, Energy and Resources.  She also chaired the Standing Committee on Environmental Law, the Coordinating Group on Energy Law and recently served a three year term on the ABA’s Standing Committee on the Federal Judiciary.  She served as president of the Women’s Council on Energy and the Environment from 1997-2002 and received its Woman of the Year award in 2003.  She serves in the ABA’s House of Delegates, the Board of Editors of the ABA Journal, is chair of the ABA Fund for Justice and Education.  Ms. Hollis served as a professorial lecturer in the law on the subject of energy law at the George Washington University Law School from 1979-1999.  She serves on the Board of the American Friends of the Royal Society.

Program Track: CLOCCO4.3 Market /Pricing Manipulation - Manipulation in the Energy Markets

Dan A. Krohn is a general business attorney with an emphasis on technology and Internet matters. The majority of his clients are closely held businesses, entrepreneurs and professionals with a wide variety of interests and obligations. Dan entered the University Of Texas School Of Law, where he received his J.D. in 1974.  Following graduation, Dan served as law clerk to the Travis County District Courts. He then became the first administrative law judge for the Texas Department of Banking, where he presided over hearings on state bank applications, domicile changes and other related matters. In 1989, Dan became a sole practitioner with a focus on computers and technology. Over time, this focus has evolved to matters involving e-commerce and the Internet.

A popular speaker and author on law, trends and technology, Dan has spoken to the Electronic Messaging Association, the University of Texas Computer Law Conference, the Asian Chamber of Commerce, the Houston E-Commerce Success Super Conference, the Houston Chapter of the Texas Society of Certified Public Accountants and many others. His writing has been published in the Houston Business Journal, DBA Houston, Indigo Sun and Houston News Today Online.



Program Track:  CLOCCO4.2 The Transition from Corporate Attorney to Chief Compliance Officer - The Legal Implications of Compliance and Risk Management

Stephanie leads the sales and consulting services at AverQ. With her 20+ years of audit and consulting experience, she also drives the thought-leadership activities at AverQ. Previously, Stephanie was Executive Vice President at Accretive Solutions, Inc., where she headed up their Enterprise Governance Practice. Prior to Accretive, she was Vice President of Business Consulting at Certus Software, Inc., a leading provider of corporate governance and compliance software. Prior to joining Certus, she was Global Managing Director at Resources Connection, Inc., $1B market cap company, where she successfully launched and was responsible for all aspects of their internal audit and risk management subsidiary, Resources Audit Solutions, LLC. Earlier, she served as a senior manager at Deloitte & Touche and a worldwide audit manager at Cargill, Inc. While at Cargill, she spearheaded the early electronic audit workpaper initiative, leading to a successful rollout of a global automated audit package. Stephanie is actively involved in The Institute of Internal Auditors and has been a Board of Governor for the Twin Cities Chapter. Stephanie holds a B.S.B.A. in Accounting from Drake University.

Program Track: CAECRO5.1 The Common Goals And Objectives Of The Chief Risk Officer and Chief Audit Executive

Mark holds an MS in Math, an MSCS, and a recent JD concentrating in eDiscovery. He has solved some of the toughest software design challenges, for which he received multiple awards, and his solutions are currently in use all over the world. He has authored books, papers, and patents, and has working knowledge of ten languages. Mark specializes in the security side of the software design, information governance, and related areas of eDiscovery and computer forensics. Through his consulting practice with Top8, Mark has developed a system for approaching information risk management problems for organizations of various shapes and sizes.

Program Track: COCQA 8.3 Security Breaches And Incident Response - Handling Communication When Corporate Issues Have Been Exposed

Mr. Taylor is CAP’s foremost fraud expert and chief designer of VRM-Partner™ web-based software.  Joined CAP with over 17 years of accounting and auditing management experience.  Mr. Taylor has held a variety of senior management positions in accounting and finance including CFO positions in both the public and private sectors.  Mr. Taylor’s extensive background includes management positions in the aerospace, banking and advertising industries.

In addition to eight years in the audit recovery industry, his expertise includes five years as a fraud examination expert and currently presents national workshops on detecting fraud and embezzlement.  Mr. Taylor is responsible for the day-to-day operations and software systems development.

Program Track: CAECRO5.5 Fraud Detection and Prevention through Data Analysis

Dorian J. Cougias is the founder and Lead Analyst of Network Frontiers, a company that focuses on systems continuity, regulatory compliance, and IT infrastructure consulting, training, and publishing.  He is also an Adjunct Professor of Technology, lecturing and serving on the board of advisers for the University of Delaware; College of Human Services, Education, and Public Policy.  Dorian has authored hundreds of articles and dozens of books, including the award-winning Backup Book: Disaster Recovery from Desktop to Data Center, and most recently the Unified Compliance Series.  As the primary architect of the Unified Compliance Framework, Dorian and his research partner, Marcelo Halpern of the international law firm Latham and Watkins, have created the first independent initiative to exclusively support IT compliance management. By focusing on commonalities across regulations, standards-based development, and simplified architectures, the UCF supports a strategic approach to IT compliance that reduces cost, limits liability, and leverages the value of compliance-related technologies and services across the enterprise.  Dorian also serves as an adviser, research fellow, or working group member to the Financial Technology Forum, IT Compliance Institute, NetFocus, Hospitality Law, the National Association of Convenience Stores, and the Hospitality Financial & Technology Professionals.

Program Track: CLOCCO4.6 Compliance On The Rise!  Implementing a Common Compliance Framework for Multiple Compliance Requirements

Michael S. Giles is founder and President of Enterprise Risk Associates, LLC, a professional services firm formed in 2005, specializing in Operational Risk Assessment and Performance Measurement. With more than nineteen years of consultative experience, over a broad array of industries and organizations, Mike has a proven track record for assisting his clients isolate and identify the root causes of their business problems and focus on implementable strategies to offset the risk inherent in operations. Leveraging a repeatable process for identifying, qualifying, quantifying and mitigating "operational risk", his firm emphasizes the establishment of key metrics, before and after improvements, to measure performance against established baselines.

He holds a Bachelor of Science in Computer Science with a minor in Mathematics from Sam Houston State University.

Program Tracks: CIOCSO3.2 Creating A GRC Centric IT Organization - Is Your IT Group Up to the Challenge?
Program Tracks: CAECRO5.2 The Shift In Internal Audit Responsibilities - Improving Coordination With the ERM Team s

Randy Fernandez is a Practice Director in the Houston office of Adams Harris, Inc. (www.adamsharris.com), where he is responsible for the Internal Audit and Accounting & Finance practices. He has over 20 years experience, including seven years of "Big Four," in audit, finance and accounting. Mr. Fernandez has served as both a Chief Audit Executive and as a Controller. He is a past president of the Houston Chapter of the Institute of Internal Auditors and has served on an IIA International Committee.

Mr. Fernandez earned a Master of Business Administration in Business Analysis from Texas A&M University.

Program Track: BODAC1.3 Auditing The Auditors - Implementing an Effective Internal Audit Evaluation Plan and Relationship Strategy.
Program Track: BODAC1.6 Improving Audit Committee Effectiveness - Crafting an Audit Committee Self-Assessment Program.

Nicole Dean is currently the Vice President of Internal Audit for Belk Inc, based in Charlotte NC. Belk is the largest privately held department store retailer in the U.S. with over 300 stores in 17 states. In addition to her audit responsibilities, Nicole was recently named Chief Diversity Officer to lead the company's diversity and inclusion strategy. Prior to joining Belk in 2006, Nicole served as Director of Audit Services at the Harris County Auditor's Office in Houston Texas and held various accounting and auditing management positions in retail. She started her career with Deloitte & Touche, LLP in Pittsburgh PA and is a CPA. Nicole currently serves on the Advisory Council for the Greater Charlotte Boys and Girls Club.

Program Track: CAECRO5.7 The Chief Audit Executive Role - Adding Increased Value Your Organization

John Ballentine is a Principal at ProComply, a Texas-based regulatory services provider to the energy industry. Prior to joining ProComply, John served over 20 years as a senior compliance executive in both electric and natural gas companies subject to federal regulation. An ardent advocate for streamlined, effective regulatory risk management in the energy industry, John co-developed ProComply's "Sustainable Compliance" program model based on a proactive approach to managing regulatory risk.

Program Track: CLOCCO4.7 Energy Industry Regulatory Compliance: Developing and Implementing a Proactive Risk-Based Compliance Program

James Sayles is Vice President, Chief Risk and Compliance Officer for Favored Solutions and Vice President, Program Development for the GRC Summit, LLC.  As a thought leader in Governance, Risk, and Compliance, Mr. Sayles has worked with more than two dozen of the world's largest banks and financial institutions as well as some of the largest global oil and gas companies implementing strategic corporate governance frameworks and strategies. With over 12 years experience, Mr. Sayles is a proven leader in working with Board of Directors, Audit Committee Members, Chief Audit Executives and Chief Information Officers in building effective corporate governance frameworks that includes enterprise risk oversight and management, internal audit and compliance programs. Mr. Sayles is an expert in regulatory compliance and risk management frameworks, including Sarbanes-Oxley, Basel II, GLBA, HIPAA, PCI Data Security, FISCAM/FISMA, SAS 70, FFIEC, COSO, ISO, and the PCAOB Auditing Standards, as well as other international regulations and frameworks.

James Sayles has an MBA in International Business from Robert Kennedy University.

Program Track:

• BODAC1.1 The Board's Eye View of Enterprise Risk - Do You Have Oversight of Business and Information Risk?
• CAECRO5.4 Understanding GRC In-Depth; Using The Right ERM And Audit Strategy As A Catalyst For Addressing Risk, While Improving Audit Outcome Track

Norman was President of GCRM Solutions, LLC before merging with UHY Advisors in November 2006. He was Director of the Finance & Accounting practice for the Houston, TX office of Jefferson Wells International and was a principal with Ideon Consulting and Daman Consulting providing technology and management consulting services to Fortune 1000 companies. Norman held audit, accounting, and finance roles of increasing responsibility at Texaco, Inc. and Compaq Computer Corporation. He began his career in finance at Oppenheimer & Company.  Over 18 years of internal audit and management consulting experience.  Norman spearheads Enterprise Risk Management training and consulting services as well as facilitates and designs control self-assessments.  He also leads advisory and assurance services for IT governance, risk assessment, software selection/implementation, documenting and testing IT general controls and application controls, and evaluating information security strategy.

Norman’s Education includes:

• M.S., International Business - University of St. Thomas – Houston, TX
• M.B.A., Marketing - University of St. Thomas – Houston, TX
• B.B.A., Accounting - University of Houston – Houston, TX

Program Track: CAECRO5.3 Speaking Greek: Why integrated GRC alludes good companies.

Phyllis Eriksen, CISA, has over 20 years experience in management and operations roles in industry, consulting, and public accounting.  Currently, she manages Audimation’s federal government portfolio as well as national public accounting firm clients. She speaks often on the topic of data analysis, most recently at ISACA CAC’s 2008 and the AICPA Practice Symposium 2008.

Program Track: BODAC1.5 The Business Case for CAAT’s.

Mr. José Tabuena is a Compliance officer and attorney with extensive compliance management experience at the executive level. He currently serve as the Chief Ethics and Compliance (and Privacy) Officer for MedicalEdge Healthcare Group, Inc. In that capacity, he functions as the primary liaison between the Board and Management. Additionally, José advises on regulatory matters and manages the organization's governance and compliance structure and processes.  Most recently José was named by The Millstein Center for Corporate Governance and Performance at the Yale School of Management, as one of the global "rising stars of corporate governance" those who, while young and often relatively new to the field, are making their mark as outstanding analysts, experts, activists or managers (see: http://mba.yale.edu/news_events/CMS/Articles/6493.shtml).
Jose’s Education and Professional Affiliations.

• Bachelor and Master of Arts, University of California San Diego
• Juris Doctor, University of California Berkeley (Boalt Hall)
• License, State Bar of California
• Certified Fraud Examiner (CFE), Association of Certified Fraud Examiners, 1999
• Certified in Health Care Compliance (CHC), Health Care Compliance Association, 2000
• University of North Carolina, Chapel Hill – Kenan-Flagler Business School, Kaiser Permanente Advanced Leadership Program/Executive MBA Curriculum, 2002
• Legal Ethics Committee, Dallas Bar Association, 2006
• Conduct Review Board and Special Counsel, City of Coppell, TX, September 2005 – September 2007
• Advisory Board, Compliance & Ethics, publication for the Society of Corporate Compliance and Ethics, 2003 to Present
• Board Member, Health Care Compliance Certification Board – 2003 to Present
• Editorial Board, Compliance Today, publication for the Health Care Compliance Association – March 2008 to Present.

Program Track: CLOCCO4.4 Increasing Shareholder Confidence with an Auditable Compliance and Ethics Program - What You Don't Know Can Hurt You!

Rob is the Vice President of IT Compliance for CA and is responsible for all compliance activities within Information Technology.  Rob joined CA in 2005 as Director of Internal Audit to develop an IT Audit practice within the department as the function had never before existed.  Within a year of establishing the IT Audit practice, Mr. Zanella was asked to take over and evolve the IT Compliance function to advise on controls optimization opportunities and determine the adequacy CA’s IT risk and controls profile.
Rob has over 22 years of IT experience in software development, project management, and auditing. Before joining CA, he was Director of IT Audit for 5 years at SIAC, the technology arm of the NYSE.  Prior to the NYSE, Rob was a Senior Manager at Deloitte & Touche for 7 years implementing ERP solutions as part of their Enterprise Risk Services group at several large clients.  In addition, he held various software development and project management positions within Savings Bank Trust Company and Union Savings Bank while developing and implementing lending software.

Program Track: CECFO2.3 Where is My Risk and Compliance Report? How to Get the Right Executive Report Without the Minutia, the First Time.