Case Study: Cloud-based SaaS Company Providing Employee Assessment tools.
Approximately 100 employees
Client has SOC 2 Type 2 and ISO 27001, on-going compliance programs. GMI has supported the client for several years. Current engagement is for full “Managed Compliance Department”, where GMI manages the on-going security operations and compliance as follows:
- Take all Information Security Program governance and oversight roles.
- Support the information security program.
- Maintain and oversee policies, processes and control techniques to address information security requirements.
- Work closely with staff to mitigate identified risks to technical, operational and administrative security controls.
- Mature the process documentation.
- Consult on ISO 27001 scope to optimize efficiencies of the compliance program
- GRC platform implementation and support
- Annual Penetration tests
- Annual IR exercise(s)
- Annual risk Assessments
- Annual Inside Audit
AUDITOR IS INSIGHT ASSURANCE
LinkedIn
Twitter
Email