Speaker Profile
Kevin R. Thompson
Kevin R. Thompson is an experienced GRC (Governance, Risk Management, and Compliance) and HITRUST Consulting Specialist with over a decade of expertise in enhancing organizations' cybersecurity and compliance frameworks. With certifications including CCSFP (Certified HITRUST CSF Practitioner) and CHSPA (Certified HIPAA Security Professional), Kevin has a proven track record of leading high-impact projects across various regulatory landscapes such as HIPAA, SOC, FEDRAMP, PCI, GDPR, and NIST. Kevin's career spans roles as a vCISO Support Manager at Sunstone Secure, where he directed comprehensive cybersecurity initiatives, and as a GRC/HITRUST Manager at Cognizant, where he oversaw HITRUST certification and compliance projects. His proficiency in leveraging AI tools like Google Gemini and ChatGPT has empowered him to craft robust policies, training materials, and KPI presentations that align regulatory requirements with business objectives. With strong skills in risk management, policy development, and audit processes, Kevin brings a wealth of experience in corporate governance, incident response, and data privacy. His deep understanding of cybersecurity frameworks, combined with his ability to drive operational efficiency and mitigate risks, makes him an expert in delivering impactful training and consultancy in governance and compliance. Certifications: • Certified HITRUST CSF Practitioner (CCSFP) • Certified HIPAA Security Professional Accelerated (CHSPA) Core Competencies: • Regulatory Compliance & Risk Management • Cybersecurity and Data Privacy • Policy Development & Corporate Governance • Incident Response & Audit Processes
Kevin R. Thompson
January 20 2025
12 : 00 PM EST
90 Minutes
Ethical Decision Making - Ethics in business and governance, focusing on creating ethical policies and practices
Ethical Decision Making: Building Integrity in Business and GovernanceEthical decision-making focuses on creating policies and practices that uphold fairness, transparency, and accountability within an organization. It involves guiding business leaders and governance bodies to make morally sound decisions that align with both regulatory standards and stakeholder expectations. By embedding ethics into daily ..
Kevin R. Thompson
February 10 2025
12 : 00 PM EST
90 Minutes
Enterprise Risk Management (ERM) - Fundamentals of ERM, Risk Identification, Assessment, and Mitigation Strategies
Enterprise Risk Management (ERM): Managing Organizational RisksEnterprise Risk Management (ERM) is a systematic approach to identifying, assessing, and mitigating risks across an organization. It helps organizations proactively address potential threats and uncertainties, ensuring that risks are managed in alignment with business objectives. By integrating ERM into decision-making processes, companies can e..
Kevin R. Thompson
March 12 2025
12 : 00 PM EST
90 Minutes
Cybersecurity Risk Management - Managing cybersecurity risks, understanding threats, vulnerabilities, and implementing controls
Cybersecurity Risk Management: Safeguarding Digital AssetsCybersecurity risk management is the process of identifying, evaluating, and addressing risks associated with cyber threats that could affect an organization's digital infrastructure. This involves understanding vulnerabilities, potential cyberattacks, and data breaches while implementing protective controls to secure critical information and systems..
Kevin R. Thompson
April 08 2025
12 : 00 PM EST
90 Minutes
Operational Risk Management - Identifying and Managing Risks Associated with Business Operations
Operational risk management (ORM) involves the identification, assessment, and mitigation of risks that can impact an organization’s day-to-day operations. These risks include anything from internal process failures, system breakdowns, and human errors to external threats like cyberattacks or natural disasters. ORM frameworks, such as COSO, ISO 31000, and Risk Control Self-Assessment (RCSA), provide structu..
Kevin R. Thompson
May 13 2025
12 : 00 PM EST
90 Minutes
Regulatory Compliance Frameworks - Overview of major compliance frameworks like HITRUST, HIPAA, and SOC
Regulatory compliance frameworks help organizations meet legal and industry standards for data protection and security. HITRUST offers a comprehensive, certifiable framework combining multiple regulations like HIPAA, NIST, and ISO, focusing on risk management across industries. HIPAA (Health Insurance Portability and Accountability Act) ensures the privacy and security of healthcare information, with specif..
Kevin R. Thompson
June 10 2025
01 : 00 PM EST
90 Minutes
Compliance Auditing and Monitoring - Techniques for Auditing Compliance and Monitoring Adherence to Regulations
Compliance auditing and monitoring are critical components of an organization's risk management strategy. These processes ensure that companies adhere to regulatory requirements, industry standards, and internal policies, helping to avoid legal penalties, reputational damage, and financial losses.Compliance Auditing involves a formal, structured evaluation of an organization’s processes, controls, and recor..
Kevin R. Thompson
July 08 2025
12 : 00 PM EST
90 Minutes
Data Privacy and Protection - Data protection laws and best practices for ensuring data privacy and compliance.
Data Privacy and Protection is a critical area of focus for organizations managing personal, sensitive, or confidential information. With the rise of global regulations such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and others, businesses must comply with strict guidelines on how data is collected, stored, processed, and shared. These regulations aim to pr..
Kevin R. Thompson
August 12 2025
12 : 00 PM EST
90 Minutes
GRC Integration and Strategy - How to Integrate Governance, Risk, and Compliance into a Cohesive Strategy
GRC (Governance, Risk, and Compliance) Integration involves unifying governance, risk management, and compliance functions into a cohesive strategy that supports business objectives while managing risks and ensuring regulatory compliance. Traditionally, these functions have been handled separately, leading to silos, inefficiencies, and increased complexity in managing risks and compliance across the organiz..