James Dawson recognizes and capitalizes on technology efficiencies. He is most effective in a leading-edge work environment, solving technical challenges, with a company that can offer domestic or international travel and opportunities for public speaking.

Mr. Dawson is a technology professional with more than 30 years of experience.  He is a proven innovator, very adaptable, who can manage and capitalize on change.  

  • Enterprise Information Governance
  • Privacy Regulatory Readiness (GDRP) and Private Data Processes Strategy
  • Data Governance and Information Strategy Risk Mitigation
  • Client, Customer and Employee Technology Controls, Identity Strategy, Private Data Process Management
  • Country Specific Data Protection Risk Tolerances & Strategy
  • Global Legal and Compliance Risk Assessments

Information Governance | Global Program Management | IT Change Transformation

Risk Responsibility Design, Data Risk Governance, Privacy Risk Management & Control, Litigation Readiness & Response, Information Management, eDiscovery, Cyber and Information Security, Effective Enterprise Change 

  • Innovative thinker who presents complex issues in simple and concise ways and who has managed revenue of more than $15 Million
  • Recognized as a subject matter expert (SME) and frequent speaker on information governance, privacy & data risk strategy
  • Influential communicator; successfully lead and manage change in global, multicultural, matrixed environments;
  • Strong experience developing and implementing enterprise risk and information governance frameworks
  • Corporate counsel solutions for information lifecycle and governance of data use in litigation and dispute defense
  • Global inter-country privacy risk remediations successfully negotiated compromise despite leadership’s competing interests and goals
  • Designed complex policies, procedures and data control guidelines that are actionable with teams as large as 16 people

CURRENT EXPERIENCE: James Dawson was most recently the Director of Information Governance, Lifecycle and Enterprise Data Strategy at Freddie Mac. 

Director, Information Governance & Data Risk Strategy - Enterprise Information Lifecycle Management. Developed and implemented the approach and strategy for Data Risk, Governance and Enterprise Information Lifecycle, a $12 Million-dollar program that that mitigates risk outlined in the FHFA Advisory Bulletins and other major risk issues and matters requiring attention (MRAs). 

Accomplishments: Designed and implemented the Information Risk Strategy for enterprise wide risk-based data remediation, risk-based compliance, data governance and information lifecycle for all structured and unstructured data including data in private data processes and private data elements. Milestone strategy for the development and implementation of technology capabilities and risk mitigation for the effective use risk reduction and value realization of information assets across the organization.  Established the governance structure for the “business advocate” to ensure technology capabilities support business needs while maintaining focus on operational risk.

Designed, developed and deployed ways to strengthen, enhance, and promote the information risk management program as Freddie Mac becomes more “data compliance driven” in decision making and leads the management of an information governance function, data quality monitoring, and the master data management initiatives in lines of business. Identified weaknesses, improved preventative controls, and improved maturity in managing information assets. Built the foundation for the long-term Information Lifecycle Management (ILM) program for Freddie Mac with three staff and 15 year-round consultants ($5 Million-dollar budget first year). Provided guidance for oversight of Freddie Mac's compliance with the Information Risk Policy and the related Information Classification & Handling standard. 

Built the governance model for the Information Risk Program for the sustainable target Enterprise Information Lifecycle Management operating model for Information Risk control effectiveness. Built the enterprise strategy and approach for information lifecycle (Collection, Classification, Usage, Protection, Storage, Retention, Disposal).  Designed the single enterprise “Functional Charter and Shared Vision” for an enterprise which was trying to manage information risk in silos. Demonstrated that information has become “the currency of business” and its key characteristics of confidentiality, integrity and availability: crucial to a successful risk conscious business environment. Built private data process analysis for all PII within the organization.

Additional Achievements at Freddie Mac:

  • Improvement in data quality, risk avoidance and mitigation throughout the use of a risked based information lifecycle
  • Managed and prioritize budgets while partnering with 1st, 2nd and 3rd Lines of Defense.
  • Created an innovative “information lifecycle management design” that supports the Freddie Mac culture
  • Significantly reduced risk and bettered regulatory relationships, response to MRAs, improved compliance exams
  • Millions in cost avoidance through industry informed Information Lifecycle Management and Data Governance

2018 Risk Mitigation Details:

  1. Built Foundational Capabilities:
    1. Designed the basic Information Lifecycle Management (ILM) Target Operating Model
    2. Built the foundational Governance Framework and RACI with Organizational Roles
    3. Built the overall Enterprise Data Risk Strategy and Data Strategy Framework for 12 Divisions
    4. Designed enterprise Key Performance Indications (KPIs), Key Risk Indicators (KRIs) metrics and measures 
  1. Aligned the Risk Posture to Policy:
    1. Built the risk posture for the overall Enterprise Operations ICH initiatives and private data processes for both employees and customers
    2. Built the classification Methodology & Schema for structured and unstructured critical data
  1. Adopted the Enterprise Data Governance & Management Standard:
    1. Foster detailed ILM services under the standards throughout 2018
    2. Built the Critical Data Element inventory, metadata tagging for structured data in Mission Critical processes
    3. Built requirements for the enterprise ILM/Data Governance, risk handling capabilities and technologies
    4. Compiled, assessed controls and risk patterns for data quality, data usage, data standardization and data protection
    5. Built the Baseline Control Catalogue and related risk change processes and tests for control implementation
  1. Addressed the resolution of Management Identified Issues for Information Risk for all Data:
    1. Assessed information risk from structured and unstructured data repositories
    2. Recommended the actions to address risks including its governance and risk monitoring
    3. Built requirements for the business to select an unstructured data file analysis and classification tool.
    4. Improved decision-making, competitiveness and preservation of institutional knowledge by making it easier to find, protect and share critical information.
    5. A common language for managing information in a collaborative and cooperative business environment.
    6. Improved consistent information quality, protection, privacy, security, and resiliency controls.
    7. Provided consistency across the technology landscape and reduce information management costs.

KPMG LLC, NY, NY (Global Advisory Services) Director, Strategy and Governance, Cyber and Forensic Technology Services – Regulatory Risk 2009-2018

Performed both sales and delivery on a portfolio of millions of dollars annually. Responsible for managing the entire process from demand creation, closing sales, budgeting, executing the contract and delivering the work. Previously he was a Director in the New York office of KPMG LLP’s Cyber, Information Governance and Strategy Advisory Services practice. James has over 30-years of experience in supporting information governance for corporate legal departments, regulatory recordkeeping, data privacy, electronic discovery, supervision, surveillance compliance transformation services and related data governance. James has helped corporate counsel meet regulatory recordkeeping including MiFID II, GDPR, Dodd-Frank, Title VII accountability and transparency, along with books and records immutability requirements for regulations such as 17a3-4 and related write-once, read-many (WORM) compliance. He has helped firms assess enterprise content management solutions, manage complex information lifecycle issues and navigate the processes and systems to control information assets and meet defensible data reduction for corporate general counsel. James has been responsible for information governance in several industries and verticals including several multi-terabyte data investigations, global privacy assessments, cyber investigations and cross country records management assessments. James has supported global risk mitigation and has assessed datasets and performed diagnostics for defensible dispositions Accomplishments:

  • Designed and delivered data risk transformation and information governance for corporate legal departments in regulatory recordkeeping, data privacy, discovery, supervision, surveillance compliance and related data governance challenges - Resulted in significant risk reduction and cost savings in the millions of dollars
  • Developed resource modeling strategy for effective use of employees and third parties to improve technical capability, increase cost avoidance and quality of information assets - Resulting cost avoidance was more than $4 Million dollars
  • Delivered successful strategies within complex global environments with risks associated with US, LATAM, EMEA & APAC regulators and rules MiFID II, GDPR, FINRA, SEA, SEC, CFTC, Dodd-Frank, Title VII - Resulted in improved regulatory relationship, avoidance of fines and sanctions
  • Delivered complicated books and records immutability for regulations such as 17a3-4 write-once, read-many (WORM) data compliance and FINRA Rules 3110 and 3120 - Resulted in lower fine from FINRA and better relationship with this regulator
  • Managed complex information lifecycle issues to meet defensible data reduction for corporate general counsel a big success because defensible data destruction saved the organization $6 million over 5 years
  • Designed global information governance in multiple industry verticals and multi-terabyte data investigations
  • Delivered several global privacy assessments for GDPR compliance in global banking organizations
  • Delivered application-based data controls to meet high risk privacy regulations including Articles governing opt-out of private data use, controller/processor data security and storage requirements, data erasure and portability requirements
  • Delivered cybersecurity intrusion and risk vulnerability assessments and provided corporate strategy for cybersecurity risk tolerance and assessment for internal audit and compliance departments in complex global institutions
  • Designed cross country data management strategies to support global regulatory risk mitigation in client data
  • Delivered mitigation strategies for regulatory citations, financial record exams, legal data disputes, reconstructed trading data, disputed communications and related global Records Policies and Retention Schedule improvements
  • Designed multi-country Record Policies and Retention Schedules eliminating privacy conflicts and providing accurate record harvesting processes for corporate legal departments - Resulted in much lower legal cost to avoid retention conflicts
  • Developed index / search / retrieval strategies for several hundred terabytes of corporate compliance record assets
  • Built information governance models for global corporations with multiple data privacy control structures and stakeholders
  • Advised counsel on cybersecurity and privacy requirements in banking/broker-dealers/futures merchants, along with the remediation of business-critical information assets including data credibility, data domicile, data dictionaries, cross-country data sharing and privacy challenges in the “right to be forgotten” within enterprise systems for several top 100 corporations
  • Designed effective risk governance structures and program management for enterprise risk management committees
  • Designed data lineage analysis for anti-money laundering (AML) investigations where evidence challenges required precise data assessments / technical reporting to risk committees helping this Fortune 100 Company avoid significant risk and fines
  • Supported matter management for corporate organizations with multiple operations globally
  • Managed projects for general counsel in record data merger support, internal audits, market disclosures and supervision for regulatory compliance, forensic analysis, ESI collection and defensible disposable processes
  • Negotiated and managed several multimillion-dollar vendor contacts in many enterprise technology areas including eDiscovery, Legal Archives, eMail Management, Hosted Review, Imaging and WORM compliant data storage
  • Designed and delivered successful and effective corporate governance structures and IGPMOs

Mr. Dawson has designed ILM Programs that have leveraged, enhanced and delivered the following organizational risk mitigating capabilities required to deliver the vision and mission for Data Governance:

Information Asset Management: Capabilities to efficiently maintain information asset inventories, including elevated level asset metadata and classifications. Identifying information assets is fundamental for subsequent data classification, risk assessment, and lineage analysis activities, enabling an effective risk-based governance approach.

Enterprise Data Architecture and Strategy: IT’s Enterprise Data Architecture enterprise view of the departmental Data Strategies within divisions that defines tactics for the entire lifecycle of information assets, from capture at the source through to disposal. Includes processes for data security, access, storage, classification, retention and disposal.

Metadata Management: Capabilities to efficiently manage Business Glossary and Business metadata, Physical Metadata, Data Lineage, and end-to-end views of data lineage and data quality operational metadata

Data Quality Management: Rules-based capabilities to efficiently define, measure and improve the quality of data, ensuring that it is fit-for-purpose and in alignment with the business needs that it serves.

Data Privacy Management: Capabilities to identify, classify and protect data, including data encryption/masking at rest, in transit or in-process, identity and access management and protection against data loss.

Document and Content Management: Efficient file analysis, metadata and content extraction, security scanning, tagging, protection and enterprise content movement capabilities.

Data Retention, Archive, and Disposal: Identify, classify and tag retention rules for information including structured and unstructured data. Archive and retrieve data per retention rules. Dispose of data protecting the privacy of data, while meeting legal and regulatory requirements (e.g., immutability, legal hold).

Master Data Management: Capabilities to integrate reference data into a composite “gold copy” record sharing this with operational systems and reporting/analytics platforms.


    Metropolitan Life Insurance Company., LIC, NY
    (Global Provider of Insurance and Financial Services)
    Director, Litigation Support - Information Discovery, IT AD Litigation Support, Legal Affairs

    James Dawson is Director of Litigation Support Information Discovery in MetLife’s ITAD Litigation Support Legal Affairs Corporate Systems department. His responsibilities include working with MetLife’s in-house counsel to support all phases of the Litigation Support life cycle.  He must provide planning, analysis, collection, processing, and meet case production requirements to satisfy preservation and discovery orders for regulatory requests and litigation.  Under his direction, his team manages projects through all phases of the data discovery, investigation, and collection.  This is inclusive of documents, systems and services including but not limited to: data search and audits, messaging data reviews, workflow plans, workflow business requirements, data collection specifications, vendor coordination, collection system test plans, and case systems user experience plans. James has innovated 'leading practices' in discovery and collection techniques for MetLife.  

    Compliance, CRM integrations, Networking, Messaging, Information Lifecycle Managementand enterprise information technology transformation. Mr. Dawson has a Bachelor of Science in Engineering from the University of Colorado and a Masters in Management of Technology from Polytechnic University. He has taught networking, technology and communication innovation as a university professor at New York Institute of Technology.

    Mr. Dawson is experienced in several areas of industry specific technology Compliance including requirements brought about by SEC 17a 3/4, NASD 3010/3110, HIPAA, DoD 5015.2, COOP 65, 21 CFR 11, GLBA, TREAD Act and Sarbanes Oxley. Mr. Dawson has significant financial services experience helping firms navigate the substantial changes needed in processes and systems to meet future Compliance for the banking industry. He has been responsible for multi-million dollar technology lifecycles in industries and verticals, from discovery to successful business implementations. He has completed several innovative hardware/software evaluations and integrations including security assessments. Mr. Dawson is excellent at describing the value proposition to C level decision makers, workflow managers and IT professionals.

    He has managed several profitable projects in the Financial Services industry, including such notable clients as Citibank, First Union, Lehman Brothers, Morgan Stanley, JPMorgan Chase, Deutsche Bank, Lloyds, and Merrill Lynch. His responsibilities also involved significant clients in the Travel industry (Virgin Airways, British Airways and Delta Airlines, Boston Coach), the Energy industry (Emera) and in the Retail industry (Coca Cola, Kenneth Cole).

    He has been responsible for technology design in collateralized loan obligation systems (CLOs), mortgage securities systems, equity research systems, Customer Relationship Management technologies (CRM), risk management systems, knowledge integrations and data visualizations. He is an expert in litigation preparedness, Compliance information systems, presence management, messaging compliance, email availability, wireless broadband subscriber gateways and real-time communications on enterprise networks.

    Mr. Dawson has managed more than 60 integration professionals at one time building robust legacy-sensitive enterprise solutions for budgets of $700,000 monthly. He has a record of accomplishment in successful customer relationships, delivering profitability through infrastructure improvements, content management solutions and wireless distribution channels.

    Mr. Dawson has been responsible for process improvement, internal and external client technology support, client presentations, new business development and change management. Mr. Dawson has designed computer processes for information sharing of $17 million in asset-backed transactions and used innovative Internet marketing strategy to underwrite and service $9 million in accounts receivable financing. He has been responsible for financial services visualization and user experience trading floor integrations to add significant efficiencies and functionality to complex trading, CDO, ABS and research systems. Clients include the New York Stock Exchange, SIAC, Morgan Stanley, JPMorgan Chase and others.

    Please contact James at the following email address, James Dawson or continue to learn about his experience by clicking on "Career Highlights," the next upper left tab.