Our Leadership

Syed Rizwan Ashraf is the CEO of Rimici “ONE Source”. Mr. Syed’s background in Security and Privacy Risk Governance design and implementation knowledge is second to none.

Areas of Expertise

  • IT Policies & Standards Governance & Life Cycle Management
  • ITIL processes and performance Metrics Implementation and Management
  • Service Now, Archer and Agiliance GRC Program Management
  • PCI, SOX, HIPAA, Meaningful Use, Safe Harbor Compliance Program management
  • Information Asset Security Life Cycle Management
  • Cloud Infrastructure Security Governance and Program
  • HITRUST Framework Development and Implementation
  • Information Security risk-based Strategy and programs
  • Integrated Risks and Controls Self-Assessment Framework, Program, Process and Metrics
  • Meaningful Use
  • Architecture, Secure Infrastructure Design of ONC certified Electronic Health Record (EHR)
  • Secure Online E-Commerce architecture, PCI Compliant online store implementation

Professional Accomplishments

  • Professional Educational/Business Degrees include: MBA, CCNP, CISM, CGEIT
  • Developed and implemented Integrated Risk & Controls Self-Assessment Framework, Business Case, Risk Management Program and the Kaiser Permanente IT Policies & Life Cycle Governance Framework.
  • Developed and managed IT Security Policy Council Framework, program, process and reporting
  • Developed and implemented Data De-Identification Governance program including, risk communication plan and exception management.
  • Managed & launched nonprofit free medical clinics program which includes fully integrated electronic health system, records, practice management, scheduling, electronic billing, E-prescribing certified by the U.S Government for “Meaningful Use”.
  • Developed, implemented, and reported Risk Assurance Based Compliance Program including risk-based approach and remediation planning for mission critical business applications and underlying infrastructures.
  • Developed, engaged and drive implementation of the Kaiser Permanente Information Security Framework, policies and standards, life cycle management, communication and performance reporting
  • Engaged in KP Enterprise Architecture Policy Governance development including mobile and wireless technology governance.
  • Established and managed IT Process Governance Council including policies & standards, approvals and implementation and performance metrics reporting to the CIO and IT leadership.
  • PCI Security Strategy including communication, processes and compliance requirements.
  • Security strategy and risk management including IT policies and standards lifecycle management program, ITIL process governance and supporting SOX, PCI and HIPAA compliance.
  • Developed, implemented and managed VMware Security and Risk Governance capabilities framework including security strategy, roadmap. Designed VMware Cloud security capabilities.
  • Developed Infrastructure Security Governance Framework, program, processes & metrics reporting at VMware Inc.

Professional Accomplishments

  • Security and Risk Governance Principal, VMware Inc
  • HIPAA Application Security Program (HASP De-Identification Program)Kaiser Permanente
  • Information Security Officer at Wells Fargo Bankin Business Direct (Community Banking)
  • Oracle EBS & Oracle Identity Manager implementation and security controls audit preparation at Gilead Sciences
  • IT Security Policy Maker at Kaiser Permanente
  • IT Policies and Standards Manager at CSAA
  • Network Security Project Manager at Cisco Systems
  • Security Governance advisor to CEOs and CISOs in Silicon Valley companies.