Rimici Leadership Profile:
Syed Rizwan Ashraf is the CEO of Rimici “ONE Source”. Mr. Syed’s background in Security and Privacy Risk Governance design and implementation knowledge is second to none.
- IT Policies & Standards Governance & Life Cycle Management
- ITIL processes and performance Metrics Implementation and Management
- Service Now, Archer and Agiliance GRC Program Management
- PCI, SOX, HIPAA, Meaningful Use, Safe Harbor Compliance Program management
- Information Asset Security Life Cycle Management
- Cloud Infrastructure Security Governance and Program
- HITRUST Framework Development and Implementation
- Information Security risk-based Strategy and programs
- Integrated Risks and Controls Self-Assessment Framework, Program, Process and Metrics
· Meaningful Use
· Architecture, Secure Infrastructure Design of ONC certified Electronic Health Record (EHR)
· Secure Online E-Commerce architecture, PCI Compliant online store implementation
· Professional Educational/Business Degrees include: MBA, CCNP, CISM, CGEIT
· Developed and implemented Integrated Risk & Controls Self-Assessment Framework, Business Case, Risk Management Program and the Kaiser Permanente IT Policies & Life Cycle Governance Framework.
· Developed and managed IT Security Policy Council Framework, program, process and reporting
· Developed and implemented Data De-Identification Governance program including, risk communication plan and exception management.
· Managed & launched nonprofit free medical clinics program which includes fully integrated electronic health system, records, practice management, scheduling, electronic billing, E-prescribing certified by the U.S Government for “Meaningful Use”.
· Developed, implemented, and reported Risk Assurance Based Compliance Program including risk-based approach and remediation planning for mission critical business applications and underlying infrastructures.
· Developed, engaged and drive implementation of the Kaiser Permanente Information Security Framework, policies and standards, life cycle management, communication and performance reporting
· Engaged in KP Enterprise Architecture Policy Governance development including mobile and wireless technology governance.
· Established and managed IT Process Governance Council including policies & standards, approvals and implementation and performance metrics reporting to the CIO and IT leadership.
· PCI Security Strategy including communication, processes and compliance requirements.
· Security strategy and risk management including IT policies and standards lifecycle management program, ITIL process governance and supporting SOX, PCI and HIPAA compliance.
· Developed, implemented and managed VMware Security and Risk Governance capabilities framework including security strategy, roadmap. Designed VMware Cloud security capabilities.
· Developed Infrastructure Security Governance Framework, program, processes & metrics reporting at VMware Inc.
· Security and Risk Governance Principal, VMware Inc
· HIPAA Application Security Program (HASP De-Identification Program) Kaiser Permanente
- Information Security Officer at Wells Fargo Bank in Business Direct (Community Banking)
- Oracle EBS & Oracle Identity Manager implementation and security controls audit preparation at Gilead Sciences
- IT Security Policy Maker at Kaiser Permanente
- IT Policies and Standards Manager at CSAA
- Network Security Project Manager at Cisco Systems
- Security Governance advisor to CEOs and CISOs in Silicon Valley companies.