Rimici Builder

Rimici Leadership Profile:

Syed Rizwan Ashraf is the CEO of Rimici “ONE Source”. Mr. Syed’s background in Security and Privacy Risk Governance design and implementation knowledge is second to none.


Areas of Expertise


  • IT Policies & Standards Governance & Life Cycle Management
  • ITIL processes and performance Metrics Implementation and Management
  • Service Now, Archer and Agiliance GRC Program Management
  • PCI, SOX, HIPAA, Meaningful Use, Safe Harbor Compliance Program management
  • Information Asset Security Life Cycle Management
  • Cloud Infrastructure Security Governance and Program
  • HITRUST Framework Development and Implementation
  • Information Security risk-based Strategy and programs
  • Integrated Risks and Controls Self-Assessment Framework, Program, Process and Metrics

· Meaningful Use

· Architecture, Secure Infrastructure Design of ONC certified Electronic Health Record (EHR)

· Secure Online E-Commerce architecture, PCI Compliant online store implementation



Professional Accomplishments


· Professional Educational/Business Degrees include: MBA, CCNP, CISM, CGEIT

· Developed and implemented Integrated Risk & Controls Self-Assessment Framework, Business Case, Risk Management Program and the Kaiser Permanente IT Policies & Life Cycle Governance Framework.

· Developed and managed IT Security Policy Council Framework, program, process and reporting

· Developed and implemented Data De-Identification Governance program including, risk communication plan and exception management.

· Managed & launched nonprofit free medical clinics program which includes fully integrated electronic health system, records, practice management, scheduling, electronic billing, E-prescribing certified by the U.S Government for “Meaningful Use”.

· Developed, implemented, and reported Risk Assurance Based Compliance Program including risk-based approach and remediation planning for mission critical business applications and underlying infrastructures.

· Developed, engaged and drive implementation of the Kaiser Permanente Information Security Framework, policies and standards, life cycle management, communication and performance reporting

· Engaged in KP Enterprise Architecture Policy Governance development including mobile and wireless technology governance.

· Established and managed IT Process Governance Council including policies & standards, approvals and implementation and performance metrics reporting to the CIO and IT leadership.

· PCI Security Strategy including communication, processes and compliance requirements.

· Security strategy and risk management including IT policies and standards lifecycle management program, ITIL process governance and supporting SOX, PCI and HIPAA compliance.

· Developed, implemented and managed VMware Security and Risk Governance capabilities framework including security strategy, roadmap. Designed VMware Cloud security capabilities.

· Developed Infrastructure Security Governance Framework, program, processes & metrics reporting at VMware Inc.



Professional History


· Security and Risk Governance Principal, VMware Inc

· HIPAA Application Security Program (HASP De-Identification Program) Kaiser Permanente


  • Information Security Officer at Wells Fargo Bank in Business Direct (Community Banking)
  • Oracle EBS & Oracle Identity Manager implementation and security controls audit preparation at Gilead Sciences
  • IT Security Policy Maker at Kaiser Permanente
  • IT Policies and Standards Manager at CSAA
  • Network Security Project Manager at Cisco Systems
  • Security Governance advisor to CEOs and CISOs in Silicon Valley companies.

 Be The first to know Programs Releases  
And Important Rimici News  
 Powered By  
 Rimici "One Source"