Michael C Redmond, PHD, PMP, CEM, MBCP, FBCI, ISO
DIRECTOR, CONSULTING AND AUDIT
Michael C. Redmond is a Director and the Lead Strategic Consultant and Auditor for EFPR Group's Information Technology and Governance, Risk and Compliance Consulting and Audit division. She is also a recognized International IT Consultant, Auditor, Speaker, Author, and Trainer.

Michael spent four years on active duty with the U.S. Army and an additional 17 years in the National Guard and Reserves. Her assignments include Company Executive Officer, Public Relations Officer and Company Commander. She retired at the rank of Lieutenant Colonel.

Michael has three books that were published in 2018; Mastering Your Introduction to Cyber Security, Mastering Business Continuity Management and Mastering Your Work Life Balance. They are available in hard cover, soft cover and kindle version from Barnes and Nobles, Amazon and other sites.

Michael possesses a PhD, Psychoneurology (Crisis Psychology), an MBA from Fordham University, Advanced Masters Certificate from American Institute of Banking, a B.A., Communication Arts & Management, and is a graduate of US Army Command & General Staff College. She is currently enrolled in PECB University, Masters Program in Risk Management.
Michael possesses many ISO certifications as Lead Implementer and Lead Auditor, Including ISO 27001. ISO 22301, ISO 9001.
Upcoming Webinar
California Consumer Privacy Act is Just around the Corner. Are You Ready? (Including the New Proposed Laws in October 2019)
With California enacting a major new data privacy law last year, now is the time for companies to review and adjust to how the California Consumer Privacy Act will impact their business. Slated to go into effect January 1, 2020, the CCPA is set to be the toughest privacy law in the United States by broadly expanding the rights of consumers and requiring businesses within scope to be significantly more transparent about how they collect, use, and disclose personal information. The act comes on the heels of the EU General Data Protection Regulation (GDPR) and provides consumers with a number of "European-style" rights. Businesses all over the world that sell into the California market will be affected, regardless of whether they have a physical presence in the state.
Live Session Tuesday, 17 December 2019, 11:30 AM PDT | 02:30 PM EDT, Duration: 60 Minutes

Recorded Webinar
Best Practices for Implementation and Auditing of a Business Continuity Plan using ISO 22301
Join this session to understand the components in a complete and effective Business Continuity Planning program. Get insights from on-the-field experiences that can be applied to Internal Audit and BCP program activities. The session will also provide tools to help your organization improve on your BCP program and your ability in auditing them with targeted recommendations. You will learn how to do Risk Assessment and Business Impact Analysis, design a real business continuity plan and know how to test, implement and maintain it.
Recorded Session Get life time access for one participant with download option!

Understanding Cyber Insurance Coverage and Leveraging It
Cyber security is a major risk to any businesses. Threats from thieves and foreign governments or terrorists are constant and ever-evolving. Every day there is a new data breach or threat. In already difficult economic times, managing this risk should be a paramount concern to companies as they strive to remain successful. One way to manage such risk is through insurance.
Recorded Session Get life time access for one participant with download option!

California Consumer Privacy Act: What you Need to Know to be Prepared for January 1, 2020 Effective Date
With California enacting a major new data privacy law last year, now is the time for companies to review and adjust to how the California Consumer Privacy Act will impact their business. Slated to go into effect January 1, 2020, the CCPA is set to be the toughest privacy law in the United States by broadly expanding the rights of consumers and requiring businesses within scope to be significantly more transparent about how they collect, use, and disclose personal information. The act comes on the heels of the EU General Data Protection Regulation (GDPR) and provides consumers with a number of "European-style" rights. Businesses all over the world that sell into the California market will be affected, regardless of whether they have a physical presence in the state.
Recorded Session Get life time access for one participant with download option!

Self Auditing Your Cyber Security Program to Ensure Risk Mitigation
To manage information security in a company, you need self auditing of your cyber security program. This webinar will cover how to audit your program in relation to establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system. In addition we will discuss which standards to reference to effectively ensure your organization has a robust security program for vital information assets.
Recorded Session Get life time access for one participant with download option!

Understanding the California Consumer Privacy Act of 2018
The California Consumer Privacy Act of 2018 (the "Act") was signed into law by California Governor Jerry Brown on June 28, 2018. The Act gives consumers" (defined as natural persons who are California residents) specified basic rights in relation to their personal information. The Act requires that companies make certain disclosures to consumers via their privacy policies, or otherwise at the time the personal data is collected.
Recorded Session Get life time access for one participant with download option!

Final Countdown to GDPR: Is Your Business Compliant for the May 25th Deadline?
The deadline for the new European General Data Protection Regulation (GDPR) is just a month away, and it is likely to affect most companies around the world in one way or another – even ones not based in Europe. With the EU's GDPR deadline upon us, what have organizations put in place to ensure they are compliant, and how can they ensure they stay compliant from now into the future?
Recorded Session Get life time access for one participant with download option!

How to Establish an Effective IT Governance, Risk and Compliance (GRC) Framework - Organization and Responsibilities
This training program will discuss how to develop a great GRC program that ensures proper governance, risk management and compliance management of all IT systems and processes that support the business operations.
Recorded Session Get life time access for one participant with download option!

DFS New Cyber Requirements for Financial Organizations and Insurance Companies
On September 13, 2016, the New York State Department of Financial Services published draft regulations addressing Cybersecurity and related business continuity issues for it is over 3,000 regulated entities in the state. On December 28, 2016, DFS came out with revisions. These regulations for Financial Institutions and Insurance companies, is just as pertinent to all organizations who wish to have resiliency.
Recorded Session Get life time access for one participant with download option!

DFS New Cyber Requirements for Financial Organizations and Insurance Companies
On September 13, 2016, the New York State Department of Financial Services published draft regulations addressing Cybersecurity and related business continuity issues for over 3,000 regulated entities in the state. On Dec 28, 2016, DFS came out with revisions. These regulations for Financial Institutions and Insurance companies, is just as pertinent to all organization who wish to have resiliency.
Recorded Session Get life time access for one participant with download option!

Auditing Information Security Using ISO 27001
ISO 27001 describes how to manage information security in a company. According to its documentation, ISO 27001 was developed to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system." By applying ISO 27001 standards effectively in your organization you can ensure a robust security for your organization's vital information assets.
Recorded Session Get life time access for one participant with download option!

Best Practices for Conducting a Cyber Risk Assessment
This training program will examine strategic planning to prepare and review your cyber and information security risks, cyber risks and impact analysis, IT outsourcing and other underlying risks. The program will help attendees identify, analyze and document the events and environmental surroundings that can adversely affect an organization.
Recorded Session Get life time access for one participant with download option!

Designing Full Cyber Security Incident Response Team (CSIRT) Training Program as well as Table Top and Simulation Testing
Attackers can hit anytime, hence, Computer Security Incident Response Team for a company, government agency or organization must be vigilant 24X7. Both reporting incidents and disseminating incident-related information correctly is a must. Many businesses have not provided adequate training and testing consideration to security issues. Testing helps to raise awareness and help respond to potential organized computer attacks. Gathering intelligence information from all sources is only one area to test.
Recorded Session Get life time access for one participant with download option!

How to Develop a Successful Business Continuity Audit Program
Get trained on developing an effective business continuity audit process that ensures an organization’s ability to remain in business in a disaster. Learn how to audit a business continuity plan and ensure it has all the components.
Recorded Session Get life time access for one participant with download option!

ISO 22301:2012: Business Continuity Management System Requirements
Join this session to understand the components in a complete and effective Business Continuity Planning program. Get insights from on-the-field experiences that can be applied to Internal Audit and BCP program activities. The session will also provide tools to help your organization improve on your BCP program and your ability in auditing them with targeted recommendations. You will learn how to do Risk Assessment and Business Impact Analysis, design a real business continuity plan and know how to test, implement and maintain it.
Recorded Session Get life time access for one participant with download option!

Risk Assessment and Business Impact Analysis using PMI and ISO/IEC 21500 Project Management Methodologies
This webinar will explain how to properly use Project Management Principles to prepare for an adverse impact on your business. We will cover how to identify, analyze and document the events and environmental surroundings that can badly affect the organization. You will learn how to prepare and review the continuity planning program. Areas such as Project Management of IT Outsourcing and other risks will be covered. It is critical to assess the IT and Information Security risks and the effectiveness of the institution's risk management processes as they relate to the security measures.
Recorded Session Get life time access for one participant with download option!

Cyber Security Governance: Integration of ISO 20000-1 ITSM & ISO 27001 ISMS
Attend this session by our expert speaker, Dr. Michael C. Redmond, and learn to use the ISO family of standards in your enterprise risk management system and understand the benefits. Michael will help your organization to manage the security of the assets such as intellectual property, financial information, employee details entrusted to you by third parties through an effective ERM system that applies both ISO 20000-1 ITSM and ISO 27001 standards. This session will enable you to gain knowledge on the ways to fit ISO 27001 in your organization as the main structure for information security management.
Recorded Session Get life time access for one participant with download option!

Streamlining Operations: LEAN for Small Business
Lean manufacturing is the process of identifying work that doesn't add value-also known as "waste"-and removing that waste. Lean is about doing more with less by focusing on continuous improvement. It is based upon the premise that anywhere work is being done, non-value-added waste is being generated that should be minimized or removed.
Recorded Session Get life time access for one participant with download option!

Disaster Recovery Planning on a Shoestring Budget
This session covers the Disaster Recovery (DR) Process or Function, including resilience strategies, recovery objectives, business continuity and crisis management plans. It also includes obtaining management support and organizing and managing the formulation of the DR function or process either in collaboration with, or as a key component of an integrated risk management initiative.
Recorded Session Get life time access for one participant with download option!

How to Apply ISO 27001 Principles to Enterprise Risk Management in 2016
Attend this session by our expert speaker, Dr. Michael C. Redmond, and learn to use the ISO family of standards in your enterprise risk management system and understand the benefits. Michael will help your organization to manage the security of the assets such as intellectual property, financial information, employee details entrusted to you by third parties through an effective ERM system that applies ISO 27001 standards. This session will enable you to gain knowledge on the ways to fit ISO 27001 in your organization as the main structure for information security management.
Recorded Session Get life time access for one participant with download option!

Designing Full Cyber Security Incident Response Team (CSIRT) Training Program as well as Table Top and Simulation Testing
Attackers can hit anytime, hence, Computer Security Incident Response Team for a company, government agency or organization must be vigilant 24X7. Both reporting incidents and disseminating incident-related information correctly is a must. Many businesses have not provided adequate training and testing consideration to security issues. Testing helps to raise awareness and help respond to potential organized computer attacks. Gathering intelligence information from all sources is only one area to test.
Recorded Session Get life time access for one participant with download option!

SUBSCRIBE TO NEWSLETTER
Get industry updates and exclusive deals on offers!