call
search

Governance, Risk
And Compliance
Consulting
(GRC)

Regulation is becoming one of the central axes affecting the cybersecurity market. At Citadel, we offer a variety of consulting services to ensure compliance with various regulations. We guide the organization through the process until they achieve compliance with regulation, and continue providing support to minimize security gaps and to maintain full compliance. Our GRC division is divided into three teams: the Regulatory Compliance & Auditing team, the Risk Management Team, and the Supply Chain Team.

The GRC division is divided into three teams:

Regulatory Compliance & Auditing Team

Our regulatory compliance service deals with the ongoing monitoring of new laws, standards, and regulations relating to cybersecurity. This facet of our service includes mapping various organizations' existing gaps, updating and building organizations' methodologies and certifications for local and international standards and regulations, advising and consulting with organizations to implement standards and regulations, preparing work plans, implementing controls, and more. We combine our professional experience with leading law firms to overcome a variety of compliance challenges.

Risk Management Team

As part of our portfolio of risk management solutions, we offer tailor-made risk management and assessment solutions for organizations, the mapping of assets and business processes, risk assessment for systems, methods and evaluation of organizational cyber risks, the identification of cyber scenarios, preparing a business continuity plan, and more.

Supply Chain Team

Third-party business partners and suppliers have become a significant risk factor and an attractive entry point for hackers. As part of our services, we offer to update and build supply chain methodologies, map critical suppliers, perform supplier surveys according to vendor type, combine technical tests, examine contract agreements, develop monitoring and control tools, clean desk surveys, and more. We also provide dedicated policies and procedures for working with suppliers.

We Are ISO 27001 Certified

ISO 27001 is an internationally recognized standard for best practices in information security management system (ISMS). After passing the audit, conducted by the Israeli institute of standards, Citadel has been certified as adhering to this framework and its' policies. This certification gives us valuable advantage and key insights into the process of gaining accreditation, that will better help us guide you through yours.

BCP (Business Continuity Plan)

The purpose of a BCP (Business Continuity Plan) is to prepare for, provide and maintain controls and capabilities for managing an organization’s overall ability to continue to operate during disruptions.
Our GRC services include escorting organizations within this process, by integrating the IT and the cyber security department, with the business processes and units.  
Among our services:

  • Establishing BCP, Resilience and recovery methodology (according to an international standards such as: ISO 22301:2019 and ISO/IEC 27031:2011)
  • Threat and risk analysis
  • BIA (Business Impact Analysis)
  • Gap analysis
  • Solution design
  • Writing policy and procedures
  • Implementation and testing



We support a variety of regulations relating to cybersecurity such as:
GDPR, ISO27XXX series, local and international privacy laws, SOX, and many more.

01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Ariel-university

Design & UX by K2 Design

Copyright@ 2022 Citadel All rights reserved | Privacy Policy | Accessibility Statement

Copyright@ 2022 Citadel All rights reserved | Privacy Policy | Accessibility Statement

Design & UX by K2 Design