Principal Analyst & Research Director
Forrester's Security Forum 2012
Risk management is seen as a roadblock; in many cases, it is purposely being kept out of the conversation when there are projects with looming deadlines and meager budgets. This means that when a risk review finally occurs, the results are rarely good and the response is rarely pleasant. This session will highlight ways in which mature risk management programs have turned themselves into solution organizations. Rather than simply putting up controls and barriers, they respond to business requirements with recommendations that meet demands in a safe and controlled manor. For many, the result has been that process owners, project managers, and other colleagues proactively ask for risk management involvement.
Chris leads a team of analysts covering topics including compliance and risk management, security management, security services, and metrics. He also leads the company's coverage of governance, risk management, and compliance (GRC). In this role, he helps clients around the world implement successful strategies, best practices, and technologies to support GRC programs as well as related functions such as enterprise risk management, corporate compliance, and corporate social responsibility. Chris is a frequent speaker on these subjects at vendor and industry events, and he has been quoted by top media outlets, including CFO Magazine, Compliance Week, and the Financial Times.
His previous experience includes marketing and public relations for security, compliance, and risk management vendors.
Chris has an M.S. in business ethics and compliance from the New England College of Business and Finance and a B.S. in marketing from California State University, Fresno.