Contact person: Comprehensive Website Compliance Audit

Phone:Show

Email:Show

Location: Jaipur, India

Budget: Recommended by industry experts

Time to start: As soon as possible

Project description:
"My production website requires a full-scope security audit focused on proving compliance with the following standards:

• GDPR
• PCI DSS
• ISO 27001

The engagement covers technical testing (penetration tests, vulnerability scans, code and configuration reviews) as well as a documentation deep-dive to confirm data handling practices, logging, encryption, and incident-response procedures meet each framework’s specific clauses.

Deliverables I need:
1. A consolidated audit report mapping every finding to the exact clause in GDPR, PCI DSS, or ISO 27001 it affects.
2. A clear gap-analysis matrix with severity ratings and recommended fixes.
3. A remediation roadmap that prioritises quick wins, medium-term hardening, and long-term architectural changes.
4. Attestation documents or evidence packs suitable for external assessors.

Tool choice is flexible—Burp Suite, OWASP ZAP, Nessus, Nmap, manual code review, and policy analysis are all acceptable if justified in your methodology.

Submit a detailed project proposal outlining: scope you will cover, testing methods, sample deliverables, estimated duration, and any post-audit support you include. Proposals that tie activities directly to the three standards above will stand out.

Only freelancers or teams with demonstrable experience taking a site from “in review” to certified compliance should apply." (client-provided description)