['Direction and leadership', 'Compliance Management', 'Incident Response and Crisis Management', 'Manage GRC Program', 'GRC Program roadmap', 'Compliance and Regulatory Alignment', 'Team management', '3rd party Risk assessment reports', 'Training material', 'Vendor Management', 'Risk assessment reports', 'Current Security Posture Evaluation', 'Capacity Building and Training', 'Security Awareness Program Implementation', 'Testing strategy and evaluation criteria', 'Policy and Procedures Review & Development', 'Information Security Budgeting and Procurement Management', 'Strategy Development', '3rd party Risk Management', 'Define GRC Program']