V. Lee Conyers Award

2016 Recipient: Susan Sharp

Award Presentation speech from John Lainhart, Cybersecurity Fellow, IBM Center for The Business of Government & Partner, Chief Information Security & Privacy Officer, US Public Sector IBM Global Business Services - US Federal Team:

"I am very honored to be able to present the Lee Conyers award today. Sarah, thank you very much for allowing me to do this. This is very special for me, in three respects – first, Lee worked with me at the Government Accountability Office and Department of Transportation Inspectors General Office, second I was honored to receive the award in 2008, and third I’m thrilled to present the award to someone who knew and worked with me and Lee.

Lee worked with me at GAO for a number of years, leading a number of very technical audits. Then when I went to the DOT/OIG, he joined me there – where he led a number of President’s Council on Integrity and Efficiency (PCIE) audits of major federal programs. His efforts culminated in our ability to penetrate and take over the IT systems of 21 systems at 9 federal agencies, accounting for 85% of the federal civilian budget and being able to do this is less than 2 weeks at each federal agency. Lee went on to write an ISACA guide for auditing MVS operating systems based on the results of our PCIE audits. Also, as a result of his outstanding work at DOT, the Assistant Secretary for Administration, hired him to be the DOT IT security officer, where he was responsible for correcting the nearly 100 IT security findings in our classified report to the Assistant Secretary. After resolving DOT’s security problems, Lee returned to GAO to help set up their IT audit penetration lab. The lab was subsequently named after Lee who passed away at an early age from cancer.

Thus, it gives me a great deal of pleasure to present this award to Susan Sharp who worked with Lee on the PCIE audits and when I went to the House OIG, she joined me there to lead audits of House operations – the first ever audits of the House of Representatives which resulted in over 25 reports with over 250 recommendations. Susan then followed me to IBM where she has served with distinction providing data security and privacy consulting services to our public sector clients. In addition, Susan has held many positions within the NCAC, including serving as President and Past President and as Chair of the Golf Outing for the last several years.

Thus, it gives me great pleasure to present the 2016 V. Lee Conyers award to Susan Sharp – a most deserving recipient for all that she has done for our profession and our chapter."

2015 Recipient: Brian Barnier

Brian’s service to industry and professional organizations has focused on developing and evaluating oversight and management of risk, IT controls compliance and audit across an enterprise. Brian currently serves on the ISACA Journal editorial panel. Previously, he served ISACA as: Risk Management Theme co-leader, COBIT 5 Working Group, IT-Enterprise Risk Management Task Force, Conference chair and committee member.

Brian has presented at numerous GWDC events, including two sessions at this year's Annual Meeting. He has also instructed risk management seminars for the chapter. Brian is a great advisor to the GWDC and is always ready to assist with presentations and identifying potential speakers.

Brian’s speaking and teaching has focused on integrating and cross-training on perspectives to managing risk and controls across an enterprise. Brian has conducted numerous presentations at various ISACA chapters nationwide and worldwide.

2014 Recipient: Mike Donahue

Mike has made significant contributions both to the GWDC and ISACA®. Mike has been a long time supporter and member of the GWDC since 1970. As a Senior Partner of PwC, he encouraged his staff to attend Chapter meetings and participate in other Chapter activities. Two of his former staff eventually served as Chapter Presidents. Mike has been a speaker at GWDC conferences and other events on multiple occasions.

Mike has also had significant roles with ISACA International. Mike served as a Member on the COBIT 5 Development Committee from 2010-2012. He also served as ISACA International President of EDPAA (now ISACA) Association and Foundation from 1993-1994. Mike has served on at least 22 other international boards or committees as a Chairman, Trustee, or member during the 24-year period from 1988 through 2012.

Mike’s contributions to the IT audit, security, control, and governance profession are numerous. Mike has delivered over 75 papers/presentations at Conferences in North America, Europe, Asia, and Australia and authored/co-authored/reviewed several publications in the field of IS Audit and Control. During Mike’s career in Washington DC, New York, New Jersey, and McLean, VA his teams of IT Auditors and Security Specialists reviewed and tested information systems controls, security, and IT governance at over 35 Federal Government entities and over 110 Fortune 500 and commercial sector companies. Mike’s efforts were recognized in several GAO awards for contributing to audit findings of approximately $227 million in social program savings and $182 million in inaccurate VA payments. Mike was also a major contributor to GAO’s FISCAM, ISACA’s COBIT® 2, 3, and 5 publications, and IIA’s SAC Study.

2013 Recipient: James Golden

Jim Golden has spoken at a variety of chapter events over the years, including the Annual Meeting, and also helped to a arrange a series of governance training conferences for GWDC. At the International level, Jim has served on multiple ISACA committees, including the certifications committee and Knowledge board. Jim's background in governance was instrumental in the formation of the CGEIT certtification and, after the grandfathering period, the creation of test questions. Jim has also served as a speaker at many International ISACA conferences including the 2011 and 2012 World Congress Insights conferences, multiple Leadership conferences, and the 2008 and 2009 International conferences.

In addition to his many contributions to ISACA, Jim is a former CIO of the USPS and he later founded the USPS governance program. In these roles, Jim had governance, security, capital planning, and oversight responsibilities for the USPS IT infrastructure, which encompasses 1000s of post offices around the country. After retiring from the USPS, Jim now serves as a senior advisor to the Office of the Director of National Intelligence (ODNI). In the aftermath of 9/11 the intelligence community received a mandate to share information and increase collaboration while also maintaining our national secrets. Jim has used his knowledge of governance and security to help the ODNI meet this mandate.

2012 Recipient: Jim Wiggins

At the 2012 Chapter Annual Meeting, President Kyle Foley announced that Jim Wiggins was the 2012 V. Lee Conyers Award recipient.  Jim possesses over 15 years direct experience in the design, operation, management, and auditing of information technology systems, with the past 11 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients.

Additionally, Jim is the executive director of the Federal IT Security Institute (FITSI). FITSI is a non-profit organization that provides a role-based IT security certification program targeted at the federal workforce. In 2011, the Federal Information Systems Security Educators’ Association (FISSEA) named him “Educator of the Year” for the impact he is making in the federal workforce.  He is currently developing a Wounded Warrior Technical Cyber Defense Training Program.

Jim holds the following IA/IT security certifications: FITSP-M, CISSP,ISSEP, CISM, CISA, SCNA, SCNP, CAP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, and MCSE: Security.

Jim is an important contributor to the GWDC, having presented at several GWDC Conferences and Special Seminars as well as CISA® and CISM®  Review courses.  Congratulations to Jim and we thank you for your contributions to the profession and the Chapter.

2011 Recipient: Dr. Ron Ross

At the 2011 Chapter Annual Meeting, President Kyle Foley announced that Dr. Ron Ross was the 2011 V. Lee Conyers Award recipient.  Dr. Ross is a senior computer scientist and information security researcher at the National Institute of Standards and Technology (NIST).  His current areas of specialization include security requirements definition, testing and evaluation, risk management, and information assurance.  Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project for NIST, which includes the development of key security standards and guidelines for the federal government, support contractors, and the United States critical information infrastructure.  His recent publications include Federal Information Processing Standards (FIPS) Publication 199 (security categorization standard), FIPS Publication 200 (security requirements standard), NIST Special Publication 800-53 (security controls guideline), NIST Special Publication 800-53A (security assessment guideline), NIST Special Publication 800-37 (security certification and accreditation guideline), and NIST Special Publication 800-39 (risk management guideline).  Dr. Ross is also the principal architect of the NIST Risk Management Framework that provides a disciplined and structured methodology for integrating the suite of FISMA security standards and guidelines into a comprehensive enterprise-wide information security program.  In addition to his FISMA responsibilities, Dr. Ross leads the Joint Task Force Transformation Initiative Working Group, a joint partnership with NIST, the Department of Defense, and the Intelligence Community to develop a unified information security framework for the federal government and its support contractors. Dr. Ross is a frequent speaker at public and private sector venues including federal agencies, state and local governments, and Fortune 500 companies.

In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection.  Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency.  A graduate of the United States Military Academy at West Point, Dr. Ross served in a variety of leadership and technical positions during his twenty-year career in the United States Army.  While assigned to the National Security Agency, he received the Scientific Achievement Award for his work on an inter-agency national security project and was awarded the Defense Superior Service Medal upon his departure from the agency.  Dr. Ross is a two-time recipient of the Federal 100 award for his leadership and technical contributions to critical information security projects affecting the federal government. He has been inducted into the Information Systems Security Association (ISSA) Hall of Fame and elected to the grade of ISSA Distinguished Fellow.  During his twenty-year military career, Dr. Ross served as a White House aide and as a senior technical advisor to the Department of the Army.  Dr. Ross is a graduate of the Program Management School at the Defense Systems Management College and holds both Masters and Ph.D. degrees in Computer Science from the United States Naval Postgraduate School.

Dr. Ross is very supportive of the ISACA GWDC and a frequent speaker at chapter events, most recently at April's Federal IT and Security conference.

The GWDC Board is proud to award this year's V. Lee Conyers Award to Dr. Ross in recognition of his service to our industry and to the Greater Washington,  D.C. Chapter.

2010 Recipient: Yehuda Schmidt

We are happy to announce that this year’s Lee Conyers Award, presented at the Chapter's Annual Meeting on June 8, 2010, is Yehuda Schmidt. Yehuda is a long time member of the GWDC Board of Directors who served as chapter president over ten years ago and has remained very involved in running the chapter ever since. As a past president, Yehuda has taken the lead in planning and managing the GWDC Annual Meeting each year, and remains an active member of the Board of Directors who always provides valuable advice and wisdom whenever key decisions need to be made. Congratulations Yehuda and thank you for your dedication to the ISACA GWDC.

2009 Recipient: Theresa Grafenstine

It is with great pleasure that we announce that the the 2009 V. Lee Conyers Award Winner is Theresa Grafenstine, CISA, CGEIT, CPA, CIA, Deputy Inspector General, House of Representatives.  Here are a few highlights from Terry's distinguished career:

• Serves as advisor on House administration
• Serves as advisor on various House Officer IT Governance Steering Committees
• Received numerous outstanding achievement awards promoting governance practices
• Specialized in Information Assurance for logistics and weapon systems at DoD IG
• Served on GWDC board since 2000 and has held several leadership positions including the President
• Will serve on ISACA’s International newly formed Relations Committee Board during the 2009-2010 board year
• Serves on Board of Governors Washington, D.C. Chapter for the IIA

2008 Recipient: John W. Lainhart

Here are a few highlights from John's distinguished career:

Information Systems Audit and Control Association (ISACA) / IT Governance Institute (ITGI)

• Served as 1984-1985 International President
• Member of the Greater Washington, D.C. Chapter since its inception in 1974
• Member of the IT Governance Committee, serving as the Principal Volunteer Advisor for CobiT®, ValIT® and RiskIT® related initiatives
• Managed the development of the Information Security Governance: Guidance for Boards of Directors and Executive Management and Board Briefing on IT Governance
• Key member involved in the development of CobiT® since its inception Recognized as the “father” of the Certified Information Systems Auditor (CISA) program
• Co-authored two books on information systems auditing -- System Development Auditor and Computerized Information Systems (CIS) Audit Manual and a National Institute of Standards and Technology special publication on systems development life cycle auditing.

Appointed First Inspector General of the U.S. House of Representatives.

Developed Foundation for IT Audit at the Dept of Transportation and GAO.

2007 Recipient: Mike Howard

Mike has been an integral part of the Board for several years serving the members in many ways. He is the primary individual who provides an award winning website for our chapter, gold for five years in a row.  During his tenure, our website content has grown into a vehicle for providing both ISACA and other professional information, including training being offered by other organizations that would benefit our members. The format, organization, and ease of navigating our website is due to the efforts that Mike has provided in maintaining the website. Mike also ensures that all members are kept current through the various emails sent on upcoming events and initiatives, and the distribution of the newsletter. And, he is instrumental in coming up with new processes and ideas, such as the online payment system. Mike is there to provide support in other tasks as well, as demonstrated in the book reviews, "Governance Outsourcing," and "Information Risks: Who's Business Are They?" which were published in 2006.

2006 Recipient: Darrel Heim

Darrel has served the GWDC membership and board with distinction for the past 11 years as the chapter’s Meeting Reservations co-director. Everyone who’s ever attended our monthly meetings has met Darrell. He’s the tall gentleman who staffs our registration table, processes registrants, coordinates the head count of attendees with the restaurant, and insures that each attendee receives a certificate of class attendance. In his daytime job, Darrell served as an Assistant Director of Information Security Issues at the Government Accountability Office. Darrell will also be one of our featured presenters at the May 30 all day meeting and will co-brief and update attendees on one of GAO’s seminal documents---FISCAM. Congratulations Darrell on this well earned honor. Thanks also for your unselfish contributions to our board and to our chapter and to the success of our chapter and its growth over the past 11 years.

2005 Recipient: Paul Hoshall

Mr. Hoshall has over 36 years of extensive audit experience, with over 24 years of experience conducting reviews of Federal automated systems. Currently, he is Principal of Hoshall Associates, providing IT audit consulting and training, and providing technical advice and leadership. Mr. Hoshall has served on the Board of Directors for the National Capital Area Chapter and served on the Research and Education Board for ISACA International. In addition, Mr. Hoshall has been an instructor for the NCAC CISA® Review Course for the past five years.

We congratulate Mr. Paul Hoshall for being a distinguished member of ISACA International, National Capital Area Chapter, and an exceptional career in the IT environment.