Austrian citizen (born 1967), holding a permanent C EU/EFTA permit for Switzerland. Ph.D. and M.Sc. in Computer Science (ETH) and Certified in Risk and Information Systems Control (ISACA). Native German speaker, full English professional proficiency, basic French language skills.
C-level manager with professional experience in information technology, governance, project and program management, sourcing, compliance, risk management as well as management of regulatory and audit interactions in complex global operating environments. Proven history of designing simple and cost-effective measures that fully meet Board-level and senior management expectations.
An executive management opportunity calling for hands-on leadership in close collaboration with the business line to resolve long-standing challenges.
Established risk management for a newly founded, Swiss-regulated financial services organization in the remit of digital ledger technology (DLT). This included policies, procedures, risk appetite statements, risk and control assessments, assurance, operational loss event management, and recurring reporting to senior management, the Board of Directors as well as the Swiss regulator.
Reduced number of key controls and associated assurance overhead while addressing a broader risk landscape of a historically-grown, global IT environment. Defined company-wide “IT Risk Appetite”, enabling effective prioritisation of global risk remediation activities. Streamlined “IT Risk Remediation” portfolio oversight, ensuring key risk are
Established sourcing risk management framework in response to continuously evolving legal and regulatory requirements, especially risks in the cloud. Enabled management to reduce cost and increase quality through intra-group and external sourcing arrangements while adequately addressing risks in compliance with legal/regulatory requirements across the full sourcing life cycle. Streamlined processes and contract templates, allowing for compressed outsourcing timelines.
Identified systems truly critical to the survival of a global financial organization during extreme events, such as the financial crisis. Substantially reduced number of identified systems, enabling management to drive and fund targeted programs and reduce expenditure for non-critical systems.
Following a large-scale confidentiality breach, implemented technical and organizational security measures, enabling the institution to comply with Swiss banking secrecy regulations and confidentiality/privacy laws in line with client and shareholder expectations.
Re-engineered IT Change Management processes and operating model, reducing outages after large changes, and increasing operational stability. Reduced operational spend by centralizing large-scale test environments.
As task force manager, drove documentation and assessment of the IT control environment, ensuring day one compliance with the Sarbanes Oxley Act across a large-scale IT organization. Subsequently substantially reduced overhead.
Ramp up and operationalize Decent AG, an enterprise providing blockchain-related software, services and consulting.
Enabled the organization to effectively manage its risks through implementation of an efficient risk management framework meeting regulatory expectations; as a second line function, independently identified, analysed, evaluated, managed and monitored strategic, operational, financial and reputational risks across the organization; managed interactions with internal and external auditors for non-financial audit matters; lead team of risk management specialists; member of the Business Acceptance Committee for client relationships with increased risks; active member of Sygnum’s Group Executive Board as well as the Audit & Risk Committee.
Manage group-wide risk remediation program; lead team of risk, project and portfolio management specialists; active member of the Group Technology Risk Committee;manage program budget
Lead Group’s Sourcing Risk Management function; conduct risk assessments on the Group's strategy, large scale programs and sourcing arrangements with global impact; Risk Business Partner to Group functions including Operations as well as Legal & Compliance; active member of functional leadership teams, including the Group Chief Risk Officer’s Risk Management Leadership Team.
Manage group-wide risk remediation program; advise senior management on regulatory matters; lead team of project managers; manage cost centre and program budgets.
Manage region-wide risk remediation programs; advise senior IT management on regulatory matters and lead in responding to significant regulatory audits and inquiries; lead team of project managers; manage cost centre and program budgets.
Provide day-to-day Technology Risk Management services; Risk Business Partner to divisional and regional CIOs and active member of the respective executive management committees; lead teams across hierarchies; manage cost centre budget.
Advise on strategy and curricula; lecture on “Information Security” and “Cultural Diversity”.
Shaped the university’s curriculum and research focus, ensuring the institution fulfils its mandate as a University of AppliedSciences and Arts.
Lead Sarbanes-Oxley implementation task force; advise senior management on regulatory matters; lead team of subject matter experts and administrators; manage task force/project and cost centre budgets.
Develop IT architectures and operational standards; conduct architecture reviews; lead team of domain experts.
Provide administrative services to students and faculty, such as admissions and appeals; supervise one administrative staff.
Conduct research on multimedia database systems; participate in teaching activities, such as lectures, exercises and industry courses.
Ramp up and operationalize Decent AG, an enterprise providing blockchain-related software, services and consulting.
Enabled the organization to effectively manage its risks through implementation of an efficient risk management framework meeting regulatory expectations; as a second line function, independently identified, analysed, evaluated, managed and monitored strategic, operational, financial and reputational risks across the organization; managed interactions with internal and external auditors for non-financial audit matters; lead team of risk management specialists; member of the Business Acceptance Committee for client relationships with increased risks; active member of Sygnum’s Group Executive Board as well as the Audit & Risk Committee.
Manage group-wide risk remediation program; lead team of risk, project and portfolio management specialists; active member of the Group Technology Risk Committee;manage program budget
Lead Group’s Sourcing Risk Management function; conduct risk assessments on the Group's strategy, large scale programs and sourcing arrangements with global impact; Risk Business Partner to Group functions including Operations as well as Legal & Compliance; active member of functional leadership teams, including the Group Chief Risk Officer’s Risk Management Leadership Team.
Manage group-wide risk remediation program; advise senior management on regulatory matters; lead team of project managers; manage cost centre and program budgets.
Manage region-wide risk remediation programs; advise senior IT management on regulatory matters and lead in responding to significant regulatory audits and inquiries; lead team of project managers; manage cost centre and program budgets.
Provide day-to-day Technology Risk Management services; Risk Business Partner to divisional and regional CIOs and active member of the respective executive management committees; lead teams across hierarchies; manage cost centre budget.
Advise on strategy and curricula; lecture on “Information Security” and “Cultural Diversity”.
Shaped the university’s curriculum and research focus, ensuring the institution fulfils its mandate as a University of AppliedSciences and Arts.
Lead Sarbanes-Oxley implementation task force; advise senior management on regulatory matters; lead team of subject matter experts and administrators; manage task force/project and cost centre budgets.
Develop IT architectures and operational standards; conduct architecture reviews; lead team of domain experts.
Provide administrative services to students and faculty, such as admissions and appeals; supervise one administrative staff.
Conduct research on multimedia database systems; participate in teaching activities, such as lectures, exercises and industry courses.
Dr. sc. techn. earned at the Swiss Federal Institute of Technology (ETH Zurich): Dissertation in the area of transaction-oriented management and retrieval of full text documents in multi-processor database environments.
Dipl.-Inf. Ing. earned at the Swiss Federal Institute of Technology (ETH Zurich): Master in computer science with major in information systems and numerical mathematics.
Certified in Risk and Information Systems Control (CRISC) earned at the Information Systems Audit and Control Association (ISACA).
Serving the community (Lions Club International), photography, walking/hiking.
Krähbüel 6, 6403 Küssnacht am Rigi, Switzerland, helmut.l.kaufmann@gmail.com, +41 78 832 53 50.