Key takeaways
Host: Michael Schor, partner, Deloitte & Touche LLP
Presenters: Gregory Boehmer , Neil Lamis and Pete Low
1 Overview CPE credit | Specialized Knowledge
Organizations are facing unprecedented levels of new risk as the worldwide digital transformation continues. Applying tech-enabled business strategies and an effective three-lines model is imperative to respond, with IT risk and compliance being a critical piece to help organizations proactively manage their strategic, operational, and compliance technology risks for greater business performance. We’ll discuss:
- What an effective IT risk management framework entails
- How to assess your company’s IT governance, risk, and compliance capability maturity level
- Leading practices for establishing a robust IT second-line program
Meet the speakers

Michael Schor
Michael is a partner in Deloitte & Touche LLP’s Risk & Financial Advisory practice, where he focuses on advising our domestic and international clients on matters of internal controls, including information technology, regulatory matters, risk management issues, and control and compliance management processes. Michael has a specific focus on the internal audit function, with more than 20 years of experience advising Deloitte’s largest clients on the various elements of the internal audit lifecycle, including: risk assessments, audit planning and execution, and reporting to audit committees and key executive stakeholders. In addition to Michael’s responsibilities providing risk-based services to market-leading clients, he also leads Deloitte’s efforts around the modernization of key third line functions. Specifically, Michael focuses on how internal audit functions execute, as well as what internal audit functions focus on, and is known for this work with mid-market and super-regional banks.

Greg Boehmer
Greg is a Risk & Financial Advisory senior manager in Cyber Risk Services at Deloitte & Touche LLP specializing in cybersecurity for the automotive industry and public utilities. He has more than 13 years of risk management consulting and auditing experience, including work on three continents. His experience focuses on SAP security; controls; and governance, risk, and compliance. Greg has also researched and published additional articles related to cybersecurity and the future of mobility.

Peter Low
Peter is a Managing Director within Deloitte Risk & Financial Advisory’s Accounting & Internal Controls practice. Pete has 24 years of experience providing internal audit (IA), IT and business process risk advisory, cybersecurity, technology controls assurance, and ERP systems implementation services. He has led many internal audit sourcing, SOX compliance, and IT risk management engagements for our largest clients within the retail, consumer products, airline, and higher education industries. He is a core leader within Deloitte’s national IT/Cyber internal audit leadership team, and has much experience in advising IA functions on leading practices, and developing/executing transformation roadmaps for enhancing their value capabilities. Prior to Deloitte, Pete was the IT Internal Audit Director for a global Fortune 500 consumer products company where he led IT, SOX, operational, and business transformation assurance efforts for the organization.
Dbriefs resources