JOSEPH I.

HENNING
IT SECURITY & COMPLIANCE MANAGER

jihenning@aim.com

RESPECTED IT SECURITY AND COMPLIANCE MANAGER with distinguished career leading complex enterprise-wide projects across IT Compliance, Business Technology, PMO, and Security. Core team member and driver for seamless change management and new technology implementation. INSTRUMENTAL IN DRIVING innovative information technology and customer service solutions for projects, while maintaining the forward momentum of the organization. Possess strong field expertise implementing COBIT and COSO frameworks to achieve sustainable information and business technology operations. PASSIONATE LEADER, skilled at building top-performing teams focused on impeccable service delivery and IT quality. Extensive expertise in client needs analysis with a consultative approach to customer service operations.

SELECTED ACHIEVEMENTS
Implemented the IT Sarbanes-Oxley (SOX) program, maintaining 0% audit deficiencies at GML Increased the GML BioPharma Department by 10% through sponsor communication and IT process awareness Executed the CAP/CLIA inspection, resulting in 0 deficiencies and 0 recommendations for the commercial laboratory at GML Contributed toward organizational movement towards 21 CFR compliance at GML Reduced global IT controls by 53% during scoping and risk assessment within the first 3 months at CGC Decreased overall global IT deficiencies by 275% in the first year at CGC Lead the purchasing and implementation of a Segregation of Duties software solution for SAP with 0 deficiencies at CGC Drove the reduction in overall IT Sarbanes-Oxley costs to the organization in excess of over $400k from 2005-2006 at CGC Recommended an assumption policy to mitigate $80M loan loss for probate accounts for Morgan-Stanley Implemented program to recover $30M of the loan loss to Morgan-Stanley Streamlined the monetary adjustment process flow, saving Morgan-Stanley $500k in Information Processing Facility costs Designed application prototype templates for reusable and fast systems used by developers as guidelines for development strategies Coordinated a detailed redesign plan for the conversion of WebSphere 3.02 to 3.5 to 4.0, changing architecture and repartitioning code Coded a JSP Tag generation system to improve developer capacity of the Java Server Pages specification

PROFESSIONAL EXPERIENCE
Manager GENOPTIX MEDICAL LABORATORY 2008-Present Carlsbad, CA Entrusted to manage IT Compliance, Business Technology, PMO, and Documentation, while also supervising Project Management Office operations. Served as Technical Lead for the development of a comprehensive IT Internal Controls Database to support General Computer Control planned maintenance, follow-up and remediation activities. Actively collaborated with the Corporate Compliance Department in conducting biopharmaceutical audits, ensuring compliance in CLIA/CAP licensing requirements and federal mandates regarding BioPharma and Commercial Laboratories. Leveraged the zix infrastructure applicant email monitoring process in developing and implementing a HIPAA Awareness Monitoring Program to HIPAA violations and reporting deficiencies. Promoted key control awareness and effectiveness throughout the organization through the development of a sustainable on-going monitoring process and enforcement of the IT Sarbanes-Oxley program. Re-engineered applications to align business processes in support of change management initiatives and business technology improvements. Recruited a cross-functional team to support 3rd party software products enforcing organizational compliance with Personal Health Information, FDA Quality Systems regulations, and HIPAA policies. Successfully maintained four enterprise-wise Document Management Systems, contributing to document retention, corporate document management and company IT security.

PROFESSIONAL EXPERIENCE, CONT.

Supervisor | IT Compliance Specialist CALLAWAY GOLF COMPANY 2006-2008 Carlsbad, CA Served as Co-Director of all Sarbanes-Oxley (SOX) 404 IT compliance efforts with the Corporate Compliance Manager across SAP ERP, Sales, ADP Payroll, and Ultipro HR Systems. Entrusted to determine necessary scope and potential risk of the IT SOX environment. Contributed technical expertise and project leadership to the development of documentation/testing standards, testing of application controls, coordination of remediation plans, and execution of quarterly SOX 404 process owner certifications. Skillfully collaborated in the implementation of the policy IQ system, resulting in compliance of documenting testing, reporting, and remediation operations with the Sarbanes-Oxley Act sections 404 and 302. Presented details of the scope and testing process for IT SOX reviews to a 60-member IT Department, emphasizing the importance of maintaining control. Senior IT Audit Consultant | Acting Manager BAXTER HEALTHCARE, INC. 2005-2006 Deerfield, IL Drive the execution of Sarbanes-Oxley global reviews, while also analyzing SAS70/SSAE16 reports from third-party vendors to assess SOX reliance and determine map testing strategies. Senior IT Audit Associate DISCOVER FINANCIAL SERVICES; MORGAN STANLEY 2004-2005 Riverwoods, IL Applied extensive knowledge of technology-based tools to collect data, conduct audits/reviews and present recommendations to improve controls. Software Applications Manager DISCOVER FINANCIAL SERVICES; MORGAN STANLEY 1998-2004 Riverwoods, IL Spearheaded the recruitment and development of a team to oversee the entire project lifecycle, from identifying business requirements and implementing specifications to developing prototypes and simulating processes.

PROFESSIONAL EDUCATION & CERTIFICATIONS

Master of Business Administration WEBSTER UNIVERSITY Concentration in Computer Resources and Information Management Graduated Summa Cum Laude, received the Discover Leadership Award Bachelor of Science in Computer Information Systems DEVRY INSTITUTE OF TECHNOLOGY Concentration in Business Technology Graduated Summa Cum Laude CERTIFIED INFORMATION SYSTEMS AUDITOR, 2009 2002

1999

PROFESSIONAL AFFILIATIONS
Member INFORMATION SYSTEMS AUDIT AND CONTROL ASSOCIATION (ISACA) Member INSTITUTE OF INTERNAL AUDITORS (IIA) Member TOASTMASTERS INTERNATIONAL President CALLAWAY TOASTMASTERS