To view speaker bio, click on first letter of last name.

Sarma Adithe, SAP

Sarma Adithe is Area Product Owner for Access Controls responsible for overall Access Control product development. He has over 20 years of experience out of which 8 years in Access Controls domain. Sarma’s focus area at SAP is Access controls, as well as technical expertise in SAP Authorizations, Java, and Mobile. Sarma is directly involved in customer interactions, Co-Innovation, and Customer connect on topics related to Access Controls.

Sarma's Session(s):

Back to top

Todd Babione, KPMG

Todd Babione is a Managing Director in KPMG’s Advisory practice and has more than 16 years of experience in delivering business process and information technology advisory services to Fortune 500 organizations. He has extensive experience performing large SAP transformation projects with a concentration on internal controls and security design. He has also led a number of large implementations and assessments of SAP’s Governance, Risk and Compliance (GRC) solutions including Access Controls and Process Controls. He is KPMG’s SAP Cyber Security leader and has help many clients address the unique security risks prevalent in the market today.

Todd's Session(s):

Back to top

James Baird, Dolphin

James Baird is a Senior Information Consultant at Dolphin who specializes in information retention and audit. He is a Certified Information Security Auditor and Certified Information Systems Manager with certifications in PCI and PII audits. He previously worked for IBM, KPMG, Deloitte, and as the Director of SAP IT Security at Coca-Cola Enterprises. He has degrees in IT and Project Management from University of Calgary and a degree in Organizational Psychology from the U of North Dakota.

James's Session(s):

Back to top

Alessandro Banzer, Xiting

Alessandro Banzer has worked in Information Technology since 2004, specializing in SAP in 2009. Since then, Alessandro has been involved with global SAP projects in various roles. Alessandro is an active contributor and moderator in the Governance, Risk and Compliance space on SAP Community. He is responsible for Xiting in the Americas region and a subject matter expert in SAP Access Control (GRC) and SAP Security in general.

Alessandro's Session(s):

Back to top

Rohan Bhatia, Protiviti

Rohan is a Manager at Protiviti with multiple years of experience in the ERP Solutions practice, specializing in SAP. Over the course of his career at Protiviti, Rohan has been involved in and led projects related to IT audit (SOX), ERP system selection, SAP configurable controls reviews, SAP security reviews, and implementation of SAP GRC systems with a specialization in SAP S4/HANA, Process Control, and Access Control. Rohan has also done work outside of the SAP space, including SoD and controls projects for companies running Oracle EBS, Microsoft Dynamics (GP and SL), and Netsuite.

Rohan's Session(s):

Back to top

Vincent Calabrese, KPMG

Vincent is a Director in KPMG’s IT Advisory practice with over 10 years of experience. He specializes in internal and external audits of SAP, Sarbanes-Oxley 404, SAP GRC SOD analysis, control optimization and SAP pre/post implementation assessments. His project management experience has focused on business IT operations, risk assessment and evaluation, segregation of duty mitigation, and the design of financial and operational controls. Vincent is also an SAP instructor and certified SAP Business Solution Consultant.

Vincent's Session(s):

Back to top

Christian Cohrs, SAP SE

Christian Cohrs is Product Manager for Identity and Access Management at SAP. He has a background in computer science and worked in various positions at SAP during the last 17 years, most recently as Area Product Owner for SAP Single Sign-On.

Christian's Session(s):

Back to top

Cesar Coronado, Mars

Cesar Coronado is a Global Security and Controls Manager with Mars, Incorporated (Mars) located in Chicago, IL. Cesar joined Mars in 2010 and has held a number of roles in the areas of Controls, Compliance, and SAP Functional Expert. He is responsible for the global implementation of the program to improve access management within Mars. Cesar and his team provide business support for the SAP GRC tool and steady state SoD risk and controls management program. Cesar holds a Bachelor of Science degree in Business Administration with a concentration in Accounting.

Cesar's Session(s):

Back to top

Caroline Desrochers, EY

Caroline Desrochers is a Manager in the Advisory Services practice of Ernst & Young LLP. She started her career as an external auditor before shifting her focus to helping companies design their business process and SOX controls. She has helped leading organizations to optimize their risk and control frameworks and drive automation to streamline compliance. Caroline also helps lead EY’s Business Integrity Platform solution offering.

Caroline's Session(s):

Back to top

Beau Esmonde, EY

Beau Esmonde is a senior in Risk Transformation Advisory Services practice at EY. As a member of this group, Beau has focused on SAP GRC implementations. He provides leading practice recommendations regarding GRC solutions and has had hands-on experience in more than six upgrades and implementations across a number of different industries.

Beau's Session(s):

Back to top

Julie Ford, Customer Advisory Group

Julie Ford is a Senior Member of the Customer Advisory Group with a Masters Degree in Cybersecurity from the University of Maryland and more than 13 years experience as an architect in SAP Security, Cybersecurity, Governance, Risk, Compliance, and Information Assurance. Julie is accustomed to working in global fast paced, high volume environments working with local and offshore resources, complex landscapes, and integration issues. Leveraging a wide-range of talents in computer technology, staff leadership, federal audit, and regulatory compliance, Julie provides a solid foundation to address all aspects of information systems across all platform types, project requirements, and business needs. Julie has worked with multiple GRC implementations, security redesigns, and audit remediation. She is an SAP TechEd & dCode speaker and an expert in the area of Cybersecurity for SAP.

Julie's Session(s):

Back to top

Jan Gardiner, SAP

Jan Gardiner, CPA, is a Senior Director in GRC Solutions at SAP Labs, LLC. She is the solution owner of SAP Process Control for compliance and control management, responsible for product direction and go-to-market activities. She has been involved with compliance software at SAP for over 12 years and has worked closely with customers in a variety of industries and geographies.

Jan's Session(s):

Back to top

Kurt Hollis, Deloitte

Kurt Hollis is a manager at Deloitte Consulting, LLP in the SAP Solutions Network located in Philadelphia, Pennsylvania. Kurt has 16 years of experience with SAP products along with an SAP NetWeaver 7.0 Associate Certification and has performed expert consulting for SAP clients for over 12 of those years, 4 years as employee of Deloitte, and 10 years as employee of SAP Americas, and 2 years in a Big Pharma organization. A primary focus of Kurt’s specialty is with SAP HANA Systems performing administration, operations, and monitoring of several HANA systems. This includes SAP HANA environments based on HP, IBM, Dell, and Hitachi appliance platforms. These systems have been integrated with Business Objects platforms, Business Objects data services, SLTC servers, and many other tools and interfaces. An upgrade/migration of BW 7.30 to BW on HANA has also been performed successfully.

Kurt's Session(s):

Back to top

Marc Jackson, Turnkey Consulting

Marc is a Senior Manager at Turnkey Consulting and the solution lead for SAP Process Controls. He has over 15 years of SAP experience out of which 4 years in the Process Controls domain. Marc's varied background and project experience whilst at Turnkey (and previously with PwC) has seen him develop skills in SAP Security & Authorizations, SAP Audit & Controls, Security Governance and SAP Process Control. Marc is also one of the SAP Process Controls training course instructors for SAP UK. Marc has lead several SAP Process Controls implementations across a variety of industries including: utilities, consumer products, information services, and fashion.

Marc's Session(s):

Back to top

Prateek Jain, EY

Prateek is a Senior Manager in the Advisory Services practice of Ernst & Young LLP. He has 15 years of experience in the field of Information Technology with 12 years spent on SAP Governance, Risk, and Compliance; SAP Security; and controls. He assisted various clients in a lead role for implementing SAP GRC Access Control 4.0, 5.X, and 10.X. Currently, he is managing large SAP GRC Access Control and SAP role design engagements and provides technical leadership in the assessment, design, and implementation of application security and risk solutions.

Prateek's Session(s):

Back to top

Jon Jameson, PwC

Jon is a New York based Manager with PwC’s Enterprise Systems Solutions practice. Jon has over a decade of professional experience providing finance and technology consulting services with expertise in project management, financial and ERP systems, process automation, business analytics, compliance and auditing. He has served clients across several industries including Retail and Consumer Goods, Manufacturing, Financial Services, Energy and Resources, Pharmaceutical, Entertainment and Media, and the Aerospace and Defense sectors. He has helped multiple Fortune 500 clients through the implementation of large complex systems integrations, including helping clients manage risk, controls, and compliance requirements throughout the transformation.

Jon's Session(s):

Back to top

Langdon King, PwC

Langdon is a Director in PwC’s Enterprise Systems Solutions practice with over 13 years of experience advising and auditing organizations around SAP security, SAP Governance, Risk, Controls, and Compliance. He has led multiple engagements to help clients optimize security, controls, GRC, and manage risk across their SAP environments. Langdon has served clients across several industries including Energy, Utilities, Technology, Industrial Products, Aerospace and Defense, and Retail and Consumer Products.

Langdon's Session(s):

Back to top

Mohan Kommanaboina, KPMG

Mohan Kommanaboina is a Director in KPMG’s Management Consulting group. He has over 14 years of SAP consulting experience including SAP Security, Basis, GRC Access Control, Process control, Risk Management, and IdM implementations. He has worked on over 120 SAP and GRC implementation, expansion and support, real-time systems implementation assessment, and upgrade projects. He is one of the Global Technical Lead for KPMG. For his outstanding client work “Consulting Magazine” named him as “Rising Star of the profession” national award and “NJBIZ” Journal named him as “40 under 40” state award for his excellence in client and community services.

Mohan's Session(s):

Back to top

Tomás Kong, SAP

Tomás Kong is a Senior Director of solution management at SAP working on the Fraud Management solution. Tomás has nine years of experience at SAP, and he previously spent many years in product management and consulting roles at several technology companies focusing on financial, billing, and compliance solutions.

Tomás's Session(s):

Back to top

Matt Kral, PwC

Matt is a Director at PwC with over ten years of experience in technology consulting, controls optimization, and Governance Risk and Compliance (GRC) readiness. His primary focus has been in designing and implementing compliance analytics programs to mitigate company's top risks, assisting companies with standing up GRC and Internal Audit organizations, and implementing business process controls during large scale system implementations.

Matt's Session(s):

Back to top

Rama Krishna Kotni, Deloitte

Rama Kotni is a Senior Manager in Deloitte’s Advisory practice and has more than 13 years of experience in information technology advisory services with a specialization in SAP security solutions and IT Controls. He has extensive experience performing large SAP transformation projects with a concentration on security design and business process controls. He has also led a number of large implementations and assessments of SAP’s Governance, Risk and Compliance (GRC) solutions including Access Controls and Process Controls. In addition, his experience also includes General Computer Control reviews SAP Pre/Post Implementation review, SAP security role redesign review and Computer System Validation.

Rama's Session(s):

Back to top

Michael Kummer, Xiting

Michael Kummer is spearheading Xiting’s sales and marketing activities in the Americas. Before taking over this responsibility, he held various leadership positions at Secude IT Security in Europe and North America. Michael Kummer has enjoyed a decade-long history within the IT industry, focusing on SAP security. As an innovative and independent thinker with a broad knowledge of security-related technologies, he is on the front lines of helping customers to protect their data and privacy.

Michael's Session(s):

Back to top

Stephen Lamy, Virtual Forge

Stephen Lamy is the CEO and Managing Director of Virtual Forge, Inc., offering products and services for the prevention, detection and management of cybersecurity and stability issues in SAP systems and applications. His SAP career began as a developer in Walldorf 1990 where he spent 16 years leading development teams for HCM, Benefits, migration and integration tools for R/2, R/3, ECC, and SAP BbD. With Virtual Forge, Stephen continues to build on his reputation for producing innovative software that help companies reduce risk, increase efficiency, and improve the quality of their SAP systems.

Stephen's Session(s):

Back to top

David Light, PwC

David is a Director with PwC’s SAP Security, Controls & GRC practice based out of Houston, TX. He has over eight years of experience providing security and control services to Fortune 500 clients including S/4 HANA readiness assessments as companies consider their business case and implementation options. He has extensive SAP business process experience in the energy industry assessing design and operating effectiveness of control environments, risk assessment processes, and integrating controls on large SAP transformation programs to embed controls from day one and be ready for the audit.

David's Session(s):

Back to top

Holly Marrs, PwC

Holly is a Director in PwC’s SAP security, controls, and GRC practice. She has over 13 years of experience in SAP implementations, security and controls design and SOX 404 Compliance. She has worked with a variety of clients in the energy and manufacturing industries. Her experience and projects include SAP security and controls optimization, SAP security role redesign, SAP implementation support, SAP GRC Access Control, Process Control and Risk Management implementations, as well as various IT audit and SOX projects. Holly holds CISA and CISRC certifications in Texas and she holds a BS in Business from Louisiana State University.

Holly's Session(s):

Back to top

Raymond Mastre, PwC

Raymond is a Director based in PwC's San Francisco office. For over 12+ years, Ray has specialized in SAP Security and the implementation of Governance Risk and Compliance (GRC) solutions. He has completed 10 global SAP security redesign projects and multiple end-to-end implementations of the SAP GRC Access Controls suite, including GRC version 10.x and the customization of client specific Segregation of Duties (SoD) rule sets. Recently, Ray completed a 3.5 year exchange program with the Zurich, Switzerland PwC office, where he led the business unit dedicated to providing compliance solutions for companies running SAP (SAP GRC, Approva One, Security Weaver, etc.). His technical expertise paired with his international perspective make him ideal for multi-national clients looking to optimize SAP GRC solutions.

Raymond's Session(s):

Back to top

Todd McElhatton, SAP North America

As the chief financial officer (CFO) for SAP North America, Todd oversees the financial activities of the United States and Canada, including forecasting and planning, driving efficiencies, and leadership of the Commercial Finance team, to ensure the overall financial health of the region. Todd brings a 25-year career in finance management, leadership, and business growth with a number of high profile names in the technology space to his role on the SAP North America executive team. As vice president and CFO of VMware’s Hybrid Cloud business, he led a global team overseeing all finance functions including long-range strategic planning, capital investments, business development and pricing. During his tenure at Oracle as vice president of business, sales and finance operations for Cloud Services, Todd was a key member of the team instrumental in improving the business unit’s profitability, and personally managed a broad array of finance functions that included forecasting and pricing strategy, while leading a global team. After serving in a series of regional and global operations and finance-based roles at Hewlett Packard, Todd assumed overall financial responsibilities as vice president of finance and CFO of Managed Services. He was also previously vice president of finance at WebMD, and started his career as a bank consultant. Todd holds a bachelor’s degree in business administration from Southern Methodist University in Dallas, Texas, and an MBA from the University of Tennessee in Knoxville, Tennessee.

Todd's Session(s):

Back to top

Mick McGarry, KPMG

Mick McGarry is a Director with KPMG’s Advisory practice, specializing in SAP Advisory and GRC Technology. Mick has more than 13 years of experience in performing and managing information systems audit and control reviews, technology and project risk assessments, ERP systems implementations, business process and application control reviews and audits, and information security reviews. He has experience implementing and deploying SAP GRC Access Control and Process Control for multiple clients across various industries.

Mick's Session(s):

Back to top

Stewart Negley, Protiviti

Stewart is a Senior Consultant in the Atlanta Office of Protiviti. Stewart has 5+ years’ experience working on projects in the ERP space, working mainly with SAP. He has been involved in several projects regarding SAP Security Role Redesigns, an SAP Access Control 10.0 implementation, and Custom Transaction Code Analyses. Stewart has been involved in multiple role redesigns focused on creating a global role structure in each client’s SAP environments that limit the amount of excess access given to users, reducing their overall SoD risk violation exposure. Within these projects, Stewart has lead discussions around role design and build, as well as access management and user mapping processes, and has provided key insight into these areas leading to successful results for his clients.

Stewart's Session(s):

Back to top

Yeurd Ng, Protiviti

Yeurd Ng is an Associate Director in Protiviti’s ERP Solutions practice with over 10 years of SAP experience. He specializes in Governance, Risk, and Compliance Access Control (GRC-AC) software implementations. He has extensive experience with business process optimization, security role design based on least privilege methodology, segregation of duties risk identification and mitigation, and business process risks and controls definition (including automated configurations that can be leveraged as preventative controls and manual detective controls). Yeurd also has significant experience with testing General Computer Controls and General Application Controls, specifically, assisting with quantifying gaps to understand true risk exposures.

Yeurd's Session(s):

Back to top

Steven Oberhauser, KPMG

Steve Oberhauser is a Director with KPMG’s Advisory practice, specializing in SAP Advisory Projects and GRC Technology. Steve has more than 14 years of experience in performing and managing SAP as well as GRC implementations, SAP security implementations, IDM to GRC integration strategy, IT audit and control reviews, as well as control implementation projects. He has experience implementing, auditing, and deploying SAP GRC Access Control and Process Control for more than 70 organizations across various industries globally.

Steven's Session(s):

Back to top

Aidan Parisian, Fastpath

Aidan Parisian is the Director of Risk & Compliance Solutions at Fastpath. Our mission is to deliver software solutions that seamlessly empower our clients to take control of their security, compliance and risk management initiatives. Having spent much of his career in external and internal audit, he has a detailed understanding of regulatory pressures as well as the operational benefits of policy and control. Aidan has audited Fortune 500 companies and provided internal audit services to companies in the Fortune 500 as well as those on the rise.

Aidan's Session(s):

Back to top

Kaity Pedersen, EY

Kaity Pedersen is a Senior Manager at EY. She has over a decade of experience as a risk transformation leader with an emphasis in SAP Security and Governance, Risk & Compliance (GRC). Throughout her career, Kaity has worked with several global companies across various sectors, turning risk into results by optimizing SAP security, automating controls and enabling GRC technology solutions. Kaity is a Certified Information Systems Security Professional (CISSP) and holds her degree in Business Administration from the University of Southern California.

Kaity's Session(s):

Back to top

Simon Persin, Turnkey Consulting

Simon is an experienced SAP Security and SAP GRC consultant, having designed, reviewed, and implemented SAP Security and compliance solutions for a number of major blue chip clients. Simon has over 10 years’ experience with SAP and currently specializes in SAP Enterprise GRC solutions. As well as working with SAP Access Controls, Process Controls, and Risk Management, Simon also has a specialization in the wider GRC & Security products of Fraud & Audit Management, Enterprise Threat & Detection and SSO. Simon is a certified SAP NetWeaver Consultant for SAP Security, GRC Access Controls, and a certified instructor for the SAP GRC Training courses in the UK. Simon is also a certified SAP Strategic Expert Partner for the GRC solution area and supports pre-sales activities on behalf of SAP. He has written articles for several industry publications and he is also a regular speaker at international GRC conferences. He is in demand for technical troubleshooting and supporting customers to unlocking the value from their investment in GRC technology. Simon has also co-authored a book on the SAP GRC Access Controls certification.

Simon's Session(s):

Back to top

Chris Radkowski, SAP

Chris Radkowski is a Director of Solution Management at SAP and responsible for SAP Access Control. He has extensive industry experience with a broad range of identity, access, and security products and helped manage SAP Access Control through three major releases. Chris’s current areas of focus at SAP include access control, access governance, role management, HANA and analytics.

Chris's Session(s):

Back to top

Bala Ram, SAP

Bala Ram, Vice President and Global Head, SAP Financial Services Network (FSN) is responsible for solution management and GTM activities for FSN. Bala joined SAP in 2008, and initially worked in SAP Governance Risk and Compliance and SAP Netweaver groups. Prior to SAP, Bala has 25 years of experience in software industry, worked in various positions at BEA systems, CommerceOne, HP, IBM and American Express.

Bala's Session(s):

Back to top

Natalie Reuss, EY

Natalie Reuss is a senior manager in the Risk Transformation Advisory Services practice at EY. As a member of this group, Natalie has focused on controls and process work on the SAP ERP system. She provides leading practice recommendations regarding GRC solutions and has had hands-on experience in over 10 upgrades and implementations across a number of different industries.

Natalie's Session(s):

Back to top

James Roeske, Customer Advisory Group

James Roeske is CEO and co-founder of the Customer Advisory Group LLC. James has over 22 years of SAP Security, Audit, GRC, and Executive Management experience. Over those years, James has had a professional focus on technical configuration of SAP R/3 Security, segregation of duty design, user provisioning solutions, GRC software solution design, and corporate compliance implementations for companies around the world. Previous to founding the Customer Advisory Group, Mr. Roeske held strategic positions at Virsa Systems, SAP America, and SAP Canada. This has allowed him to lead, plan, and participate in over 220 SAP GRC and Security projects for some of the largest and most complex compliance environments across the globe.

James's Session(s):

Back to top

Deborah Rogers, Newport News Shipbuilding

Debbie has been an SAP ABAP programmer in the PS, MM, QM, HR, FI, and EHS modules for over 12 years, and is currently responsible for GRC analysis as it applies to Access Risk Controls and Emergency Access Management.

Deborah's Session(s):

Back to top

Bruce Romney, SAP

Bruce Romney is a Senior Director for SAP GRC Global Marketing. Bruce’s experience in GRC topics stem from a wide range of activities over the past 14 years across several industries. These include consulting on several audit engagements in the Risk and Advisory practice of a large public accounting firm, managing large scale e-discovery and litigation matters, and industry experience managing a contract manufacturing facility in Mexico. Bruce is a licensed CPA in the state of Texas.

Bruce's Session(s):

Back to top

John Scaramucci, Protiviti

John is a Senior Manager in the ERP Solutions group in Protiviti's New York Office, and is considered a subject matter expert on SAP segregation of duties quantification (SOD Quant) analysis and the SAP Access Violation Management (AVM) solution. He has led multiple SOD Quant engagements and AVM implementations, helping companies achieve SOD risk monitoring through the design and configuration of automated and manual controls. John also has experience performing SAP configurable control reviews, user access and security environment assessments, and data integrity audits.

John's Session(s):

Back to top

Susan Stapleton, Greenlight Technologies

Susan Stapleton, Vice President of the Customer Advisory office, joined Greenlight in 2010 with over 15 years of related industry experience. Susan has published numerous best practices for implementations and has been personally involved in over 160 customer implementations of Governance Risk and Compliance Solutions. She was also instrumental in driving the successful launching of the Virsa Systems portfolio of products which were acquired by SAP in 2006.

Susan's Session(s):

Back to top

Erin Swartzmiller, Stanley Black & Decker

Erin Swartzmiller is the Controls & Compliance IT Senior Manager for Stanley Black & Decker and is responsible for the GRC program. She is the Business Project Manager for SAP Security Redesign and SAP GRC Access Control implementations. Erin’s main areas of focus include IT general controls, system implementations and integrations.

Erin's Session(s):

Back to top

Marie-Luise Wagener, SAP SE

Marie-Luise has 18 years of SAP experience in the areas Audit, Consulting, Training, and Architecture in various Releases and SAP solutions. She worked seven years in the consulting area as Senior SAP Auditor and Senior SAP Consultant with clients from multiple industries, five years as Global SAP Security and Compliance Architect for a world-wide leading manufacturing company, headed the EMEA GRC Practice for 3 years, and joined SAP SE in 2015 as Vice President for Global GRC. Areas of her expertise are GRC, SAP Security and Controls Architecture, Program Management, and international Roll-Out Projects.

Marie-Luise's Session(s):

Back to top

Sarah Wechsler, Mars

Sarah Wechsler is a Global User Access and SoD Controls Manager with Mars, Incorporated (Mars) located in Mt. Olive, NJ. Sarah is responsible for the global implementation of the program to improve access management within Mars. Sarah and her team provide business support for the deployment of the user access, SoD risk, and controls management program. Sarah is an SME in her field and holds a Bachelor of Science degree in Business and Technology.

Sarah's Session(s):

Back to top

Jayden Weinschenk, Fastpath

Jayden Weinschenk is the Director of SAP Development at Fastpath. He has been developing and implementing SAP solutions for 17 years. Prior to Fastpath, Jayden worked for Fortune 500 companies including DuPont, Kelloggs and Pepsi Bottling as a SAP Solutions Engineer and SAP Architect. Jayden understands the importance of governance risk and compliance in SAP environments.

Jayden's Session(s):

Back to top

Trevor Wyatt, ConocoPhillips

Trevor Wyatt is the GRC administrator with ConocoPhillips and is responsible for their Global GRC administration. He was the primary resources on the 5.3 version and was the project manager and primary resource when upgrading to 10.0/10.1. Trevor’s main area of focus is GRC access control, but began his SAP role experience with SAP authorizations.

Trevor's Session(s):

Back to top

Susan Zortea, Jabil

Susan Zortea is Senior Manager of Global Governance at Jabil. She has over 20 years of experience in SAP, in the FICO and GRC modules, with companies including Norsk Hydro, Matthews International, Allegheny Energy, and Jabil. Her focus has been on successful SAP implementations and Finance projects, including consolidations with IBM Cognos TM1 and Controller, and system integration with BW and Pega, and most recently, the Global Security redesign and governance initiative.

Susan's Session(s):

Back to top