Governance, Compliance, & Risk
Enhanced Security Controls.
Enhance your security and mitigate risk through governance and compliance by developing rational comprehensive documentation and effective communication practices. I leverage over 32 years of distinguished marketing acumen and cohesive writing and publishing, with 18 years of compliance experience to develop creative and insightful governance documentation and communication to build successful Information/Security & Compliance division & strengthening your security posture.
“Experience, leadership, and insight into building and managing centers of information and governance serves as a comprehensive example of his ingenious communication skills.” – M. Webb
• Compliance Systems Management • HiTrust Certified CSF Practitioner. • SOC (Systems and Organizational Controls) 1 & II Type 1 & 2 • HIPAA Compliance (Health Insurance Portability and Accountability Act of 1996) • PCI-DSS (Payment Card Industry Data Security Standard) • Defense Federal Acquisition Regulation Supplement (DFARS) • SOX (Sarbanes-Oxley Act of 2002) • GDPR (General Data Protection Regulation) • Operational Technology (OT) Controls & SCADA Control Systems • AWS Cloud IT Risk & Compliance • Process improvement skills to define, implement and continuously improve processes that improve delivery and operational efficiency. • Stakeholder management – interface with and influence your stakeholders, balancing business needs vs. technical constraints and driving clarity in ambiguous situations. • Operational Excellence – monitor metrics and program health, anticipate and clear blockers, manage escalations. • Authors’ policies, procedures, and governance documents compliant with state and federal guidelines. • Extensive Business Continuity and Disaster Response and Recovery Plans. • Creates and manages Governance, Risk and Compliance Programs and socializing governance across multi-disciplined teams and motivating members. • Authors’ technical and non-technical content across various formats tailored for different channels and audiences. • Creates faultless Correction Action Plans & Efficient Risk Assessments and Mitigation Plans
Rationalized Corporate Goverance Documents provide clear & consise documents protect company assets and operations,m reduce risk and mitigate loss.
HITRUST, TXRamp, FEDRamp, DFARS & SOC Readiness and preparedness for compliance attestations by defining Scope of Work & authoritative sources, developing test & response plan, developing & implementing corrective actions
Compliance standards protect user data, corporate assets, and operations. Rooted in Law, violations often result in fines and levies, loss of business or a severe breach. Gross negligence puts the company and its leadership at risk for litigation, removal, seizure, detention, and incarceration.
Risk mitigation is the process of reducing risk exposure and minimizing the likelihood of an incident. Mitigation requires continuous auditing operations, assets, and people; and modifying your highest risks to reduce its hazards to an acceptable level and maintain business operations.