Bennett Robinson
CIPP/US, PMP, GRCP

Security, Privacy, and Compliance

Welcome. I'm Bennett Robinson, a dedicated professional specializing in building practical and effective Governance, Risk Management, and Compliance (GRC) programs. With extensive experience in Information Security and Data Privacy, I help organizations navigate complex regulatory landscapes, mitigate risks, and achieve crucial compliance certifications like SOC 2, PCI-DSS, and ISO standards.My background involves stepping into organizations, assessing needs, and implementing tailored solutions that align with both current operational realities and future strategic goals. Whether it's establishing risk management frameworks from scratch, refining data privacy policies, managing third-party risk, or ensuring robust information security postures, I focus on delivering actionable strategies and fostering a culture of security and compliance.

Photo of Bennett Robinson

Governance, Risk, and Compliance Leader

Highly experienced with Governance, Risk Management, and Compliance (GRC) efforts I am particularly adept at building and implementing robust governance structures to meet and exceed audit requirements. My focus is on developing practical, risk-based solutions aligned with operational needs and strategic objectives.My track record includes the deployment and maintenance of common control frameworks (SOC 2, PCI-DSS, ISO 27001/27701), establishing comprehensive risk management programs (NIST RMF, COSO, ISO guidance), conducting risk assessments across all organizational levels, and managing the full lifecycle of Third-Party Risk Management (TPRM).

Information Security & Data Privacy Expert

My track record is centered around Information Security and Data Privacy, where I have been a leader with a strong background in developing, implementing, and managing comprehensive security and privacy programs. I have served as Data Protection Officer (DPO) at multiple organizations, and have repeatedly demonstrated the ability to implement and improve data privacy programs to meet complex state (CCPA/CPRA), federal (HIPAA-BA, COPPA), and international regulations (GDPR).I am adept at managing high-volume DSAR processes, conducting security and privacy assessments (PIA), implementing physical and technical security measures, and providing expert consultancy on privacy best practices within an AWS environment using tools like Vanta and TrustCloud.

Team Builder in Any Environment

My background has allowed me to excel at collaborating with senior leadership and cross-functional teams to achieve compliance certifications, mitigate risks, and meet demanding deadlines. I have served in positions requiring collaboration across several siloed departments, reporting directly to Board members, and championing compliance efforts within an orgainization.

Bring a Problem Solver to the Table

Let's connect to discuss how I can help your organization strengthen its governance and security foundations.