GovRAMP Announces 2025 Governance to Advance Cybersecurity Leadership

Indianapolis, IN – GovRAMP is proud to announce its Governance and Committee appointments for 2025, reaffirming the organization’s commitment to strengthening cybersecurity through community-driven collaboration. This leadership structure reflects a balance of returning members and new voices, ensuring diverse expertise guides GovRAMP's mission to empower the public and private sectors in managing risk and enhancing security. 

“Our community is at the core of everything we do at GovRAMP,” said J.R. Sloan, President of the Board of Directors. “With this governance structure, we are uniquely positioned to continue advancing cybersecurity efforts with the insights and feedback of our dedicated members.”

2025 Governance & Committees

Board of Directors

• President: J.R. Sloan, Chief Information Officer, State of Arizona
• Past President: Joe Bielawski, President, Knowledge Services
• Ex-Officio: Leah McGrath, Executive Director, GovRAMP
• Secretary & Treasurer: Ted Cotterill, State Chief Privacy Officer & General Counsel, Management Performance Hub, State of Indiana
• Board Member: Dugan Petty, Fellow, Center for Digital Government
• Board Member: Glenn Herdrich, Information Security Manager, County of Sacramento

Learn more about the Board of Directors and its role here.

Appeals Committee

Chair: Ted Cotterill, State Chief Privacy Officer & General Counsel, Management Performance Hub, State of Indiana | Vice Chair: Tony Bai, Executive Vice President of Public Sector, RISCPoint

Advisors:

• Siddique Chaudhry, Manager, Global Public Sector Security Compliance, Snowflake Inc.
• Brian Conrad, Global Compliance, Authorizing Authority Liaison, Zscaler
• Jim Masella, Vice President, Coalfire
• Rashad Munawar, Director, Security Compliance & Operations, Blackberry
• Sara Snell, State Government

Members:

• Mase Izadjoo, Vice President & Chief Information Security Officer, Earthling Security
• John Godfrey, Chief Information Security Officer, State of Kansas
• Sweta Zachariah, CISSP, Lead IT Risk and Compliance Analyst, State of Ohio Office of Information Security and Privacy

The Appeals Committee provides an impartial process to resolve disputes while upholding transparency and fairness. Read more about the Appeals Committee here.

Approvals Committee

Chair: Ken Weeks, Chief Information Security Officer, New Hampshire Dept of IT | Vice Chair: Nikki Rosecrans, Manager of Information Security and Compliance, Arapahoe County

Advisors:

• Glenn Herdrich, Information Security Manager, County of Sacramento
• Sherri Yoakum, Business Enabling Team Manager, Enterprise Information Services, State of Oregon

Members:

• Andy Boell, Cybersecurity Director, Nebraska Cybersecurity Network for Education
• Annika Hanson, Governance, Risk, and Compliance Team Lead, State of South Dakota
• Cinnamon Albin, Acting Deputy State Chief Information Security Officer, State of Oregon
• Jennifer Dvorak, Deputy Chief Information Officer and Chief Information Security Officer, State of Idaho Judicial Branch
• Jodie Monette, CJIS Systems Agency Information Security Officer, MN Bureau of Criminal Apprehension
• Josh Kadrmas , Governance, Risk, & Compliance Team Lead, North Dakota Department of Information Technology

This committee ensures rigorous review and approval processes for service providers meeting GovRAMP's security requirements. Read more about the Approvals Committee here.

Nominations Committee

Chair: Fay Tan, Legal Counsel, NASPO

Chair, Appeals: Ted Cotterill, State Chief Privacy Officer & General Counsel, Management Performance Hub, State of Indiana

Chair, Approvals: Ken Weeks, Chief Information Security Officer, New Hampshire Dept of IT

Chair, Procurement: Antoinette Webster, Assistant Director, Procurement Program & Services, State of Connecticut

Chair, Standards & Technical: Charles Rote, Deputy Chief Information Security Officer, Maine Office of IT

Members:

• Doug Robinson, Executive Director, NASCIO
• J.R. Sloan, Chief Information Officer, State of Arizona
• Karen Sorady, VP MS-ISAC Strategy and Plan, Center for Internet Security

The Nominations Committee is responsible for ensuring diverse and qualified representation across governance roles. Learn about the Nominations Committee here.

Procurement Committee (New for 2025)

Chair: Antoinette Webster, Assistant Director, Procurement Program & Services, State of Connecticut | Vice Chair: Homa Woodrum, General Counsel, Purchasing Division, State of Nevada

Advisors:

• Jennifer Axt, Senior Vice President, State & Local Government and Education U.S., Tanium
• Darren Estridge, Vice President of State, Local, & Education - US Public Sector, Palo Alto Networks
• Nick Hughes, Cooperative Portfolio Manager, NASPO
• Solomon Kingston, Deputy Chief Cooperative Procurement Officer, NASPO ValuePoint
• Dustin Lanier, Civic Initiatives, LLC, Founder & Principal Consultant
• Mike Smith, Vice President, GovSourcing
• Megan Smyth, Director of Legal Education, NASPO
• Meredith Ward , Deputy Director, NASCIO

Members:

• Mark Hempel, Procurement Division and Account Management, Indiana Department of Administration
• Todd Herman, Director of Purchases, Office of Procurement and Contracts, State of Kansas
• Dugan Petty, Fellow, Center for Digital Government

Launched to address the intersection of cybersecurity and procurement, this new committee supports aligning procurement practices with secure cloud solutions. Explore more about the Procurement Committee here.

Standards & Technical Committee

Chair: Charles Rote, Deputy Chief Information Security Officer, Maine Office of IT | Vice Chair: Dan Lohrmann, Field CISO, Public Sector, Presidio

Advisors:

• Siddique Chaudhry, Manager, Global Public Sector Security Compliance, Snowflake, Inc.
• Gary Coverdale, Chief Information Security Officer, County of Santa Barbara, California
• George Finney, Chief Information Security Officer, University of Texas System
• Jennifer Hawks, US Government Practice Lead, A-LIGN
• Phyllis Lee, Sr. Director of Controls, Center for Internet Security
• Mary Lou Prevost, Group Vice President, US State & Local Government and EDU, Splunk
• Martin Rieger, Chief Solutions Officer, stackArmor
• Bob Sievert, Chief Technology Officer (Interim), NASPO
• Thomas Volpe Jr., Vice President Cybersecurity Risk and Compliance, C2 Labs

Members:

• Joe Bielawski, President, Knowledge Services
• Elizabeth Chavez, GRC Analyst, Security Policy & Governance, Texas Department of Information Resources, State of Texas
• Earl Crane, Adjunct Faculty, University of Texas at Austin
• Payam Hojjat, Cyber Risk and Governance Chief, State of California
• Jason Oksenhendler, Cybersecurity Director, FedRAMP, Moss Adams LLP
• Naomi Ward, Manager of Vendor Risk Management, Commonwealth of Massachusetts
• Rick Zak, Director - Regulatory Compliance, U.S. State & Local Government, Microsoft

This committee oversees GovRAMP's technical standards and ensures they reflect evolving cybersecurity best practices. Learn more about the Standards & Technical Committee here.

Driving Collaboration and Innovation

GovRAMP's governance and committees play an essential role in shaping the organization’s standards, guiding decision-making, and fostering alignment with cybersecurity best practices. These efforts ensure that GovRAMP remains a trusted resource for governments and providers navigating an evolving threat landscape.

For a complete list of committee members and more details, visit https://govramp.org/about-us/leadership/#governance.

About GovRAMP

Founded at the beginning of 2020, GovRAMP was born from the clear need for a standardized approach to the cybersecurity standards required from service providers offering solutions to states, local governments, K12 schools and higher education. GovRAMP is a 501(c)(6) nonprofit membership organization comprised of government officials, service providers offering IaaS, PaaS, and/or SaaS solutions, and third-party assessment organizations. Our members lead, manage, and work in various disciplines across the United States and are all committed to making the digital landscape and critical infrastructure a safer, more secure place.