Mike Pankey
CISA, Director

Mike Pankey provides consulting and risk management services focused on the financial services and technology industries. Working with clients on strategic and regulatory initiatives across a variety of security standards (ISO 27001/2/3, NIST, ISO 9001, PCI-DSS, CRI) and regulatory requirements (OCC, FFIEC, SEC, NY-DFS, FRB), he has a diverse range of enterprise and operational risk experience.

Mike Pankey

Office | 469-669-7292

Add Mike to address book

Contact Mike

Let’s start a conversation about your company’s strategic goals and vision for the future.

Please fill all required fields*

Please verify your information and check to see if all require fields have been filled in.

Mike+Pankey [email protected]
Please select job function
Please select job level
Please select country
Please select state
Please select industry
Please select topic

Experience and credentials

Leads clients through technology and process enhancements leveraging data insights to achieve strategic objectives
Builds and redesigns first and second line risk and compliance functions/operating models, data analytics, and third-party risk management
Helps large companies overcome operational challenges by establishing cross-functional, enterprise-wide approaches to managing vendor risk and performance
Consults with key decision makers, including C-suite executives, developing and presenting technical data and business cases to drive decisions, investment/ROI, risk metrics, and reporting
Designs various types of risk management and complaince programs including cybersecurity and business continunity management, and third-party risk management
Has led enterprise and vendor risk data modeling initiatives at several Fortune 500 companies to help predict and report on material risk across various business lines, technology, and third-party service providers
Knowledgeable in developing POCs and user requirements for broader GRC and TPRM technology selection and implementation projects. Use cases include risk and control self assessments, security reviews (operations, product, cloud, vendors), and compliance monitoring (regulatory, complaints). Included automation of processes as well as reporting in PowerBI to monitor performance, risk metrics and trending
Managed design and implementation of third party complaints management program for large financial services technology company. Scope included process design, organizational change management, and data management across a multi-functional stakeholder team (ERM, Security, Compliance, Legal, IT, IA, Procurement) and client business units
Provided MRA response support for multiple banks related to customer facing interactions, IT operational issues, and financial advisor management and data access issues


BS, Integrated Business Mgt., Industrial Engineering – Lehigh University 

Professional affiliations

Certified Information Systems Auditor (CISA)
Information System Audit and Control Association (ISACA)
Programs Lead for the North Texas ISACA Chapter