Services

Governance, Risk and
Compliance

Governance, Risk and Compliance

Governance, Risk and Compliance (GRC) services provide effective strategies to the organizations related to corporate governance, risk management and compliance with national and international regulations.

As DuneMount, we offer tailored solutions to help organizations with focusing on establishing governance structures, risk and compliance assessments, analysis and audits.

Governance, Risk and Compliance (GRC) services provide effective strategies to the organizations related to corporate governance, risk management and compliance with national and international regulations.

As DuneMount, we offer tailored solutions to help organizations with focusing on establishing governance structures, risk and compliance assessments, analysis and audits.

Governance Services

DuneMount supports the organizations regarding development and improvement of the organization’s governance structures, policies and procedures that are aligned with corporate objectives.

ISO27001 and ISO22301 Compliance
We provide the following services to our clients regarding ISO27001 information security and ISO 22301 business continuity implementation processes.

  • Certification preparation process
  • Internal audit
  • Establishment of risk management structures
  • Preparation of necessary documents (business impact analysis, risk assessments, policies, etc.)
  • Certificate needs assessment

Information Security Strategy and Framework Development
As DuneMount, we offer appropriate strategy and framework design by evaluating the current information security understanding and needs of organizations. Some services in this field;

  • End-to-end information security strategy design and developing and/or updating of related documents
  • Information security strategy compliance audit
  • Designing the organization’s information security roadmap
Governance Services

Governance Services

DuneMount supports the organizations regarding development and improvement of the organization’s governance structures, policies and procedures that are aligned with corporate objectives.

ISO27001 and ISO22301 Compliance
We provide the following services to our clients regarding ISO27001 information security and ISO 22301 business continuity implementation processes.

  • Certification preparation process
  • Internal audit
  • Establishment of risk management structures
  • Preparation of necessary documents (business impact analysis, risk assessments, policies, etc.)
  • Certificate needs assessment

Information Security Strategy and Framework Development
As DuneMount, we offer appropriate strategy and framework design by evaluating the current information security understanding and needs of organizations. Some services in this field;

  • End-to-end information security strategy design and developing and/or updating of related documents
  • Information security strategy compliance audit
  • Designing the organization’s information security roadmap
Governance Services
Risk Management

Risk Management

In today’s world, the effects of globalization, digitalization and radical technological changes are essential for the continuation of organizations’ operations, however, they also bring fundamental challenges and risks. Therefore, it is important for organizations to be able to effectively measure and manage these risks.

As DuneMount, our main services we offer to our customers in risk management;

Enterprise Risk Management: As DuneMount, we aim to create a corporate risk culture and establish risk management processes by conducting a comprehensive risk assessment and analysis to identify potential risks that may affect your organization. Key features:

  • Establish and develop corporate risk management strategy
  • Establish risk management methodology
  • Mapping the risks within the organization as operational, strategic and financial risks
  • Determining the root causes of the risks identified by the organization and conducting root cause analyses
  • Identifying risk ownerships
  • Follow-up risk actions

Third-Party Risk Assessment: Third-party risk assessments are as vital as the enterprise risk management structure. DuneMount assesses your organization’s third-party risks and guides you to achieve sustainable success with an effective risk management strategy against them. Key features:

  • Establishing a third-party risk management model
  • Performing on-site and/or remote risk analyses for third parties and reporting to the organization
  • Establish a governance model to manage critical third-parties

Information Security Risk Analysis: As DuneMount, we aim to provide the best consulting services for the organizations to manage their information security risks with performing risk methodology, risk mapping and impact analysis and taking necessary measures. Key features:

  • Developing information security risk methodology and related documents
  • Identification of information security risks, determination of ownership and creation of action plans
  • Developing end-to-end information security risk monitoring processes

Risk Management

In today’s world, the effects of globalization, digitalization and radical technological changes are essential for the continuation of organizations’ operations, however, they also bring fundamental challenges and risks. Therefore, it is important for organizations to be able to effectively measure and manage these risks.

As DuneMount, our main services we offer to our customers in risk management;

Enterprise Risk Management: As DuneMount, we aim to create a corporate risk culture and establish risk management processes by conducting a comprehensive risk assessment and analysis to identify potential risks that may affect your organization. Key features:

  • Establish and develop corporate risk management strategy
  • Establish risk management methodology
  • Mapping the risks within the organization as operational, strategic and financial risks
  • Determining the root causes of the risks identified by the organization and conducting root cause analyses
  • Identifying risk ownerships
  • Follow-up risk actions

Third-Party Risk Assessment: Third-party risk assessments are as vital as the enterprise risk management structure. DuneMount assesses your organization’s third-party risks and guides you to achieve sustainable success with an effective risk management strategy against them. Key features:

  • Establishing a third-party risk management model
  • Performing on-site and/or remote risk analyses for third parties and reporting to the organization
  • Establish a governance model to manage critical third-parties

Information Security Risk Analysis: As DuneMount, we aim to provide the best consulting services for the organizations to manage their information security risks with performing risk methodology, risk mapping and impact analysis and taking necessary measures. Key features:

  • Developing information security risk methodology and related documents
  • Identification of information security risks, determination of ownership and creation of action plans
  • Developing end-to-end information security risk monitoring processes
Risk Management

Compliance Services

Our compliance services include industry-specific regulation assessments, establishing and/or developing compliance management systems and providing continuous support to ensure compliance with regulations and standards.

Key compliance services:

  • “Cumhurbaşkanlığı Dijital Dönüşüm Ofisi Bilgi ve İletişim Güvenliği Rehberi” assessment and audit
  • Energy Market Regulatory Authority (EPDK) – “Cyber Security Maturity Model in Energy Market” gap assessment
  • PCI-DSS compliance audit and consultancy
  • Swift security audit and consultancy
  • Digital Operational Resilience Act (“DORA”) compliance and gap assessment
  • Privacy (“GDPR” and “KVKK”) consultancy and audit
Compliance Services

Compliance Services

Our compliance services include industry-specific regulation assessments, establishing and/or developing compliance management systems and providing continuous support to ensure compliance with regulations and standards.

Key compliance services:

  • “Cumhurbaşkanlığı Dijital Dönüşüm Ofisi Bilgi ve İletişim Güvenliği Rehberi” assessment and audit
  • Energy Market Regulatory Authority (EPDK) – “Cyber Security Maturity Model in Energy Market” gap assessment
  • PCI-DSS compliance audit and consultancy
  • Swift security audit and consultancy
  • Digital Operational Resilience Act (“DORA”) compliance and gap assessment
  • Privacy (“GDPR” and “KVKK”) consultancy and audit
Compliance Services
Contact Us

We are just
a message away!

For information about our company and services, please fill out the form on the side to reach us.

Our consultants will get in touch with you as soon as possible.

Contact Form
Form EN
Contact Us

We are just a message away!

For information about our company and services, please fill out the form on the side to reach us. Our consultants will get in touch with you as soon as possible.

Contact Form
Form EN