Trivika (pronounced Tree–we-ka), It’s primary focus areas are: IT Systems Security Architecture • Rollout of enterprise-wide identity and access management infrastructure, secure e-mail and data leakage protection solutions as well as end-to-end encryption. • Review planned approach and system architecture for cloud (AWS and Azure) migration and implementation, including – information security & privacy, single sign-on and continuous monitoring. Third-Party/Vendor Risk Management • Develop contractual terms and conditions library that can be embedded in third-party contracts to protect company and its customer’s interest. • Develop processes for performing third-party risk assessment utilizing tools from ‘Shared Assessment’. • Establish business processes for monitoring adherence to contractual obligations. Security and Privacy Management Practice • Develop security and privacy service as a horizontal practice to establish coordination and participation with every other department within the organization. • Standardize risk library and providing analytical view of risks and rewards. Business Resilience • Develop business resilience plan that goes beyond standard IT disaster recovery procedures, and build testing plan that includes third-party service providers. • Develop ongoing education and awareness program to build a culture of updating business resilience plan as part of the project rollout. Security and Privacy Compliance Management Practice • Develop policies and standards based on common compliance framework that includes Federal, State and Contractual obligations as well as adopted industry best practices. • Develop Governance, Risk and Compliance program utilizing GRC tools.