Browse categories
Explore
Fiverr Pro
English
$
USD
I will be your grc analyst for iso 27001 compliance
About this Gig
Struggling to get audit-ready, write security policies, or close compliance gaps before your next vendor review? You're in the right place.
I'm a Governance, Risk, and Compliance (GRC) specialist who helps startups, SaaS companies, and small-to-mid-size businesses build the documentation, controls, and evidence they need to pass audits and win enterprise deals without the Big 4 price tag.
What I can do for you
- Security policies & procedures written in plain English and mapped to the framework you actually need (Information Security Policy, Acceptable Use, Access Control, Incident Response, BCP/DR, Vendor Management, and more)
- Risk assessments using NIST 800-30, ISO 27005, or a lightweight qualitative method delivered as a populated risk register, not a blank template
- Audit readiness & gap assessments for SOC 2 (Type I and Type II), ISO 27001:2022, HIPAA, PCI DSS, NIST CSF 2.0, and NIST 800-171 / CMMC
- Control mapping & evidence collection so you walk into your audit knowing exactly what your auditor will ask for
- Vendor & third-party risk reviews questionnaire responses (CAIQ, SIG Lite), vendor risk tiering, and due diligence write-ups
My Portfolio
FAQ
Are you a certified auditor?
I do GRC consulting and audit preparation work — I'm not a CPA firm and I don't issue SOC 2 reports or ISO 27001 certificates. I get you ready for the auditor who will.
What frameworks do you cover?
SOC 2 (TSC 2017), ISO 27001:2022, ISO 27002:2022, HIPAA Security Rule, PCI DSS 4.0, NIST CSF 2.0, NIST 800-53, NIST 800-171, CMMC 2.0, GDPR (security articles), and CIS Controls v8.
Can you use our existing templates?
Yes — I can work from your templates, your auditor's templates, or start from scratch.
Will you sign an NDA?
Always. Send yours before we kick off, or I'll provide a mutual NDA
Do you offer ongoing support?
Yes — many clients move to a monthly retainer after the initial engagement. Message me to discuss.
