Conduct independent risk management assessments, evaluations and identify control expectations with primary focus on information technology, information security. Identify operational risk issues and assign risk ratings consistent with established policies...