·          Experienced IT professional with over 25 years of IT and Compliance experience in a variety of multinational and domestic companies. 

·          Expertise in FDA, SEC, PCI and HIPAA regulatory requirements as they apply to IT Governance. 

·          Prior CIO of a Class III medical device company, and also served as Director of IT Compliance for a Class II medical device company’s IT team in the Americas. Experience supporting startups that are regulated by FDA and SEC

·          Responsible for writing and executing risk assessments.  Also responsible for planning and completing the resulting remediation projects

Qualifications

·          IT Systems Validation – Personally responsible for, or on the Program Management Office (PMO) of several large ERP implementations requiring system validation to FDA standards. 

·          Experience in Medical Device Data Systems (MDDS), Mobile Medical Apps and IEC-80001

·          Served on several Corrective and Preventive Action (CAPA) Review Boards (21 CFR Part 820.100)

·          Chaired the Change Control Board (CCB) of a successful large scale ERP implementation (excess of $30 million). 

·          Extensive experience in change control, process control and documentation management in highly regulated environments (SEC and FDA).

·          Skilled in and actively use numerous control and audit methodologies. 

o         Capability Maturity Model (CMM), Control Objectives for IT and related Technologies (COBIT), NIST, SAS-70 and SSAE-16.

·          Solely responsible for creating, implementing and delivering regulatory training to IT and project teams

Education and Certifications

·          MBA – Daniel’s College of Business, University of Denver (1992)

·          Certified Information Systems Auditor (2006, CISA – Information Systems Audit and Control Association - ISACA)

·          Certified in the Governance of Enterprise IT (2008, CGEIT – ISACA)