Define the scope of the project and develop Project Plan and Project Charter detailing the project Stakeholders, responsibilities and project activities
Perform comprehensive review on the domains of the standards or framework and report gaps.
Risk Assessment & Treatment
Identify all information assets across the scope and categorize and classify all the information services and information assets. Perform Risk Assessment & map the security controls based on the results
Based on the risk assessment results, identify and develop the right set of controls for in line with the standard’s guideline and gain approval from the management.
Provide guidance for the implementation of control and processes to mitigate, minimize or transfer risks
Training & Awareness
Conduct Training session for the relevant team for the effective understanding and implementation of the drafted policies and procedures.
Ensure fulfilment of all mandatory requirements of the standard by applying controls and performing internal audits and help in rectification of problem areas if necessary. Identify Corrective and Preventive Action Plans
Support the organization in obtaining certification of the implemented standard.
Define road map and guidance for continuous improvement of the implemented controls to stay in compliant with the standard.