Profiles search
Denise Doveri
Manager, Global Information Security, Governance, Risk & Compliance at Costco Wholesale
Seattle, WA, United States
Details
Experience:
Present
Costco Wholesale
Manager, Global Information Security, Governance, Risk & Compliance
Responsible for Information Security Governance, Risk & Compliance (GRC) for a Fortune 15 Company. Establish programs to address the broad issues of IS governance, risk management, and effective corporate compliance. Assist with identification, remediation, monitoring and managing IS risks in addition to coordinating the utilization of people, process and technology to improve GRC effectiveness and manage cost.; Global Information Security, Governance, Risk & Compliance
Created/Motivated fully functioning team of 23 in less than 6 months
Drove unified compliance restructuring of Policies and Standards
Matured Security Awareness & Training - above regulatory requirements
Developed IT/IS Risk Management Program
Positioned Compliance for “business as usual” instead of audit scramble
HIPAA, Hi-Tech, SOX, PCI, PII, SAEE 16, Global and State regulatory
Continued implementation of Archer (eGRC) modules to support and effectively report on GRC
Member of Global Information Security leadership team
Integrated Compliance Framework – “test once, use many”
Built Vendor Risk Management Program - Vetted over 30,000 vendors per risk ranking
2014 :
Costco
Manager, Information Security - Governance, Risk & Compliance
Responsible for information security (IS) technologies, processes and solutions to manage business requirements within acceptable levels of risk. Provide information security governance and awareness programs built on ISO, NIST and Cobit industry standards to effectively communicate and mitigate risk. Identify areas of risk and develop solutions to monitor, reduce or eliminate those risks.; Global Information Security, Risk and Privacy
Communicate program status/metrics to executive staff
Produce IS awareness/training materials for distribution
IT SSAE16, SOX and internal audit controls
Produce the annual IS Program report for the audit committee
Implement Identity and Access Management strategy
Drive Data Leak Prevention (DLP) and Policy Management Programs
Coordinate cross departmental security, risk and privacy initiatives with Compliance and Legal
Manager, Global Information Security, Risk and Privacy
Develop policies, standards, and procedures designed to protect information assets
Develop and implement monitoring controls to provide visibility into the effectiveness of the IS program
Validate and report on the operating effectiveness of IS controls and adherence to policies
Assist in the development and implementation of projects and activities to help strengthen and improve IS controls
Identify and report key compliance information security metrics to IT management
2008 : 2011
Russell Investments
Associate Director
Costco Wholesale
Manager, Global Information Security, Governance, Risk & Compliance
Responsible for Information Security Governance, Risk & Compliance (GRC) for a Fortune 15 Company. Establish programs to address the broad issues of IS governance, risk management, and effective corporate compliance. Assist with identification, remediation, monitoring and managing IS risks in addition to coordinating the utilization of people, process and technology to improve GRC effectiveness and manage cost.; Global Information Security, Governance, Risk & Compliance
Created/Motivated fully functioning team of 23 in less than 6 months
Drove unified compliance restructuring of Policies and Standards
Matured Security Awareness & Training - above regulatory requirements
Developed IT/IS Risk Management Program
Positioned Compliance for “business as usual” instead of audit scramble
HIPAA, Hi-Tech, SOX, PCI, PII, SAEE 16, Global and State regulatory
Continued implementation of Archer (eGRC) modules to support and effectively report on GRC
Member of Global Information Security leadership team
Integrated Compliance Framework – “test once, use many”
Built Vendor Risk Management Program - Vetted over 30,000 vendors per risk ranking
2014 :
Costco
Manager, Information Security - Governance, Risk & Compliance
Responsible for information security (IS) technologies, processes and solutions to manage business requirements within acceptable levels of risk. Provide information security governance and awareness programs built on ISO, NIST and Cobit industry standards to effectively communicate and mitigate risk. Identify areas of risk and develop solutions to monitor, reduce or eliminate those risks.; Global Information Security, Risk and Privacy
Communicate program status/metrics to executive staff
Produce IS awareness/training materials for distribution
IT SSAE16, SOX and internal audit controls
Produce the annual IS Program report for the audit committee
Implement Identity and Access Management strategy
Drive Data Leak Prevention (DLP) and Policy Management Programs
Coordinate cross departmental security, risk and privacy initiatives with Compliance and Legal
Manager, Global Information Security, Risk and Privacy
Develop policies, standards, and procedures designed to protect information assets
Develop and implement monitoring controls to provide visibility into the effectiveness of the IS program
Validate and report on the operating effectiveness of IS controls and adherence to policies
Assist in the development and implementation of projects and activities to help strengthen and improve IS controls
Identify and report key compliance information security metrics to IT management
2008 : 2011
Russell Investments
Associate Director
Company:
Costco Wholesale
Profile Photo
