Marie Ngonde

• Assessing and monitoring risks associated with third-party vendors, suppliers, and partners.
• Assisting in employee training on compliance and risk management
• Conducting due diligence on potential and existing third-party relationships.
• Developing and implementing risk assessment frameworks and methodologies.
• Analyzing contractual agreements to ensure compliance with company policies and regulatory requirements.
• Performing regular risk assessments and audits of third-party vendors.
• Conducting audits and risk assessments
• Creating and maintaining documentation related to third-party risk management processes.
• Staying up-to-date with relevant regulations and industry best practices.
• Providing recommendations to management on risk mitigation strategies.
• Assisting in development and implementation of third-party risk management policies and procedures.
• Monitoring and reporting on key risk indicators related to third-party relationships.
• Monitor vendor security performance and identify areas for improvement
• Work collaboratively with other functions, including legal, privacy, vendor management, IT and the business to achieve strategic goals.

.Provide regular reports to senior management on program activities and KPIs

• Reviewed audit and monitoring reports related to consumer and client activities.
• Stayed current with latest changes to applicable regulatory standards and company procedures.
• Supported and trained customers on compliance-related issues.
• Prepared documentation and records for upcoming audits and inspections.
• Performed deep audits of area to assess compliance with type of standards.
• Manage and execute on assigned workstreams in conjunction with GRC team members, partnering with stakeholders in the organization as well as external auditors to facilitate scoping, fieldwork, and reporting.
• Helped in growing GRC department, assisting in the execution of GRC initiatives, such as security attestations (PCI, SOC 2, ISO 27001), and vendor risk management.
• Developed improvement and corrective action plans to bring operations in line with requirements.
• Identified gaps in existing compliance processes and recommended updates.
• Developed risk assessment models to identify potential compliance risks.
• Completed field checks to verify licenses and permits for various business.
• Confirmed data and licensing information through investigations and notified violators of required changes to bring operations into compliance.