Sue Milton

Sue Milton’s Qualifications and Certifications include: a BA Honours degree in Business Management and German from the University of London; Certified in the Governance of IT (CGEIT) from ISACA; Certified Information Security Auditor (CISA) from ISACA; PRINCE2 certification; and the Financial Times’ Non-Executive Director certificate. Her memberships include: member of the Institute of Directors, and ISACA International.

Sue’s work on improving board level effectiveness, strategy, corporate risk management and organisational behaviour.  These, in the correct combination, provide a solid basis for resilience against strategic, economic and operational shocks.  A necessary, complementary, toolkit includes integrating a firm’s risk management framework with security policies, business continuity planning, disaster recovery processes, and crisis management practicalities.

Current focus with boards and senior executives is:

  • Cyber security – identifying fact from fiction and managing the practicalities.

  • Information governance – from raw data to knowledge management.

  • Operational resilience – integrated strategy and risk management.

  • Regulatory compliance – to provide strategic and operational value.

  • Auditing – synergies from internal and external auditors and the Audit Committee.

Sue owns her own governance firm, SSM Governance Associates, and is also the Immediate Past President of the ISACA London Chapter, a professional, IT membership organisation that promotes IT governance, maximising corporate effectiveness.  She works in association with other organisations, such as Incoming Thought, Kingston Smith Consulting LLP, OMFIF, Risk Audit and Risk Reward, providing corporate governance expertise to help firms maintain and improve their comparative advantage.

·     Sue has gained this experience as Senior Manager for Operations Strategy at CLS Bank, responsible for delivering operational resilience and business outcomes in line with strategic objectives, and as Governance Advisor at the Bank of England serving central banks and regulatory authorities globally on effective business and operational resilience.


·     She has a profound understanding of intangible aspects of governance, such as organisational behaviour and stakeholder relationships that create effective working relationships within and between organisations.

·     She has internationally acknowledged expertise in strategic and corporate resilience in financial regulatory world.  Sue was responsible for, and directed joint projects with, the IMF (International Monetary Fund), SADC (Southern African Development Corporation), CEMLA (Central Estudios Monetarios Latinoamericanos) and the BIS (Bank of International Settlements), setting the benchmarks in governance and risk management required for resilience, stability and credibility.

Sue lectures and writes articles on governance-related subjects for a range of organisations such as Central Banking Publications, IBM, APMG and Computer Weekly, and regularly provides business comment to the Institute of Directors Policy Unit and technical comment to the Media.  She also edited and co-authored ‘The Capital Needs of Central Banks’.

When not working, Sue spends time cooking breakfasts for London’s Homeless.