1. Gail Gillis - Resume
March 2015 Page 1
Contact Information
Gail Gillis
4-44 Second Ave, Russell, Ontario K4R 1E2
Home: 613-725-4512 – gillisgail@outlook.com
Work: 613-748-2605 – ggillis@cmhc-schl.gc.ca
Secret Clearance
Position Title:Technology Risk and Disaster Recovery Planning
Introduction
I have been employed with the Crown Corporation Canada Mortgage and Housing (CMHC) in the
Information Technology (IT) department since 1999. Prior to 1999 I was employed with Metlife / Clarica
Insurance Company from post secondary completion until I joined CMHC.
I am currently working as a Technology Risk Management and Disaster Recovery Planning leader within
the Operational Excellence and Information Technology Governance team. I am responsible to assess
directly and holistically manage all aspects of risk brought to bear on the enterprise by Information
Technology security and legislative / regulatory compliance issues. This is a new role within the
Information Technology department of which I received a direct appointment to as a result of my ample
years of experience in many technology disciplines.
Previous to this role I was the Specialist for Methodology and Project Management within the
Information Technology Strategy team. I was responsible for annual planning, long term planning
(roadmaps), strategically alignment of projects, corporate reporting for both departmental performance as
well as risk management. Establishing a Portfolio and Application Management framework was also
within my responsibility. During my time in this role I was acting manager for the team and played a key
role in establishing application, portfolio and project management disciplines within the department. For
a time period the IT Security department was also part of this team. I am a proven Project Manager
having managed multiple projects delivering business and technology solutions with teams as large as
30 full-time members, budgets in the millions, and involving multiple external vendors.
The following identifies a summary of my qualifications followed by detailed experience within various
technology disciplines.
Qualifications
The following is a summary of my qualifications which I have obtained in my 27 years of experience in a
number of technology disciplines:
Experience in Annual planning, Strategic planning, Roadmap development, Project and Portfolio
Management, Application Portfolio Management, Methodologies, IT Security, Business client
relationship, Budgeting, Risk Management, Procurement, Vendor Management, Executive
reporting and team management/supervisory.
Project Management Certification from Ottawa University.
Executive communication (briefing notes, business cases,budget submissions, presentations,
policy development, project templates etc.).
Client representative for research companies Gartner and Forrester.
IT Security management including introduction of International Organization for Standardization
(ISO) 27000 as a Corporate security standard.
IT Risk Management Framework development and IT Compliance and Audit liaison for
department.
IT Management including supervisory, guidance, and mentoring of staff.
2. Gail Gillis - Resume
March 2015 Page 2
The following outline my career experience in more detail based on the qualification identified
Risk Management (Current Position)
Currently developing an IT Risk Management Framework in alignment with the Enterprise Risk
Management (ERM) Framework.
Liaison for IT with the Corporate Risk Office and ERM committee.
Identified Risk Appetite and Tolerance statements for department as well as the subsequent
measurement reporting and am currently seeking approval from ERM.
Identified Key Risk Indicators (KRI) for department and am currently seeking approval from
ERM.
Continuously review proposed projects to identify potential risk and impacts.
Establish flexible, yet holistic, compliance management.
Develop Disaster Recovery Plans (DRP) for the department incorporating the Business
Continuity Plan and the business requirements for restoration of all services identified by the
Corporation.
A number of years ago I was the Project Manager for the planning and implementation of the
client/server redundancy site which addressed the needs of the CMHC mission critical functions.
My role involved coordinating, across the full IT department, the systems, resources,technical
implementation, and testing of the redundancy site in Mississauga, Ontario.
Project Management
Managed multiple projects effectively during changing requirements, new priorities and strict
deadlines.
Lead project teams, both large and small covering a variety of technology and business solutions.
Provided supervision, guidance, mentoring and advice to the project team.
Proven ability to work independently, in a stressful environment and deliver results.
Proven ability to balance across severalsignificant high priorities strategic files as necessary.
Identified project management training requirements for IT staff, obtained external training
services along with developing the training outline with the externaltraining company.
Key team member in establishment of the newly formed Project Management Office (PMO).
Participating Steering Committee member for various projects and organizational improvements.
Developed a system development life cycle (SDLC) methodology to improve project delivery.
Project Concept phase – worked closely with the business and IT sectors to identify scope,plans,
deliverables, benefits, milestones, timelines, resource requirements, and budget.
Project Execution phase - monitored and controlled the project budget, project scope,project
resourcing (internal and external), project dependencies, risk and issue management as well as
vendor relationship management.
Project Closure phase – ensure the proper project close out activities are complete (e.g.
documentation, lessons learned, benefits realization, contract closures, system performance
monitoring etc.).
Application and Portfolio Management
Developed a Project Portfolio Management strategy followed by mentoring, advising, and
working continuously with IT management and business to ensure maturity of the discipline.
Developed an Application Portfolio Risking methodology which included a maturity assessment
involved the development and execution of a business application risking model. Instrumental in
the completion of the analysis of the information collected and with research of future technology
directions a 3 to 5 year application road map was developed identifying the long term technology
3. Gail Gillis - Resume
March 2015 Page 3
solutions that would address requirements from a Corporate view.
Developed a System Development Software Development methodology which incorporated any
necessary Procurement activities. In my role as Methodologist at CMHC I was responsible for
publishing, deploying, training and mentoring of the IT systems development and infrastructure
methodologies. This involved establishing standards/policies and templates that compliment the
methodologies.
Strategic Planning
Developed the Information Technology budget submission for the department, along with
subsequent briefing notes and business cases to justify investment.
Developed a 5 year Core Infrastructure Roadmap engaging all technology areas, ensuring
alignment with industry technology trends as well as confirming the proposed technology
roadmap and resulting projects would meet business priorities and objectives for the future
direction.
Developed a 5 year Business Application Roadmap and engaged all business sectors in
development of their respective roadmaps.
Developed and improved a quarterly status reporting process for the Roadmap projects.
Implemented a Project Portfolio Management (PPM) solution (MS Project 2013) which is the
introduction of a PPM framework including gate delivery models, templates, and guidelines
aligned with PMBOK best practices.
Developed the annual IT Business Plan in conjunction with business sectors and IT Management
including identification of funding and resource requirements.
Produced the quarterly status and progress report showing the results of the annual business plan
Managed multiple complex business cases for additional staffing and funding.
Project Manager and lead for the planning and execution of an IT Strategic Initiatives review with
an externalconsulting organization from concept, to SOW, to delivery of the final report. This
activity required significant organization skills, planning, organizational knowledge and
communication.
Contributed to establishing the Key Performance Indicators (KPI) for IT department and
subsequent measurement reporting.
Compliance and Audit Liaison
Main contact with Officer of the Superintendent for Financial Institutions (OSFI) for the IT
Review that was a very high priority Corporate oversight initiative.
Coordinated all audits within IT providing the necessary responses to the Audit Management
letter and subsequent briefing notes. Established a process to ensure all Audit correspondence
was consistently captured, documented and delivered in a timely fashion.
Responsible for reporting to the internal audit department on the progress of the action items
resulting from the multiple audits as well as oversee observations tracking, evidence, and internal
coordination to address the observation and resulting monitoring.
Created audit committee reports, key initiatives and subsequent reporting, develop Statement Of
Work (SOW) for external engagements and briefing notes on multiple topics as well as contribute
and review the IT Quarterly Progress Status report.
Coordinated annual external Office of the Auditor General (OAG) financial systems audit.
Lead of the Enterprise Architecture (EA) matrix team which resulted in a number of EA standards
being developed, approved and implemented.
Vendor, Procurement and Contract Management
4. Gail Gillis - Resume
March 2015 Page 4
Developed and managed complete Request for Proposals (RFPs) process from SOW
development, through vendor submission reviews and selection of leading proponent.
Executed multiple contract negotiations and demonstrated effective vendor relationships.
Addressed vendor service delivery issues through to prompt and successful resolution.
Significant involvement in a number of procurement projects such as the Anti-virus / Anti-spam
replacement project, IT assets (printers, copiers etc.) replacement which involved development of
various requests such as, RFIs (request for information), RFQs (request for quotes), and RFPs
(request for proposal). A number of these projects I led from project conception through to
software selection, contract negotiation and system implementation.
Vendor liaison for a number of projects where I was involved in negotiations to ensure that
product delivery, as promised in the RFP,met with the CMHC requirements as contractually
agreed upon as well as establishing subsequent Service Level Agreements (SLAs).
Information Technology Security
Developed the IT Security Policy Suite Framework submission / business case to obtain
executive approval and support for CMHC to adopt ISO27000 standard as a security framework.
Worked with external consultants on the development of the IT Security Policy suite. This
activity required significant vendor management, best practices research,ISO awarenessand self
education, executive writing skills and continuous engagement with multiple departments in the
organization (e.g. Legal, Finance, Regions, Human Resources,IT Security, Chief Information
Officer, and Vice President of IT).
Managed the project to replace the Anti Virus software solution for company.
Managed the project to acquire and implement an ITIL certified IT Service software solution.
Worked with technologies and security staff to ensure a transparent rollout to staff of a Single-
Sign-On solution via of automation ensuring effective communication on the impact to
employees.
Managed the IT Security team for one year and during the replacement of the Network Security
technology perimeter (e.g. firewalls, intrusion protection, web filtering etc.).
Coordinated the change to move the IT Security team to a new area and manager within the
sector while ensuring constant communication to the team members and no interruption to the
security services provided.
Management Experience
Supervised teams of multiple sizes and responsibilities (e.g. IT Strategy, IT Security, Production
support, systems development, external consulting etc.).
Managed a number of staffing activities including job description development, interviewing, and
hiring.
Executed development plans and resulting performance evaluations for staff and team members.
Daily supervisory experience and acting assignments.
Developed succession and pandemic plans for IT staff.
Developed strategically aligned measurable performance objectives for the IT staff based on
established Corporate objectives.
Participated in 360 reviews as both a recipient of the feedback as well as a contributor to others.
Skills
Ample executive writing experience resulting in obtaining necessary approvals on a timely basis.
Ample presentation experience in front of large groups, executive and at conferences.
Successfulin continuous engagement with multiple departments within the organization as well
5. Gail Gillis - Resume
March 2015 Page 5
as vendors, stakeholders and executives.
Effective facilitation, influential and leadership skills on many occasions as decisions were
required from a broad range of IT staff,business staff and upper management.
Excellent planning and coordination skills ensuring information is accurate and delivered on a
timely basis as well as the ability to bring projects through to successfuldelivery.
Continuously perform analysis and problem resolution supported by vast technology knowledge.
Technology security specialist and computer programmer at the beginning of my career.
Education and Training
IT Risk Management - ESI International
IT Project Management - Ottawa University Certificate
ITIL v3 Certificate
Agile Project Methodology
Multiple Advanced Project Management courses
Multiple Advanced Project Portfolio Management courses
Self learning from PM and PPM specific books and research
Organizational Capacity, Project Complexity and Risk Management courses
Cobit, ISO, Six Sigma courses
Motivational speaker course
Contract Negotiation course
St. Lawrence College - Data Processing /Computer Programming Distinction
Seminars and Memberships
Portfolio Management Gartner Seminars
Project Management, IT Security, Technology direction and Technology / Business Alignment
Forrester Forum
Multiple Canadian Government Technology Event (GTEC) conferences
Multiple Association of Public Sector Information Professionals (DPI) conferences
Office of the Auditor General Audit of Aging Technology Session
Expo and Conference for Enterprise Content Management (ECM)
Association for Information and ImageManagement (AIIM) Member
Project Management Institute (PMI) Local Chapter Member
Software
Microsoft Project
Microsoft Project Server 2013
Microsoft Office Suite
Change Management System (Pursuit – Marval Suite)
IT Asset Management System (Trakit – Marval Suite)
Enterprise Content Management (ECM) Document Management suite
Open Text Document Management Suite
Volunteer
Board of Director Member for large recreation centre in a multi- cultural community
Board of Director and Technology advisor for Ontario Summer Games, chaired by City of Ottawa
6. Gail Gillis - Resume
March 2015 Page 6
References
Tina Wilkinson – Risk Management Team lead Largest Project I managed at CMHC
Manager,Loans Administration & Direct Lending
613-748-2282
twikins@cmhc-schl.g.ca
Dorene Hartling –CIO that I worked with during the Strategic Planning and Roadmap developments
Chief Technology Officer
613-833-1430
sdhart2546@rogers.com
Jean-PaulLalonde - Co-worker on IT Strategy team
Senior Analyst, IT Strategy
613-748-2127
jplalond@cmhc-schl.gc.ca