Services:  Improve New Business Opportunities & Minimize the Risk with  CyberSecurity Governance 


Finding ways to encourage a Governance, Risk Management and Compliance  culture !


 

     GRC Overview : DNA

  • High-Level : Board of Directors & Top Managers;
  • Governance Culture : Process, People & Technology;
  • Long Term Targets : Business Strategies, Business Plan, Technology Plan, Investment Plan, Training Plan Portfolio/Programs, Budget, Expectations & Results;
  • GRC DNA : Structure, Resources, Culture, Audit Reports, Security, Results & Lessons Learned;
  • GRC Roles & Responsabilities : RACI
  • Validation: GAP, SMART, Business Cases, Simulation;
  • Presentation: Underlying  Assumptions, Critical Gaps 

 

 

 

GRC Analysis : High Level

  • Risk Management : Structure, Resources, Reports & Action Plan;
  • Special Status Report: Business Continuity, CyberSecurity Incidents, Internal Controls, Fraud & Compliance;
  • Special Events : Internal & External Audit Reports & Action Plan Status
  • Documentation : BIA, BCP, DRP, Comunication Crisis Plan, RACI, Project-Program-Portfolio Plan, Development-Test-Maintenance-Production Requirements, Policy Templates, Incidents, Crisis  & Lessons Learned;
  • Third Party : Contracts, Reports & Indicators;
  • Data Governance : Culture, Documentation & Results;
  • Legacy Systems : RACI, Integration & External Interfaces;
  • Technology: Platform, Infrastructure, Systems, Operational Environment, Resources, Asset, New Technology Challenge, Contracts, Partners and Problems;
  • Simulation & Test: Analysis Validation; 
  • Presentation: Underlying Assumptions, Critical Gaps & FCS

 


         Adherence to  Best Practices (GRC Frameworks) 

 

 

     

GOVERNANCE:

  • Corporate Governance Culture
  • GRC Best Practices diagnostics
  • Support GRC steps planning
  • Risk Management Culture Review
  • Compliance Culture Review
  • CyberSecurity Governance Culture
  • Platform GRC Stage

 

 


     

MANAGEMENT: 

  • GRC Framework & Tools & Metrics
  • Data Governance Maturity
  • Information Security (ISO 27001) Processes
  • CyberSecurity Structure & Resources 
  • Access Control Maturity
  • Business Continuity Planning 
  • Compliance & Internal Control & Fraud
  • Internal Audit
  • IT  Structure
  • Third Parties & Services Controls
  • RACI

 

 

       Build Business Scenarios (Emergencial & Short)

 

 

 

 

      Build Business  Scenarios (Strategic Plan)

 

        Business  Integration Validation