GRC Implementation Services

  • ISO Implementation

ISO 27001 is the international standard for Information Security Management Systems 

ITB Provide the Service of ISO Implementation following our methodology

1. Gap Analysis & Scope
2. Information Risk Management
3. Polices & Procedures Development
4. ISMS Requirement Development
5. Internal Audit
6. External Audit (Certification)

  • Risk Assessment & Management

ITB provide the services of information risk assessment and mitigation within an industry proven framework such as ISO27005 that will help to answer key questions and introduce information security as a complete Enterprise Risk Management

Our provided service includes:

  1. Critical Assets Register
  2. Risk Management Methodology
  3. Risk Assessment Report
  4. Risk Mitigation Plan
  • ITIL Implementation
ITIL is a framework of best practices for delivering IT services, by Applying ITIL we help our customers to have systematic approach to IT service management which help businesses manage risk, strengthen customer relations, establish cost-effective practices, and build a stable IT environment that allows for growth, scale and change.

Our Methodology:

  • Assessment

Information Gathering
Best Practice Framework
Gap Analysis
Instructions, Roles and Responsibilities
RACI Matrix Analysis

  • Awareness

Designing & Planning
Continuous messages

  • Assimilation
  • Plan the implementation process
  • Identify senior stakeholders and process owner
  • Start on the core processes and Service Desk
  • Continue with the rest of the processes

  • Business Continuity
    Business continuity is the ability to maintain essential functions during, as well as after, a disaster

ITB Provides BC by understanding the client's business and its Mission Critical Activities and their dependencies.

Our Methodology:

  • Conducting Business Impact Analysis
  • Building Business Continuity Plan
  • SAMA Cyber Security Framework Implementation

SAMA CSFW is a Framework  regulated by SAMA to enable Financial Institution to effectively identify and address risks related to cyber security. To maintain the protection of information assets and online services, the Member Organizations must adopt the Framework

ITB provides this service using a methodology to guarantee achieving the following:  

  • Create a common approach for addressing cyber security within the Member Organizations.
  • Achieve an appropriate maturity level of cyber security controls within the Member Organizations.
  • ensure cyber security risks are properly managed throughout the Member Organizations