To view speaker bio, click on first letter of last name.

Sarma Adithe, SAP

Sarma Adithe is Chief Product Owner for Access Governance and is responsible for overall SAP Access Control & SAP Cloud Identity Access Governance product development. He has over 25 years of experience, out of which 12 are in the Access Controls domain. Sarma’s focus area at SAP is Access Governance, as well as technical expertise in authorizations, Java, and Mo bile. Sarma is directly involved in customer interactions, Co-Innovation, and Customer Connect on topics related to Access Governance Solutions.

Sarma's Session(s):

Back to top

Alessandro Banzer, Xiting

Alessandro Banzer has worked in Information Technology since 2004, specializing in SAP in 2009. Since then, Alessandro has been involved with global SAP projects in various roles. Alessandro is an active contributor and moderator in the Governance, Risk and Compliance space on SAP Community. He is responsible for Xiting in the Americas region and a subject matter expert in SAP Access Control (GRC) and SAP Security in general.

Alessandro's Session(s):

Back to top

Christian Cohrs, SAP SE

Christian Cohrs is Product Manager for Identity and Access Management at SAP. He has a background in computer science and worked in various positions at SAP during the last 17 years, most recently as Area Product Owner for SAP Single Sign-On.

Christian's Session(s):

Back to top

David Denson, PwC

David has over twelve years of experience delivering GRC, SAP security, and control implementation and review services across numerous industry sectors. He specializes in SAP security task-based role design, business role design, and SAP’s GRC Access Controls & Process Controls components of the GRC10 & GRC 12 solutions. David has led multiple S/4 HANA, & Fiori security & GRC projects and has presented on GRC, S/4HANA & Fiori topics at SAP & internal PwC conferences, including GRC Insiders North America, GRC Insiders Europe, SAP TechEd, and SAPPHIRE NOW. David has led numerous SAP security & controls designs and GRC implementations for clients across multiple industries, which included coordinating global efforts across multiple time zones. He has experience leading full life cycle implementations including the planning, design, build, testing, and post-implementation production support phases. He has developed internal practice methodology, trainings, and accelerators for S/4 HANA and Fiori security role, GRC implementations, ruleset design and assessment, and controls designs. He also developed a security & controls, data masking, and landscape strategy data classification & security methodologies to assist clients with meeting sensitive data requirements for multiple industries on SAP ERP & PLM offerings, including technology, aerospace & defense, chemical, and manufacturing clients.

David's Session(s):

Back to top

Vasudevan E.R., Deloitte

Vasudevan is a Senior SAP BASIS professional at Deloitte US India Consulting with over 5 years of experience in SAP projects involving SAP S/4HANA Greenfield implementations, SAP S/4HANA conversion, Performance Tuning of SAP HANA Database, OS/DB migrations and Unicode Conversions. His other focus areas include SAP Mobility products like SAP Fiori, SMP, Single Sign-On Technology and Administration and Support of Custom SAP HANA XS applications for UI. He has been a speaker at SAPinsider conferences in the US and EMEA delivering sessions since 2015. Vasu is an SAP certified Associate in SAP HANA Administration, SAP Fiori Administration & Implementation, and SAP NW 740 OS/DB Migration. He belongs to a team called Solutions Network within Deloitte.

Vasudevan's Session(s):

Back to top

Andy Evans, PwC

Andy is a Managing Director with PwC's Digital Risk Solutions national practice. In this role, Andy is responsible for leading the Data Transformation and Governance space nationally. He has over twenty years of experience in data related engagements. Andy’s focus has been on data migration, master data management, and data governance solutions for large organizations. He has worked across industries including life sciences, consumer products, energy, and technology. He has helped organizations define their data governance framework as well as implement controls to mitigate risk related to master data.

Andy's Session(s):

Back to top

Joe Franczkowski, KPMG

Joe is a Director with KPMG’s national Advisory GRC Technology practice and is based out of the Philadelphia office. He has over ten years of experience leading large scale SAP security, audit, and controls projects, including controls integration, implementation of SAP Access Control, technology and project risk assessments, compliance assessments, and experience working with third party security and control organizations. He has served clients across multiple industries and specializes in chemical, manufacturing, and life sciences. Joe has served as the lead account Director for multiple Fortune 500 companies with responsibility for the scoping, delivery, and team/ project management on SAP Controls Integration projects, SAP GRC projects, SAP Security and Role Re-design/ Rationalization projects, Financial Statement & SOX Compliance, IT Assurance, and Internal Audit Co-Sourcing engagements.

Joe's Session(s):

Back to top

Jan Gardiner, SAP

Jan Gardiner, CPA, is a Senior Director in GRC Solutions at SAP Labs, LLC. She is the solution owner of SAP Process Control for compliance and control management, responsible for product direction and go-to-market activities. She has been involved with compliance software at SAP for over 12 years and has worked closely with customers in a variety of industries and geographies.

Jan's Session(s):

Back to top

Carrie Gilstrap, HP

Carrie is an IT Audit Manager within Internal Audit at HP. She manages IT SOX work, Operational IT Audits and is driving innovation through Robotics, CCM, and HP’s S/4 implementation. She is a Certified Information Systems Auditor and holds an MBA. She joined HP in 2002.

Carrie's Session(s):

Back to top

Kapil Goyal, Deloitte

Kapil is an experienced SAP GRC and SAP S/4HANA Security expert at Deloitte and co-leads the Deloitte GRC center of excellence. He has over ten years of experience leading SAP GRC Access Controls, SAP S/4HANA, SAP Fiori, and ECC security and control implementations and review services across numerous industry sectors. He has spoken extensively on GRC topics and is a prominent speaker at international GRC conferences. Kapil’s accomplished project management skills, understanding of implementation methodology as well as control design and analysis, and problem-solving abilities have allowed him to provide value-added services to clients in the areas of role design and implementation, risk identification, mitigation and management; and security strategy solutions.

Kapil's Session(s):

Back to top

Kurt Hollis, Deloitte

Kurt Hollis is a manager at Deloitte in the SAP Solutions Network located in Philadelphia, Pennsylvania. Kurt has 20 years of experience with SAP products and has many SAP certifications including, SAP HANA Associate, SAP NetWeaver 7.0, SAP Solution Manager, and O/S DB Migration. Focused for the past 7 years on SAP HANA, he has completed dozens of implementations, upgrades, and migrations, including implementations of SAP S/4HANA and SAP BW4/HANA and implementations on cloud environments. He has also completed SAP ERP and SAP BW migrations using DMO from Oracle and MSSQL databases to SAP HANA successfully. In addition, he has extensive experience performing SAP HANA hands-on tasks in areas of administration, security, operations, support of modeling initiatives, integration of SAP BusinessObjects systems, and SLT replication systems. He has installed SAP HANA on VMware-based environments and TDI implementations. Kurt has been a regular presenter on SAP HANA administration and operations topics for SAPinsider since 2013.

Kurt's Session(s):

Back to top

Jon Jameson, PwC

Jon is a New York based Manager with PwC’s Enterprise Systems Solutions practice. Jon has over a decade of professional experience providing finance and technology consulting services with expertise in project management, financial and ERP systems, process automation, business analytics, compliance and auditing. He has served clients across several industries including retail and consumer goods, manufacturing, financial services, energy and resources, pharmaceutical, entertainment and media, and the aerospace and defense sectors. He has helped multiple Fortune 500 clients through the implementation of large complex systems integrations, including helping clients manage risk, controls, and compliance requirements throughout the transformation.

Jon's Session(s):

Back to top

Tomás Kong, SAP

Tomás Kong is a Senior Director of solution management at SAP working on the Fraud Management solution. Tomás has nine years of experience at SAP, and he previously spent many years in product management and consulting roles at several technology companies focusing on financial, billing, and compliance solutions.

Tomás's Session(s):

Back to top

Anand Kotti, Onapsis

Anand Kotti is an SAP Cybersecurity SME at Onapsis. He is responsible for Onapsis’ SAP technical pre-sales activities and works as a primary technical contact for the field sales force. Anand drives and manages the technology evaluation stage of the sales process and works in conjunction with the sales team as the key technical adviser and product advocate for Onapsis. He holds a Master in Computer Engineering from California State University Chico. Prior to joining Onapsis, Anand spent nearly 15 years working with global enterprise SAP customers as a Technofunctional consultant.

Anand's Session(s):

Back to top

Michael Kummer, Xiting

Michael Kummer is spearheading Xiting’s sales and marketing activities in the Americas. Before taking over this responsibility, he held various leadership positions at Secude IT Security in Europe and North America. Michael Kummer has enjoyed a decade-long history within the IT industry, focusing on SAP security. As an innovative and independent thinker with a broad knowledge of security-related technologies, he is on the front lines of helping customers to protect their data and privacy.

Michael's Session(s):

Back to top

Jonathan Laubenstine, The Hershey Company

Jonathan is director, technology auditing and has over 13 years of progressive audit experience providing attestation, assurance, and business/controls advisory services across each of Hershey’s key global business units. During his tenure in Internal Audit, he has served as a key resource managing numerous domestic and international initiatives including the implementation of SAP Process Control, evaluation of Hershey’s SAP General Ledger implementation, control design for Hershey’s Global Trading Company, controls advisory for the Global Supply Chain Transformation, global distributor management capability enhancements, and international import export compliance assessments. He also served as the finance lead for the Enterprise Risk Management Program Office, and various special projects. He is responsible for creating and delivering the annual auditing plans, continuing to advance the data analytics and continuous monitoring capabilities of the Internal Audit Department, advancing controls automation across the company, working closely with the ERP implementation teams on controls design and go-live assessments, and building and developing a high-performing Technology Auditing team. Jon graduated from Lebanon Valley College with a bachelor’s in accounting and a master’s in business administration. He is also a Certified Public Accountant and Certified Fraud Examiner.

Jonathan's Session(s):

Back to top

Keng Lim, NextLabs

Keng Lim is the founder and CEO of NextLabs - a leading provider of policy-driven information risk mitigation and data-centric security software for large enterprises. He founded NextLabs to tackle new complex information risk and data protection problems faced by large enterprises to compete in the global digital economic environment. Keng is a serial entrepreneur who has launched and built several software companies including Kiva Software, Netscape, Escalate, and Sygate over the last 20 years. He has been recognized as one of the industry's "most influential people on the Internet" for the creation and advancement of the Application Server product and his contribution in the Web, SaaS, and data security software arena. Keng holds a master’s degree from the Massachusetts Institute of Technology (MIT) and is a holder of over 60 approved and pending patents.

Keng's Session(s):

Back to top

Holly Marrs, PwC

Holly is a Director in PwC’s SAP security, controls, and GRC practice. She has over 13 years of experience in SAP implementations, security and controls design and SOX 404 Compliance. She has worked with a variety of clients in the energy and manufacturing industries. Her experience and projects include SAP security and controls optimization, SAP security role redesign, SAP implementation support, SAP GRC Access Control, Process Control and Risk Management implementations, as well as various IT audit and SOX projects. Holly holds CISA and CISRC certifications in Texas and she holds a BS in Business from Louisiana State University.

Holly's Session(s):

Back to top

Raymond Mastre, PwC

Ray is a Director based in PwC's San Francisco office. For over 14+ years, Ray has specialized in SAP Security and the implementation of Governance Risk and Compliance (GRC) solutions. He has completed 10+ global SAP security redesign projects and multiple end-to-end implementations of the SAP GRC Access Controls suite, including GRC version 12.0 and the customization of client specific Segregation of Duties (SoD) rule sets. Recently, Ray completed a 3.5 year exchange program with the Zurich, Switzerland PwC office, where he led the business unit dedicated to providing compliance solutions for companies running SAP (SAP GRC, Approva One, SecurityWeaver, etc.). His technical expertise paired with his international perspective make him ideal for multi-national clients looking to optimize SAP GRC solutions.

Raymond's Session(s):

Back to top

Bruce McCuaig, SAP

Bruce McCuaig is Director - Product Marketing for SAP GRC solutions. He is responsible for development and execution of the product marketing strategy for SAP Risk Management, SAP Audit Management and the SAP solutions for Three Lines of Defense campaign. Bruce has extensive experience in industry as a Finance professional, as a Chief Risk Officer and as a Chief Audit Executive and as a consultant He has written and spoken extensively on GRC topics and has worked with clients around the world training and implementing GRC solutions and technology.

Bruce's Session(s):

Back to top

Alex Montiel, KPMG

Alex's Session(s):

Back to top

Andreas Nissen, Turnkey Consulting

Andreas has more than 8 years of experience in national and international projects with more than 5 years working for SAP. His areas of expertise are SAP Business Integrity Screening (formerly SAP Fraud Management), SAP Business Partner Screening, SAP Audit Management, SAP Tax Compliance, SAP GRC 10.1, and project management. He has special in-depth technical and implementation knowledge on SAP Business Integrity Screening, SAP Business Partner Screening, SAP Tax Compliance, SAP Audit Management, and all four components of SAP Access Control.

Andreas's Session(s):

Back to top

Bill Oliver, Winterhawk Consulting

Bill is a Partner with Winterhawk Consulting, a global provider of Governance, Risk, and Compliance (GRC) services. Bill has over 20 years’ experience in the field of SAP information security and auditing which includes large-scale security and GRC implementations as well as managerial roles in external audit, advisory, and assurance services. Bill holds a Master’s Degree in Information Technology from Boston University and is a Certified Information Systems Auditor (CISA).

Bill's Session(s):

Back to top

Paul Petraschk, SAP

Paul is Team Lead of the GRC Digital Compliance Team EMEA and Senior GRC consultant with 9 years of SAP experience in the areas Governance, Risk, and Compliance GRC, Consulting, Training, and Architecture. He is specialized on SAP Risk Management, SAP Process Control and Continuous Control Monitoring (CCM), CCM on HANA and CCM 2.0 (Smart Controls). Paul has run several consulting and implementation projects for national and internal Fortune Global 500 Companies as project manager, work stream lead as well as technical or solution consultant. He also serves as an experienced trainer for SAP trainings.

Paul's Session(s):

Back to top

Carolyn Pittman, Purple Vector LLC

Carolyn K. Pittman, CPA, CISA is an independent consultant and principal of Purple Vector LLC. She serves on the Board of Directors, the Audit Committee, and the Corporate Governance and Nominating Committee of Minerals Technologies, Inc., global provider of specialty minerals and mineral-based products and services. She was recently appointed to serve on SAP’s Independent Executive Advisory Council. Ms. Pittman recently retired from a twenty-three year career with Northrop Grumman and its spin off, Huntington Ingalls. During her tenure, she served as corporate Chief Audit Executive and CFO/Controller for several large businesses within the Companies. Prior to that, she worked in public accounting for Ernst and Young for ten years. She is actively involved in her community, serving on the Board of Directors of the Virginia Symphony Orchestra, Girl Scouts of the Colonial Coast, and Trinity Lutheran School.

Carolyn's Session(s):

Back to top

Gary Prewett, NIMBL

Gary Prewett is the Security Practice Lead for NIMBL, North America’s SAP Technologists. An active SAP Security thought leader with over 10 years of ERP implementation experience and 14 years of Information Security focus, Gary has driven and delivered technical and process-based controls on multiple complex SAP implementations. He has worked with clients in implementing security strategy essential to operating in high risk environments, and has implemented comprehensive information security initiatives encompassing SAP solutions for clients in the payment processing, energy, and financial services sectors.

Gary's Session(s):

Back to top

Chris Radkowski, SAP

Chris Radkowski is a Director of Solution Management at SAP and responsible for SAP Access Control. He has extensive industry experience with a broad range of identity, access, and security products and helped manage SAP Access Control through three major releases. Chris’s current areas of focus at SAP include access control, access governance, role management, HANA and analytics.

Chris's Session(s):

Back to top

James Roeske, Customer Advisory Group

James Roeske is CEO and co-founder of the Customer Advisory Group LLC. James has over 22 years of SAP Security, audit, GRC, and executive management experience. Over those years, James has had a professional focus on technical configuration of SAP R/3 security, segregation of duty design, user provisioning solutions, GRC software solution design, and corporate compliance implementations for companies around the world. Prior to founding the Customer Advisory Group, Mr. Roeske held strategic positions at Virsa Systems, SAP America, and SAP Canada. This has allowed him to lead, plan, and participate in over 220 SAP GRC and security projects for some of the largest and most complex compliance environments across the globe.

James's Session(s):

Back to top

Deborah Rogers, Newport News Shipbuilding

Debbie has been an SAP ABAP programmer in the PS, MM, QM, HR, FI, and EHS modules for over 12 years, and is currently responsible for GRC analysis as it applies to Access Risk Controls and Emergency Access Management.

Deborah's Session(s):

Back to top

Manish Singh, Deloitte & Touche LLP

Manish has over 12 years of IT/Business consulting experience. He provides architectural guidance for large, complex solution development for SAP, system integration, and package-based SAP implementation projects to manage risks. Manish also defines integration standards, governs project solutions against standards, and develops and uses enterprise integration design patterns to maintain security and control and achieve application integrity. Manish has led multiple projects which includes security assessment and related activities for design, build, and support of SAP security and controls in the enterprise systems implementation, GRC implementations and enterprise wide transformational projects.

Manish's Session(s):

Back to top

Swetta Singh, SAP

Swetta Singh is Director of Product Management at SAP, with more than 17 years of experience in the IT industry. Over the last 13 years, she has focused on SAP Access Control, SAP Cloud Identity Access Governance, and the security marketplace.

Swetta's Session(s):

Back to top

Susan Stapleton, Greenlight Technologies

Susan Stapleton, Vice President of the Customer Advisory office, joined Greenlight in 2010 with over 15 years of related industry experience. Susan has published numerous best practices for implementations and has been personally involved in over 160 customer implementations of Governance Risk and Compliance Solutions. She was also instrumental in driving the successful launching of the Virsa Systems portfolio of products which were acquired by SAP in 2006.

Susan's Session(s):

Back to top

Steve Toshkoff, Protiviti

Steve Toshkoff is a senior manager in Protiviti’s ERP Solutions practice with over 8 years of experience. He specializes in the design, assessment, and optimization of SAP finance and operational control requirements, including automated and manual controls, user and role security, and segregation of duties conflicts. Steve has extensive experience with SAP Governance, Risk, and Compliance (GRC) solutions and has provided clients with a variety of services related to SAP Process Control and SAP Access Control implementations across different industries.

Steve's Session(s):

Back to top

Marie-Luise Wagener, SAP SE

Marie-Luise has 18 years of SAP experience in the areas Audit, Consulting, Training, and Architecture in various Releases and SAP solutions. She worked seven years in the consulting area as Senior SAP Auditor and Senior SAP Consultant with clients from multiple industries, five years as Global SAP Security and Compliance Architect for a world-wide leading manufacturing company, headed the EMEA GRC Practice for 3 years, and joined SAP SE in 2015 as Vice President for Global GRC. Areas of her expertise are GRC, SAP Security and Controls Architecture, Program Management, and international Roll-Out Projects.

Marie-Luise's Session(s):

Back to top

Douglas H Wheelock, NASA

Douglas's Session(s):

Back to top