Advisory and Assurance Services
April 2026 onwards
My Value Offerings
Helping you navigate governance, risk, and compliance with clarity.
Governance
Establish resilient governance across 3 lines of defence based on the globally accepted principles and frameworks.
Establish a Risk Management Program based on the globally accepted principles and frameworks.
A Program to ensure compliance with the requirements of the legal and regulatory frameworks.
Risk Management
Compliance
Implementation of the Data Protection Laws and Regulations
Developed an Integrated Data Privacy Program in accordance with the GDPR and Personal Data Protection Laws and Regulations of KSA, UAE (including ADGM and DIFC), Oman, Jordan, and Lebanon.
To develop the Privacy Framework to support this Privacy Prgoram, I had used a blend of ISO standards such as ISO/IEC 27701:2025, ISO/IEC 29100:2024; and the globally accepted framework NIST Privacy Framework.
Privacy
Implementation of the Personal Information Management System (PIMS) based on ISO 27701:2025 and Data Protection Laws and Regulations.
Implemented Personal Information Management System (PIMS) based on the Oman Personal Data Protection Law, its Executive Regulation, and ISO/IEC 27701:2025.
PIMS
Implementation of the Security Governance based on ISO 27001, NIST, CIS, OWASP, SOX, SSAE 18, ISAE 3402, and ITGC (IT General Controls).
Implemented the information security management system in accordance with the UAE Information Assurance (IA) Standard.
Security
Build GRC Strategy and ensure Security-by-Design (SbD) and
Privacy-by-Design (PbD) in Digital Transformation.
Ensure Security-by-Design and Privacy-by-Design in all Digital Transformation and Technological Innovations.
Digital
Transformation
Independent Assurance Services
for Top Management
Direct engagement by and reporting to the C-Suite.
Implementation of the
Data Protection Laws and Regulations
Helping you in building a robust and resilient Governance, Risk Management, and Compliance Program using globally accepted best practices, principles, and frameworks.
Developed an integrated Data Privacy Program aligned with NIST Privacy Framework, ISO/IEC 29100:2024 Privacy Framework, and the Data Protection Laws and Regulations of the following countries and Jurisdictions:
Personal Information Management System (ISO 27701:2025)
Implemented Personal Information Management System (PIMS) based on the Oman Personal Data Protection Law, its Executive Regulation, and ISO/IEC 27701:2025.
KSA Personal Data Protection Law 2021
(Amended 2023)
Developed an integrated Data Privacy Program around KSA Personal Data Protection Law and Regulations based on SDAIA and NDGP Knowledge Center, NIST Privacy Framework, and ISO/IEC 29100:2024 – Privacy Framework.
Issued pursuant to Royal Decree No. (M/19) dated 09/02/1443 AH corresponding to 16/09/2021 G
Amended pursuant to Royal Decree No. (M/148) dated 05/09/1444 AH corresponding to 27/03/2023 G
UAE Personal Data Protection Law 2021
Developed an integrated Data Privacy Program around UAE Personal Data Protection Law based on NIST Privacy Framework, and ISO/IEC 29100:2024 – Privacy Framework
Federal Decree by Law No. (45) of 2021 Concerning the Protection of Personal Data
Oman Personal Data Protection Law 2022
Developed an integrated Data Privacy Program around Oman Personal Data Protection Law and its Executive Regulation based on NIST Privacy Framework, and ISO/IEC 29100:2024 – Privacy Framework.
Developed Privacy Information Management System (PIMS) based on ISO/IEC 27701:2025.
Royal Decree 6/2022 Promulgating the Personal Data Protection Law
Executive Regulation of the Personal Data Protection Law (Ministerial Decision No. 2024/34)
ADGM Data Protection Regulation 2021
Developed an integrated Data Privacy Program around ADGM Data Protection Regulations 2021 based on NIST Privacy Framework, and ISO/IEC 29100:2024 – Privacy Framework.
ADGM Data Protection Regulation 2021
DIFC Data Protection Law
Developed an integrated Data Privacy Program around DIFC Data Protection Law DIFC Law No. 5 of 2020 and Data Protection Regulations 2023 based on NIST Privacy Framework, and ISO/IEC 29100:2024 – Privacy Framework
DIFC Law No. 5 of 2020 - DIFC Amendment Law DIFC Law No. 1 of 2025
Information Security Management System (ISMS)
Helping you navigate governance, risk, and compliance with clarity.
Personal Information Management System (PIMS)
Helping you navigate governance, risk, and compliance with clarity.
IT Service Management
(ITSM)
Helping you navigate governance, risk, and compliance with clarity.
Business Continuity Management System
(BCMS)
Helping you navigate governance, risk, and compliance with clarity.
Artificial Intelligence Management System
(AIMS)
Helping you navigate governance, risk, and compliance with clarity.
Enterprise Risk Management
Helping you navigate governance, risk, and compliance with clarity.
Risk Management
Helping you navigate governance, risk, and compliance with clarity.
Sections below are Under Construction
Risk Assessment
Identifying and analyzing risks to protect your business.
Compliance
Ensuring your processes meet regulatory standards.
Crafting clear policies tailored to your organization's needs.
Policy Development
Establish Resilient Governance (COSO, COBIT)
Establish KPI based Governance Framework
Governance-as-a-Service
IT Governance (ITSMF, ISO 20000)
Security Governance (NIST, CIS, ISO 27001)
Privacy Governance (NIST, CIS, ISO 27701)
AI Governance (NIST CSF, ISO 42001)
Policy Development
Policy Objectives,
Define KPIs and SLAs
Define Roles and Responsibilities (R&R)
FISMA, UAE IAS, SAMA
ISMS, PISM, ITSM, BCMS, AIMS
Bahrain
Helping you in building a robust and resilient Governance, Risk Management, and Compliance Program using globally accepted best practices, principles, and frameworks.
Kuwait
Helping you in building a robust and resilient Governance, Risk Management, and Compliance Program using globally accepted best practices, principles, and frameworks.
Qatar
Helping you in building a robust and resilient Governance, Risk Management, and Compliance Program using globally accepted best practices, principles, and frameworks.
Technology Risk Management
Data Privacy Risk Management
Data Privacy Assessments – PTA, LIA, PIA, HRPA, DPIA, TIA.
Business Continuity
Disaster Recovery Planning
Risk Controls Self-Assessments (RCSA)
Peer Review
ISO 31000, ISO 27005, COSO, and COBIT.
Data Protection Law and Regulation
Data Privacy Regulatory Compliance
SOX, SSAE 18, ISAE 3402
ISMS
PIMS
BCMS
ITSM
AIMS
UAE IAR /IAS
Internal Audits,
Gap Assessment,
Readiness Review
Maturity Assessments
Cyber Security Readiness Review
ISO Audit Readiness Review
Regulatory Audit Readiness Review
Projects
A snapshot of my GRC work and achievements
Risk Audit
Comprehensive evaluation of organizational risks
Policy Design
Crafting tailored governance policies
Experience Matters
Over a decade navigating the complexities of governance, risk, and compliance, turning challenges into clear strategies.
Roles
Risk Analyst
Crafted risk assessments that shaped smarter business decisions.
Compliance Lead
Experience. With our intuitive design and user-friendly interface, your website will captivate visitors. 2