StateRAMP Leadership

The Appeals Committee is comprised of at least five members at all times. Committee members are appointed by the board, who strive to include representation from all stakeholders, including at least one member of the Board of Directors. The Appeals Committee serves as the adjudication board for issues related to the PMO such as a conflict-of-interest claim, disagreements over status determination, or requests for exceptions. They conduct regular meetings and may call special ad hoc meetings as needed. In some cases, the Executive Committee, which includes Board Officers and executive staff, may appoint a subject matter expert to the committee to aid in a claim assessment as needed.

Chair: Owen Zorge, Chief Information Security Officer, City of Chandler, AZ

Vice Chair: Ray Yepes, Chief Information Security Officer, State of Colorado’s Governor’s Office of Information Technology 

Members:

• Ted Cotterill, Privacy Officer / MPH General Counsel, State of Indiana
• Charlie Mewshaw, Chief Information Security Officer, Fayetteville State University 
• Rich Banta, Co-Owner and Chief Information Security Officer, Lifelines Data Center
• Teri Takai, Executive Director, Center for Digital Government
• Ramanuj Kushwaha, Leader, US Public Sector Market Transformation and Growth, Cisco

Advisors:

• Neil Slagle, Director of Information Systems, City of Springfield
• Jennifer Hawks, Vice President, Government Services, NCC Group 
• Tony Bai, Executive Vice President of Public Sector, RISCPoint
• Mase Izadjoo, VP & CISO, Earthling Security

In an effort to ensure all providers have the ability to verify their product and obtain a StateRAMP Authorized status, and in response to community feedback, the StateRAMP Board and Nominating Committee formed the StateRAMP Approvals Committee. The Approvals Committee is comprised of at least five members representing state and local government and higher education and is responsible for serving as the sponsoring government body required for the StateRAMP Authorized security status. Approvals Committee members possess the necessary technical and government policy knowledge and capabilities to review and approve product security packages and ensure government industry verification needs are met.

Members:

• Josh Kadrmas, Governance, Risk, & Compliance Team Lead, North Dakota Information Technology 
• Ken Weeks, Chief Information Security Officer, New Hampshire Department of Information Technology 
• Eric Zach, Interim Deputy State Chief Risk Officer & Chief Information Security Officer – ESRMO, North Carolina Department of Information Technology 

Advisors

• Al Roethlisberger, Chief Information Security Officer, NC Department of Information Technology – Transportation

The Governance and Nominating Committee is appointed by the Board and will strive to represent all stakeholders. The committee will recommend qualified individuals for Board membership and committee membership, including recommendations for officers and the executive director. The committee will also make recommendations on best practices for governance.

Chair: Fay Tan, Legal Counsel, NASPO ValuePoint

Vice Chair: McCall Ginsberg, Deputy General Counsel, Georgia Department of Administrative Services 

Members:

• Doug Robinson, Executive Director, NASCIO
• Dugan Petty, Retired NASPO ValuePoint, Subject Matter Expert
• J.R. Sloan, CIO, State of Arizona

The Standards and Technical Committee is comprised of at least seven members at all times. Committee members are appointed by the Board, who strive to include representation from all stakeholders, including at least one member of the Board of Directors. The Standards and Technical Committee conducts regular meetings and may call special ad hoc meetings as needed. The Standards and Technical Committee makes recommendations to the Board regarding PMO policies, security standards, best practice, and assessment processes.

Chair: Sean Hughes, Assistant Secretary for Technology, Security, and Operations/Chief Operating Officer, Massachusetts Executive Office of Technology Services and Security 

Vice Chair: Dan Lohrmann, Field Chief Information Security Officer, Public Sector, Presidio

Members:  

• Danielle Cox, Chief Information Security Officer, State of West Virginia
• Charles Rote, Deputy Chief Information Security Officer, Maine Office of Information Technology 
• Matthew Kelly, Deputy Chief Information Security Officer for Security Policy & Governance, Texas Department of Information Resources 
• Jason Oksenhendler, Vice President, Cloud Computing, Merlin Cyber
• Joe Bielawski, President, Knowledge Services
• Richard Zak, Data Governance & Compliance, US State & Local Government, Microsoft 

Advisors:      

• Jim Garrett, Chief Information Security Officer, State of Missouri
• Earl Crane, Adjunct Faculty, University of Texas at Austin 
• Phyllis Lee, Sr. Director of Controls, Center for Internet Security
• James Mason, Chief Technology Officer (Interim), NASPO
• Maria Thompson, Cybersecurity Lead, Amazon Web Services
• Rashad Munawar, Director, Security Compliance and Operations, BlackBerry Government Solutions
• Siddique Chaudhry, Manager, Global Public Sector Security Compliance, Snowflake, Inc. 

The Provider Leadership Council’s founding purpose is to provide expertise and advice regarding provider challenges, and to foster conversations with governments that result in efficient and effective cyber practices.

View the Provider Leadership Council directory here.