Who Are We?
The Customer is King!
Our CAG Members have unique work experiences in the audit and control space in all three roles as customer, vendor, and consultant. Our mission is to be an independent, trusted advisor to customers first and product vendors secondly. Our membership is comprised of only senior consultants, so we can provide our clients proven methodologies, quicker solution delivery, effective application security design, practical training, and in-depth product evaluations.
With offices in the US, Canada, and Europe, Customer Advisory Group serves corporations at the Enterprise and / or Business Unit levels. We strive to create realistic, tangible, sustainable successes for every client.
Founders:
James Roeske is a renowned GRC and Security speaker, practitioner, and advocate since 2005. Mr. Roeske founded firms that became the de facto implementers of SAP GRC, post-acquisition of Virsa Systems by SAP. With 170+ customer consultations, James has developed unique insight on a wide range of customer GRC and Security journeys from assessment to adoption and implementation. James’ 19 years as Auditor, SAP Security, and Compliance practitioner present invaluable insight to clients. |
Senior Members:
Ruth Johnson has more than 16 years of experience specializing in SAP security application design, security implementation, and Segregation of Duties design and security audit; over 7 of which has been focused on SAP GRC application implementations. Ruth’s recent experiences in a client’s upgrade to GRC Access Control 10.0 keeps her up to the latest release from SAP. Ruth is a hands-on functional SAP security specialist, ensuring the design and development of appropriate security and controls in both public and private sector companies around the world. She has worked on global scale SAP GRC implementations and has extensive experience in planning, implementing, training and administering SAP GRC applications. Ruth is a speaker at SAP GRC conferences as one of the foremost experts on workflow in SAP GRC Access Control. As most of our members, Ruth has great insight because she has the dual perspectives: One as a performer inside a company and the other as an external advisor to many customers. |
Dina Shahin has more than 15 years of experience specializing in SAP security application design, security implementation, Segregation of Duties design, SAP GRC application implementation, and audit. She has worked on global scale SAP implementations and has extensive experience in planning, implementing, training, and administering SAP GRC applications. Dina is a hands-on functional SAP security specialist, ensuring the design and development of appropriate security and controls in both public and private sector companies around the world. Dina has over 60 engagements in a wide-range of organization sizes and industries. She is based in Germany. |
Kees Blom combines strong knowledge of financial accounting processes with his expertise of auditing, risk management, IT enablement and change management. He has held positions inside organizations as well as in consulting firms. Kees has experience from the perspective of a customer, a service provider and auditor. In Kees' most recent engagement he was the project lead for the Heineken implementation of SAP GRC Access Control version 10. His background in business allowed him to relay the business benefits to key champions in each of the divisions to get them to adopt the new enterprise standardized approach for critical access and Segregation of Duty monitoring. The project utilized a unique approach for new users to get indoctrinated easily to the new solution and processes. Kees is based in the Netherlands. |