Employee Spotlight: Diana Thurston, AVP of Enterprise Risk Management

Synergent’s mission is to ‘help credit unions succeed and improve the financial lives of their members.’ In our new monthly Employee Spotlight series, we will feature one of our dedicated staff members to help you get to know the people who are working as an extension of your credit union team.

Diana Thurston, Assistant Vice President of Enterprise Risk Management

Diana Thurston, Assistant Vice President of Enterprise Risk Management, joined Synergent in October 2021 with more than 25 years of experience working for financial institutions. She began working as a teller, has held various roles, and is now a Certified Information Security Auditor (CISA) through the Information Systems Audit and Control Association (ISACA).

“I am proud to be part of the credit union community again and to participate in the Maine Credit Unions’ Campaign for Ending Hunger,” Thurston said.

Risk management is a passion for Thurston. In work activities and day-to-day life, it is important to be aware of potential physical and technological security risks. In an increasingly digital world—one that changes every day—it is crucial to be vigilant in keeping your personal, organizational, and customer information out of the hands of bad actors. For Thurston, that means governance of who has access to both the building and the company’s data, applications, and infrastructure.

“Risk management is independent of operations management to provide assurance and reporting to the CEO and Board Audit Committee,” explained Thurston. “I work with leaders to help ensure policies, processes, and controls are in place to comply with industry standards.”

Synergent’s Risk Management Team

The task of monitoring potential risks is not solely Thurston’s responsibility. As a member of the Enterprise Risk Management team, part of her job is educating others to cultivate a positive, proactive approach based on all employees understanding the role they play in managing risks to the enterprise. For example, having consistent, documented, and enforced processes enables easier identification of exceptions or abnormalities in the process execution.

“Any business activities supporting products and services comes with inherent risk,” said Thurston. “We should not fear risk, but identify the what and why, then quantify and manage it. I am currently working to enhance the mapping of policies and processes for key risk and compliance indicators for control effectiveness.”

Managing and preventing risk is crucial to the functionality and success of any enterprise. It is work that continues as the potential risks change with new developments in technology. Thurston recognizes this and works to ensure that Synergent’s practices continue to remain strong.

A Passion For Risk Management

Thurston’s passion for enterprise risk management extends beyond her role within the Synergent family. She is also an ISACA New England Board – Maine committee member. With the Board, she is actively working to develop an approach to encourage students across the state to pursue careers in information security and risk management, including cybersecurity.

In her free time outside of work, Thurston enjoys savory cooking, watching movies, and spending time with her family (including her two rescue cats, Tulsa and Morty).