James Van Dusen

Education: Computer Science

Oakland University

1994 : 1997

Experience: Evolve our current GRC practices to align with Wunderman Thompson strategy, business practices, culture and client engagements. Day-to-day activities include guidance and advice on the development, implementation and maintenance of our Information Security GRC program, including but not limited to the following;



1. Governance (Policies/Procedures, Security Awareness and Training, Program Oversight & Measurement, etc.)

2. Risk Management (Risk Assessment/Management, 3rd Party Risk, Client Risk, Security Testing, Vulnerability Management, Project Support, DR/BCP, etc.)

3. Compliance (WPP GCCs (General Computing Controls), WPP Client ISAP (Information Security Assurance Program), Client Contracts, Industry Standards (i.e. ISO, NIST, PCI), WPP Internal Audit, Remediation Actions, Policy Enforcement, etc.)

This role also includes providing assistance with relevant areas (i.e. IT Security, Confidentiality, Audit, DR/BCP, Security Incidents, etc.) of the following :

· RFI/RFQ/RFP responses;

· Client Contracts, Exhibits, Addendums (review, markup, negotiation)

· Client Information Security Inquiries/Assessments/Questionnaires/Attempted Audits;

· Client/Business Relationship Management;

· Vendor Agreements and Risk Assessments; and

· Security Incident Management and Reporting

2019 : Present

Wunderman Thompson

Global Information Security Governance, Risk and Compliance (GRC) Officer

I started with JWT Detroit back in 1998 as a contractor and Senior IT Consultant and was hired direct in 1999. I was relocated to San Francisco in 2000 and was promoted to IT Director of JWT San Francisco. I was then promoted to IT Director of JWT West (San Francisco, San Jose and Los Angeles) until the west coast was shut down around 2005. In November of 2005, I was relocated to New York to be the North American IT Director for RMG Connect. In 2010, RMG Connect was absorbed back into JWT, and I was transitioned to Corporate where I have my current role of Worldwide Technology Compliance Officer.

Brief Summary of my current role :

1. Review services provided both internally and externally :

Recommend appropriate measures to be added to IT Policies / Procedures to be enforced by local entities based on risk level, applicable laws / regulations and client contractual obligations

2. Work closely with WPP IA / Security, WPP / JWT Legal and JWT Finance :

Keep Apprised of Corporate Policy changes, Control Bulletins and local / regional regulations that may apply to JWT

3. Client Contract & IT Security Negotiations :

Engage client counterparts to hopefully provide a clear understanding for both parties on the type of services provided, the type of data handled and client systems, if any, accessed. If necessary, conduct an in person review of our IT Policies / Procedures and Security measures. Have discussions around IT Security and regulation requirements, and how they may apply within that particular working relationship.

Category experience

Finance (insurance & Banking)

Healthcare services

Government

Military Recruitment

Data Protection

HIPAA

GLBA

EU Directive

Pharmaceutical Industry

IT Security

IT Audit

IT Assessments

SafeHarbor

Confidentiality

Personal Information [PI]

Personally Identifiable Information [PII]

Protected Health Information [PHI]

Nonpublic Personal Information [NPI]

1999 : 2019

J. Walter Thompson Worldwide

Technology Compliance Officer

Company: Wunderman Thompson

Years of Experience: 25