ISO 27001:2022 Compliance, Governance, and Lead Auditor Certification
Role: Documentation Manager, Compliance Specialist
Overview:
I played a crucial role in an ISO 27001:2022 compliance project as a Documentation Manager and Compliance Specialist, where governance principles were integral to our efforts. This project focused on aligning our organization with the ISO 27001:2022 standard for information security management systems (ISMS) while emphasizing strong governance practices. I contributed to developing governance frameworks, policies, and procedures to ensure effective oversight and control of information security risks.
Key Contributions:
Governance Frameworks: Collaborated in designing and implementing governance frameworks aligned with ISO 27001:2022 requirements, ensuring clear roles, responsibilities, and accountability.
Policy Development: Contributed to the development of information security policies and procedures, including governance-related policies, to guide decision-making and ensure regulatory compliance.
Risk Management: Played a role in establishing risk management processes within the governance framework, including risk assessment, treatment, and monitoring, to mitigate information security risks effectively.
Compliance Audits: Prepared the organization for compliance audits related to ISO 27001:2022, focusing on governance aspects such as controls effectiveness, risk management, and governance oversight.
Lead Auditor Certification: Successfully completed the exam to become a certified lead auditor for ISO 27001:2022, demonstrating expertise in auditing governance practices within information security management systems.
Through these initiatives, I contributed to strengthening our organization's governance practices, enhancing information security governance frameworks, and ensuring alignment with ISO 27001:2022 requirements for effective governance of information security risks.
--------------
ISO 9001:2015
Documentation and Compliance Enhancement
Associated with Kuwait Direct Investment Promotion Authority
Role: Documentation Manager, Compliance Specialist
Overview:
This project involved the creation and refinement of essential manuals, guides, ISO 9001:2015 compliance, Disaster Recovery and Business Continuity plans, risk logs, records, forms, maintenance procedures, SLAs, instructional videos, policies, support guidelines, and permission guides to ensure KDIPA's operational excellence and regulatory adherence.
* Key Contributions:
- Manuals and Guides: Crafted user-friendly materials for efficient system usage and processes.
- ISO Compliance: Developed procedures and protocols to align KDIPA with ISO standards.
- Disaster Recovery & Business Continuity: Formulated plans for operational resilience during unforeseen events.
- Risk Log and Records: Established a system to identify and mitigate potential risks.
- Instructional Videos: Created videos simplifying complex systems and processes.
- Policy Development: Contributed to policy formulation in line with regulations and goals.
- Support Frameworks: Designed support policies and SLAs for enhanced customer service.
- Permissions Guides: Developed clear access control guides for data security.