You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Alexandre M.AM

Alexandre M.

Consultant compliance (SAPIN 2 / GDPR)

€675/day
Bordeaux, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Alexandre

With a legal background and 5 years of experience in risk management and compliance projects, I offer my audit and consulting services to companies.

To do this, I offer the following services:

- Mapping of the company's risks;
- Development and conduct of training workshops (impact analysis of personal data processing, management and reporting of internal alerts, awareness of procedures and their application, serious games);
- Drafting of internal procedures;
- Impact assessments in terms of data protection;
- Support for purchasing departments (private or public) in assessing the compliance of third parties (service providers, suppliers, etc.);
- Deployment of reporting tools (KPIs, Power BI);
- Conducting organizational audits.

As such, I participate in the creation of internal control or permanent control services in the structures for which I work in order to respond to regulatory challenges and better manage risks, by involving all stakeholders (Board of Directors, presidency/management, business lines).
I also have a varied knowledge of business areas (legislation, business needs, external risks, etc.). I have also deployed audit frameworks in order to disseminate a risk culture (submission, control and validation) promoting the generation of evidence of actions taken.

My working methods are based on existing standards or norms (CIA, ISO 9001, Ebios RM, Coso RM).
During my experiences, I have used different tools in risk management (PIA 3.0 open source software, OneTrust, SAP risk management) allowing me to be adaptable to the client's environment.

If you would like to know more about my background and tell me about your project, please do not hesitate to contact me, I will be happy to assist you.

  • English

    Native or bilingual

  • Dutch

    Conversational

  • French

    Native or bilingual

Can work on-site
Bordeaux (up to 50km), Toulouse (up to 10km), Lyon (up to 100km)

Experience

  • Fondation John Bost
    Compliance Officer / Data Protection Officer
    MEDICAL
    October 2021 - Today (4 years and 8 months)
    Bordeaux, France
    As part of my activities, I carry out a set of varied missions with my internal clients, which are:

    - Audit and mapping of processing (conducting interviews, drafting reports)
    - Management of simplified compliance requests with the CNIL, in particular for research projects
    - Conducting impact analyses with various internal clients
    - Supporting business lines in change management (implementation of dematerialized archiving procedures, management of subcontractors)
    - Development of risk mapping based on the COSO RM method (assessment of risks at each level of governance, business risks, legal risks)
    - Work on the creation of the whistleblower system (management of the collection and processing of alerts according to the wiserman law and decree)
    - Implementation of an internal control committee
    - Training of employees on data protection (implementation of serious games)

    As part of the management of my files, I collaborate with all business lines, but my privileged contacts remain the General Management, the Information Systems Security Manager, the service directors and the establishment directors.
    Legal advice Project management Communication strategy Change management Corporate strategy Risk analysis
  • SCANIA France SAS
    Data Protection Officer / Digital Risk Manager
    AUTOMOBILE
    March 2020 - September 2021 (1 year and 6 months)
    Angers, France
    Under the direction of the Compliance Director, whose department is attached to the company's president, I was invested with various missions on digital risk management.
    My job was to implement a digital risk management method that I reported to the various teams of the company but also to the parent company in Sweden. 75% of my work was in English.

    Among the work accomplished

    With the purchasing department
    - Development of a procedure for evaluating digital service providers for the purchasing department (evaluation criteria and assigned risk levels)
    - Training of the purchasing department in the use of evaluation methods
    - Implementation of a risk monitoring tool to work on management methods
    - Contractual audits and updating of the company's contracts

    With the SCANIA group:
    - Management of compliance in terms of data protection, in particular in connected services
    - Drafting of procedures
    - Drafting of feedback on Group policies
    - Participation in a data management project (management of license risks of various suppliers and drafting of a consortium project)

    With the company's business lines:
    - Training in the use of due diligence software
    - Training in risk management principles and risk reporting to the compliance and legal department
    Legal advice Audit Risk mapping Training Microsoft 365 OneTrust Due Diligence Sapin 2
  • Association de lutte contra la maladie de fatigue chronique
    Independent consultant
    MEDICAL
    March 2019 - September 2019 (6 months)
    Adélaïde, Australia
    Solicited by an association of doctors who wanted to develop diagnostic software for the detection of chronic fatigue syndrome, I traveled to Australia for 3 months to meet the teams and collect the needs.
    In view of a partnership with a German clinic, the team in charge of development had to create "GDPR Compliant" software.

    For a period of 3 months, I therefore:
    - Drafted a security policy in consultation with the teams;
    - Drafted a draft subcontracting contract for the intervention of Australian doctors and the software publisher in the context of the transmission of data between the clinic and themselves;
    - Trained all personnel in charge of deploying the software in data protection by registering the "Privacy by design"

    To date, the association has obtained funding from the State of South Australia. However, the project with the clinic did not succeed due to the unavailability of Australian doctors.
    Pedagogy Project management English International law Compliance Software as a Service (SaaS)
Check out Alexandre's experience

Recommendations

Be the first to recommend Alexandre

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • MASTER 2 BANKING LAW AND COMPLIANCE
    UCA
    2016
    - Formation aux enjeux réglementaire bancaires (nationaux et principalement européens) - Maîtrise des régimes juridiques relatifs aux différents opérateurs de services bancaires - Maîtrise des risques systémiques bancaires - Compréhension du fonctionnement des autorités de contrôle

Certifications

  • Data protection
    CNIL
    2018
  • Certificate of knowledge of digital risks
    ANSSI
    2018

Skill set (42)

Legal project management
Risk mapping
Supplier evaluation (due diligence)
BPMN
Microsoft 365
Register of processing of personal data
Management of personal data breaches
Internal audit
Contractual audits (reports and recommendations)
Knowledge of open source software
Agile method
Lean startup
GDPR
GDPR Compliance
Management of personal rights
DPO
Risk Management
GDPR
ISO 27002
PIA
EBIOS RM
Legal advice
Project management
Communication strategy
Change management
Corporate strategy
Risk analysis
Audit
Training
OneTrust
Due Diligence
Sapin 2
Pedagogy
Project management
English
International law
Compliance
Software as a Service (SaaS)
Risk analysis
Strategic planning
Agile methods
Data analysis

Categories