For more information on our events policy, see

Loading Events

« All Events

  • This event has passed.

Panel – Modernizing Risk Management

October 2, 2019 @ 5:00 pm - 7:30 pm EDT

ISACA GWDC Chapter Members and Students: $25 ISACA Members (Non-GWDC Members): $35 Non-ISACA Members: $50


The ISACA GWDC has launched a new evening panel series. The first panel will be on modernizing the risk management framework and feature Dr. Ron Ross and Nick Marinos with moderator Jennifer Fabius.

The Risk Management Framework can be executed as a dynamic and flexible approach to manage security and privacy risks in diverse environments effectively. Its implementation is a regulatory requirement for federal agencies and increasingly gaining traction in industry as an implementation support to the NIST Cybersecurity Framework. Come join this session as we discuss leading practices for implementing and evolving RMF practices factoring in enterprise, mission, and system perspectives.

02 October 2019 (Wednesday)
5:30PM to 7:30PM (Social from 5:00 PM to 5:30 PM)
1801 K St NW, Washington, DC 20036 (KPMG Mezzanine Conference Rooms)
Hosted by ISACA Greater Washington DC


Anyone interested in evening events to network with fellow ISACA GWDC members and learn about the federal government's efforts in modernizing the risk management framework.


5:00 PM - 5:30 PM  | Social Event

5:30 PM - 7:30 PM | Panel Discussion



Jennifer Fabius

Director; KPMG Government Cyber Practice

Jennifer Fabius has more than 15 years of IT risk management experience with a specialization in in governance, risk and compliance (GRC) and operational risk. Jennifer leads the security GRC capability for the Federal practice. With a passion for risk management and security, she has played key roles in the roll out of initiatives that enable integration of IT and cyber considerations into enterprise risk management (ERM) programs. Previously Jennifer served as a core contributor to the Joint Task Force Transformation Initiative, an interagency partnership between the National Institute for Standards and Technology, Department of Defense, and Intelligence Community which developed and published a unified information security framework across the Federal Government. As a part of that work, she coauthored multiple NIST special publications such as NIST Special Publication 800-53 Revision 4, “Security and Privacy Controls for Federal Information Systems and Organizations” and NIST Special Publication 800-39, “Managing Information Security Risk: Organization, Mission, and Information System View”.   Jennifer is an executive fellow of the KPMG Government Institute and serves as a board member of the ISACA Virginia Chapter.


Ron Ross speaker at the ISACA GWDC Annual General Meeting 2020

Dr. Ron Ross

Joint Task Force Leader, National Institute of Standards and Technology

Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include computer security, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project and Systems Security Engineering Project, which includes the development of security and privacy standards and guidelines for the federal government, contractors, and United States critical infrastructure. He also leads the Joint Task Force, an interagency group that includes the Department of Defense, Office of the Director National Intelligence, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for developing a Unified Information Security Framework for the federal government and its contractors. Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. He also supports the U.S. State Department in the international outreach program for cybersecurity and critical infrastructure protection.


Nick Marinos

Director, Information Technology and Cybersecurity, Government Accountability Office (GAO)

Nick Marinos is a Director in GAO’s Information Technology and Cybersecurity team. He leads audit teams that perform government-wide and agency-specific reviews in the areas of cybersecurity, critical infrastructure, privacy, and data protection across all major federal agencies.  Mr. Marinos also leads GAO’s ongoing evaluation of the systems readiness and cybersecurity issues in preparation for the 2020 Census. During his career at GAO, Nick has led major reviews of the cybersecurity of air traffic controls systems at the Federal Aviation Administration; information technology management challenges at the Library of Congress and Copyright Office; data protection practices at the Centers for Medicare and Medicaid Services (CMS) and Federal Student Aid (FSA) office; the response by Equifax and federal agencies’ to the 2017 data breach; as well as a variety of reviews focused on the cybersecurity of critical infrastructure, including within the oil and gas pipeline and financial services sectors; among many others.  Recently, Mr. Marinos’ team published a GAO Report to Congressional Requesters entitled “Cybersecurity:  Agencies Need to Fully Establish Risk Management Programs and Address Challenges.”


Monica Montgomery

Chief, Risk Management, Cybersecurity Office, National Geospatial-Intelligence Agency

Ms. Monica Montgomery is the Chief for Risk Management in the Office of Cybersecurity at the National Geospatial-Intelligence Agency. In this role, Ms. Montgomery is breaking new ground by streamlining the assessment and authorization process and by creating an agile, risk-adaptive cybersecurity posture. She has decreased the time to market for vital intelligence applications allowing analysts and collectors to gather and exploit intelligence in near real time.  Prior to joining NGA in 2016, Ms. Montgomery spent 15 years in the private sector supporting the Intelligence Community Chief Information Officer, the Central Intelligence Agency, and other public sector partners.  Most recently, Ms. Montgomery created and published ODNI policy and standards for safeguarding and information sharing, and provided strategic direction as a senior advisor to the IC Chief Information Security Officer.  Ms. Montgomery received a B.S. in Computer Science and Engineering from Bucknell University, and holds a Certified Information Systems Security Professional (CISSP) and a Certified Cloud Security Professional (CCSP) certifications.


Steven Friend

Director, Program Management and Governance Division, Department of Homeland Security

Mr. Friend is a Director under the Office of the Chief Information Security Office of the Department of Homeland Security.  Mr. Friend is a 30+ year security and cybersecurity professional who has a wealth of hands-on operational experience developing, maintaining and enhancing robust, highly secure, enterprise-scale information/cybersecurity programs.  He has worked for the Central Intelligence Agency, Hughes Aircraft Company, Space and Communications, Stanford Telecommunications, Booz Allen Hamilton, and supported agencies including DoD Health Affairs, U.S. House of Representatives, NASA, FDIC, Treasury Department, IRS, Department of Education, Federal Law Enforcement Training Center (FLETC), NARA and NIST.  Mr. Friend holds a Bachelor of Science in Computer Information Systems, minor in Business Management, a Master of Science in Information Assurance, and the Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control certifications.   He is also a retired Port Security Chief Petty Officer where he served 25 years in the United States Coast Guard Reserve and United States Marine Corps Reserve.


ISACA Members from Other Chapters: You will need to bring your ISACA Membership Card to the event to verify your ISACA Membership.

Presentations: Conference presentations will be included in the registrants' final event-related email message containing the CPE certificate and evaluation survey when permission is received from the presenter and their organization. In some cases, permission is not received.

Requests for Assistance: If you require assistance for an audio, visual, or other disability, please contact the Programs Director to discuss your needs, as soon as possible.  We need as much advance notice as possible to determine whether requests can be accommodated. Thank You.


If you are unable to attend this event, you can cancel your registration. To receive a refund, all cancellations must be received by September 30, 2019.  A $15 cancellation fee is charged.

To cancel, access your payment confirmation e-mail message and click the UNREGISTER link.

Sponsor This Event

If your organization is interested in being an event sponsor, please take a look at the five (5) various event sponsorship packages and click this sponsorship link to become a sponsor.




Earn up to 2 Continuing Professional Education (CPE) credits in the area of Specialized Knowledge. The ISACA® GWDC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:

CPE Distribution and Evaluation Survey

CPE's will be distributed via e-mail along with the event evaluation survey by October 13, 2019. Attendees must be present the full event to receive full CPE credit.

CPE-Related Details

  • Prerequisites and Advance Preparation: N/A
  • Program Knowledge Level: N/A
  • Delivery Method: Live in person event


October 2, 2019
5:00 pm - 7:30 pm EDT
ISACA GWDC Chapter Members and Students: $25 ISACA Members (Non-GWDC Members): $35 Non-ISACA Members: $50
Event Category:
Event Tags:
, , , , , , , ,