Vice President (VP), Information Security Officer (ISO) @ • Designs and updates the Information Security Program and Policy and presents to the Board of Directors for approval. • Develops annual information security risk and threat assessments for presentation to the Board of Directors to ensure all threats to customer information are identified and management responses are appropriate and timely. • Schedules security assessments and reviews internal/external vulnerability and social engineering test results, and implement appropriate remediation efforts. • Designs and maintains standard user profile for approximately 160 business and technical applications, and performs documented annual user access entitlement reviews. • Developed the Incident Response Program to identify information security threats and report security breaches to the Board of Directors and other regulatory agencies and legal authorities. • Monitors and evaluates all changes made to the Bank’s infrastructure and applications to ensure appropriateness and adherence to published security policies. • Designs and updates a comprehensive cyber-security training an education program for all employees and contractors • Coordinates with the Project Management Office (PMO) in the development of business risk due diligence for proposed new banking products and services. From December 2014 to Present (1 year 1 month) Assistant Vice President (AVP), IT Governance and Compliance @ • Design, build, implement, and own a comprehensive COBIT based Governance framework to document current IT controls, identify significant control deficiencies, coordinate with IT Process Owners to develop associated remediation plans, and implement on-going testing of standardized IT controls to ensure compliance for 22 critical IT processes. • Re-design and govern the IT change management processes to promote proper documentation, approval, prioritization, and testing of all production change requests. • Develop and execute a comprehensive disaster recovery program to ensure timely recovery of critical bank applications and infrastructure. • Guide the Access Security Administration (ASA) group to implement network and application user access requests and the Patch Management (PM) function for critical application/operating system upgrades and anti-virus signatures and definitions. • Design processes, implement controls, and exercise proper management oversight for the IT the help desk incident and service request function, IT application and infrastructure disaster recovery (DR), IT purchasing and asset management, software licensing compliance, and the Bank’s PMO organization. • Laise between the IT organization and both internal/external Audit and Bank Regulators to schedule and facilitate10 to15 simultaneously performed IT audits, coordinate audit requests, vet audit issues, compile IT audit report management responses, monitor completion of corrective action plans, and perform reporting of audit deliverable status to CIO and IT senior management. • Interface routinely with Regulatory Compliance, Information Security, and Legal Counsel for all IT projects to ensure identification, inclusion, and adherence to appropriate system controls, security standards, and all business, legal, and regulatory requirements. From February 2012 to November 2014 (2 years 10 months) Manager, MIS Internal Controls @ •Direct the SOX Quarterly Verification Check sheet (QVCs) process for all SAP and non-SAP SOX applications and coordinate with Warner Bros. MIS Process Owners/Sponsors and third party service providers to ensure completion of compliance required testing of 61 MIS processes and 472 key controls and the development and implementation of remediation plans to address SOX deficiencies in accordance with management approved guidelines. •Advise MIS and functional management of the impact of proposed business changes on non-SAP SOX controls and approve SOX application access requests for potential segregation of duties impacts to SOX approved controls. •Coordinate the scope, timing, resource availability, and IT management responses for Time Warner Internal Audit, E&Y, and Warner Bros. Financial Compliance audits, projects, and special requests. •Track, status, and report on SOX remediation efforts and critical audit issues to MIS Management. •Lead effort to identify additional credit card transactional controls required in accordance with industry Data Security Standards (DSS). From November 2011 to January 2012 (3 months) IT Audit Manager (Management Contractor) @ •Planned, scoped, and managed technical audit reviews of DIRECTV’s IT initiatives and critical business applications. •Executed and documented audit tests of IT SOX control activities to ensure continued compliance. •Led SDLC and logical security reviews of DIRECTV third party service providers to ensure adherence with industry standard control frameworks and company guidelines. From July 2011 to October 2011 (4 months) Controller @ Operated and managed a residential development corporation constructing large custom homes with $15 million in revenues: •Directed multiple large residential development efforts simultaneously to ensure homes are constructed to meet quality completion requirements on time and within budget. •Created a model to identify and evaluate potential properties to be developed to maximize future returns, and monitored the ROI on all capital acquisitions and improvements. •Delivered business presentations to banks and private investors to raise financing of $5 million to $8million per project. •Built and monitored short and long range budgets and forecasts for all construction and financing costs. •Implemented formal project management tools and techniques to proactively manage construction efforts. •Managed and documented cash flow related progress including the accurate and timely preparation of cash flow statements, account receivables, payables, and cash balances. •Ensured all balance sheet accounts, including bank reconciliation's are reconciled on a timely basis. •Created accurate and meaningful detailed financial records and analysis to support business operational progress. From August 2003 to July 2011 (8 years) Financial Audit Analyst @ •Analyzed detailed borrower account activity for loans enrolled within Investor Accounting’s Make Homes Affordable (MHA) federal program to ensure all loan modification incentives are properly calculated and awarded in compliance with government guidelines. •Validated the accuracy and identify required corrections to all Bank of America MHA borrower incentive reporting to the U.S. Treasury. •Obtained extensive financial industry training including Anti-Money Laundering (AML), the USA PATRIOT Act of 2001, the Bank Secrecy Act (BSA), and Fair Lending Practices. From January 2011 to April 2011 (4 months) Manager - Internal Audit and Operational Controls @ Structured and Managed the audit function for the U.S. operations of a home entertainment and theatrical service corporation with $7.5 billion in revenues and 22,000 employees: •Improved existing audit approach to implement a structured and consistent audit methodology to assess the financial, operational, and system control environments of each business unit. •Developed a risk assessment model to identify and rank critical business functions, and implemented an internal control evaluation methodology to numerically score each audit engagement and to provide a consistent reporting method to upper management. •Advised management on information technology initiatives to improve IT governance and internal controls. •Implemented IT audit practices consistent with industry standards and frameworks (COBIT, ITIL) to enable an effective assessment of IT resource management and governance. •Identified IT risks and designed technical reviews of key business applications; ERP Modules (PeopleSoft); client/server (UNIX, AS400) and mainframe technologies (CICS, IMS); and information security exposures. •Developed the scope and directed all phases of financial, operational, and system audit engagements including treasury and cash management, general ledger, financial reporting, accounts payables and receivables, inventory management, and IT general controls. •Trained auditors in the use and benefit of deploying data analysis tools (ACL, SQL) within audit engagements. •Developed a database to track and report audit findings and recommendations. •Hosted meetings with the audit committee and executive management to present the audit plan and prior audit results. •Drove internal audit’s expanded requirements with the deployment of Sarbanes Oxley (SOX). •Led audit consolidation efforts and developed staff training following Technicolor and Thomson company merger. •Managed the audit relationships related to on-going and year-end audit engagements with external auditors. From June 2001 to July 2003 (2 years 2 months) Manager - Billing Systems @ Managed national billing system for a US Fortune “50” telecommunications corporation with $23 billion in revenues and $3 billion in net income: •Managed a customer billing organization to enable consolidated billing of several telephony products and services onto one customer bill. •Directed the tracking, processing, and balancing of customer usage records received from both external sources and other internal business units to create accurate and timely customer billing. •Retained responsibility for all production billing systems operations activities including computer operations, production control, data backups, job scheduling, bill production, and application maintenance. •Managed work groups to develop and document new or enhanced customer user requirements and to perform user and system acceptance testing for new or modified system code. •Developed and monitored $3.8 million annual financial budget as well as time and expense budgets for individualized system development/enhancement projects. •Implemented and documented stronger and comprehensive controls and measurements to improve the accurate and timely processing of all customer usage records. From December 1998 to May 2001 (2 years 6 months) Manager - Corporate Audit @ Planned and managed financial, system, and operational audits, special projects, and internal consulting engagements: •Consulted with executive management to identify corporate initiatives and areas of high risk. •Defined, planned, and managed audits for all GTE business units to evaluate the adequacy of financial, operational, and system controls, to ensure compliance with company practices and policies, and to identify quality and process improvements. •Scoped and managed pre and post implementation application audits and project assurance reviews •Managed technical reviews of systems development, change management, information security, systems and network administration, computer operations, operating system controls, database integrity, IT infrastructures, data center operations, and end user applications running on mid-range and mainframe platforms within large client server environments. •Reviewed ERP Applications and prepared Service Auditor Reports (SAR) in compliance with SAS70 •Staffed, trained, and developed department of 22 professionals at senior and staff levels. From November 1993 to November 1998 (5 years 1 month)

MBA, Finance @ Pepperdine University From 1987 to 1988 BA, Economics @ Northwestern University From 1981 to 1985 Curt Cassingham is skilled in: Auditing, Sarbanes-Oxley Act, Governance, Forecasting, Financial Reporting, Internal Controls, IT Audit, Process Improvement, Internal Audit