Lee Clark

• Conduct due diligence for all new and existing vendors
• Manage pipeline of incoming requests from sourcing and work with internal stakeholders to create a risk profile at the engagement level during RFP process based on business needs
• Determine scope for due diligence assessment based on risk profile and send questionnaires to vendors. Ensure responses are received timely and review questionnaires for completeness. Follow-up as needed for incomplete questionnaires or clarifying questions.
• Work with business partners to negotiate contracts and select vendors during RFP process based on vendors information security practices, business continuity plans and financial performance.
• Engage with vendors and conduct continuous monitoring to maintain up-to-date information on vendor information security and controls environments, business resiliency plans and financial performance.
• Coordinate with cross-functional review teams within Legal, Cybersecurity and Business Continuity to ensure reviews are progressing and work with SMEs to create risk mitigation strategies for key vendors.
• Track key performance and key risk indicators and create reports using PowerBI
• Support the on-going development and improvement of the Third Party Risk Management program

• Build risk management program and drive risk mitigation strategies
• Develop risk assessment methodology, including designing a risk impact scale, probability scale, overall heatmap, and response time SLAs
• Utilize this methodology to conduct risk assessments and review key processes
• Perform in-depth financial analysis to calculate Maximum Foreseeable Loss (MFL) and Maximum Probable Loss (MPL) of financial risk events which requires leveraging multiple data sources
• Work with SMEs across AWS to analyze risk events that have legal and regulatory, compliance, reputational, cyber security and operational impacts
• Create a risk and control register to consolidate risks across AWS and identify high risk areas and processes
• Summarize this data in a manner that is accessible to AWS leadership and other non-risk AWS employees including the operational teams
• Use this register to develop overall risk mitigation plan for AWS and direct the audit team towards high risk areas
• Focus in on highest risk areas and conduct control reviews, which includes control design review and control effectiveness testing as needed
• Recommend control changes or introduce new controls and work with operational teams to implement these new controls
• Developed an operational control review program, establishing a regular cadence to ensure performance and intended function of operational controls and elevate these controls to SOX controls if needed
• Partnered with other AWS risk teams to drive an overall compliance initiative for General Data Protection Regulations (GDPR) within Commerce Platform
• Achieved AWS CyberSecurity Guardian designation for work to reduce delta monitoring violations and improve overall security posture

Responsible for Amazon client account.

• Partner with Amazon to data mine Amazon systems and identify potential vendors for audit based on spend, industry, and risk factors.
• Support financial recoveries, identify root causes and recommend system improvements to facilitate future cost savings.
• Led audits that resulted in $10MM+ findings. Responsible for highest recovery amount on a single audit in 2020 and 2021.
• Review contract documents to determine key financial related provisions.
• Assess systems and controls to determine potential areas of risk and non-compliance
• Collect and analyze transaction level data for accuracy and appropriateness. Leverage multiple audit tools to design advanced testing models.
• Conduct full population testing as necessary to verify and validate billings, or parse and stratify data sets for statistical sampling and extrapolation.
• Lead audit report preparation and communication of findings to client and vendors in a clear, concise and collaborative manner.
• Assist with talent acquisition and employee management.
• Expand upon and create new software guides for employees. Manage and broaden Excel knowledge library as Excel SME.
• Responsible for interviewing potential auditors and conducting technical ability assessments.
• Train new employees on technical skills, including Excel, IDEA, sampling, extrapolation and risk analysis.

• Perform on-site field audits, including testing on cash, raw material and finished good inventory, accounts receivable, and other potential collateral pools.
• Reconcile GL accounts to financials. Re-calculate and evaluate GL reserves for reasonability.
• Review process flow for inventory and cash collection.
• Prepare comprehensive reporting for clients engaged in asset-based lending. Calculate borrowing base certificate and recommend reserves.
• Perform physical counts of inventory.