Governance, Risk & Compliance (GRC)
Aligning an enterprise to comply with regulations, policies, industry practises, and contractual requirements.
- Technical audit for PCI, FFIEC for Banking, Financial Services and Insurance (BFSI)
- OSFI (B10, B13, etc.)
- protection of crown jewel data
- Security policy, standard, creation and reviews
- Privacy controls, Personal Information Protection and Electronic Documents Act (PIPEDA), Gramm-Leach-Bliley Act (GLBA), SoX 404, General Data Protection Regulation (GDPR)
- Vendor management
- Data classification and discovery
- Security architecture governance