Initializing
01 / 08
Fabien Bremmer
Curriculum Vitae

FABIEN
BREMMER

Senior Manager — Technology Risk · AI Innovation

🛡️ SAP Security & GRC ERP Transformations 🔒 IT Audit & Risk ⚡ Agentic AI Platforms Identity & Access 🔗 MCP Server Development Program Management
Profile

Driving Secure
Transformations

0
Years of Experience
0
Professional Certifications
0
Applications Secured
0
Major Transformations Led

Result-driven and people-oriented Senior Manager with deep expertise in IT Governance, Risk & Compliance, SAP Security, and ERP Transformations.

From Security by Design initiatives at Heineken to SOx Compliance at Booking.com — I advise senior stakeholders, manage cross-functional teams, and ensure risks are managed across the full landscape.

What sets me apart: I build AI-powered platforms and autonomous agents that transform how organizations approach risk and compliance — combining deep GRC expertise with cutting-edge technology.

Career

Professional Experience

Senior Manager Technology Risk 2021 — PRESENT
Protiviti Netherlands

Leading complex engagements across IT GRC, SAP Security, Business Process Redesign, and Project Risk Management. Key role in large-scale SAP transformations, Security by Design, and AI-driven innovation.

IT Auditor 2020 — 2021
De Volksbank

Internal audits on ICF, Agile/DevOps, Data Management, Incident & Problem Management. Supporting the organization's digital transformation.

IT Risk Consultant 2018 — 2020
Deloitte Risk Advisory

External IT Assurance for Financial Statements and SOC/ISAE reports. Integrated audits combining business process controls and ITGCs.

Consultant & Project Manager 2016 — 2018
PHC Tailored Telecom

Sales, delivery, and project management of Unified Communications solutions. Managing client relationships, budgets and cross-department coordination.

Impact

Key Engagements

FLAGSHIP PRODUCT
EVIDENT

Agentic Governance Platform

An AI-native platform that orchestrates autonomous agents across six governance domains — from identity lifecycle to audit evidence — replacing fragmented manual processes with intelligent, self-governing workflows.

🔐
Identity Governance
Automated user lifecycle, access provisioning, role mining, and SoD analysis across SAP and beyond
🛡️
Controls & Assurance
Continuous control testing, automated evidence collection, and real-time assurance dashboards
⚖️
Risk & Decisions
AI-powered risk scoring, intelligent risk treatment recommendations, and decision audit trails
📋
Evidence & Audit Trail
Immutable evidence chains, automated documentation, and audit-ready reporting packages
🔗
Integrations & Data Trust
Native connectors for SAP, Azure AD, Workday, and more — with data quality and lineage tracking
👁️
Governance & Oversight
Policy orchestration, compliance mapping, and executive governance dashboards with AI insights
Differentiator

AI-Augmented
GRC Consulting

I don't just advise on GRC — I build the tools. From custom MCP servers that interface directly with SAP systems to knowledge bases that autonomously surface best practices and procedures during live engagements.

⚡ MCP Servers
Custom Model Context Protocol Servers
Purpose-built MCP servers that extend AI capabilities with deep enterprise system access and domain knowledge.
📚
GRC Knowledge Base MCP
250+ curated documents covering SAP security, audit procedures, compliance frameworks, and best practices — accessible in real-time by AI agents during engagements.
⚙️
SAP ABAP Connector MCP
Direct SAP system access via RFC function modules — enabling autonomous execution of transactions, data extraction, and security configuration analysis.
CASE STUDY

By combining both MCP servers, I conducted a fully automated Penetration Test on a SAP S/4HANA system. The Knowledge Base MCP provided the approach, procedures and good practices from SAP literature, while the ABAP MCP server autonomously executed the tests via RFC — delivering a comprehensive security assessment with minimal manual effort.

🤖
Agentic AI Workflows

Designing and deploying autonomous AI agents that execute complex GRC tasks — from risk assessments to compliance checks — with human-in-the-loop oversight.

AI-Driven Audit & Compliance

Automated control testing, continuous monitoring, and intelligent risk scoring through custom AI frameworks and data pipelines.

🔗
Enterprise Connector Development

Data connectors for SAP (RFC/OData), Microsoft Graph, SCIM 2.0, and REST APIs — enabling automated GRC data extraction across the landscape.

📊
Data Analytics & Visualization

Power BI integration, advanced data transformation, and interactive dashboards for real-time risk insights and executive reporting.

🧠
LLM Prompt Engineering & Skills

Building specialized AI skill sets and prompt frameworks that encode deep GRC domain knowledge into reusable, production-grade AI capabilities.

Credentials

Certifications & Education

CISA
CISA
Certified Information Systems Auditor
ISACA
CISM
CISM
Certified Information Security Manager
ISACA
CRISC
CRISC
Certified in Risk & Information Systems Control
ISACA
RE
RE
Register EDP-Auditor
NOREA / IIA NL
CSM
CSM
Certified ScrumMaster
SCRUM ALLIANCE
Pursuing
CGEIT
CGEIT
Certified in Governance of Enterprise IT
ISACA
2018 — 2021
Executive Master of IT Auditing (RE)
TIAS School for Business and Society
2011 — 2015
Bachelor of Business Administration
Avans University of Applied Sciences
Let's Connect

Ready to transform
your risk landscape?

Whether it's SAP Security, GRC strategy, ERP transformation, or AI-driven innovation — let's explore how I can help drive secure, intelligent outcomes.

+31 6 50 05 52 45 WhatsApp
fabien_bremmer@hotmail.com
linkedin.com/in/fabien-bremmer
Boxtel, Noord-Brabant, Netherlands
Available for engagements