['Manage GRC Program', 'Strategy Development', 'Incident Response and Crisis Management', '3rd party Risk assessment reports', 'Capacity Building and Training', 'Current Security Posture Evaluation', 'Define GRC Program', '3rd party Risk Management', 'Testing strategy and evaluation criteria', 'GRC Program roadmap', 'Vendor Management', 'Information Security Budgeting and Procurement Management', 'Compliance Management', 'Compliance and Regulatory Alignment', 'Security Awareness Program Implementation', 'Team management', 'Recruitment', 'Policy and Procedures Review & Development', 'Risk assessment reports', 'Direction and leadership', 'Training material']