Profiles search
Lauren Kennedy
Risk Management, Business Continuity, Risk & Control Program Governance & Oversight
Powhatan Plantation, VA, United States
Details
Experience:
Established strategic vision for data protection risk management, collaborated with stakeholders across lines of defense, and operationalized the concepts to enable risk-based decision making.
Spearheaded design and build of the first holistic and comprehensive risk management strategy and program across the Data Protection Service (data loss prevention and cryptography)
Developed risk landscape reporting that drove visibility and action across risk compliance activities and informed initiative prioritization resulting in overall risk reduction
Implemented processes to timely and comprehensively manage risk objects resulting in a reduction of ~50% of past due and stale objects
Facilitated response to internal audit resulting in Adequate rating, and authored responses to federal regulatory exams working across multiple teams
Lead for all lines of defense assessments including Category Oversight Assessments, Process Level Assessments, Risk and Control Self-Assessments, and controls testing; assessment approach designs adopted by partner organizations
Developed and maintained partnerships with risk partners in all lines of defense to facilitate risk management activities and increase ability to proactively respond to and manage compliance and oversight requirements
2021 : Present
Capital One
Risk Governance and Oversight Lead, Cybersecurity - Data Protection Service
Defined Governance and Oversight Framework as the steward of the Business Continuity Risk Management Program that assessed the health of the program and drove clarity, reporting, consistency and efficiencies within the program and team.
Conducted continuous assessment of the Program against Capital One’s strategy, federal guidelines, and key stakeholder feedback to drive key Program changes and increase operational resiliency
Led regulatory interaction across all lines of defense partners resulting in ‘no exceptions noted’ on the OCC regulatory exam (Q4 2020)
Led a team of Risk Advisors to provide risk management advice and counsel to lines of defense to identify and mitigate business continuity related risks
Collaborated with key stakeholders and partners to implement a new enterprise tool for business continuity planning
Managed project portfolio utilizing Agile methodology and tools, such as Jira
2019 : 2021
Capital One
Governance Program Lead, Business Continuity Risk Management
Developed and delivered risk management, control, security and privacy consulting services appropriately sized for the entity
Evaluated business continuity programs against ISO 22301 Business Continuity Standard for a leading hospitality company and a financial services lender
Evaluated, designed and implemented business continuity and crisis response program for an international law firm
2010 : 2019
Kennedy & Lee LLC
Founding Partner, Business Resiliency and IT Risk, Control and Privacy Consulting
Transformed the enterprise perspective from a continuity focused program to a resiliency framework in alignment with the business strategy, a dynamic risk environment, and federal regulations; established Operational Risk Management program for newly acquired banking division.
Designed and implemented the first business continuity planning tool; conducted design sessions and developed the associated change management program
Led the Enterprise Crisis Management Program, including a comprehensive company-wide testing program, and responses to events including Hurricane Katrina, bomb threats, pandemics, and technology issues
Led a team of risk, control and Business Continuity Management professionals across four states
Communicated and influenced across all lines of business and provided advice and counsel to C-suite executive team
2003 : 2010
Capital One
Senior Director - Enterprise Business Continuity, Crisis Management, Operational Risk Management
Built business continuity and disaster recovery program for corporate headquarters, 2000+ employees.
• Managed vendor relationships.
• Developed comprehensive information technology compliance policies, standards and procedures and corresponding control environment.
2002 : 2003
Citicorp Mortgage
Vice President - Business Continuity
Spearheaded design and build of the first holistic and comprehensive risk management strategy and program across the Data Protection Service (data loss prevention and cryptography)
Developed risk landscape reporting that drove visibility and action across risk compliance activities and informed initiative prioritization resulting in overall risk reduction
Implemented processes to timely and comprehensively manage risk objects resulting in a reduction of ~50% of past due and stale objects
Facilitated response to internal audit resulting in Adequate rating, and authored responses to federal regulatory exams working across multiple teams
Lead for all lines of defense assessments including Category Oversight Assessments, Process Level Assessments, Risk and Control Self-Assessments, and controls testing; assessment approach designs adopted by partner organizations
Developed and maintained partnerships with risk partners in all lines of defense to facilitate risk management activities and increase ability to proactively respond to and manage compliance and oversight requirements
2021 : Present
Capital One
Risk Governance and Oversight Lead, Cybersecurity - Data Protection Service
Defined Governance and Oversight Framework as the steward of the Business Continuity Risk Management Program that assessed the health of the program and drove clarity, reporting, consistency and efficiencies within the program and team.
Conducted continuous assessment of the Program against Capital One’s strategy, federal guidelines, and key stakeholder feedback to drive key Program changes and increase operational resiliency
Led regulatory interaction across all lines of defense partners resulting in ‘no exceptions noted’ on the OCC regulatory exam (Q4 2020)
Led a team of Risk Advisors to provide risk management advice and counsel to lines of defense to identify and mitigate business continuity related risks
Collaborated with key stakeholders and partners to implement a new enterprise tool for business continuity planning
Managed project portfolio utilizing Agile methodology and tools, such as Jira
2019 : 2021
Capital One
Governance Program Lead, Business Continuity Risk Management
Developed and delivered risk management, control, security and privacy consulting services appropriately sized for the entity
Evaluated business continuity programs against ISO 22301 Business Continuity Standard for a leading hospitality company and a financial services lender
Evaluated, designed and implemented business continuity and crisis response program for an international law firm
2010 : 2019
Kennedy & Lee LLC
Founding Partner, Business Resiliency and IT Risk, Control and Privacy Consulting
Transformed the enterprise perspective from a continuity focused program to a resiliency framework in alignment with the business strategy, a dynamic risk environment, and federal regulations; established Operational Risk Management program for newly acquired banking division.
Designed and implemented the first business continuity planning tool; conducted design sessions and developed the associated change management program
Led the Enterprise Crisis Management Program, including a comprehensive company-wide testing program, and responses to events including Hurricane Katrina, bomb threats, pandemics, and technology issues
Led a team of risk, control and Business Continuity Management professionals across four states
Communicated and influenced across all lines of business and provided advice and counsel to C-suite executive team
2003 : 2010
Capital One
Senior Director - Enterprise Business Continuity, Crisis Management, Operational Risk Management
Built business continuity and disaster recovery program for corporate headquarters, 2000+ employees.
• Managed vendor relationships.
• Developed comprehensive information technology compliance policies, standards and procedures and corresponding control environment.
2002 : 2003
Citicorp Mortgage
Vice President - Business Continuity
Company:
Capital One
About
Risk management and resiliency leader with proven expertise in governance, risk, compliance, and controls assurance. Risk professional who balances risk, controls, and reward with strategic business and financial goals. Excels in the competencies of strategic thinking, collaboration, influence, communication and problem solving. Excellent skills in project and program management, building and executing governance programs, designing strategic, innovative and sustainable practices, and leading risk identification, analysis, and decision making. Industry public speaker on risk management and business resiliency.
OpenFair Certified
Agile Certified
Profile Photo
