Guide for Starting a Risk & Compliance Consulting Business

egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
Hi all,

Whenever I go to local cybersecurity meetups I notice that a lot of folks are Risk & Compliance consultants practicing by themselves without a company where they're employed.

I was wondering if those of you folks with experience as consultants know if their is an existing guide (or something close) for those who wish to become independent Information Security Risk & Compliance consultants. By independent consultant I mean someone who acquires small/medium business clients on their own, then performs the Risk & Compliance work for a profit.

By a Guide, I mean some type of procedure-based book, video, or website that shows the would-be consultant a step-by-step, or methodical approach for things such as doing risk/compliance assessments for this category of client, or that category of client.  The guide is not necessarily for preparing for certifications but strictly for executing the business side of risk/compliance.

Thanks you all in advance for all your comments, tips, etc. 

B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+


Sign In or Register to comment.