Eric is a managing director in KPMG’s Risk Consulting practice with more than 18 years of GRC, ERM, IT advisory and audit experience. His background includes assisting organizations define their GRC vision and strategy; evaluate technology solutions; design and implement GRC programs in support of enterprise, operational and compliance risk management objectives. Eric’s current and past clients include some of the leading entities in the financial services, energy and industrial manufacturing sectors.
A Selection of Eric’s Enterprise Governance, Risk, and Compliance Engagement Experience
Enterprise Governance, Risk, and Compliance
- Leading an enterprise GRC strategy and implementation for a large banking institution. Assisting the organization in identification of key business process and reporting requirements for operational and compliance risk management functions and aligning the requirements with RSA Archer functionality.
- Leading the development of the Third Party Risk Management (TPRM) GRC Vision, Strategy and Roadmap for a large national financial services institution. Facilitating the identification of future-state business requirements to be enabled in the GRC platform and oversight of the user acceptance testing program.
- Led an end-to-end assessment of governance, risk, compliance, member experience, data and technology for the financial advice and solutions group of a large national financial institution. Coordinating the review to identify potential organizational gaps and provide recommendations for remediation.
- Managed the GRC vendor selection process for a large regional bank. Assisted in the identification of business and technical requirements for the future-state solution; development of the request for proposal and analysis of responses; design of Proof of Concept exercises; development of the business case and high-level implementation roadmap. Facilitated sessions with senior management and key stakeholder to help prioritize requirements and document final outcomes.
- Led the GRC business requirements project for a large regional bank. Assisted in the development of use cases, process flows, reporting and access requirements for the following: policy management, risk assessment, control testing and issues management. Facilitated sessions with senior management and key stakeholder to help prioritize requirements and document final outcomes.
- Led the development of an ERM program for an investment management firm. Assisted in the identification of key enterprise risks with senior leadership, and development of future state policies and risk management tools including risk escalation protocols, risk dashboards and management reporting.
- Managed an ERM governance and policy development project for a large financial services company. Assisted in the development of key operational policies, documentation of risk decision process flows, identification of key risk indicators and potential controls.
- Managed a risk management training project for a large national bank’s technology and operations services organization. Designed the training outline based upon the client’s desired scope and coordinated the development of the training materials. Assisted in the delivery of in-person and online training sessions to management team members and facilitated management workshops focused on the identification of key risks and reporting requirements.
- Led a GRC business requirements gap assessment for a global bank. Performed an analysis of the bank’s Internal Audit business requirements in comparison to the functional specification documents prepared by the GRC vendor. Identified potential gaps and opportunities to enhance the alignment between the requirements and specifications.