Chelsea Lopez

CIA, CISA, CRISC, CISSP, PCI-ISA Enterprise Risk Director, FIS

Chelsea is a Director at FIS, where she leads the PCI Assurance Program consisting of 100+ annual assessments across numerous security standards including PCI DSS, PCI SSF, P2PE, PCI PIN, PCI 3DS, and Card Production.  Chelsea has more than 20 years of Risk, Information Security, Compliance and Internal Audit experience in FinTech and Gaming (Casinos).  Chelsea serves as Chair of the Payment Processor Information Sharing Community (PPISC) of FS-ISAC.  Chelsea holds a Bachelor of Science in Business Administration from the University of Nevada, Reno; as well as, maintaining cybersecurity certifications including CISA, CISSP, CRISC, and PCI ISA.

Chelsea Lopez's Events

Compliance is a Program, Not a Project

Date: Wednesday, September 13

Presented by: Michael Aminzade, QSA, PCIP, CISSP, C|CISO, CISM, CRISC, CDPSE, ISO LA27001 Vice President, Managed Compliance Services, VikingCloud and Chelsea Lopez, CIA, CISA, CRISC, CISSP, PCI-ISA Enterprise Risk Director, FIS

The Golden Gate Bridge consists of 83,000 tonnes of steelwork, with main cables made up if 80,000 miles of spun galvanized steel wire. Currently there are 40 ironworkers and painters who battle wind, sea air and fog to repair corroding steel. Just as you finish one task, another one starts, or the task you just finished needs redoing again. The thing is though, if the maintenance program isn’t continued, and managed, the results could be catastrophic. Likewise, if we treat compliance programs as individual projects, or one-off tasks, corrosion of our overall security posture and our compliance status could easily occur. So, what we will consider as part of this presentation is:
  • Why compliance should be viewed as a program.
  • World view on regulatory compliance.
  • Synergies between compliance programs.
  • Developing a mature compliance program.
  • Impediments to success.