Belton Flournoy

Belton Flournoy is a Managing Director within our Technology Consulting practice. He has over twelve years of professional experience working with a variety of local, national and global organisations to enhance their business performance through risk management, operational effectiveness and enhanced governance. Belton has significant experience in Identity and Access Management, IT governance, IT risk management, Cyber Security, disaster recovery, end user computing, and IT Controls testing.  He is certified in multiple project management methodologies and is regularly refining his approach to programme delivery to the benefit of several high-profile clients.

Belton is extremely passionate about intersectionality, where he believes it is each person’s role to support other groups who are in the minority – “after all, we don’t want to preach to the converted, we want to educate and inspire people to be more aware and inclusive.” Belton is also the co-founder of Protiviti UK's LGBT+ group, which won best LGBT+ network in 2019 by the Inclusive Tech Alliance and has recently been shortlisted as a top 10 inspirational business leader in 2020.

Major Projects – Selection

• Identity and Access Management (IAM) programme management: Belton was the programme manager for significant IAM programmes for multiple leading financial institutions.  As part of this engagement, Belton led teams to implement next generation IAM solutions and remediate a variety of thematic infrastructure and application issues. Responsibilities included designing, establishing and leading programme governance, reporting frameworks and templates.  During delivery, he typically leads executive reporting, steering committee delivery and provides oversight and coordination across operating model, business architecture, technical architecture and data workstreams. 
• Information Security Control Framework Assessment: Leveraging industry good practices, Belton performed a gap assessment across the IT control for a global insurance organisation.  The review focused on understanding the current IT control landscape across 1st and 2nd line and provide recommendations against the COBIT framework to support in the development of a pragmatic, risk-based control framework for implementation. 
• Segregation of Duties: Supported in the development of an intra-system segregation of duties database supporting the automatic identification of violations across the client’s estate.  The system was essential in enabling the organisation to implement a variety of preventative controls across the IT system landscape, while supporting in the remediation of 7k violations.  
• Cyber Security: Managed multiple cyber & security assessments for global financial services, insurance and manufacturing organisations.  As part of these assessments, gained executive support and worked with the management team to build & implement remediation program to mitigate identified gaps.  Further, he developed executive reports and templates for the management team to assist in the ongoing management of the ‘crown jewels.’
• IT Risk Management: Experience in completing risk assessments at Fortune 500 organisations in order to understand management’s perspective on business risks, IT risks and technology that could affect the company’s ability to achieve its goals and objectives.  As part of each risk assessment, catalogued and rated risks by significance and likelihood, identified key risk themes, developed management action plans, and proposed multi-year audit plans and roadmaps for ongoing risk management activities leveraging the COBIT 5 framework.

Areas of Expertise

• Identity and Access Management
• Cyber Security
• IT Governance & Risk Management
• Project, Programme & Portfolio Management
• End User Computing
• IT Audit

Industry Expertise

• Financial Services
• Energy

Education

• MMATH Mathematics (Hons), University of Bath

Professional Memberships and Certifications

• AgilePM Practitioner
• Certified Information System Auditor (CISA)
• Certified in the Governance of Enterprise IT (CGEIT)
• Project Management Professional (PMP)
• Prince 2
• ITIL