Governance, Risk & Compliance
What is GRC?
Governance, Risk & Compliance all require ongoing attention. Legal requirements, business continuity, decisions on optimising capital and operational expenditure, internal and external audits are all drivers of GRC. CommSec’s deep understanding of Regulations and Standards and our approach to ensuring the necessary processes, documentation and reviews are in place positions us as your partner of choice to achieve your GRC goals.
CommSec offer a broad range of services in relation to Data Protection. Many of our customers start with a comprehensive Data Protection Impact Assessment, conducted by one of our highly experienced Data Protection Consultants. The written report that follows provides a framework for continuously improving your Data Protection posture, including compliance with the General Data Protection Regulation (GDPR). We also offer Training, including classroom and software options. Our classroom training empowers management and assigned Data Champions to communicate effectively and accurately with their teams. Software training solutions ensure that awareness is measured, employees working shifts or remotely are included, improvement metrics are reported and new hires are not missed. Our DPO-as-a-Service offering is proving popular with customers who require a Data Protection Officer and where this is not a full-time role. Clients benefit from experienced, objective professionals who are skilled at board-level communication and have a track record of implementing effective Data Protection processes and practices, as well as associated documentation and audits. Finally, we offer the services of our Data Protection Consultants to provide support to the newly-appointed or under-resourced Data Protection Officer in many organisations.
Working with certified ISO 27001 Lead Auditors, you can be assured that you are continuously supported on achieving your goal of ISO 27001 certification. Our phased approach includes Gap Analysis, Risk Assessment (including Risk Assessment Reports and Risk Treatment Plans), Alignment of Information Security Management System (ISMS) with ISO 27001 requirements, Implementation and Pre-certification Audit. Documentation addresses the Statement of Applicability, Organisation Overview, Information Security Policy, Business Continuity Management, Internal Audit Reports, Document Control Procedure, Corrective and Preventive Action Procedures and Internal Audit Procedure. Our ISO 27001 clients have enjoyed a 100% success record in achieving certification by engaging with CommSec.
Security Services for Retail – PCI DSS Compliance
- Protect your customers’ personal data
- Protect your business from financial losses.
- Protect your company’s brand and reputation.
B109, The Linc,Blanchardstown Institute of Technology, Dublin
+353 1 536 7320