Terry Graves

Decided to focus for at least 6 months on progressing my Masters in Coaching & Mentoring certification, which majored on confidential engagements undertaken in the retail, medical and government sectors. This required the utilisation of AI tooling to provide texturally animalized recorded audio interviews to maintain confidentiality whilst still illustrating the steps taken to achieve client goals.

Currently looking to improve my German skills whilst searching for a new position. I am considering posts around the globe as a contract or permanent employee.

Formalising the facilitation and delivery of EBA/DORA and PRA compliance for targeted vulnerabilities within Internal and Third-Party policies, processes and controls, plus the testing and assessments necessary to provide the necessary evidence for regulatory submissions and governance deliverables.

Support for consultancy on Risk Management frameworks & Operational Resilience in the UK, De & Dubai with, John Lewis & STM providing recommendations on Information and Cyber Security control space mapping against ISO 2701 ISMS COBIT, CIS and NIST controls. In June 2023 this resulted in an interim position as CRO (Chief Risk Officer) with STM. The resultant process templates became my individual property when RAND was dissolved.

Travelex is a market leading foreign exchange business operating in 30 counties, establishing itself as a trusted and widely recognised brand in foreign exchange. The Head of IT Risk & Governance reports to the Global Head of IT. The role provides direction for all aspects of the IT Risk including internal audits, Partner Reviews and as the IT contact for Regulators across Travelex. It includes the delivery of ITGC Control assessments and remedial actions as part of IT and business transformation programs

Advisor to advise CEO and business heads in discharging their first-line risk management obligations in line with policy and regulation by managing the development and implementation the IT Governance. This was the basis for management reporting.

As part of IT Strategy, an ITGC SOX compliant Control Framework was required with the ultimate goal of global country coverage for Infrastructure/Operation and Info Security for all regulatory obligations. Initial budget was for Germany and its Offshore Deliver Centre (ODC) in India. A continuous risk-based monitoring and assessment approach was taken using COBIT 5 controls and ISO 27K/NIST standards. In Aug 2019 budget extended to a 2 year programme.

Part of the eDiscovery team developing a meta data repository to capture the location of data sources to satisfy a MaRisk regulatory requirement.

ased on my profile as an Internal Auditor and my risk management work in the bank invited to joined a new team, for Global Regulatory Engagements. This team established Deutsche’s first Global Technology Regulatory (GT-R) engagement capability.

Invited to join the GT Risk Management team based on my achievements in the bank in the past. Reworked the Global Risk Assessment process utilising: CoBIT; COSO and ISO 27K frameworks. Authored the Target Operating Model and (TOM) and KOP. Conducted Control Assessments identifying gaps versus regulations and versus bank policy. The risk were captured in the form of SIIs and Management Action Plans lodged for remediation.

Oversaw projects and provided high-level management services to Waterfall and Agile projects and programmes. Streamlined projects in compliance ISO, CoBIT and ensured adherence with MSP, Prince 2, P3M3 and CMMI practices and standards. Delivered advice and guidance to realize programme governance through usage of IS0 9000 practices and MSP principles for portfolio of projects

Provided advice and guidance on how to achieve programme governance. This was achieved using their existing IS0 9000 practices and used MSP (Managing Successful Programmes) principles for their portfolio of projects.

Established processes and procedures for project and programme governance. Managed projects/programmes to establish Basel II & Solvency 2; AML / Intrusion Detection; and SOX/Security compliance. Assignment included insurance projects for Commission Disclosure (CD); and the Consumer Credit Directive (CCD) Tooling used: Clarity (Project management); Caliber (requirements capture) HP Quality Centre (testing).

Head of Euro initiatives for business critical regulatory finding. Introduced a program to completed the merger of apps & infra from a previous high profile acquisition. Built the team from scratch handling structured methodologies including Agile & Waterfall. Core team of: 5 PMs; 40+direct staff; 30+ indirect (from business and WIPRO). KPI, CSFs established to report on achievement. Scope: Retail; Wholesale; Insurance. Responsible for IT compliance governance in: NL; Be; DE; UK; USA & Russia

Achievements in this assignment resulted in me being retained for 4 subsequent projects and programmes, which were also successfully completed. Details are as follows: Change/Audit Compliance Manager, Business Change Manager European Transaction Bank (ETB)

Introduce a governance structure for projects. Achieved using Prince standards for projects and a KPI Dashboard reporting comprising of: Incident; Problem; Change; Risk; and Issue management delivered as a highlight report for senior management.

Recruited to introduce a governance structure for projects.

Initial role in 1998 then retained for 2 follow on assignments in Frankfurt and Zurich Programme Manager Frankfurt Migration,which moved Fi and loans business from Zurich and Frankfurt to London. Projects Manager Y2K Programme Office & Release Manager