Stephen Quinn is a senior computer scientist in the Information Technology Laboratory (ITL). Mr. Quinn is the program manager of the National Checklist Program and the National Online Informative Reference Program and is the lead author for integrating NIST risk management project work within the paradigm of Enterprise Risk Management (ERM). He is also a co-originator of the Security Content Automation Protocol (SCAP). He was named to the “Federal 100” by the trade publication Federal Computer Week (FCW) and received the Department of Commence Gold Medal Award for his work in automating security protocols for applications. He also received the Federal CIO Council Leadership award for related work. Mr .Quinn previously worked as a consultant to the Department of Defense and large commercial outsourcings with Wall Street banking firms and insurance companies. He comes from an operational background and has expertise in vulnerability assessments, designing security architectures, code development, and cybersecurity risk management.