<security audit>

For my personal cybersecurity portfolio, I conducted a comprehensive controls and compliance assessment case study for Botium Toys. This exercise demonstrated my ability to evaluate an organization's security posture across various control categories, including administrative, technical, and physical controls. I also assessed compliance with key industry standards such as PCI DSS, GDPR, and SOC. Through this process, I identified critical gaps in the company's cybersecurity measures, including the lack of disaster recovery plans, essential technical controls, and proper data management practices.

Based on my findings, I developed a set of prioritised recommendations to address the identified vulnerabilities. These recommendations encompassed implementing administrative controls like data recovery plans and the principle of least privilege, deploying technical controls such as intrusion detection systems and encryption, and maintaining physical security measures. This case study showcases my skills in risk assessment, compliance evaluation, and strategic security planning, highlighting my ability to provide actionable insights that align security measures with business objectives. It underscores my capacity to contribute meaningfully to an organization's cybersecurity posture, demonstrating my readiness to tackle real-world information security challenges.