ICRMC SPEAKER

Kerr Kennedy

Associate Partner
EY

  • Kerr is an Associate Partner in EY’s Advisory practice of the BBC region (Bahamas, Bermuda, British Virgin Islands and Cayman Islands).
  • Kerr leads the Technology Risk team across the region focusing on the (re)insurance, banking and asset management sectors.
  • Kerr is a Certified Information Systems Auditor (CISA).
  • Significant IT risk and controls experience and expertise, focusing on mitigating risk and managing large scale complex programmes.
  • Primary area of expertise includes IT risk management, project management and IT governance and strategy.
  • Extensive knowledge of Sarbanes-Oxley, COBIT, ITIL and NIST frameworks.
  • Kerr has over 19 years of risk management experience across financial services, 14 of which have been focussed on IT risk and controls via the management and delivery of large-scale projects related to Sarbanes-Oxley (SOX) 404 compliance, Service Organisation Control (SOC) 1, 2 & 3 reporting, internal audit, cybersecurity, Robotic Process Automation (RPA) and trusted cloud solutions.
  • Prior to EY Kerr has worked for two other Big 4 firms in the UK, as well as time in industry in the financial services and utilities sectors, focusing on operational and IT risk management.
  • Kerr leads the IT team across a number of financial services clients, working within integrated audit teams across various key business and IT operational processes
  • Kerr has also worked on several specialist IT-related client assignments focusing on due diligence, web security, payments, legal & regulatory.
  • Kerr leads the Cybersecurity initiative for the EY BBC region, assisting clients continuously assess and improve their cyber strategy.