Download PDF

Ursula Leinemann

Interim and Programme Manager for Governance, Risk, Compliance and Security Management

Education

Prince2

OCG
Nov 1986Apr 1992

Diplomkauffrau

University of Augsburg

University degree from the University Augsburg in Business Administration and Economics. Focus areas were Organisational Management and Leadership. Controlling and Auditing. Third focus area was sociology. 

Completed the Controlling and Auditing topic as one of the top ten students of the year. 

Work experience

Sep 2006Present

Owner, Management Consultant

InLein Consulting

Projects @ InLein Consulting

 

Interim Program Manager (Automotive, MAN SE), 2012-2013

  • Group wide development and rollout of a continuous controls monitoring program
  • Annual multi million Euro budget, about 40 team members in parallel projects constituting various suppliers as well as internal resources
  • Steering of the internal Compliance IT unit as well as the extenal IT delivery partner
  • Full board visibility in this extensive group wide role

Achievement: Development of innovative - quality and change management assured - system and rollout to more than 40 countries using a cost efficient template approach

 

Project Turnaround Manager (Manufacturing, household appliances), 2014-2015

  • Project Recovery upon takeover from previous program manager
  • Development of risk based, efficient and effective approach to High Risk Transactions
  • Interfacing with internal and external delivery partners of this SAP co-innovation project
  • Project Quality Assurance to ensure system reliability, integrity and availability

Achievement: Board sign off upon business oriented re-scoping while reducing the project budget by 25% and assuring collaboration of innovation partner

 

Interim Project Manager (Consulting Business, KPMG), 2011-2012

  • Leading the security project of KPMGs internal IT outsourcing program in the ASPAC region to ensure confidentiality, availability and integrity of data and resources handled by outsourcing partner underlying standard was ISO 27000
  • On-going management interaction with the global outsourcing partner as well as management of KPMG internal subject matter experts across multiple continents

Achievement: Overcoming various cultural and legal challenges

 

Project Manager (Telecommunications), 2009-2011

  • Development and implementation of integrated Process, Risk and Business Continuity Management approach with identification of risk mitigating measure for business critical activities
  •  Full Board visibility and build up of an internal function

Achievement: Efficient and economically meaningful integration of governance topics in daily routines and KPI rollout for the new process model

 

Project Manager (Biotechnology), 2006-2008

  • Development and implementation of Compliance approach for the Eurasian region
  • Definition of Key Performance Indicators, an internal controls model, a scorecard model and training modules for all management processes, e.g. Financial, HR, Marketing, Data Privacy

Achievement: Overcoming management disapproval of compliance by focussing on business objectives and benefits

 

Project Coach (Manufacturing, Household Appliances), 2018

  • Coaching of the project manager and contribution to the Know your Customer (KYC) project with the objective to achieve Compliance Management System audit readiness
  • Quality assurance of underlying processes and tools

Achievement: Project recovery and successful delivery

 

Project Manager (Bank), 2014

  • Development of fraud management strategy and organizational setup for a direct bank
  • Roadmap and KPI development

Achievement: Lean approach to fraud management and loss prevention

  

Interim Manager (Insurance), 2008

  • Development of a business process control framework interlinking with the companies risk management system (MaRisk – regulatory requirements)
  • Development of internal controls for insurance IT

Achievement: Measurable rollout approach and knowledge transfer including handover of topic to the customer

 

Subject Matter Expert (Manufacturing, Lightening), 2010

  • Development of a communication concept for the revamped product development process
  • Target group specific communication means from Board of Management to employee communication based on global leadership interviews

Achievement: The only well recognized project amongst a bundle of strategic initiatives

 

Project as temporary employee of caweco GmbH

Global Program Rollout Manager (at global Insurance), 2015-2017

  • Delivery of a SWIFT tested best in class sanctions screening solution on behalf of Group Compliance (Financial Crime Unit)
  • Digitalization of the screening approach based n the NICE Actimize product suit
  • Management of close to 40 simultaneous rollouts in about 20 countries
  • Steering of IT unit to deliver according to defined quality and service targets including demand definition for new IT concepts and review thereof

Achievement: Development of rollout template saving 75% of initially planned rollout budget per operational entity

 

Jul 2002Sep 2006

Vice President Corporate Security

o2 Germany GmbH & Co OHG
  • Vice President Corporate Security O2 Germany, covering all strategic aspects of security including Disaster Recovery, IT Security, Physical Security, Network and Mobile Security, Health and Safety, Business Continuity Management and Lawful Intercept. The area of Lawful Intercept operations was managed by my team
  • Data Privacy Officer for O2 Germany and as such main link to the Data Privacy authorities within Germany
  • Security Officer as required by the German Telecommunications Act and the Chief Security Officer according to SOX
  • Ensuring redundancy of critical systems
  • Implementation ofa crisis management function and a Business Continuity Management Programme within the company
  • Improvement of assessment results from external insurance auditors (operational risk reviews) in all relevant areas and thus keeping insurance fees stable for the company. 
  • Implementation of a security risk management system, using actual financials to assess risks
  • Establishment of a risk acceptance process to ensure progress of projects within critical timelines with clearly defined deadlines to mitigate the security risks.
  • Development of a security policy set based on ISO 17799 (27001)
  • Management of company crisis, avoiding penalties from the authorities and establishment of formal communication channels with relevant authorities thus avoiding any regulatory penalties in the security area
  • Introduction of an automated system for legal intercept measures and thus significantly reducing the increase of headcount while authority measures were increasing
  • Data Privacy Trainer - focussing on Call Centre employees 
  • Conference speaker on international conferences
  • Development of a security strategy in line with the company strategy to outline security into the future
  • Management of the unit including cost centre responsibility and member of the top 50 senior management team
  • Growing the business unit from 8 to 32 staff with 4 departments in the unit and a significant extension of responsibility
  • Significantly improving the relationships of the security business unit with relevant other business units resulting in the involvement of the security function in core projects, thus reducing the risks to the company
May 2001Jun 2002

Security Director

Interxion B.V.
  • Security Director at Interxion, a European Collocation Company. The areas of responsibility included physical security for all European Data Centers, Information Security for the internal as well as for the management network, security responsibility for product development, especially in the area of managed services. 
  • Achieved suntone certification for Interxion together with a dedicated team within a few months 
  • Development of a security policy in line with ISO 17999 (27001) binding for all daughter companiesthroughout Europe.  
Sep 1992Apr 2001

Senior Manager Information Risk Management

KPMG, Germany, South Africa, Austria

Senior Manager, Regional Information Security Coach, International Headquarters, Amsterdam, The Netherlands (1999 - 2001)

  • Secondment from KPMG Austria to KPMG International Head Quarters, Amsterdam as Regional Information Security Coach for Europe, Middle East and Africa with responsibility for the implementation of the KPMG security standards within the region (main security contact for 86 countries within the region). Position held was member of the office of the Global Chief Information Officer.
  • Member of the core team defining the global information security management system policy and standards for deployment throughout the company
  • Project Coach within the region, actively working in over 40 countries around the globe
  • Trainer for security awareness programs and business process control related topics

Manager Information Risk Management, Vienna, Austria (1998 - 1999)

  • Manager at KPMG Consulting, Vienna in the Information Risk Management Department consulting to clients on information security management topics, either as part of financial audits or as standalone projects, like e.g. the Y2K topic or the Euro induction in Austria
  • Trainer for business process control management systems and involved in the roll out of the KPMG methodology relating to this topic
  • Preparation of the company for passing the security section of the SuntoneTM certification

Manager Information Risk Management, Cape Town/ Johannesburg, South Africa (1995 – 1998)

  • Information risk management projects involved computer assisted audit techniques, process control design during the set up of major companies, process definition during e.g. SAP/R3 implementations, IT audits, definition of security management systems. Mayor focus was in the area of business process control and facilitation between IT and business requirements.
  • First leadership role and second in charge in the Information Risk Management assignment in Cape Town
  • Trainer for business process control management systems.

Audit Assistant, Munich, Germany (1992 – 1995)

  • Audits of financial statements and special (fraud) investigation assignments

Skills

Budgeting and Controlling

Experience gained not only by academic education but also  by using the relevant theoretical knowledge in the day to day business - both while advising clients on controlling topic as well as while running business units myself. 

Managing program budgets including vendor negotiations

open minded
Highly international player with an open mind for different cultural approaches. 
Training
Trainer on a variety of topics both in English and German with excellent feedback from participants. 
Moderation and Facilitation
Extremly valuable experience in moderation and facilitation based on program management experience. Expert in achieving agreement amongst different parties on various subject matters.  Workshop moderation.
Leadership
Senior manager with significant leadership experience in a variety of cultures and with differnet size teams. 

Certifications

PRINCE2 Foundation

Copargo

CISA

ISACA

CISM

ISACA

Interest

Travelling, different cultures, exploring, golf, backgammon and red wine

CustomSmall

Management Consultant focussing on knowledge transfer and facilitation of business objectives. 

Objective

An opportunity to support a company in the definition and achievement of objectives by means of facilitation, motivation, knowledge sharing and application of management skills. This might be as  interim or project manager - or, if the opportunity feels good as a member of the companies management team. 

Resume

Significantly experienced senior manager in a variety of industries, functions and multicultural global fast paced environments. Line management responsibility as vice president as well as experience as senior manager in consulting assignments. Specialized in governance, risk, compliance and security management. Expert in cross-cultural work environments and strategic and operational planning based on working in over 40 countries. Substantial expertise in managing global board-level programs. Working as interface between business and IT with strong focus on a practical, business oriented and speedy approach. Highly analytical with excellent expertise in business judgement and conceptual skills. Experienced in managing managers and global teams as well as developing and transforming organisational structures.