Guide for Starting a Risk & Compliance Consulting Business

Hi all,

Whenever I go to local cybersecurity meetups I notice that a lot of folks are Risk & Compliance consultants practicing by themselves without a company where they're employed.

I was wondering if those of you folks with experience as consultants know if their is an existing guide (or something close) for those who wish to become independent Information Security Risk & Compliance consultants. By independent consultant I mean someone who acquires small/medium business clients on their own, then performs the Risk & Compliance work for a profit.

By a Guide, I mean some type of procedure-based book, video, or website that shows the would-be consultant a step-by-step, or methodical approach for things such as doing risk/compliance assessments for this category of client, or that category of client. The guide is not necessarily for preparing for certifications but strictly for executing the business side of risk/compliance.

Thanks you all in advance for all your comments, tips, etc.

Find more posts tagged with

risk and compliance business

guide

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

NetworkNewb

https://www.sans.org/webcasts/successful-infosec-consulting-101-111885?utm_medium=teddemop

egrizzly

NetworkNewb said:

https://www.sans.org/webcasts/successful-infosec-consulting-101-111885?utm_medium=teddemop

Thanks for sharing this NNewB