2020 - 2021
Debbie Lew (CISA, CRISC, CHIAP)
Debbie Lew is Vice President, Internal Audit, Information Technology and Enterprise Shared Services for Kaiser Permanente. She provides leadership to the department to execute the right work in partnership with customers and other risk management units to add value to the organization. Prior to Kaiser Permanente, she was an Executive Director at Ernst & Young leading IT risk and compliance services for the national Health practice.
Debbie has held several volunteer leadership positions within the Information System Audit and Control Association (ISACA). She has been the chapter’s Spring Conference Chair since 1999. She was the first female member on the COBIT Steering Committee, a member of the CRISC credentialing task force developing a certification for IT risk practitioners, the Audit Committee and a Director on the global board of ISACA. Debbie is on the advisory board of California State University, Northridge (CSUN) for Accounting and Information Systems and has been an adjunct professor for both CSUN and the Nanjing University of Science and Technology. Debbie was honored to receive the President’s Award for service and leadership to the profession in 2015 and ISACA’s Outstanding Chapter Leader award in 2019. Debbie has been appointed to serve on the IIA’s Information Technology Guidance Committee 2020-2021.
Debbie is a Certified Information Systems Auditor (CISA), has the Certified Risk and Information Systems Controls (CRISC) certification and is a Certified Healthcare Internal Audit Professional (CHIAP). Debbie holds a Bachelor of Arts and is a graduate of the Executive Leadership Program at the Harvard Business School.
Kelly is currently an AVP – IT Audit Lead at East West Bank, and was previously an IT Advisory/Risk Consulting Senior with KPMG. She received her Bachelor Degree in Accounting and Computer Information Systems from California State University, Los Angeles. Kelly has been involved with the chapter since she was a college student. And since then, she has actively taken up various leadership roles, including Treasurer, Programs Chair, Conference Registrar, Volunteer Chair, and Technology Committee Member. She has also been a Board Director for 2 years.
Michael Bobrowicz (CISM, PMP)
Michael Bobrowicz is an IT enterprise risk management and information security specialist with over 10 year of experience in industry. During his career, he has held various roles in multiple areas, including IT risk management and compliance, IT project management, software engineering, and business continuity & disaster recovery management. He has managed 20 direct report as a IT managed services program manager, been involved in 60+ projects as a IT project manager or lead software engineer, and conducted IT Risk and Business continuity/disaster recovery assessments and exercises in the US, China, Hong Kong, and India. He is currently working as the assistant vice president of IT Risk Management and Compliance at East West Bank, specializing in monitoring, implementation, and remediation of financial regulatory controls related to IT risk and security (FFIEC/CBIRC/HKMA/NIST control framework).
Michael has been part of the ISACA Los Angeles for 5+ years, and is currently serving as the chapter secretary and programs chair.
Daniel Razmjou, MBA and MSIS, is an IT auditor with the IT Assurance practice at Hutchinson & Bloodgood LLP. With over 14 years of professional experience in finance, IT, and healthcare, Daniel concentrates on governance, risk, and compliance (GRC), and business continuity planning (BCP). He is also a computer and information systems (CIS) and management information systems (MIS) guest lecturer at California State University Los Angeles.
DIRECTORS 2020 - 2021
Anna Carlin (CISA)
Anna Carlin is a CIS Instructor and Director for the Hornet Security Education Center at Fullerton College. She teaches Introduction to Cyber Security, Network Security, Ethical Hacking, Intrusion Detection and Incident Response, Personal Computer Security, and Introduction to Information Systems in the Business and CIS Division, Computer Information Systems Department. Anna serves as co-Principal Investigator on a National Science Foundation grant to support workforce and curriculum development in digital forensics and incident response.
Anna Carlin holds a Master of Science in Business Administration from Cal Poly Pomona. Prior to joining Fullerton College, she was a faculty member at Cal Poly Pomona in the College of Business Administration. Anna has over 15 years of experience in IT audit, software development, and operations management. Anna currently serves as a Director and Academic Relations Chair for ISACA Los Angeles.
Lisa Kinyon is the Business Control Manager on the Life & Specialty Services (L&SS) Issue Management team, one of the Global Technology and Operational (GT&O) division at Bank of America. As Business Control Manager, she is in charge of the portfolio audit issues for L&SS in addition to the tools that support the issue management process. Previously, Lisa served as the Business Support Manager and Technical Lead for GT&O COO Risk and Control Program team. She is the Subject Matter Expertise (SME) for the Control Management System (CMS) capabilities which includes requirements development, architecture design proposals reviews, provides guidance and approvals for all system development activities.
Lisa is a member of the ISACA Los Angeles Chapter and served on board from 1999 to 2012 as Director, Secretary, and Treasurer. She is currently the ISACA Los Angeles Chapter’s CTO in charge of the chapter’s website, on-line registration and virtual meeting platform. She is also on the Conference Committee as Facility Coordinator.
Cheryl Santor (CGEIT, CISM, CISA, CISSP)
Cheryl Santor is a cyber security professional working in the discipline for the past 32 years. Working both locally and nationally to help shape the evolution of cyber security. Cheryl started in the financial industry working with federal and local agencies to mitigate cyber risks. Cheryl transitioned to a major water utility that takes its mission seriously, where she was responsible for the critical infrastructure systems supporting quality water.
Cheryl is a CGEIT, CISM, CISA, CISSP, ITIL and has other certifications related to IT products. She has continued to lead and facilitate the water sector with advice and guidance in cyber security, where she has traveled the country to engage water agencies in Cyber Security Best Practices. She participated in the DHS NIST Cyber Security Framework workshops to create the framework in use today. She assisted ISACA International in developing the CSX program to provide cyber security education for those new to the industry. Cheryl retired from Metropolitan Water District of Southern California, but remains very active in the cyber security community. She continues to engage in strategy of community associations and continues to lead the industry in strategic approaches for cyber security evolution.
Cheryl is deeply involved with other programs; i.e., ISACA LA, ISSA LA, Infragard LA. She continues to provide awareness of cyber security issues and presents at regional conferences regularly. Cheryl’s extensive experience in risk, governance, and compliance have become cornerstones of discussion at numerous security sector-related meetings.
Patricia Benoit (MBA, PMP, CISM, GSEC)
Patricia is currently Senior Manager/Advisor of Risk & Compliance at Southern California Edison. She is an enterprise risk management, cybersecurity, audit, and compliance leader with a track record of success in program and project implementation, strategic planning, risk management, team development, vendor management, and cross-functional collaboration. Her management strengths include leadership, strategic planning and business case development, relationship management, risk management and controls, team development, and process improvement. She has demonstrated ability to build consensus within teams. Outstanding communication, presentation, and negotiation skills; easily builds positive working relationships with associates, managers, and senior executives.
Min Fu (CISA)
Min is currently a Technology Risk Senior Manager at EY in the Financial Services Office (FSO). She has more than 10 years of IT risk management and auditing experience, and served clients within the financial services, entertainment, and technology industry. She is currently the Technology Risk Innovation Leader where, in collaboration with multiple service lines, she leads the design and implementation of innovative solutions using analytics for data-driven risk assessments and RPA to drive audit efficiencies. Min is currently a Certified Information Systems Auditor (CISA). In her spare time, Min enjoys cycling her Peloton and running, where over the past four years, she has completed 16 half-marathons, 2 marathons, and counting…
Jonathan Chan (CISA, CISM, CISSP)
Jonathan is a senior manager in Deloitte & Touche LLP’s Cyber Risk practice with over 12 years of management consulting and information technology experience. His experience includes delivering large-scale enterprise resource planning (ERP) security implementations, cyber maturity assessments, business process and IT controls design, and deploying enterprise-wide GRC solutions to help clients address operational, financial, and regulatory risk. His more recent work involves leading transformational cyber risk initiatives for global enterprises and managing cyber risks around the use of disruptive technologies such as RPA (Robotics Process Automation) and realizing value from the Internet of Things (IoT).
As a lead facilitator at Deloitte & Touche LLP, he has trained over 2,500 professionals on various topics including cybersecurity, leadership development, and GRC. Outside of work, Jonathan volunteers by delivering cyber safety awareness program to schools, youth centers, and other community events with the goal of helping kids protect themselves online. He has presented this program to over 2,000 kids across the nation. He has been serving as the ISACA Los Angeles president the last two years and is currently a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA).