Open to opportunities

Paul Lusardi

@paullusardi

Message

Experienced risk management professional specializing in compliance and continuity.

United States

Message

What I'm looking for

I seek a role that values compliance and risk management, offering growth opportunities and a collaborative culture.

I am a seasoned professional with extensive experience in building third-party risk programs and implementing eGRC platforms across healthcare, finance, and pharmaceutical sectors. My career has been marked by a commitment to enhancing compliance and risk management practices, ensuring that organizations not only meet regulatory standards but also thrive in a complex business environment.

In my current role as Director of Business Continuity and Divestitures at Quorum Health Care, I have successfully created streamlined business continuity plans and developed models for future changes, divestitures, and acquisitions. My previous experience as a Senior Associate at Geode Capital Management allowed me to develop a robust BCP/DR program, achieving compliance with ISO22301 standards and significantly improving business resilience. I pride myself on being a veteran team builder and mentor, fostering a culture of collaboration and continuous improvement.

Experience

Work history, roles, and key accomplishments

Current

Director, Business Continuity

Current

Quorum Health Care

May 2024 - Present (1 year 2 months)

Created streamlined BCP plan for the entire enterprise. Oversaw the Information Security documentation for the divestiture of all Steward properties and hospitals.

Divestiture Mergers And Acquisitions Information Security PCI Compliance

Senior Associate, Technology Governance

Geode Capital Management

Jun 2022 - Present (3 years 1 month)

Developed a BCP/DR program using a SaaS solution based on COBIT and NIST frameworks, achieving ISO22301 compliance. Initialized and managed the Asset Management program in ServiceNow for all applications.

COBIT NIST ServiceNow Asset Management Archer

Enterprise Risk and Compliance Manager

Steward Health Care

Mar 2019 - Present (6 years 4 months)

Recognized as a Subject Matter Expert in HIPAA and information security. Instrumental in selecting and implementing a new GRC platform (Onspring) and supervised the Meaningful Use/Interoperability program for all hospitals.

HIPAA)Information Security Third Party Risk Management GRC OnSpring Meaningful Use

Project Manager Program Management Office/TPRM SME

Freddie Mac

Aug 2018 - Present (6 years 11 months)

Led a team of 4 consultants and 3 full-time staff members on a TPRM initialization and continuation project. Served as the Point of Contact for internal and external businesses and assessment partners.

Project Management Third Party Risk Management Stakeholder Management Team Leadership

President, CEO

ISP Associates

Oct 2005 - Present (19 years 9 months)

Responsible for creating and managing Third Party Risk Assessments for Janssen Commercial Pharmaceutical sector. Performed assessments based on NIST 800-53 and ISO 27001/27002 frameworks.

NIST 800 53 ISO 27001 27002 Information Security Risk Mitigation Vendor Management