Marianne Barnes

Sr. Compliance Consultant

Marianne is a Cyber Security professional with 20 years of experience at Sanofi, a large global Pharmaceutical / Biotech organization. In 2019, she worked closely with the Global Privacy and Legal teams at Sanofi to create and implement a comprehensive program with tools and training to ensure employees, contractors and computer systems were in compliance with the Global Data Protection Regulation (GDPR).

Previous to this she led a team of 30 technical experts who were responsible for assessing and implementing security and quality controls to ensure that they were in compliance with regulatory laws (FDA, HIPAA, Sarbanes-Oxley and GDPR). She successfully implemented large Cyber Security and Quality programs that included:

  • Awareness training program for IT and End Users
  • Global Computer Security and Quality and Compliance policies and procedures, including annual review and updates
  • Computer Security Standards & Technical Guidelines for computer systems
  • Incident Response plans and exercises
  • Risk Assessments of infrastructure, operating and application systems
  • Third Party Risk Assessments / Audits of Computer Systems
  • Vulnerability Assessment and Penetration Testing

Since joining QACV, Marianne has led the efforts in the following areas:

  • Application Security Assessments and remediation activities
  • General Data Protection Regulation (GDPR) and Privacy assessments and remediation activities
  • Developed and deployed training and awareness programs for the General Data Protection Regulation (GDPR)
  • Plan, conduct and report results of Computer Systems Validation activities and gap analyses.
  • Plan, conduct and report results of Computer Systems audits, including audits of distribution centers; trial master files; contract manufacturers and PETNET solutions.
  • Implemented an improved Computer Systems Compliance program, including Computer Validation for computer software companies
  • Led the development of remediation plans for observations which were identified through internal or external audits
  • Audited critical suppliers including medical device, pharmaceutical, packaging, inventory, software and service providers against USFDA 21 CFR, ISO 13485, ISO 9001, ISO 17025, ISO 27001 and ISO 27701