Two pioneers of quantitative risk management based on the FAIR risk model were honored by their peers in information and operations risk this week at the FAIR Institute's 2017 FAIR Conference in Dallas.
FAIR Business Innovation Award
Roland Cloutier
Senior Vice President and Chief Security Officer, ADP
The award recognizes security executives who are “disrupting the status quo by leveraging new analytic capabilities and by enabling the communication and management of information risk from the business perspective.”
Business Innovation honorees move their organizations from compliance-based to risk-based approaches to information security and business risk and focus their organizations on understanding the impact of risk mitigation on enterprise loss exposure, using FAIR.
Cloutier led ADP in incorporating FAIR at the foundation of the company’s operational and technology risk program. In particular, Cloutier’s team found innovative ways to apply FAIR to ADP’s existing risk register and GRC system to manage risk more cost-effectively.
FAIR Champion Award
David Sheronas
Vice President, Global Information Security, Bank of America
The award honors corporate culture leaders who transition their businesses to a data-driven outlook on risk, based on FAIR. In a talk at the FAIR Conference, Sheronas described in detail how his team has socialized FAIR at Bank of America. “FAIR has helped us with our risk and issue management process, particularly in breaking risk down to component parts," Sheronas said.
“This is a great honor and recognition for the superb team at Bank of America that’s helped fund, develop and build our program over the last year," Sheronas continued. "We particularly want to credit our InfoSecurity leadership for their support.”
FAIR Institute Chairman Jack Jones said that “both Roland and David exemplify the best in risk management, innovation, and in achieving a proactive information security risk posture that keeps their organizations at the forefront in their ability to analyze and quantify risk for executive and board leadership.
“We are thrilled to recognize their many contributions to advancing the field of risk management through a broader understanding and adoption of the FAIR standard.”
The 2017 FAIR Conference attracted more than 200 professionals in information, technology and operations risk, for two days of intensive sessions featuring speakers from Walmart, Hewlett Packard Enterprise, Chevron and many other organizations leading the movement to manage and communicate risk in terms that business best understands.
This year’s conference was sponsored by RiskLens, the FAIR Institute’s technical adviser, along with RSA, Evolver, TUV Rheinland and Dark Rhino.
