Hello! I am Michael Rasmussen, an internationally recognized pundit on governance, risk management, and compliance (GRC). With 27+ years of experience, I help organizations improve risk and compliance processes, design and implement GRC architecture, and select technologies that are effective, efficient, and agile. As a sought-after keynote speaker, author, and advisor I have been referred to as the “Father of GRC” — being the first to define and model GRC in February 2002 as an analyst at Forrester Research.
My goals in serving again on the ISSA International Board are to:
• Increase information securities role, presence, and collaboration with other roles such as enterprise/operational risk management, compliance & ethics, legal, and internal audit
• Contribute regular articles to The ISSA Magazine to assist professionals in communicating and coordinating with other parts of the organization
• Encourage and mentor others in their careers through the Cyber Security Career Lifecycle
• Advocacy on behalf of information security professionals to government and standards committees
• Increase partnership with other professional associations.
• Assist the International Conference in finding and securing sponsors and increase revenue
My time with the ISSA spans my career going back into the 1990’s when I founded the Milwaukee Chapter of the ISSA and was the chapter president for several years. I also spent several years on the International Board of the ISSA. First as the VP/Director of Chapter Relations, then as VP/Director of Marketing, and then as the VP/Director of Standards & Public Policy. During that time, I contributed to U.S. Congressional reports and committees on behalf of the ISSA membership.
Besides my work with the ISSA, I am very involved with other associations in adjacent fields. I am an OCEG Fellow with the Open Compliance & Ethics Group. With the Institute of Risk Management, I am an Honorary Life Member and a Global Ambassador for them.
Prior to founding GRC 20/20 Research, I was a Vice-President and ’Top Analyst’ at Forrester Research, Inc. Before Forrester, I led the risk/compliance consulting practice at a professional services firm, and prior to that has specific experience managing IT security within commercial organizations. My educational experience consists of a Juris Doctorate in law and a Bachelor of Science in Business and hold the following certifications GRCP (GRC Professional), CCEP (Certified Compliance and Ethic Professional), and a CISSP (Certified Information Systems Security Professional).
Click on the link to return to the Election Info page.