['Security Awareness Program Implementation', 'Compliance Management', 'Testing strategy and evaluation criteria', 'Team management', 'Information Security Budgeting and Procurement Management', 'Incident Response and Crisis Management', '3rd party Risk assessment reports', 'Vendor Management', 'Policy and Procedures Review & Development', 'GRC Program roadmap', 'Capacity Building and Training', 'Define GRC Program', 'Current Security Posture Evaluation', 'Compliance and Regulatory Alignment', 'Recruitment', 'Risk assessment reports', '3rd party Risk Management', 'Manage GRC Program', 'Strategy Development', 'Training material', 'Direction and leadership']