Virtual CISO and DPO
Virtual CISO and DPO services offer and outsourced
alternative to insourcing and provides experienced consultants who understand
security and privacy issues, translate risks into appropriate measures and
ensure these are maintained and represented at board level.
The Virtual CISO and DPOs service is a flexible service that
is available from a small number of days each month to full time embedded teams
who define strategy, support everyday security operations (SecOps), measure,
analyse, evaluate and lead and govern security and privacy functions.
What can the virtual CISO or DPO do:
- Form and implement security and privacy strategy
- Review and develop policy and procedures
- Progress security and privacy projects
- Review or gather inputs for security and privacy hygiene indicators
- Conduct assessments of risk, vulnerabilities, threat and planned changes
- Ready the organisation to respond to incidents
- Develop awareness of security and privacy
- Measure internal security and privacy performance
- Assess and manage suppliers
- Respond to data subject and supervisory authority requests
- Conduct internal security and privacy audits
- Maintain security and privacy registers and audit evidence