Skip Navigation LinksASIS International / News / Press Room / Press Releases / 2008 / AESRM Announces Winner of Third Annual Convergence and ERM Award

​​​1625 Prince Street
Alexandria, VA 22314-2818
Fax: +1.703.519.6299
Michael J. Stack
Executive Director

News Release

AESRM Announces Winner of Third Annual Convergence and ERM Award

Rolling Meadows, Illinois, USA 2008-09-18

​The Alliance for Enterprise Security Risk Management (AESRM) today presented Eddie Skey, senior solutions architect at Forsythe Solutions Group in Charlotte, North Carolina, USA, with the third annual Excellence in Security Convergence and Contribution to Enterprise Risk Management (ERM) Award at the 54th annual ASIS International Conference in Atlanta. AESRM is a partnership of international security organizations ASIS International and ISACA.

AESRM created the award to honor individuals who are leading the growing fields of ERM and security convergence, which is the integration of traditional and information security functions.

“The work of professionals such as Eddie Skey is helping enterprises realize more effective and efficient security, and AESRM is pleased to recognize his contributions,” said Emil D’Angelo, chair of AESRM. “We congratulate the finalists and nominees, and thank them for their continued efforts to advance the security profession through convergence.”

Skey was selected as winner as a result of his demonstrated ability to integrate all aspects of security into a comprehensive plan that address the needs of technical specialists as well as senior management. A member of ISACA, he is also a founding member and past president of the Charlotte (North Carolina, USA) Chapter of ISSA. Through this chapter, he created a scholarship for undergraduate and graduate students studying information security at the University of North Carolina. Each year, Skey brings in industry experts to speak at the annual ISSA Summit, which allows members to receive cost-effective security training. 

According to one of his nominators, “Eddie possesses a technologically broad skill set as well as the innate ability to take feedback and questions from customers to discover new vulnerabilities and ways to mitigate them.”

Another of Skey’s nominators said he was most impressed by Skey and his abilities when Skey assisted in creating an information security plan at the nominator’s company.

“Skey impressed me by showing his methodology of selling such a plan to management. He wanted to change management’s perception of the plan by representing it as a competitive edge over the competition instead of as an insurance policy,” the nominator wrote. “This tactic showed management the return on investment and the total cost of ownership of the plan, which in my opinion was the most difficult task of all.”

Finalists for the annual AESRM award include Kevin Feimster, chief information security officer (CISO) of the National Stock Exchange in New Jersey, USA; Al Kirkpatrick, CISO of First American Corp. in California, USA; and John Paczkowski, director of emergency management and security of the Port Authority of New York and New Jersey in New York, USA.

Representatives from both AESRM partner organizations judged all nominations/entries. Among the criteria for the award was demonstrated leadership in improving the convergence of traditional and information security throughout an organization. The award also recognizes progress in areas such as improved security and decreased risk within an enterprise; achieved demonstrable ROI/cost savings; convergence progress achieved in all three domains of people, process and technology; and demonstrated leadership in sharing convergence accomplishments outside of one’s own enterprise.

Previous winners of the award include Sanjay Bahl, CISM, then the chief security officer of Tata Consultancy Services (TCS), India, and currently the CSO of Microsoft Corp. (India) Pvt. Ltd., and Dave Tyson, CPP, CISSP, then the chief security officer for the City of Vancouver, Canada, and currently the senior director of information security, disaster recovery and business continuity planning at eBay.

For more information on AESRM publications and initiatives or to view examples of convergence in action, please visit

# # #
The Alliance for Enterprise Security Risk Management (AESRM) ( was formed in February 2005 to encourage board and senior executive attention to critical security-related issues and the need for a comprehensive approach to protect the enterprise. The alliance—consisting of ASIS International and ISACA—brings together more than 100,000 global security professionals with broad security backgrounds and skills to address the significant increase and complexity of security-related risks to international commerce from terrorism, cyber attacks, Internet viruses, theft, fraud, extortion and other threats.
About ASIS International
ASIS International ( is the preeminent organization for security professionals, with more than 36,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests, such as the ASIS Annual Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role and value of the security management profession to business, the media, government entities, and the public. By providing members and the security community with access to a full range of programs and services, and by publishing the industry’s number one magazine—Security Management—ASIS leads the way for advanced and improved security performance.
With more than 86,000 constituents in more than 160 countries, ISACA ( is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor (CISA) designation, earned by more than 60,000 professionals since 1978; the Certified Information Security Manager (CISM) designation, earned by more than 9,000 professionals since 2002; and the new Certified in the Governance of Enterprise IT (CGEIT) designation.