Cara Cosgrove

Cara Cosgrove

Director Financial Services

Department of National Defence

Cara Cosgrove CPA, CGA is a Finance Executive with over 20 years of experience in the government, non-profit, high-tech and financial services sectors. Cara’s current passion is Internal Controls over Financial Management (ICFM) and is currently an Acting Director at the Department of National Defence where she is accountable for DND’s ICFM and ICFR programs. Cara has led the transition of DND’s ICFR program into the ongoing monitoring stage and the expansion into ICFM. Cara brings substantial experience at the executive level in strategic and operating plans, resource management, financial systems, comptrollership, corporate services and performance reporting.

John Craig

John Craig


Vigilant AI

John is the CEO of Vigilant AI, which he co-founded to help both governments and enterprise CFOs leverage AI and analytics to increase the efficiency and assurance of their financial and internal audit operations. A graduate of the University of Waterloo, John has over 23 years of experience in bringing new technologies to market, working in leading-edge firms such as MindBridge Ai and Nortel Networks. A winner of the 2013 Ottawa Chamber of Commerce “40 Under Forty” Award, John is a serial entrepreneur in developing and deploying technology with governments in Canada and the US.

Aron Feuer

Aron Feuer

Managing Director

Valencia Information and Infrastructure Protection

Aron Feuer is a cybersecurity and technology consultant with over 20 years of experience. In 1998, he started Cygnos Information Security, a regional cybersecurity consultancy acquired by Grant Thornton LLP in 2012. In 2015, Aron merged his advisory practice with Valencia Information and Infrastructure Protection, a boutique cybersecurity and privacy firm.

Aron is an active practitioner, leading Valencia’s internal cybersecurity team, and working with our expert associates. His work is to describe, audit, assess, implement or virtualize cyber security programs:

  • Cyber Security Programs – Frameworks, Policies, Communications and Governance
  • Privacy and Security Audits – Subject matter experts and risk analysts
  • Threat and Risk Assessments, Privacy Impact Assessments
  • Vulnerability Assessment & Penetration Testing
  • Solution, Product, Cloud Solutions and Governance

Aron’s domain experience is in public sector, health care, critical infrastructure, and cities. He has supported or led engagements including IT Forensics investigation of the Robocall scandal, incident response to attacks by the hacker group Anonymous and the security certification of Canada’s classified networks. He’s worked with over twenty Canadian cities, ministries, agencies and departments that protect Canada’s critical information and infrastructure.

Aron is a member of Algonquin College’s Board of Governors for the Cyber Security program, and a regular volunteer and speaker at national industry conferences and board engagements on topics of effective cybersecurity programs. He is the co-author of Canadian Privacy & Data Protection for the Practitioner ISBN 1948771098.

Mike Goodfellow

Mike Goodfellow

Global Leader

Account Operations Assurance

Mike is a Partner in the Canadian firm, and currently holds the role of Global Accounting Operations Assurance Leader as well as Canadian Assurance Marketplace Leader. He has over 20 years of experience with a variety of small to large market companies in various industries including organizations that are publically traded and those in the public and private sector.

Michael Goodfellow and his team in Accounting Operations Assurance at Deloitte offer an in-depth, investigative approach to modernizing finance. Guided by his extensive work experience and Deloitte’s proven ability to transform business challenges into insights and opportunities.Michael’s focus on business strategy, finance effectiveness and technology transformation has enabled him to help clients with in-demand, practical solutions. Companies round-out their ideas and sharpen their decisions using his facilitated approach geared towards aligning business strategy with financial and business goals.

As a result, much needed change occurs with the help of Michael’s practical knowledge and strategic vision, data visualization, controls, and workshops that evaluate key financial process along with best practices.

Nina Grimes

Nina Grimes


Deloitte LLP

Nina Grimes CPA, CA, CISA, CIA, CRMA is a partner in the Ottawa office of the Deloitte Risk Advisory practice. Nina brings over 20 years of experience and focuses her time on audit and consulting related to internal controls: including business cycle controls, general computer controls and entity level controls, particularly within complex computer environments. Nina brings substantial experience with CEO/CFO Certification, including compliance with the Sarbanes Oxley Act and Bill 52-109. Her involvement with CEO/CFO certification has included working with management to identity, document and assess internal controls over financial reporting and working with organizations to rationalize controls and to implement sustainment strategies. Nina is also responsible for performing general IT control reviews and applying the Deloitte audit methodology in support of financial statement and/or internal control audits (SOC audits) for clients with more complex IT environments.  Nina is also experienced in internal audit, enterprise risk management, system under development audits and controls within system implementations.

Claudine Hebert

Claudine Hebert

Manager, Internal Audit, Internal Audit Directorate Innovation

Science and Economic Development Canada

As the President of IIA Ottawa, Claudine is responsible for leading all aspects of the chapter including setting strategy and direction.

Claudine holds an LL.B. in Civil Law from the Université de Sherbrooke, a B.Admin from the University of Ottawa, and a Certified Government Auditing Professional (CGAP) designation from the Institute of Internal Auditors. Claudine first joined the federal public service in 2010 as a Senior Auditor at the Office of the Comptroller General, Treasury Board Secretariat. In this capacity, she led internal audits in federal departments and provided recommendations to senior management, namely through the conduct of Core Control audits, which had for objective to assess the design and operations of the governance, risk management, and control processes. Since 2013, she has performed a variety of internal audits for Immigration, Refugees and Citizenship Canada, Global Affairs Canada, and the Public Service Commission, including audits in the area of grants and contributions, procurement, and regulatory compliance. In 2016, she became Manager, Internal Audit Directorate, at Innovation, Science and Economic Development Canada, and is currently the acting Director of the directorate.

In addition to her involvement with the Ottawa Chapter, Claudine has served on IIA North America’s Learning Solutions Committee. Claudine is passionate about internal audit because of the value it brings to the federal government through areas of improvements identified, in support of stewardship and excellence in the design and delivery of public sector policy, programs and services.

Richard LeBlanc

Richard LeBlanc

Professor of Governance, Law, and Ethics

York University

Richard Leblanc CMC, BSc, MBA, LLB, JD, LLM, PhD Governance advisor, lawyer, author, public speaker, researcher

Dr. Richard Leblanc is one of Canada’s leading experts on corporate governance and accountability. He is an award-winning teacher, researcher, lawyer, public speaker, consultant and specialist on boards of directors. He teaches at leading universities including Harvard University. He received a teaching award as one of the top university teachers in Ontario; was named to Canadian Who’s Who; and is an alumnus of Canada’s Top 40 Under 40TMaward.

Dr. Leblanc brings to business and professional audiences a depth of information from his extensive research and work with over 250 organizations and boards, and training and development of over 1,500 directors and managers. He is engaging, dynamic, and personable. Because of his work with leading companies and current research, he is always on the cutting edge of emerging global developments.

Dr. Leblanc has authored over 200 publications and reports, delivered over 450 invited speeches and training sessions, and sat for over 450 media appearances.

Dr. Leblanc is Editor of “The Handbook of Board Governance: A Comprehensive Guide for Public, Private, and Not-for-Profit Board Members,” which has sold 7,000 copies worldwide; a forthcoming Second Edition in May 2020; and the seminal “Inside The Boardroom,” which has sold over 6,500 copies. His work has been described by various faculty at Harvard, Yale, London Business School and elsewhere as “great & much needed,” “wonderful and pragmatic,” “thorough” and “nothing short of remarkable,” as well as by Fortune 500, NYSE, FTSE and other company leaders as “leading edge,” “ground-breaking,” “valuable guidance,” “indispensable,” “compelling” and “exceptional.”

Dr. Leblanc’s insight has guided leaders of organizations through his teaching, research and direct consultation to national and multi-national corporations and government regulators. He has provided extensive service as an external advisor to boards of directors that have won national awards and peer endorsement for their governance practices. His applied research has been used by, and he has advised, financial and securities regulators, investors, and board and committee chairs. He has been retained to advise on under-performing boards to implement governance and shareholder accountability reforms. He has advised boards, board committees, committee chairs and CEOs, and has advised on CEO performance and director and CEO succession planning and removal, consistent with shareholder value creation and stakeholder accountability.

Dr. Leblanc is frequently consulted by stakeholders – such as companies, investors, associations, partnerships, not-for-profit organizations, Crown organizations, the media and regulators – for the latest developments and trends, and customizes his speaking engagements and consultations to suit all types of audiences. He is the founder and principal of Boardexpert.com, an advisory firm providing customized governance transformation.

Dr. Leblanc possesses an extensive professional network. He is the founder of Boardexpert.com Inc and the LinkedIn Groups “Boards and Advisors,” and “Audit Committees,” with almost 30,000 and 15,000 members globally, which are among the largest and most active online corporate governance groups.

His regular newsletter is accessible to 40,000 directors and other governance professionals.

Dr. Leblanc adopts a framework for governance effectiveness developed over several years. His work, directly or indirectly, has impacted companies throughout the world, including those that have used Dr. Leblanc’s methodology to strengthen their governance effectiveness and accountability practices.

Dr. Leblanc holds a Bachelor of Science degree, an MBA, Canadian and American law degrees, a Masters in Law, and a PhD focusing on board of director effectiveness.

He can be reached at [email protected], on Twitter at @drrleblanc, or through his LinkedIn group, Boards and Advisors.

Darrell Mathews

Darrell Mathews


City of Lethbridge

Darrell has over twenty years of accounting experience with 15 years of experience in developing, implementing and monitoring internal controls. In his current role, he oversees the development and maintenance of internal controls, financial policies and processes to support corporate or legislative requirements. He also oversees treasury management, financial reporting, business unit support, financial systems, payroll, accounts payable and procurement for the City of Lethbridge. This includes the implementation of the continuous controls monitoring program which has led to Darrell being asked to share his knowledge with numerous other organizations.

Darrell has had the opportunity to provide formal training to future accounting professionals in his past roles as a moderator for the CMA Strategic Leadership Program and a sessional instructor for the University of Lethbridge.

Richard E. McDonald

Richard E. McDonald

Director, Risk Advisory Services

Valencia Global

Richard McDonald is Director, Risk Advisory Services with Valencia Global, and provides strategic consulting services to public and private sector organizations in strategy, technology, security, risk management, innovation and team development.

Richard began his consulting career after retiring from the federal Public Service as Assistant Deputy Minister and Chief Information Officer of the Canadian Security Intelligence Service. Before CSIS, he held a variety of senior executive roles at the Communications Security Establishment.

His over-40-year career has included 18 years in government, 17 of which were in the classified Security and Intelligence community, in positions from Director to ADM level and in roles such as Chief Information Officer, IT Outsourcing and Public-Private Partnerships, Strategy, Architecture, IT Security, Information Management, and Information Technology. Prior to government, Richard worked for 23 years in the Nortel family of companies, in technology strategy, product management (including a 2-year international assignment in Japan), security, IT management, and software development. He has also led innovation programs, mentoring programs, and staff development initiatives.

Richard holds MBA, MSc (Comp Sci), and BSc (Comp Sci) degrees as well as certificates in photography and graphic design. His other interests include Astronomy, Photography, Motorcycling, and Martial Arts.

Kevin Miller

Kevin Miller

Senior Manager

Deloitte LLP

Kevin is a Senior Manager in the Ottawa Risk Advisory Practice. Kevin’s focus is on the documentation, testing and remediation of business and information technology general and application controls. Kevin has significant experience performing assessments of internal controls over financial reporting (ICFR) as well as operational controls which includes performing interviews, analyzing and documenting supporting evidence, preparing client deliverables, communicating findings to clients and assisting in the development of remediation plans. Kevin also has experience testing an organization’s internal controls as they pertain to cyber security. During over 10 years of professional services experience, Kevin has worked with a variety of private, public, not for profit organizations and government clients performing assessments of the current state of an organization’s controls frameworks and assisting them in developing plans to address identified weakness. These assessments have included all business cycles and information technology general controls cycles.

Jason Murray

Jason Murray

Digital Architect


Jason Murray, M.Eng, CISSP, CCSP, CRISC, is a Digital Architect specializing in Cyber Security with TeraMach (a Pivot company). Jason helps organizations make heads or tails of which controls are needed, what is nice to have, and what can wait for now.

Drawing on over 20 years of experience, extensive technical knowledge and in-depth understanding of information security, networking and related information technologies, Jason quickly inspects system architectures, identifies vulnerabilities, assesses risks and recommends safeguards. His understanding of security and privacy policies, processes, procedures and controls also allows him to deliver solutions on the non-technical aspects of information security.

Jason’s services include PCI compliance and cyber security risk analysis, assessment and management. He helps clients understand their exposure and make informed decisions related to where they should focus their financial and technical resources when it comes to managing the organization’s risks.

Jason has a Bachelor of Applied Science from the University of Waterloo. He received his Master of Engineering (M.Eng) degree from the University of Toronto in 2002, majoring in computer engineering, and is a designated Certified Information Systems Security Professional (CISSP). Jason is a Certified Cloud Security Professional (CCSP) and a certified Payment Card Industry Qualified Security Assessor (QSA) and a Payment Card Industry Approved Scanning Vendor. He also holds Open FAIR (Security and Risk Services) credentials.

Purnima Pandit

Purnima Pandit

Manager - Internal Controls

The Ottawa Hospital

Purnima is a seasoned Finance professional with a broad experience servicing several industries in the private sector. Building on her knowledge and experience from SOX (Sarbanes Oxley) implementations , she is currently engaged in the implementation of Internal Controls at The Ottawa Hospital, one of the largest hospitals in the country, a non-profit/public sector entity.

She has had the opportunity to work in Canada, USA and India.

Kristann Rose CPA,CMA, CIA, CISA

Kristann Rose CPA,CMA, CIA, CISA

Owner and Principal Consultant

KER Consulting Inc.

Kristann Rose offers her clients nearly 20 years of experience and expertise in designing, evaluating and optimizing financial management processes. She also offers expertise in the implementation of internal control frameworks both in the public sector, such as the Treasury Board Policy on Financial Management,  and in the private sector, such as the requirements associated with NI 52-109 and the Sarbanes-Oxley Act.  

Mark Scharf

Mark Scharf

Behavioural Risk Management Advisor

Pinnacle Insights Inc.

Mark started his adult career as a Canadian military pilot trainee and moved into training command where he found his passion for practical application of leadership principles in decision-making. This passion has formed the basis for his work throughout his Federal Government career.  He joined the Federal Government in 1998, taking up various positions within the Canada Revenue Agency and eventually working his way into the integrated risk management field of work with a focus on behavioural risk management. A recruitment opportunity in 2007 led to his current work in the national security and intelligence community within the Federal Government.

Mark has continued to work within the national security and intelligence community building and implementing integrated risk management (IRM) programs, teams and projects that focus on applying leadership and IRM principles to executive level decision-making.  As the Chief of several IRM Teams and Programs, Mark has been instrumental in evolving several concepts of applied integrated risk management thinking linking operational risks to strategic objectives. These projects were showcased for partners and allies including: UK (2008), Ireland (2009), US (2010), NATO (2010-11), and several Canadian Departments – DFO (2012), CSE (2013), PCO (2016-19).

Mark completed his Federal Government career serving as a Senior Security Risk Advisor for the Privy Council Office (PCO) in support of PCO Security Operations.  This work included real-time risk assessments, providing guidance and advice on security operational protocols and managing the Departmental Security Plan, an annual summation of security challenges and achievements throughout the year for the Department.

Mark has a Canadian Studies degree from the University of Waterloo.  He is a trained Alternative Dispute Resolution Facilitator and has facilitated IRM courses throughout the Canadian Federal Government. His combination of military and civilian experiences provides his classrooms and workshops with a wealth of life experience relating how IRM can be effectively applied to real-life decision-making.

Mark spends his personal time working with a local charity group, playing his drums and making kitchen experiments he calls “comfort food”.