This assessment was structured as a coordinated team engagement. I designed the SHIELD Framework, scoped the engagement, directed team contributions, and produced all primary deliverables — the Gap Analysis Report, Mitigation Recommendation Report, Risk Assessment Report, and Review and Closure Documentation. My team members held defined vendor risk scopes and contributed evaluation files that fed into my synthesis work.
What this demonstrates: The ability to define scope, coordinate contributors, synthesize distributed outputs into a coherent assessment picture, and produce executive-quality reports. This is the core of what a GRC engagement lead does.
| Role | Name | Contribution |
|---|---|---|
| Engagement Lead | Methodology Design | Risk Analyst |
| Risk Analyst | Divine | Produced the Risk Management Scope Document, Asset Inventory, Data Mapping Table, Risk Register, and Vendor Overview Risk Register. Produced vendor risk evaluation for Intercom and SendGrid (Communication and Customer Experience category). |
| Risk Analyst | Zenny | Scoped and structured the full engagement. Produced the Risk Management Scope Document, Asset Inventory, Data Mapping Table, Risk Register, and Vendor Overview Risk Register. Produced vendor risk evaluation for KYC Vendor and Fraud Detection Vendor. |
Synthesis note: All three vendor evaluation files were reviewed, cross-referenced, and consolidated by into the Unified Vendor Risk Register (D-08) — the single source of truth for all third-party findings in the Gap Analysis and Risk Assessment Report.