GRC Consultant for ISO 27001 Policy Development and Compliance

We are a growing organization seeking an experienced Governance, Risk, and Compliance (GRC) consultant to develop ISO 27001-compliant policies and support our compliance journey. This is a short-term project focused on creating tailored security policies and providing guidance to align our operations with ISO 27001 standards. Project Scope: ●Develop a set of ISO 27001-compliant policies, including but not limited to: ○Information Security Policy ○Access Control Policy ○Incident Response Plan ○Risk Management Policy ●Conduct a gap analysis to identify areas of non-compliance with ISO 27001. ●Provide a concise report with actionable recommendations for achieving compliance. ●Offer brief consultation (via video calls or written communication) to clarify policy implementation steps. Deliverables: ●A comprehensive set of ISO 27001 policies (in editable Word or PDF format). ●Gap analysis report highlighting compliance gaps and prioritized remediation steps. ●One or two 30-minute consultation sessions to discuss policy implementation and answer questions. Project Duration: ●3-4 weeks from project start. Budget: ●Fixed price: $100 USD. Requirements: ●Proven experience in GRC and ISO 27001 implementation (please provide examples of past ISO 27001 projects or deliverables). ●Familiarity with ISO 27001 Annex A controls and policy development. ●Strong understanding of risk assessments and compliance frameworks (e.g., NIST, PCI-DSS). ●Excellent communication skills and ability to deliver clear, professional documentation. ●Preferred certifications: ISO 27001 Lead Auditor, CISM, CISSP, or equivalent. Nice-to-Have: ●Experience working with small to medium-sized businesses. ●Knowledge of additional compliance frameworks (e.g., GDPR, SOC 2). : Please submit a brief proposal outlining: ● Your experience with ISO 27001 policy development. ●A sample or description of similar work (anonymized if necessary). ● Your approach to completing this project within the 3-4 week timeline. ●Confirmation of availability for consultation sessions. We look forward to collaborating with a skilled GRC professional to strengthen our security posture and achieve ISO 27001 compliance. to discuss how you can help us succeed! Apply tot his job Apply tot his job Apply tot his job Apply tot his job Apply tot his job