James Van Dusen
Education:
Computer Science
Oakland University
1994 : 1997
Experience:
Evolve our current GRC practices to align with Wunderman Thompson strategy, business practices, culture and client engagements. Day-to-day activities include guidance and advice on the development, implementation and maintenance of our Information Security GRC program, including but not limited to the following;
1. Governance (Policies/Procedures, Security Awareness and Training, Program Oversight & Measurement, etc.)
2. Risk Management (Risk Assessment/Management, 3rd Party Risk, Client Risk, Security Testing, Vulnerability Management, Project Support, DR/BCP, etc.)
3. Compliance (WPP GCCs (General Computing Controls), WPP Client ISAP (Information Security Assurance Program), Client Contracts, Industry Standards (i.e. ISO, NIST, PCI), WPP Internal Audit, Remediation Actions, Policy Enforcement, etc.)
This role also includes providing assistance with relevant areas (i.e. IT Security, Confidentiality, Audit, DR/BCP, Security Incidents, etc.) of the following :
· RFI/RFQ/RFP responses;
· Client Contracts, Exhibits, Addendums (review, markup, negotiation)
· Client Information Security Inquiries/Assessments/Questionnaires/Attempted Audits;
· Client/Business Relationship Management;
· Vendor Agreements and Risk Assessments; and
· Security Incident Management and Reporting
2019 : Present
Wunderman Thompson
Global Information Security Governance, Risk and Compliance (GRC) Officer
I started with JWT Detroit back in 1998 as a contractor and Senior IT Consultant and was hired direct in 1999. I was relocated to San Francisco in 2000 and was promoted to IT Director of JWT San Francisco. I was then promoted to IT Director of JWT West (San Francisco, San Jose and Los Angeles) until the west coast was shut down around 2005. In November of 2005, I was relocated to New York to be the North American IT Director for RMG Connect. In 2010, RMG Connect was absorbed back into JWT, and I was transitioned to Corporate where I have my current role of Worldwide Technology Compliance Officer.
Brief Summary of my current role :
1. Review services provided both internally and externally :
Recommend appropriate measures to be added to IT Policies / Procedures to be enforced by local entities based on risk level, applicable laws / regulations and client contractual obligations
2. Work closely with WPP IA / Security, WPP / JWT Legal and JWT Finance :
Keep Apprised of Corporate Policy changes, Control Bulletins and local / regional regulations that may apply to JWT
3. Client Contract & IT Security Negotiations :
Engage client counterparts to hopefully provide a clear understanding for both parties on the type of services provided, the type of data handled and client systems, if any, accessed. If necessary, conduct an in person review of our IT Policies / Procedures and Security measures. Have discussions around IT Security and regulation requirements, and how they may apply within that particular working relationship.
Category experience
Finance (insurance & Banking)
Healthcare services
Government
Military Recruitment
Data Protection
HIPAA
GLBA
EU Directive
Pharmaceutical Industry
IT Security
IT Audit
IT Assessments
SafeHarbor
Confidentiality
Personal Information [PI]
Personally Identifiable Information [PII]
Protected Health Information [PHI]
Nonpublic Personal Information [NPI]
1999 : 2019
J. Walter Thompson Worldwide
Technology Compliance Officer
Company: Wunderman Thompson
Years of Experience: 25