Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Affiliations
Industry Knowledge
References
Timeline
Work Preference
Hi, I’m

Betty Tomlin

Risk & Business Continuity Management
Buffalo,NY
Betty Tomlin

Summary

Resourceful vice president with several years of results-oriented experience in business intelligence and operations management. Culturally-sensitive and ethical professional with demonstrated success in developing and implementing optimized solutions. Versatile leader recognized for driving results in collaborative, inclusive manner.

Overview

26
years of professional experience
4
Certification

Work History

M&T Bank
Buffalo, NY

Vice President of Tech Risk Operations
01.2014 - Current

Job overview

  • Represent Corporate Risk to Bank Regulators, external auditors, and internal auditors relevant to assigned responsibilities.
  • Provide independent oversight and challenge of the identification, assessment, monitoring, mitigation, and reporting of all significant risks, controls, and metrics within the First Line of Defense and throughout the enterprise.
  • Evaluate the risk processes across the organization to identify potential gaps in critical controls and communicate identified material risks and gaps in controls to the Business Units, as well as to Executive Management and to the Risk Committee of the Board.
  • Engage with Enterprise Security and Technology management to assess and confirm appropriate risk management policies are enacted in project methodology and in daily operations.
  • Responsible for completing an independent, critical review and challenge of the Business Unit's responses to the Operational Risk questionnaire component of the third-party risk review process; SOC II, and ISO 27001.
  • Conduct deep-dive analysis of risks, controls, and metrics to ensure the risk profile is adequate and effective.
  • Conducting assessments to identify areas for improvement in operational risk management training and designing comprehensive staff training programs at an enterprise level. Partnering with business areas to develop risk management practices, as well as the utilization of risk tools and processes.
  • Ensured compliance with audit, regulatory, federal, state, and local laws related to risk management practices, supporting the second line of defense.
  • Identified problems and implemented solutions to better streamline operations using the eGRC/Archer platform, supporting risk and control monitoring and testing, issue, exam, and infrastructure management.
  • Achieved seamless integration across four major stages of the Wilmington Trust Acquisition and Data Center Decommission project in just six months. This entailed overseeing the successful implementation of WISD Desktop Replacement and desktop applications, ensuring smooth execution of data file migrations, handling decommissioning responsibilities for over 600 workstations while effectively shutting down the Data Center, as well as managing network migrations.

Citi Bank Corporate
Getzville, NY

Global Program Manager Enterprise Resiliency
12.2012 - 01.2014

Job overview

  • Communicated regularly with external partners to ensure alignment of strategies and goals.
  • Analyzed data collected during the course of the program operations and reported results accordingly.
  • Facilitated workshops designed to educate stakeholders about best practices for managing programs successfully.
  • Identified areas of improvement in existing processes, procedures and systems related to the program delivery cycle.
  • Created presentations outlining proposed solutions for addressing challenges encountered during program execution.
  • Developed project plans, identified risks, set objectives and monitored progress towards completion.
  • Participated actively in brainstorming sessions focused on improving existing processes or creating innovative approaches for delivering services more efficiently.
  • Ensuring disaster recovery capabilities of Citi's global 17 business areas to perform critical functions utilizing the defined strategies within Business Recovery Plans for all recovery strategies: remote, relocate, and transfer of function. Tests simulate the loss of production, technology, and test recovery plans and processes, typically associated with data centers, satellites, and tech rooms.
  • Developed and executed the global delivery of training and awareness, targeted to both experts and general audiences, for Information Security and Business Continuity Management.

Hewlett Packard Enterprise
Amherst, NY

Global Program Manager Business Continuity
09.1998 - 12.2012

Job overview

  • Drive the development and execution of the BCRM program, framework, policies, and procedures consistent with the organization's risk framework to ensure a sound control environment from a BC/Operational Resilience perspective. Completion of specific financial projects totaling over $6M annually, ensuring consistency with company strategy, commitments and goals of the Global Network Tools Transformation and Automation Strategy program.
  • Developed and led new cross-functional teams towards organizational objectives. Planned and executed business operations strategies.
  • Re-engineer the business continuity program model to align with the corporate delivery model. Demonstrated the ability to outline both a strategic and tactical approach to expand enterprise-wide Global Business Continuity program, utilizing the core principles associated with business continuity.
  • Engage with internal stakeholder groups and external resources to maintain awareness of current and emerging risks and regulatory expectations.
  • Lead independent business continuity risk reviews on new products, new processes, risks, and control assessments, and root cause analysis.
  • Streamline processes for risk identification and assessment, control assessment, testing, and issue management.
  • Lead continuous improvement activities and initiatives for BCRM, working with stakeholders, subject matter experts, and analysis of exception reports to define issues, determine root cause, and determine appropriate changes.
  • Lead audit and regulatory BCRM remediation activities, and ensure that all requests are completed timely and materials are provided as appropriate.
  • Provide advice and oversight on business continuity risk issues, monitoring and measuring business continuity risk performance, policy adherence, and reviewing and challenging of strategy (initiative, products), control design, implementation, testing, and remediation across the organization.
  • Develop risk analysis and reporting, including risk metrics and thematic reviews, for dissemination to both the first line of defense, BCM leadership, risk management committees, and regulators.
  • Liaise with key stakeholder groups, including Enterprise Risk Management, Operational Risk Management, First Line Business Continuity Management, Crisis Management Group, and Third-Party Risk Management.
  • Ensure appropriate escalation of issues to first line and senior management, as required.
  • Engage with internal stakeholder groups and external resources to maintain awareness of current and emerging risks and regulatory expectations.
  • Lead independent business continuity risk reviews on new products, new processes, risks, and control assessments, and root cause analysis.
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding HP and Tower's Perrin, its clients, and assets by driving compliance with applicable laws, rules, and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct, and business practices, and escalating, managing, and reporting control issues with transparency.
  • Maintained effective communication channels between team members and external partners and clients.
  • Analyzed data from various sources to generate meaningful insights into program performance.
  • Developed comprehensive training materials to support new initiatives or changes in existing programs.
  • Provided leadership and direction in the management of cross-functional teams.
  • Created presentations that effectively communicated program successes or challenges at all levels of the organization.
  • Ensured compliance with corporate policies, standards, and procedures.
  • Managed budgeting process for assigned programs and ensured cost containment measures were met.
  • Facilitated meetings with internal stakeholders as well as external customers and partners when needed.
  • Identified innovative approaches that could be utilized within the organization's global operations.
  • Conducted extensive research and participated in networking events to meet prospects and identify areas of focus.
  • Stayed abreast of local, state, and federal regulations impacting corporate compliance.
  • Identified and assessed risks and deployed proactive mitigation plans that met budgetary parameters and resolved issues.
  • Utilized strong public speaking skills when delivering concise presentations during client meetings.
  • Assessed issues that arose during project stages and applied best business practices for risk mitigation.
  • Coached, mentored and trained personnel to create positive working environment.
  • Traveled to sites to perform network upgrades, troubleshooting and system modifications.
  • Negotiated with project stakeholders or suppliers to obtain resources or materials.
  • Established relationships with vendors to facilitate negotiations related to pricing, contracts.
  • Collaborated with stakeholders to define objectives and deliverables for programs.
  • Actively tracked program performance metrics to identify areas of improvement or risk mitigation opportunities.
  • Developed and implemented global program strategies to ensure successful outcomes.

Education

Norwich University
Northfield, VT

Master of Science from Business Continuity Management
06-2010

University Overview

Medaille College
Buffalo, NY

Bachelor of Science from Information Technology
06-2002

University Overview

Skills

  • Comprehensive knowledge and experience in Operational and Enterprise Risk Management
  • Strong understanding of the business continuity risk governance framework and practices; knowledge of the FFIEC IT BCM Handbook
  • Deep experience in risk aggregation
  • Understanding of complete risk lifecycle from risk ID to mitigation
  • Strong business acumen and excellent communication skills
  • Experience using Archer; Governance, Risk and Compliance (GRC) systems
  • Cross-functional team leadership
  • Ability to drive change to business practices by working effectively
  • Strong program and project management skills
  • Experience in 1st and 2nd line of defense capacity
  • Demonstrated strategic planning and analytical skills with follow-up and problem solving capability to improve quality, controls, and efficiency
  • Ability to simplify difficult concepts and challenges
  • Performance monitoring and evaluation
  • Results-Driven
  • Great collaboration skills with the ability to partner and advise across all levels

Certification

  • CBCP since 2006 DRII
  • ITIL 2006
  • ICS (I-300 series) NYS Emergency Management Office
  • Business Continuity Management Systems - ISO 22301-2012 -Citigroup Continuity of Business (CoB) Program Operations
  • CRISC in process
  • RMBC in process (Risk Management Business Continuity Certification)

Accomplishments

Accomplishments
  • Pathfinders - Blazing Between Education and Business
  • Certificate of Appreciation 21st Century Community Learning Center at Buffalo Public School #66/North Park Middle Academy
  • Northpointe Toastmasters awarded Dedicated Service and Excellence in Leadership - Club President
  • Leadership Niagara Award

Affiliations

Affiliations
  • Eastern Great Lakes Association of Contingency Planners (EGLACP) - As one of the originators of the chapter, I've lead several officer positions. I am currently the Director of Education and Seminars. Currently coaching the Connecticut Chapter and planning the 2024 Conference.
  • Red Cross of Western New York where I deliver Citizen's Preparedness Training and volunteer for for special events such as the WNY Real Heroes Luncheon.
  • Lions Club International lead by example, build relationships and improve the world through kindness. Currently serving my local community through empower others, improve health and wellbeing, strengthen communities and support those in need.
  • MBA Program, University of Buffalo - Teaching and mentoring students as a business partner for the University eCommerce Course to present real-life business issues for the MBA students to analyze and develop solutions which are presented to the "client". The course develops eCommerce knowledge and allows the students to begin to master client engagements and real world business problems.
  • Performed in a theatre group to promote nonprofit organizations for several years.

Industry Knowledge

Industry Knowledge
  • Finance
  • Automotive
  • Human Relations
  • Healthcare

References

References
References available upon request.

Timeline

Vice President of Tech Risk Operations
M&T Bank
01.2014 - Current
Global Program Manager Enterprise Resiliency
Citi Bank Corporate
12.2012 - 01.2014
Global Program Manager Business Continuity
Hewlett Packard Enterprise
09.1998 - 12.2012
Norwich University
Master of Science from Business Continuity Management
Medaille College
Bachelor of Science from Information Technology

Work Preference

Work Type

Full TimeContract Work

Work Location

RemoteHybrid

Important To Me

Career advancementWork-life balanceCompany CultureFlexible work hoursWork from home optionTeam Building / Company RetreatsPersonal development programs
Betty TomlinRisk & Business Continuity Management