👋 I'm Riann Stroud - Senior Director of Information Security with 25+ years building and leading enterprise GRC programs for Fortune 500 companies. 📊 MY BACKGROUND: • Senior Director of GRC at $3B global healthcare technology company • Led cybersecurity risk programs at Fortune 500 pharma • 10 industry certifications: CISSP, CISA, CRISC, OpenFAIR, CDPSE, CEH, ECSA, CCSK, Secuirty+, A+ • Managed teams of 15+ across governance, risk, compliance, and vendor management ✅ PROVEN RESULTS: • Recovered $400M in post-breach revenue through structured compliance programs • Achieved ISO 27001 certification in under 1 year with ZERO nonconformities • Reduced audit findings from 112 to 3 in just 6 months • Eliminated all SOC 2 Type 2 findings (25 → 0) through control redesign • Cut vendor review cycles from 2 weeks to 3 days using automation • Improved NIST CSF maturity from 1.5 to 3.2 across global operations 🎯 WHAT YOU GET HERE: The exact frameworks, templates, roadmaps, and playbooks I've used to build world-class GRC programs. No theory. No fluff. Just proven tools that have passed real audits, satisfied real regulators, and protected real companies. Whether you're preparing for your first ISO 27001 audit, building a vendor risk program from scratch, or trying to get your CISO to take risk seriously - these are the resources I wish I had when I started. 🔗 Connect on LinkedIn: linkedin.com/in/riannstroud