Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
0Activity
0 of .
Results for:
No results containing your search query
P. 1
CV_100408 IAM

CV_100408 IAM

Ratings: (0)|Views: 6 |Likes:
Published by swamper2
Senior GRC adviser with 35 years experience of security in the MoD, Government Agencies and private business areas
Senior GRC adviser with 35 years experience of security in the MoD, Government Agencies and private business areas

More info:

Categories:Types, Resumes & CVs
Published by: swamper2 on Apr 26, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

05/12/2014

pdf

text

original

Curriculum Vitae
Svenn R. Norendal

Svenn Norendal, CGEIT CISA
Director
Senior GRC Adviser and Auditor

Norendal International Ltd
21 Castlegate Drive
Cockermouth
CA13 9HD
U. K.

Office: +44 (0)1900 826 587
Mobile: +44 (0)7917 154 634
svenn@norendal.com

Revised: 08/04/2010
SUMMARY
My background is Telecom Engineer 1973. Now, the main area is business support within Governance, Risk Management
and Compliance, GRC. Most tasks are carried out in the capacity as project manager or adviser.

Employments:
1974-1986: Security officer/engineer, IT security analyst and project manager, Swedish Telecom.
1986-1998: Corporate IT security manager, IAM owner, IT auditor, program manager and senior consultant, Ericsson.
1998-2004: Partner, management consultant, IT auditor and project manager, Norendal International.
2004-:

Director, manager, senior GRC adviser, business development, Norendal International Ltd.

Norendal International is a provider of Governance, Risk Management and Compliance support in the UK and abroad. We
have extensive understanding of IAM solutions and implementation, Access control, Data Classification, Information
Security Management Systems (ISMS) and security standards.

Clients: Electrolux, Lansforsakringar, SAS, Handelsbanken, SPP, Ford Motor Company, Xerox UK, Shell International,
Alliance & Leicester, Banco Santander, EDB Business Partner etc.

I am;
- Not afraid to put my view forward, based on experience (mine or others) to influence decision and direction;
- Result oriented in every task with a pragmatic view in a business oriented environment;
- Enjoy working with people to progress tasks and to resolve issues;
- Motivated, experienced, reliable and productive with a taste for challenges and changes;
- Interact with people and achieve objectives through knowledge transfer that change attitudes and behaviour;
- Tolerant but expect failures to be part of a learning experience;
- Certified Information Systems Auditor (CISA, 1993)
- Certified in the Governance of Enterprise IT (CGEIT, 2008).
- In the pipeline is to gain ISO 27001 Lead Auditor certification.

1 (5)
Curriculum Vitae Svenn R. Norendal
PROFESSIONAL PROFILE
August 1998 to present
Senior GRC Adviser and Auditor,
Norendal International Ltd
Director
Since 1998 I have managed the development and administration of Norendal International and provided professional
services to clients in the UK and abroad. I am available for contract engagements for up to 9 months every year.
Project experience the last 5 year, 12 contracts:
09/03/01-09/05/31 Senior GRC Adviser, EDB Business Partners, Oslo, 1 contract

Support project regarding project risks and scope. Plan and perform review of IAM/IDM functionality, operations and services. Coordinate regulatory requirements business and ITGC impact, including SOX, and prioritize recommendations.

08/06/01-08/11/30 Senior GRC Adviser, Alliance & Leicester/Banco Santander, 2 contracts

Review of current RM methodology and process. Plan, develop and implement new RM process based on the Forums IRAM methodology. Coordinate RM activities as SME and Project Manager. BAU activities covering remedy of audit issues including IDM and Basel II.

06/03/01-07/01/31 Senior GRC Adviser and SME, Shell International, London-The Hague-Rotterdam, 5 contracts

Manage review of current RM methodology and process. Manage the design, test and
implementation of new RM process based on the Forums IRAM methodology. Manage GAP analysis
within Trading, Downstream, Central Finance and EP. Manage review and GAP analysis of PCI DSS
compliance of Downstream projects in scope. Manage and Evaluate ITGC and SOX controls within
Central Finance and recommend improvements. Manage Business Impact Assessments at
Corporate Centre covering information risks and report to management.

05/05/01-05/12/31 SOX Analyst/Tester/SME and project Manager. Xerox UK, 2 contracts

Plan, manage and perform SOX testing of ITCG, Access and SOX controls on behalf of business managers and IM manager. Identify and prioritize gap and with business managers develop cost effective remedy solutions. Coordinate retesting when necessary. Review result with external auditors and coordinate status and management reports.

04/06/01-04/12/31 SOX Analyst/Tester/SME and project Manager. Ford Motor Company, 2 contracts

Plan, manage and perform SOX testing of ITCG, Access and SOX controls on behalf of business managers and IM manager. Identify and prioritize gap and with business managers develop cost effective remedy solutions. Coordinate retesting when necessary. Review result with external auditors and coordinate status and management reports to Audit Committee.

Summary of previous contracts:
2002-2004
International marketing/sale of the SBA Method series; SBA Check, SBA Scenario and SBA Project
2000-2002
Project manager of corporate awareness programme, (Pharmacia/Pfizer)
2001
Information security status review (ISSS) as project manager (SAS)
2000
Adviser to Information security status reviews including data centre physical security (Electrolux)
2000
Project review/support, SSO (Handelsbanken)
1998-1999
Manage GAP analysis to BS7799, QA reviews (Lansforsakringar).
1998-1999
Information security status review (ISSS) as project manager (SAS).
2 (5)
Curriculum Vitae Svenn R. Norendal
EDUCATION

2000, 2 days Internet: Control Issues and Audit Methods, ISACA Northern UK Chapter
1999, 3 days Compsec International 1999, Elsevier
1996, 3 days Businessmanship, Ericsson Data/Business Training Systems AB
1995, 3 days How to Measure Advantages for Customers, Ericsson Data
1993, 2 weeks CISA prep course (ISACA Sweden Chapter)
1993, January Offensive Quality Work (Ericsson Quality Institutes)
1992, 6 weeks Project Management, FUTURUMS Higher Project management), 10 p, Ronneby University
1992, 2 weeks Advanced Management, AVANT/Ericsson Data
1991, 6 days Quality Service Program, Ericsson Data/Vendator
1990, May MVS Security, BackupCentralen
1990, May Network Security, Frost & Sullivan, Management Development Seminar
1989, October Computer Related Legislation, University of Link\u00f6ping
1988, November Relations Database Basics, Monitor ADB utveckling AB
1988, 2 weeks Information Security, 5 p, Royal Institute of Technology and Stockholm University
1988, November Continuity Planning - Disaster Recovery, Frost & Sullivan, Management Development
1988, February Computer Security, CGS Institute
1987, 1 week Project Management, \u00d6ppna Dataskolan, Ericsson Data
1986, 5 weeks Diploma in IT-security Management, Infosec PROSAB
1986, 2 years, part time Electric Power Engineer Degree, Huddinge College
1985, October U. S. Export Controls 7 - intensive course, Stockholm Chamber of Commerce
1984, May Data Communication II, STF ingenj\u00f6rsutbildning
1983, December SBA Management course, INFOSEC Prosab AB
1983, February Securicom-83, Cannes
1982, December Time Manager, Time Manager International
1982, November Physical Protection of Computer Plants, SBF Svenska Brandf\u00f6rsvarsf\u00f6reningen
1982, 21 weeks Programmer Education, IBM/UNIVAC, Swedish Telecom
1981, January Infrared Physics for Professionals, 2 p, Royal Institute of Technology, Stockholm
1980, October Direct Current Systems, STF Ingenj\u00f6rsutbildning
1980, March Methodology for Education, Swedish Telecom
1979, March MULTICOM, Swedish Telecom
1976 \u2013 1978 MULTILARM, MULTILARM L 300, MULTILARM L 400 Swedish Telecom
1973, 4 years Electronic and Telecommunications Engineering Degree, Thorildsplans College

Other
1979-2007, several customer focusing IT management courses/seminars providing guidance on the planning,
delivery and management of quality IT services to support business needs (ITIL).

(This list is not complete, cover approximately 50% of all training during 1973 to 2008)
3 (5)
Curriculum Vitae Svenn R. Norendal

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->