| PRESENTATION SUMMARIES AND SPEAKER BIOS |
|
|
RIM 101: Records & Information Management Basics and Beyond
|
|
Do you think Records & Information Management sounds dull? Think again! This lively session mixes real stories, practical tips, and plenty of laughs while exploring why records matter. From compliance to transparency, you'll learn the basics without the boredom. There might even be a song, because good records management deserves a standing ovation!
|
|
About the Speaker:
|
|
Tyrene Bada, MLS, CRM
Systems Analyst
City of Beaverton, OR
|
|
Tyrene Bada, MLS, CRM (she/her) is a Systems Analyst for the City of Beaverton, wrangling information governance with the precision of an archivist and the enthusiasm of a librarian on a treasure hunt. She stumbled into records management at Portland Community College, where she built its first records program from scratch.
A past president of the Oregon ARMA Chapter, Tyrene served on the ARMA International Board of Directors (2020–2023) and now chairs the ARMA International Conference Education Committee. She also contributes to the ICRM as a CRM exam part writer.
Armed with a Master’s in Library Science from Emporia State University, she brings order to chaos—whether in data systems or theatre rehearsals. She proudly serves on the Board of Directors for the award-winning Broadway Rose Theatre and, as a professional cantor and chorister, spends her nights making music. In her downtime, you’ll find her napping or lost in Taylor Swift’s discography—her soundtrack for both productivity and relaxation.
|
|
|
Cybersecurity Panel Discussion
|
|
As technology evolves, so do the cyber risks that threaten the records and information we manage. Our panel of experts will discuss the current threat landscape, defense strategies, and guidelines for recovery after an incident such as a security breach. The discussion will center on balancing accessibility with security, incident response, business continuity, and emerging technology and trends.
|
|
About the Panelists:
|
|
Matt McClelland, IGP, ecmM
Senior Managing Director,
FTI Consulting
|
|
Matt McClelland, IGP, ecmM (facilitator) has more than two decades of experience in data and information governance, intelligent information management, and analytics. He has built and scaled sophisticated information and data governance programs for global organizations and managed hundreds of information management initiatives for Fortune 500 companies.
As a leader in information governance and data management, Matt has a proven track record of delivering enterprise programs across the healthcare, insurance, telecom, manufacturing, and retail sectors, while driving global compliance and executing large-scale data minimization and records modernization. Matt frequently advises clients on operating model design, policy and retention schedule development, change management, and technology enablement. Prior to his career in consulting, he served in director and management roles in which he was responsible for overseeing privacy compliance, records management, analytics, and e-discovery, while implementing comprehensive training and awareness programs to drive organizational alignment.
|
|
|
|
|
Alaric Battle
Managing Partner
BattleCohn, LLC
|
|
Alaric Battle was raised in the data center, got his first gig as a programmer at age 12, and has more than 45 years in the IT trenches. His focus is providing end users with a great end-to-end technology experience. He has been working at the University of California, San Francisco for 30 years, currently as the Architecture Manager at the Epidemiology and Biostatistics Division, responsible for securing and managing the worldwide infection disease database.
Alaric and Larry Cohn, President and Owner of Business Process Automation Company, formed BattleCohn LLC in 2023 to provide full cybersecurity and IT related services - including assessment, solutions, and training - for organizations of all sizes, as well as private individuals, at an affordable price.
|
|
|
|
|
Cheryl Young, IGP, CITT+,
ermM, ecmP
Consultant
|
|
Cheryl Young has been active in the records and information management field since 1984 as a business process consultant, trainer, records manager, information analyst, contracts manager and project manager with specific expertise in RIM projects and Lean process analysis.
Ms. Young is a current Information Governance Professional, certified Scrum Manager, certified Scrum Product Owner, certified Technical Trainer, former Certified Information Professional, certified Accounts Payable Manager (with Distinction), and a Certified Document Imaging Architect+. She also holds certificates in Lean methodology, Enterprise Content Management and Electronic Records Management. Cheryl was twice the President of the Orange County Chapter of ARMA International, a past Chair of the ARMA International 2004 Conference in Long Beach and is past ARMA Pacific Region Manager, encompassing California, Arizona, Nevada, Utah and Hawaii. She is also a member of the Project Management Institute, DAMA, ASQ, AIIM and IOFM.
Cheryl was on the teams which created the records retention module for Digitech PaperVision and for FileBound. She has developed retention schedules for charities, law firms and local government organizations as a foundation for RIM and IG programs. She has also participated on RIM teams for Fortune 5 companies to build compliant, litigation ready programs. Cheryl’s experience in business continuity planning and disaster recovery dates back to 1987 when a filing systems client’s ceiling fell in due to the weight of file boxes stored in the attic of the building. Since then she has worked to remove as much of the paper from the process!
|
|
|
|
|
Jake Margolis
Chief Information Security Officer, Metropolitan Water District of Southern California
|
|
Jake Margolis is the Chief Information Security Officer for the Metropolitan Water District of Southern California (MWD). While serving at MWD, he has overseen the implementation of foundational zero trust network access programs and the creation of MWD's cybersecurity operations center. Jake was recognized as one of Cyber Defense Media's top CISOs for 2024. Prior to joining MWD, he served as the CISO for the County of Orange in California. In his capacity as the County of Orange CISO he oversaw the development and implementation of multiple countywide cybersecurity initiatives that led the County to receive an award from the National Association of Counties for its Cybersecurity Program in 2018. During his military service Jake was the Information Assurance Manager for the California National Guard and California Military Department and served in Command and Primary Staff capacities as a US Army Officer.
|
|
|
California Public Records Act
|
|
Presentation Coming Soon
|
|
About the Speakers:
|
|
Christine N. Wood
Partner,
Best Best & Krieger LLP
|
|
Christine Wood is a partner and member of Best Best & Krieger LLP's (BBK) Special Districts practice group and has significant experience with legal strategy, risk mitigation, the California Public Records Act (CPRA), and e-Discovery. As an investigator, Christine has conducted pre-tort litigation investigations, helping legal teams anticipate liability exposure and develop proactive risk management strategies. Christine's core practices include the CPRA, Privacy, and Cybersecurity, among other areas. Before joining BBK, Christine worked as an assistant general counsel at the Los Angeles Unified School District, the largest school district in California, providing advice and training on PRA, the Brown and Greene acts, and more.
|
|
|
|
|
Jennifer Ransom, CRA
Lead Paralegal,
Best Best & Krieger LLP
|
|
Jennifer Ransom serves as a lead paralegal in Best Best & Krieger LLP's (BBK) ARC: Advanced Records Center, which provides comprehensive and cost-effective support for records-related matters. Jennifer has more than 14 years of municipal government experience, providing her with a wealth of public agency perspective and skills. Before joining BBK, she worked in California's public sector, including the cities of Dana Point and Murrieta. She specializes in areas such as information governance, electronic document management systems, municipal policy research and implementation, municipal elections, the CPRA, and the Ralph M. Brown Act. Jennifer is a Certified e-Discovery Specialist and a Master Municipal Clerk.
|
|
|
Retention in the Real World: Why It's Harder Than It Looks - Panel Discussion
|
|
In theory, records retention sounds simple: keep records same and then disposition them after they've reached a specified amount of time. In reality, we know it's a lot more complicated. We have to consider laws & regulations, business needs, changing technology, physical and cyber security, privacy, company culture, and more. Our panel consists of RIM professionals from a variety of industries with real-world experience. They will share stories of struggle and success, lessons learned, and practical advice that will help you in your own jobs.
|
|
About the Panelists:
|
|
Steve Golden, CRM
Founder,
franction-ally
|
|
Steve Golden, CRM is the founder of fraction-ally, a 30-year veteran in the field of Information Governance and Records & Information Management, and has been a Certified Records Manager since 1999. Most recently, Steve spent nearly a decade as Director of Information Governance for Sony Pictures Entertainment, where he oversaw global IG operations, established enterprise-wide information classification schemes, and aligned retention programs with GDPR, CCPA, and CPRA requirements. Before Sony, he drove nearly $2 million in cost savings at Apria Healthcare through defensible deletion protocols for electronic records, and managed records through massive acquisition growth at RBC Wealth Management — overseeing a multi-million dollar budget and a team of 14.
Steve holds ISO27001 Lead Implementor and Lead Auditor certifications, and earned the CIGO AI (Certified Information Governance Officer Artificial Intelligence) designation in 2024. He holds a BBA in Management and Information Management from the University of North Dakota and a Graduate Certificate in Information Security from Keller Graduate School. An active industry leader, Steve has served on the ICRM Board of Regents, on the Boards of Directors of multiple ARMA chapters, and has spoken at more than 100 industry events and conferences. He founded fraction-ally in 2025 to make that depth of expertise accessible to organizations that need senior IG leadership without a full-time executive hire.
|
|
|
|
|
Danna Schacter, CRM, AIGP, IGP
Records & ECM Manager
First 5 LA
|
|
Danna Schacter, CRM, AIGP, IGP has nearly 20 years of experience in records and information governance. For the past six years she has been with First 5 LA, starting her work there at the beginning of the COVID pandemic and helping the organization shift to cloud-based work, digital workflows, and a hybrid records environment. Danna also oversaw the review and update of First 5 LA's records retention schedule.
With past experience spanning nonprofits, law firms, small private businesses, entertainment companies, and even NASA's Jet Propulsion Laboratory, Danna brings exceptional breadth to the field of RIM. Her expertise encompasses program and policy development, retention schedule development and implementation, digital imaging, workflow automation, and ECM systems.
|
|
|
|
|
Fidel Hernandez
IT Security Governance and Compliance,
Hyundai AutoEver America
|
|
Fidel Hernandez, CISA is an industrial and systems engineer with 22 years of experience in oversight, auditing, and certification of information technology systems and software delivery projects. Fidel has international experience in the United States, Singapore, Mexico, and over a dozen Latin American countries. He has developed IT risk assessment and oversight practices for 40 companies in 20 countries, and his expertise includes policy and procedure development, Sarbanes-Oxley, information security, and fraud cases.
|
|
|
|
|
Kathleen Jimenez
Senior Manager, IG Strategy & Technology
DLA Piper US LLP
|
|
With over 20 years of experience in Legal Information Governance, Kathleen Jimenez has been at the forefront of the transition to electronic records. She has successfully established teams that integrate Information Governance and Technical expertise across several firms.
Kathleen's leadership has driven significant data clean-up initiatives and the implementation of advanced systems and tools, enabling automation and seamless integration of workflows and data sources. Her projects highlight her ability to understand and align with the needs and goals of various departments within a large law firm environment.
Kathleen's comprehensive knowledge of legal Information Governance makes her an invaluable resource for vendors and industry professionals. She is also an active member of ILTA, ARMA and LFIGS.
|
|
|
AI Governance
|
|
Presentation summary coming soon
|
|
About the Speakers:
|
|
Carl Grifka, CISSP, CISA, CISM, PMP, CDPSE
Principle & Co-Founder,
Alpha Secure LLP
|
|
Carl Grifka, CISSP, CISA, CISM, PMP, CDPSE is a dynamic finance and IT thought leader with experience in public accounting, a global cinema technology leader, and a global Fortune 100 company. Carl leverages his deep IT and business process background in his role as a technology and process risk adviser to CFOs, CIOs, CISOs, and CEOs of SEC filers and private businesses. Carl maintains his CISSP, CISA, CISM, PMP, CDPSE, and lean six sigma green belt certifications.
Carl and his team guide clients through complex systems initiatives leveraging their vast business and technology experience to govern, deploy, and manage these initiatives. Carl also advises members of management, boards and executives regarding SOX (business and IT), IT planning and IT assurance, cybersecurity, SOC, and organizational change management. Carl serves on the Board of ISACA LA and maintains a solid understanding of new and emerging topics impacting the profession.
|
|
|
|
|
Mike Villegas, CISA, CISSP, AC/CISO, CSX/F, CSX/A, CEH
President & Founder,
iSecurePrivacy LLC
|
|
Miguel (Mike) Villegas, CISA, CISSP, AC/CISO, CSX/F, CSF/A, CEH is the Founder and President of iSecurePrivacy LLC, a technology consulting firm focused on cybersecurity and privacy of critical risk information. He is also CTO and CISO for Xahive, a startup secure email solution and security awareness provider. Mr. Villegas is a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), AC|CISO, CSX|F, CSX|A, Certified Ethical Hacker (CEH), and ISO/IEC 27001 Lead Implementer. Mr. Villegas was also a contributing writer for SearchSecurity—TechTarget, with over 150 articles written. His specialties include: vCISO, vCTO, IT Risk Management, IT Regulatory Compliance, IT Privacy, IT Audit, Vendor Risk Management, Information Security (mainframe, C/S, and web infrastructures), z/OS RACF, ACF2, TopSecret, z/OS CICS, z/OS IMS, z/OS DB2, IBMi (prev. aka iSeries/AS400), PCI DSS, PCI SSF, FFIEC CAT, NY DFS, DFARS/NIST SP 800-53/171, HIPAA, and ISO 27001.
|
|
|
How Data Governance Can Transform Data Security - With Mathematics!
|
|
Data Governance’s core principle of Data Minimization mirrors cybersecurity’s Principle of Least Privilege—both aim to reduce unnecessary access and therefore reduce exposure. What’s been missing is the mathematical framing that shows how these principles can directly address one of the largest and least understood risks to personal data: third-party breaches.
Despite the HITECH Act, active investigations already involve 86% of the U.S. population, and two-thirds of those individuals were compromised through a third-party breach. This pattern reveals a systemic gap: current Third-Party Risk Management (TPRM) practices do not limit the number of third parties holding sensitive data, even though probability theory shows breach likelihood increases linearly with each additional party. No major TPRM framework—including the IIA’s 2025 Third Party Topical Requirement—addresses this exposure. The fix is straightforward: apply Data Minimization to the number of third-parties. When paired with basic probability, this becomes measurable and actionable.
This session introduces a simple formula any organization can use to quantify third-party exposure, along with a customizable leadership report and a supporting white paper with the full derivation. Protecting sensitive data becomes achievable once management understands the systemic nature of the risk. Data Governance can provide that visibility. Awareness is the first control—and it starts here.
|
|
About the Speaker:
|
|
Thomas Lee, PhD
CEO & Co-Founder
VivoSecurity Inc.
|
|
Dr. Thomas Lee is the CEO of VivoSecurity, a Silicon Valley company specializing in data collection and regression modeling to quantify the inherent randomness of cybersecurity incidents. He has developed predictive models for online banking fraud, PII breach probability, and post-breach litigation exposure. He is a member of the San Jose State University Center for Artificial Intelligence & Cybersecurity (CAIC) Advisory Board, holds multiple patents, has published extensively in peer-reviewed journals, and earned dual BS degrees in Physics and Electrical Engineering from the University of Washington and a PhD in Biophysics from the University of Chicago.
|
|
|
The RIM/IG Profession: Where is it Headed and How Can I Make Sure I'm Not Left Behind?
|
|
The RIM/IG practice is no longer about keeping pace. It's about anticipating change and leading with intent. As data volumes explode, emerging technologies accelerate change, AI reshapes risk, and regulations continue to evolve, the role of RIM/IG professionals is expanding from behind-the-scenes compliance to front-line strategic leadership, partnership, and influence. This session explores where our profession is headed next and what skills, mindsets, and partnerships will define success in the coming years. We'll examine the shift from reactive practices to proactive strategies, from siloed efforts to cohesive, integrated ecosystems, and from a "caretaker" role to that of a trusted advisor. Most importantly, we'll focus on practical ways to future-proof your career and your organization. If you've ever wondered how to stay relevant, resilient, and indispensable in a rapidly changing landscape, this conversation is for you.
|
|
About the Speaker:
|
|
Andrew SanAgustin, CRM, IGP
Chief Information Governance Officer,
Hagens Berman Sobol Shapiro LLC
|
|
Andrew SanAgustin, CRM, IGP is the Chief Information Governance Officer at Hagens Berman Sobol Shapiro LLP and a recognized strategic leader in compliance, technology, and innovation. With more than 30 years of experience, Andrew is known for building forward-looking governance programs that balance regulatory rigor with operational agility. In his role, Andrew leads firmwide initiatives focused on advanced Information Governance frameworks, enterprise records management, and the responsible integration of AI-driven technologies. His work strengthens compliance, mitigates risk, and unlocks measurable efficiencies across complex, highly regulated environments. His expertise spans enterprise system deployment, global policy alignment, compliance-driven workflow design, change management, cost optimization, and AI integration for governance and risk mitigation. A subject matter expert, author, and frequent speaker, Andrew is especially known for his thought leadership in Microsoft 365 (M365/O365) governance, where he helps organizations translate emerging technologies into practical, defensible, and scalable governance solutions.
|
|
