Technology Standards and Frameworks

Governance, risk management and compliance [GRC] speaks to the need of an organisation to have a formal and integrated collection of capabilities that enable it to reliably achieve objectives, address uncertainty and act with integrity. TechRealm Solutions operates within the IT GRC Standards and Framework management segment. This allows us to leverage our technical expertise in the following areas:

  • IT GRC program strategy and development
  • IT GRC program implementation and management
  • Technology Auditing and Assessments

With our extensive and practical knowledge in the African environment, we are in the adoption frontline of most widely acclaimed IT GRC Standards and Frameworks such as:

ISO Standards:

  • ISO/IEC 27001 – Information Security Management Systems [ISMS]
  • ISO/IEC 27032 – Cybersecurity Guidelines
  • ISO/IEC 20000 – IT Service Management Systems [ITSM]
  • ISO/IEC 22301 – Business Continuity Management Systems [BCMS]
  • ISO/IEC 31000 – Risk Management
  • ISO/IEC 38500 – IT Governance
  • ISO/IEC 29100 – Privacy Framework
  • ISO/IEC 14001 – Environmental Management Systems
  • ISO/IEC 9001 – Quality Management Systems [QMS]
  • ISO/IEC 21500 – Project Management

Frameworks/Guidelines:

  • COBIT – Control Objective for IT and Related Technologies
  • IT Service CMM – IT Service Capability Maturity Model
  • IT Balanced Scorecard
  • M_o_R® – Management of Risk
  • ITIL® – The IT Infrastructure Library®
  • PRINCE2® – Projects in Controlled Environments
  • PMBOK® – Project Management Body of Knowledge®

An Information Technology Assessment is the review and evaluation of an organization’s information technology infrastructure, policies and operations. With an IT Assessment, we’ll assess your company’s business maturity, processes and opportunities for based on agreed criteria and the result is often used for internal consumption.

Information technology Audits determine whether IT controls protect corporate assets, ensure data integrity and are aligned with the business’s overall goals. Our certified auditors examine not only physical security controls, but also overall business and financial controls that involve information technology systems.