DANIEL TANNER
Indianapolis,IN
Summary
Risk Management Advisor with 8+ years of second-line experience overseeing third-party risk across highly regulated industries. Proven expertise in credible challenge, KPI/KRI reporting, and execution of full TPRM lifecycle, from onboarding and due diligence through monitoring and termination. Adept at aligning vendor oversight with financial services regulations (OCC, FFIEC, OSFI), enhancing governance strategies, and advising business lines on risk remediation. Strong communicator with a track record of building trust with executives and improving enterprise risk posture through actionable metrics, policy implementation, and control testing.levels.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Vendor Risk Advisor
FedEx Corporation
02.2025 - 04.2025
- Managed user access for SRM, aiding 2000+ experts in risk assessment, enhancing compliance
- Resolved service tickets swiftly, boosting operational efficiency and team collaboration.
- Analyzed risk data, creating executive dashboards for strategic decision-making.
- Maintained risk process documentation, ensuring consistent operations and compliance.
Assistant Vice President, Risk Analyst
Regions Bank
01.2024 - 02.2025
- Co-led the Exception Review Panel (ERP), executing second-line oversight of escalated standard exception cases and ensuring alignment with organizational risk appetite, compliance frameworks, and regulatory expectations.
- Directed the IT Standards Governance Program, overseeing annual reviews mapped to NIST and FFIEC guidelines, with formal remediation tracking and exception management.
- Conducted Integrated Risk Assessments (IRAs), quantifying residual risk exposure and providing risk treatment recommendations to enhance control environments.
- Designed and implemented business risk metrics to monitor key risk indicators, triggering remediation protocols when thresholds were breached across enterprise units.
- Collaborated with first-line stakeholders to document residual risk acceptances and delivered executive-level risk summaries to inform strategic decision-making.
Advisory Consultant
Deloitte LLP
11.2021 - 10.2023
- Led 50+ independent software license compliance assessments, validating contractual adherence and mitigating audit and regulatory risk across diverse client environments.
- Partnered with stakeholders to evaluate third-party risk management (TPRM) program maturity, delivering actionable recommendations and building target-state roadmaps aligned with regulatory expectations.
- Designed and operationalized end-to-end TPRM frameworks, including operating models, policy and procedure development, playbooks, risk scoring models, regulatory mapping, RACI charts, and concentration risk reporting.
- Spearheaded the implementation of GRC technology platforms (i.e., Archer, OneTrust, ServiceNow, Process Unity) to centralize third-party inventory, automate risk assessments, and enhance issue tracking and reporting.
- Cultivated and managed executive-level client relationships (CIOs, CTOs, CISOs, CPOs), serving as a trusted advisor on third-party and cyber risk governance.
- Drove go-to-market strategy for professional cyber risk services, including assessments against EBA guidelines, cross-border data transfer compliance, ISO 9001 readiness, and incident response programs.
- Implemented enterprise-wide TPRM information security processes aligned with the NIST Cybersecurity Framework (CSF), including risk identification, assessment, and mitigation controls, as well as continuous monitoring and improvement of third-party security posture.
IT Risk Analyst
Moody's Corporation
02.2021 - 11.2021
- Assessed security practices of third-party population to ensure data protection in alignment with enterprise risk appetite.
- Conducted 150+ security assessments and presented technical information to various levels within organization.
- Presented technical information technical and non-technical audiences to ensure business lines understand program assessment results.
- Presented treatment recommendations to various levels within organization, up to and including senior management
- Maintained Moody's internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable
Senior Risk Management Professional
Humana Inc
07.2020 - 02.2021
- Developed and implemented Third Party Risk Management Framework to drive risk identification, assessment, and response efforts in alignment with organization's goals and risk appetite
- Implemented ongoing monitoring and review process of third parties across key risk areas (e.g., information security, business continuity, privacy, compliance, fraud)
- Implemented Third Party Risk Awareness program for First Line Risk Owners to drive transparency and accountability of risk per assigned risk portfolios
- Implemented Vendor Watch List for all Critical, Tier 1 and Tier 2 vendors with ongoing operational performance issues
Senior Vendor Risk Analyst
Assurant
11.2019 - 07.2020
- Created Vendor Risk Management Framework to align with industry standards and best practices (i.e ISO/IEC 27001, NIST CSF, NIST 800-53, OCC Guidance)
- Aligned framework to creation of department policy, procedures, risk appetite
- Advised on implementation effort and cost benefit of Governance, Risk and Compliance tool(s)
- Created structure for risk and control assessments, due diligence, risk treatment and risk and control monitoring
Vendor Risk Analyst
Federal Home Loan Bank of Indianapolis
04.2018 - 11.2019
- Conducted risk assessments for vendors, identified and documented control gaps, and presented results to support management action, escalation, and risk acceptance processes
- Reviewed vendor due diligence materials (i.e. SSAE 18 reports, penetration testing reports, etc.), identify potential issues, and follow up for unresolved issues
- Interpreted, identified, and prioritized risk based on impact and likelihood and impact
- Provided guidance to Business Units regarding policy interpretation expectations to comply with Vendor Management/Vendor Risk Policy and regulatory requirements
- Implemented Vendor Watch List for all Tier 1 and Tier 2 vendors with ongoing operational performance issues
- Created Risk Appetite Statement for Vendor Management Program
Procurement & Billing Specialist
Federal Home Loan Bank of Indianapolis
04.2015 - 04.2018
- Effectively manage significant vendor relationships and build processes and communication channels to incorporate areas such as Legal, OMWI, and Information Security early in sourcing due diligence phase as well as during ongoing review efforts resulting in early identification of potential project issues and better overall risk profile
- Manage multiple vendor sourcing projects from due diligence through fruition and contract execution. Ensure annual service levels are achieved
- Review contracts for language requirements specific to vendor need, monitor and assure compliance with terms and conditions of contract
- Provide corporate-wide guidance in monitoring of critical third party relationships to ensure awareness and understanding of vendor process, consistent quality service, and reduced risk for FHLB Indianapolis and business units
- Provide training and ongoing monitoring of projects and vendor tracking during acquisitions, mergers and conversions
- Implement, maintain and ensure all guidelines and processes set by FHFA are adhered to in banking environment(s)
- Participate in banking audits throughout numerous areas of organization
- Updated and maintain Vendor Management program and procedures (VMPP)
Education
Bachelor of Science - Management
University of Phoenix
Indianapolis, INSkills
- Third Party Risk Governance
- Risk Assessment & Residual Risk Evaluation
- Issue & Exception Management
- TPRM Lifecycle Management (Onboarding to Termination)
- Regulatory Mapping (OCC, OSFI, FDIC, FFIEC, GDPR, CCPA)
- KPI/KRI Tracking & Reporting
- Risk Metrics
- Data Storytelling for Executive Reporting
- Performance Monitoring & Concentration Risk Analytics
- NIST CSF & NIST 800-53
- Executive Presentation & Risk Summarization
- Critical Thinking & Problem Solving
Certification
- Certified in Risk and Information Systems Control (CRISC)
- Certified Third Party Risk Professional (CTPRP)
Timeline
Vendor Risk Advisor
FedEx Corporation
02.2025 - 04.2025
Assistant Vice President, Risk Analyst
Regions Bank
01.2024 - 02.2025
Advisory Consultant
Deloitte LLP
11.2021 - 10.2023
IT Risk Analyst
Moody's Corporation
02.2021 - 11.2021
Senior Risk Management Professional
Humana Inc
07.2020 - 02.2021
Senior Vendor Risk Analyst
Assurant
11.2019 - 07.2020
Vendor Risk Analyst
Federal Home Loan Bank of Indianapolis
04.2018 - 11.2019
Procurement & Billing Specialist
Federal Home Loan Bank of Indianapolis
04.2015 - 04.2018
Bachelor of Science - Management
University of Phoenix
Similar Profiles
Quirino Barbo IIIQuirino Barbo III
Yard Switcher/ Package Handler at FedEx CorporationYard Switcher/ Package Handler at FedEx Corporation
Michael KirkmanMichael Kirkman
Package Handler Trainer at FedEx CorporationPackage Handler Trainer at FedEx Corporation
Zachary WongZachary Wong
Maintenance Technician II at FedEx CorporationMaintenance Technician II at FedEx Corporation
Jide AdeshiyanJide Adeshiyan
Associate Operations Manager at CSL PlasmaAssociate Operations Manager at CSL Plasma
Jordan StoneJordan Stone
Customer Service Representative at United AirlinesCustomer Service Representative at United Airlines