An effective Cyber Security program begins with a robust Governance, Risk and Compliance (GRC) framework, processes and implementation.

Dunamis Consulting can assist clients with establishing a robust GRC framework and putting in place measures to continuously evaluate the effectiveness of their security which enables the organisation to monitor and report on cyber risk.

Our Governance, Risk and Compliance services provide organisations with guidance on achieving, assessing and delivering compliance programmes against regulatory frameworks, data protection regulations and other security control frameworks while also ensuring their overall security posture is significantly improved.

These include:

• Regulators: National Bank of Belgium (NBB), France Cyber Security Agency (ANSSI), Saudi Arabia Monetary Authority (SAMA), National Cyber Security Agency (NCA, Saudi Arabia)
• Regulatory frameworks: PCI DSS, SWIFT CSCF, SAMA CSF, CPS 234 (Australia), FISR (France)
• Financial Services Regulations: Central Securities Depositories Regulation (CSDR), Digital Operational Resilience Act (DORA)
• Information Security Management System (ISMS): ISO 27001
• Security Control Frameworks (NIST SP 800-53, NIST Cyber Security Framework), CIS 18/20
• Privacy and Data Protection (UK DPA, UK GDPR, EU GDPR)
• Security Policies & Standards
• Cyber Risk Metrics
• Cyber Risk Management (ISO 27005, NIST 800-30, 800-37, 800-39)
• Security Compliance
• Managing regulatory relationships
• 3rd-Party Cyber Risk Management