Leveraging the COSO ERM Framework to Integrate Cyber Risk Management & Enterprise Risk Management

Jason Sechrist
Jason Sechrist AuditBoard
Anand Bhakta
Anand Bhakta AuditBoard
Nicholas LeBlanc
Nicholas LeBlanc Rapid7

On-Demand Webinars

Webinar Speakers

Jason Sechrist is the Director of Compliance Solutions at AuditBoard where he works with various compliance teams to help automate the administrative tasks of audit, risk and compliance activities. He was previously the Global Head of Internal Audit at Rackspace Managed Cloud Company where his responsibilities included developing and executing on a risk-based audit plan for the company’s global footprint of data centers and office locations across the Americas, Europe and Asia. Jason started his auditing career with PwC in Silicon Valley, working primarily with software and cloud service providers where he advised CTOs, CISOs, compliance managers, and system engineers. Prior to becoming an auditor, he led user testing and development for global aviation weather visualization software as a service while serving on active duty for the United States Air Force. Jason remains active in the industry, volunteering as Audit Committee Chair for the University of Texas San Antonio, and regularly speaks on topics relevant to technology risks at national and International IIA and ISACA events.

Anand Bhakta is the Sr. Director of Risk Solutions at AuditBoard, a cloud-based software platform to help streamline and automate internal audit and compliance activities and a Principal at SAS, a boutique firm focused on Information Technology (IT) Controls and advisory services. He has over fifteen years of IT audit and consulting experience. Anand specializes in risks and controls related to the implementation of ERP systems, and he has helped various multinational companies evaluate and/or implement application controls in ERP systems including Oracle Financials, SAP, and PeopleSoft. Anand is recognized for his ability to develop and implement auditing and data analysis tools. Additionally, he has assisted clients comply with Sarbanes-Oxley from both an advisory and attestation perspective. Anand graduated from the University of Southern California (USC) with a degree in Accounting and Information Systems. Previously, Anand was an executive at Ernst & Young LLP in the Technology and Security Risk Services (TSRS). In his role at Ernst & Young LLP, he designed and developed procedures and tools to help clients perform continuous monitoring, as well as evaluate Segregation of Duties controls. Anand is an experienced trainer and has designed and conducted multiple technical training sessions including Oracle application controls, data analysis, Sarbanes-Oxley Compliance, and IT general controls.

Nicholas LeBlanc currently leads the Rapid7 Internal Audit team as a CPA certified in MA. Prior to heading up Rapid7’s Internal Audit team he has been in the auditing field for 10 years starting at PwC in 2010 after completing his MBA/MSA program at Northeastern. He has extensive experience in SOX, operational auditing, ITGCs and ERM.


Cyber threats and attacks continue to increase in number and complexity – all while the business world grows more digitized and connected. As businesses and technology have evolved, so has the COSO Enterprise Risk Management (ERM) Framework. One of the foundational drivers behind the update of the ERM Framework was the need to address the evolution of risk management in the cyber age, and the need for organizations to improve their approach to managing cyber risk. This session will provide an overview on cyber risk management through principles defined in the COSO Enterprise Risk Management Framework. In this session we will review the importance of leveraging these COSO ERM Framework principles to manage cyber risk, dig into details on how to integrate cyber risk management with enterprise risk management, and explore anticipated future developments in ERM and cyber risk.

View Webinar Now