Syed Rizwan Ashraf is the CEO of Risole “ONE Source”. Mr. Syed’s background in Security and Privacy Risk Governance design and implementation knowledge is second to none.
Areas of Expertise
- IT Policies & Standards Governance & Life Cycle Management
- ITIL processes and performance Metrics Implementation and Management
- Service Now, Archer and Agiliance GRC Program Management
- PCI, SOX, HIPAA, Meaningful Use, Safe Harbor Compliance Program management
- Information Asset Security Life Cycle Management
- Cloud Infrastructure Security Governance and Program
- HITRUST Framework Development and Implementation
- Information Security risk-based Strategy and programs
- Integrated Risks and Controls Self-Assessment Framework, Program, Process and Metrics
- Meaningful Use
- Architecture, Secure Infrastructure Design of ONC certified Electronic Health Record (EHR)
- Secure Online E-Commerce architecture, PCI Compliant online store implementation
- Professional Educational/Business Degrees include: MBA, CCNP, CISM, CGEIT
- Developed and implemented Integrated Risk & Controls Self-Assessment Framework, Business Case, Risk Management Program and the Kaiser Permanente IT Policies & Life Cycle Governance Framework.
- Developed and managed IT Security Policy Council Framework, program, process and reporting
- Developed and implemented Data De-Identification Governance program including, risk communication plan and exception management.
- Managed & launched nonprofit free medical clinics program which includes fully integrated electronic health system, records, practice management, scheduling, electronic billing, E-prescribing certified by the U.S Government for “Meaningful Use”.
- Developed, implemented, and reported Risk Assurance Based Compliance Program including risk-based approach and remediation planning for mission critical business applications and underlying infrastructures.
- Developed, engaged and drive implementation of the Kaiser Permanente Information Security Framework, policies and standards, life cycle management, communication and performance reporting
- Engaged in KP Enterprise Architecture Policy Governance development including mobile and wireless technology governance.
- Established and managed IT Process Governance Council including policies & standards, approvals and implementation and performance metrics reporting to the CIO and IT leadership.
- PCI Security Strategy including communication, processes and compliance requirements.
- Security strategy and risk management including IT policies and standards lifecycle management program, ITIL process governance and supporting SOX, PCI and HIPAA compliance.
- Developed, implemented and managed VMware Security and Risk Governance capabilities framework including security strategy, roadmap. Designed VMware Cloud security capabilities.
- Developed Infrastructure Security Governance Framework, program, processes & metrics reporting at VMware Inc.
- Security and Risk Governance Principal, VMware Inc
- HIPAA Application Security Program (HASP De-Identification Program)Kaiser Permanente
- Information Security Officer at Wells Fargo Bankin Business Direct (Community Banking)
- Oracle EBS & Oracle Identity Manager implementation and security controls audit preparation at Gilead Sciences
- IT Security Policy Maker at Kaiser Permanente
- IT Policies and Standards Manager at CSAA
- Network Security Project Manager at Cisco Systems
- Security Governance advisor to CEOs and CISOs in Silicon Valley companies.