Advancing Business Performance: Align IT Vendor Risk to Enterprise Risk Management


Recorded:    January 24 | 2017       Attend

Growing exposure to IT risks has made organizations across industries volatile. Recent IT vendor incidents like data and security beaches, violation of privacy guidelines, which caused substantial fines, penalties, brand value, highlight that IT vendor risks are business risks and require focus from the leadership.

An immature ITVRM program limits the insights which are necessary for strengthening vendor relationships and building a robust ERM program. Rather than treating each risk in isolation, organizations need to have an integrated approach to manage risks holistically and in line with their business operations and objectives. With the growing dependency on IT and IT vendors, organizations need to align enterprise and IT VRM objectives to build a resilient framework suitable for today’s environment.

During the session, panelists will discuss how organizations can strengthen vendor management in the current landscape and improve business performance.

  • Causes of Vendor Risks incidents and the impact on the enterprise
  • Best approach to align IT vendor risk to enterprise risk
  • Building mature VRM Program
  • Role of technology in integrating Vendor risk to Enterprise risk management



Scott RollerScott Roller is the principle/founder of 3W Partners (3Wp). He is a long-time practitioner with over 25 years of experience in the global telecom and financial services industries, including 15 years in international business. Scott has led teams at AT&T, Lucent Technologies, Global Payment Systems and Citibank (mortgage), serving in a variety of capacities, including: Operations, Strategy, Supply Chain, Vendor Management, Training, Program Management and more. Scott is a recognized authority within the outsourcing sector, understanding the “buy” and the “sell” side. He has led very large operations, including contact centers, order desks, technical help desks and more, supporting as many as 1,200 agents performing over 50 different functions in multiple countries. Scott is known for his performance-driven models and results. From a vendor control, compliance and governance perspective, Scott is on the national speaking circuit and helps others drive adherence to mandates published by banking regulators, including the OCC and CFPB. Scott holds a B.S. in Business & Communications from Missouri State University, and a Master of Arts in Management from Webster University. He and his family reside in the metro St. Louis area.

yodelmarNEWYo Delmar is the vice president of GRC Solutions at MetricStream and is focused on the company's GRC market leadership. She has over 30 years of experience in Information Technology and Management, with a focus on Governance, Risk and Compliance over the past 10 years. Yo is responsible for MetricStream's Customer Program for over 300 companies world-wide ‚Äčand drives MetricStream's GRC Journey Program which provides expertise in helping companies implement strategies and programs for governance, risk and compliance (GRC) solutions that add strategic value while delivering dramatic cost savings. Yo has led start-ups and business units within system integration and outsourcing companies, and provided advisory services to F1000 on the implementation of GRC programs. She holds a B.Sc. (Honors) in Mathematics and Computer Science and an M.B.A. from Dalhousie University in Canada. She is also a Certified Management Consultant (CMC), Certified in Governance of Enterprise IT (CGEIT), and a Certified Information Security Manager (CISM).

Russell McguireRussell McGuire joined Riskonnect in January 2012 as director, enterprise risk services. Russell is a proven leader in the insurance and risk management field, with more than 25 years of experience. He was a member of the Technology Advisory Council of Risk and Insurance Management Society and served on the ERM Committee at RIMS for three years. Russell came to Riskonnect from Milliman, Inc., as a Senior Consultant and Product Manager, where he evaluated and designed Governance, Risk and Compliance (GRC) tools to support Enterprise Risk Management processes for clients. He worked with consultants in France, Germany, Italy, Holland and Great Britain. He developed ERM frameworks and provided consultation to clients on implementing ERM processes. He has also held positions at Alliance Data Systems, Risk Labs and Tillinghast-Towers Perrin.

Albert BiketiAlbert Biketi is the Vice President and General Manager of the Hewlett Packard Enterprise Data Security business, known as HPE Security - Data Security. In this role, he leads the team responsible for HPE's encryption strategy, go-to-market, engineering and delivery for the products and services which help our customers manage risk and secure the world's most sensitive data. Mr. Biketi has worked in most of Hewlett-Packard's major enterprise business groups in various functions and regions in the last 17 years covering Sales, Global Business Development, Restructuring, M&A Integration, Competitive Strategy, Finance, Program Development, Risk Management, and Operations. Mr. Biketi has also held several regional and global leadership roles in Hewlett Packard across Europe and the Americas, and he holds an MBA from Harvard University.

Log in

Please Login to download this file

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *






MetricStream TPRM


Go to top