['Training material', 'Testing strategy and evaluation criteria', '3rd party Risk assessment reports', 'Current Security Posture Evaluation', '3rd party Risk Management', 'Manage GRC Program', 'Risk assessment reports', 'Team management', 'Recruitment', 'Policy and Procedures Review & Development', 'Information Security Budgeting and Procurement Management', 'Security Awareness Program Implementation', 'GRC Program roadmap', 'Compliance Management', 'Define GRC Program']