What it's like to Work as a Governance, Risk, and Compliance Manager
This month we’re interviewing Anita Walker, a Governance, Risk, and Compliance (GRC) Manager at MindPoint Group (MPG) and one of our resident Assessment and Authorization (A&A) experts. In this interview, you’ll read about Anita’s experience supporting MPG customers.
Walk us through your typical day in GRC?
The beauty of managing a GRC program is that there is no typical day. However, the goal of A&A is to present the customer with their overall risk posture from an IT perspective. As a manager, my role spans across several components, such as helping customers create and update required policies, ensuring compliance of those policies, identifying and inventorying information system boundaries, and providing audit readiness support. In order to accomplish these goals, my team and I work closely with various organizational groups. One of the most important is the internal Technical Evaluation Team (TET). MPG team members assist the TET with reviews of change request submissions, ensuring that all requirements are adhered to before it is presented to the Change Advisory Board. Once these changes are approved, we work closely with the Authorizing Official to ensure all risk presented is understandable before acceptance.
When did you first know you were interested in technology and security?
As a kid, I was always interested in the mechanics of electronic devices. Whenever I came across an unused or broken device, I would take it apart and try to fix it. Though I was not always successful, the experience taught me to appreciate the genius of engineering. While working as helpdesk support for an IT consulting firm, I was asked to support an Information Assurance (IA) team creating and editing documentation for the information systems. I had no idea what IA was, but I was excited for the chance to learn about it. My first task was to study the National Institute of Standards and Technology (NIST) special publications and associated requirements documentation. The more I was able to familiarize myself with NIST and its applicability, the more fascinated I was to learn about the need to secure information.
What are the biggest challenges you face in a day?
Because GRC covers so many areas, there are different challenges on any given day. The most common and impactful challenge I have experienced is the customers internal competing priorities. Sometimes it can be difficult to know where to begin necessary tasks if the leadership team does not share the same views. This can cause delays that will greatly impact a project or plan in the future.
What is your favorite part of your job?
My favorite part of the job is having my customer tell me how much the effort and hard work of my team is needed and greatly appreciated. My current project is for an agency that has never had an A&A program. MPG was brought onboard to build and execute A&A activities from the ground up. This means that not only are we expected to successfully obtain Authorizations to Operate for IT boundaries, but we educate staff employees on the ways of A&A and risk management. It is always the goal of the GRC team to build trusted relationships with our customers.
Why do you love cybersecurity?
I love knowing that I can help make a difference. Because of MPG’s sole focus on cybersecurity and emphasis on employee education, we’re able to continue to share much-needed knowledge with our customers and assist them with any challenges that arise. Knowing that we’ve helped others succeed is such a rewarding experience and a huge reason why I love what I do.
What do you like to do outside of work?
My favorite thing to do is cook and trying out new recipes whenever I get the chance! My family is from the West Indies, so culturally, food is very important in my family, and I really love to eat good food. I also enjoy competitive activities. In the Spring, I play on a kickball team with some of my fellow MPG team members and customers. I have an 80-pound chocolate lab who is full of energy and demands a lot of outdoor time. Sports and sporting events are a huge passion of my husband (and now mine), and as a native Washingtonian, I am always found cheering on the Nats, Wizards, Caps, and the Skins!
Favorite book you read and/or podcast you listened to?
One of my favorite book series is the Bourne trilogy. I also love Catcher and the Rye—I have read that book several times, and each time I read it, I gain a different perspective of each character. I am also a fan of the author Paulo Coelho, with the Alchemist being my most preferred.
What is your favorite part of MindPoint Group?
There are so many things that I enjoy about working at MPG, so I’ll try to narrow it down to just a few. To start, I really value how the MPG business model is very employee-centric. There’s a huge focus on employee education and enhancement that is driven by our leadership. I appreciate that all of the four partners work directly with employees and customers, which shows how very involved and invested they are. I also appreciate that leadership is receptive to programs that support employees like our current Mentorship Program pilot and upcoming management training segments. It is nice to know that your ideas or suggestions are supported from the top down, and I think it impacts the company in such a positive way.
Interested in joining the MindPoint Group team? Check out our job postings to learn more.