Senior Manager, Deloitte & Touche LLP
Cyber Business & Operational Risk
Regulatory & Compliance
Energy & Resources

Summary
Shari is a Senior Manager in the Regulatory & Compliance Group and has more than 18 years of experience working as both a regulatory lawyer and cyber compliance professional. Prior to joining Deloitte Shari worked at Exelon Corporation where she served for many years in a dual role as both an enterprise-wide compliance manager and lead regulatory cyber counsel across all business units. She also has broad experience with power and utility cyber implementation, investigation, audit and compliance to critical infrastructure regulations and NIST requirements.

Shari’s cyber security practice focuses on:

• Cyber security regulatory and operational risk assessments and strategic improvement and mitigation plans;
• Design and implementation of cyber security governance and compliance programs;
• Internal and regulatory investigation, root cause analysis and audit support;
• Cyber process and control program development and implementation with a focus on improved executing procedures, quality assurance controls and compliance management;
• Subject matter specialist support across FERC, NERC and CIP/Cyber regulatory compliance and enforcement requirements.

Selected Experience
Cyber Security/NERC CIP Experience Highlights

• Led development and implementation of cyber security governance and compliance program across all cyber security operations, regulated and non-regulated, for mid-size utility.
• Lead for development and implementation of global ethics helpline program including processes, controls, cyber and privacy assessments (GDPR and local regulation) and system implementation across ethics offices for 32 divisions and more than 160 countries.
• Legal advisor and lead role in the development of NERC 693 and CIP cyber compliance programs, including governance, implementing processes and technical controls solutions. Lead counsel on all CIP and cyber issues and member of internal Cyber Task Force responsible for tracking regulatory compliance activity in cyber arena for power & utility industry.
• Lead counsel and program advisor for NERC (pre-FERC certification), ISO-RTO and state regulatory cyber and reliability requirements for more than 10 years.
• Served as industry representative for several years on various regulator and interagency cyber security standards coordination initiatives, including a cross-agency industry collaboratives initiated responsive to President Obama’s 2013 Improving Critical Infrastructure Cybersecurity Executive Order.
• Shari is a co-founder, former Chair and standing member of the National Energy Compliance Forum, a nationwide power and utility industry collaborative focused on regulatory and compliance leading practices.