Cindy Doe is a Boston-based Principal and leader of Ernst & Young's Digital Risk offering in the Financial Services Office (FSO). Cindy is also the FSO New England Market Advisory leader. She brings over 25 years of experience working in the financial services industry, specifically in banking and capital markets, investment management, and insurance. Cindy has significant experience working with global financial services clients on technology and cyber risk management frameworks, vendor risk management frameworks, resiliency frameworks, internal and external audits, and third party control reporting exams.
Prior to joining Ernst & Young' Financial Services Office, Cindy worked for Zurich Financial Services as Director of IT Audit for Zurich Global Assets, including Centre Re & Zurich Capital Markets, and Director of Internal Audit for Zurich Scudder Investments in North America. In these roles, she was responsible for the development and execution of the annual risk-based audit plan for IT and as well as business operational audit work in the US and international locations as well as co-led the Business & Technology Recovery cross functional working group at Zurich Scudder Investments.
Selected Major Projects:
- Led various process, risk, and control assessments for large investment management firms and regional banks relating to various processes including information technology, information security, disaster recovery, investment life cycle, trading, as well as finance and billing.
- Led a large vendor risk engagement for a large US retail bank relating to the risk assessment and mitigation strategies associated with outsourcing of IT infrastructure services.
- Led a technology and operations risk and controls assessment of the consumer and mortgage servicing divisions of one of the largest global banks.
- Global IT Executive on a large global financial services firm, which includes broker dealer, custodian, and asset management services.
- Led an advisory engagement for a global financial services firm to provide insights and recommendations as part of management's rollout of a quality controls and quality assurance program in the first line of defense.
- Led the IT component of multiple service organization control report engagements, including SOC 1 and SOC 2, including banks, clearing broker deals, alternative investment firms as well as alternative asset administrators.
- Senior advisor for complex resiliency, privacy, and cyber risk engagements as well as the IT component of integrated and statutory audits for firms in the banking, capital markets and alternative investment industries.
Cindy is a Certified Information Systems Auditor and received a B.S. in Finance from Boston College.