Skip to main content

Projects

Selected GRC Work

Explore the reports, registers, controls, and recommendations behind my portfolio.

Featured Case Study

A deeper look at applied governance

Governance

Governance Policy Development

A structured policy development engagement aligning security expectations with business objectives and recognized frameworks.

ISO 27001NIST CSFCIS Controls
Policy DevelopmentControl MappingTechnical Writing
View case study

Project Method

Consistent case study structure

Every project is organized around business context, objectives, methodology, deliverables, frameworks, skills, outcomes, and lessons learned. This makes the portfolio easier to evaluate and easier to extend.

ISO 27001NIST CSFCIS Controls

Case Study Library

Browse all projects

Internal Audit

Internal Cybersecurity Audit

An internal assessment that reviewed security controls, documented gaps, and produced a prioritized remediation roadmap.

NIST CSFCIS ControlsISO 27001
Internal AuditGap AnalysisRisk Reporting
View case study

Risk Management

Enterprise Risk Assessment

A risk assessment project documenting assets, threats, likelihood, impact, and treatment options for management review.

CIS RAMNIST CSFISO 27001
Risk AssessmentRisk RegisterBusiness Impact Analysis
View case study

Vendor Risk

Third-Party Risk Assessment

A vendor review workflow covering due diligence, control questions, risk scoring, and onboarding recommendations.

NIST CSFISO 27001CIS Controls
Vendor AssessmentQuestionnaire DesignRisk Scoring
View case study

Incident Response

Incident Response Program Plan

A response planning project defining roles, escalation paths, communications, and post-incident improvement activities.

NIST CSFCIS Controls
Incident PlanningCommunication PlanningTabletop Design
View case study

Awareness Training

Cybersecurity Awareness Program

A training and communications plan designed to improve employee security awareness through practical scenarios.

CIS ControlsNIST CSF
Awareness PlanningTraining DesignStakeholder Communication
View case study

Security Operations Support

Vulnerability Management Review

A governance-focused review of vulnerability intake, prioritization, remediation ownership, and reporting cadence.

CIS ControlsNIST CSF
Vulnerability ReviewRemediation TrackingRisk Prioritization
View case study

Framework Mapping

Cybersecurity Framework Mapping

A mapping exercise connecting control requirements across ISO 27001, NIST CSF, and CIS Controls.

ISO 27001NIST CSFCIS Controls
Framework MappingControl InterpretationDocumentation
View case study

Business Continuity

Business Continuity & Disaster Recovery Plan

A continuity planning project focused on critical processes, recovery priorities, roles, and resilience documentation.

ISO 27001NIST CSFBusiness Continuity
Business Impact AnalysisContinuity PlanningRecovery Prioritization
View case study

Want the concise version?

Download my CV or contact me directly after reviewing the project evidence.