Christine Neumann Email and Phone Number

Consultant at Silicon Valley Bank• Provide 2nd Line of Defense (2LOD) for BP Integration risk management.• Engage with workstreams to assist in identifying and managing integration related risks. • Monitor project schedules to ensure mitigation plans are on target for completion. Raise any issues to the workstream leadership and Head of Integration as needed.• Apply Effective Challenge to all High and Very High Integration risks identified. • Create a bi-weekly BP Integration Risk Report which is distributed to the Chief Risk Officer and direct reports, the Steering Committee on a quarterly basis, and the examiners when requested. • Attend all BP Integration status update meetings with the IMO and the workstream leadership teams. • Administer Effective Challenge for 1LOD risks pertaining to the BP Integration. • Risk Integration SME for workstreams.• Perform other risk reviews as assigned.

Data Resiliency Governance

• Maintained, matured, and educated employees on policies, standards, guidelines, tools, systems, and procedures required to support the Operational Risk Management (ORM) Program.• Performed 2nd Line credible challenge and evaluation of completeness of risk and compliance identification, end-to-end processes, inherent risk ratings, residual risk ratings, and control effectiveness ratings as part of the review for the lines of business risk and control assessments. • Developed, documented and maintained a Central Issue Management (CIM) Program and ensured all risk management related issues across the organization were appropriately identified, recorded, monitored, escalated, and reported, as is necessary, to the appropriate management and board committees.• Conducted root cause analysis on significant risk events and operational losses to recommend process and control improvements. • Created and updated risk reports and presentations to executive management, the Executive Risk Counsel, and the Board Risk Committee.

• Maintained and enhanced enterprise risk management methodology across all lines of business, both domestic and international.• Provide effective challenge, risk assessment workshops and company-wide high-risk register.• Matured risk appetite statements, risk tolerance and key risk indicators for enterprise. • Designed risk training materials and facilitated 1st Line training.• Supported U.S. regulatory exams for all product lines. • Interacted with all levels of management to obtain information requested from examiners.• Primary liaison to examiners from all regulatory agencies. • Prepared all participants on interacting with examiners. • Oversaw compliance support for clients.• Responsible for 1 direct report.

• Collaborated with Chief Risk Officer to create Enterprise Risk Management (ERM) program which included development and documentation of the enterprise risk methodology, risk tolerance, risk appetite and corresponding risk policies.• Socialized ERM program with executive management and business line leaders. Developed training materials and trained managers on performing risk assessments.• Worked with over 100 lines of business (both national and international) to identify and quantify risks.• Maintained and matured risk framework. • Developed, maintained, and monitored testing of Disaster Recovery Plans.• Coordinated implementation of GRC, Business Continuity, Crisis Management, and employee notification tools.• Performed monthly regulatory monitoring and reporting to Chief Risk Officer and Executive Management. • Established collaboration process with Chief Privacy Officer, legal, and compliance officers to ensure compliance regulations were implemented and monitored.• Liaison to external regulatory agencies including FFIEC, FS-ISAC, etc. • Conducted vendor risk assessments.• Performed international travel risk assessments.• Responsible for 3 direct reports.

• Established strategic direction for Information Security risk team and project plans for executing strategy. • Conducted more than 50 detailed information security risk assessments, documented results, and provided feedback.• Reviewed information security architecture, network, and system security designs to ensure compliance with all regulatory requirements and industry best practices.• Consulted with business units to ensure compliance of Information Security projects.• Conducted vendor information security risk assessments.• Responsible for 7 direct reports.

• Authored methodology for conducting technology assessments.• Managed complex technology assessments. • Created and documented an improved methodology for conducting technology assessments.• Responsible for the creation of architecture designs for new software implementations, including hardware recommendations and configuration.