Projects

Experience Overview

A concise summary of my hands-on projects in GRC, including ISO/IEC 27001 implementations, GDPR compliance, and risk assessments.

Skills

Core Competencies

• Governance, Risk, and Compliance (GRC)

• Risk assessments and risk registers

• Compliance documentation and control design

• Regulatory analysis (GDPR, ISO 27001, PCI DSS)

• Policy and procedure development

• Third-party / vendor risk assessment

• Data protection and privacy governance

Technical & Compliance Skills

• GDPR compliance (DPIA, RoPA, DSAR, breach response)

• ISO/IEC 27001:2022 controls and documentation

• PCI DSS compliance documentation

• Risk treatment plans and mitigation tracking

• Compliance checklists and frameworks

• Evidence collection and audit preparation

Tools & Working Methods

• Compliance documentation (Word / PDF)

• Risk registers and tracking (Excel / Sheets)

• Structured compliance templates

• Framework-aligned documentation (NIST, ISO)

Core Services

Focused on governance, risk, and compliance frameworks including ISO 27001 and GDPR.

Risk Assessments

Conducting thorough risk evaluations aligned with NIST standards to identify vulnerabilities.

Cloud Infrastructure Risk Assessment

Remote Work Risk Assessment

Vendor / Third-Party Risk Assessment

Physical Security Risk Assessment

Compliance Docs

Developing and maintaining clear documentation for ISO/IEC 27001 and GDPR compliance.

Data Breach Response Plan

Data Retention & Disposal Framework

Data Classification & Labelling Framework

Security of Data

Gallery

Snapshots of my compliance and risk management projects.