Author – Cláudio Dodt – Information Security and GRC


Cláudio Dodt – Senior Information Security Professional, consultant, trainer, speaker and blogger. Ten plus years of experience working with Information Security, IT Service Management, IT Corporate Governance and Risk Management.

ITIL® V2 Service Manager;
ITIL® V3 Foundation;
ITIL® Expert;
Certified Information Systems Security Professional (CISSP®);
Certified Information Security Manager (CISM);
Certified Information Systems Auditor (CISA);
Certified in Risk and Information Systems Control (CRISC);
ISO 27001 Lead Auditor;
ISO/IEC 20000 Foundation;
Information Security Foundation (ISFS) based on ISO/IEC 27002;
Information Security Management Advanced based on ISO/IEC 27002;
CobiT 4 Foundation;
CobiT 5 Foundation;
EXIN Cloud Computing Foundation;
EXIN Certified Integrator Secure Cloud Services;
EXIN Accredited Trainer – (ITIL Foundation; ISO 20000 Foundation, ISFS, ISMAS, Cloud Foundation).

IT Geek, autonomous diver, unconditional love for books, movies and videogames.

Key projects:

DARYUS Strategic Risk Consulting (2012 – 2015)

Information Security and IT Governance Gap Analysis- HOSPITAL SANTA CATARINA/SP
Information Security Policy development – HOSPITAL SANTA CATARINA/SP
IT Governance Gap Analysis – Força Aérea Brasileira/RJ (Brazilian Air Force)
IT Governance Gap Analysis – FIPECq/DF
IT Governance Gap Analysis – SFIEC/CE
Business Continuity and Disaster Recovery implementation – Grupo Pão de Açúcar/SP
ISO 27001 certification project – ALOG DATACENTERS DO BRASIL/RJ-SP
Disaster Recovery Plan implementation – OI/RJ
Disaster Recovery Plan implementation – Racional Engenharia/SP
Information Classification policy implementation – VITARELLA/PE
Disaster Recovery Plan implementation – VITARELLA/PE
Information Classification policy implementation – MAGNESITA/MG
Corporate IT Governance implementation – FIPECq/DF
National Information Security Survey coordination – DARYUS/SP
Backup and Recovery processes review – Termaco Logística/CE

Morphus Segurança da Informação (2008 – 2012)

Project Manager – Information Security – TV Globo
Risk Analysis and Contingency planning implementation – MULTIDIA/RN
Information Security Policy development – MULTIDIA/RN
Information Security Policy development – Estaleiro Atlântico Sul/PE
Risk Analysis and Information Security Policy implementation – Universidade Nacional Potiguar/RN
Information Security Policy development – Universidade Nacional Potiguar/RN
Information Security Policy development – Moinho Dias Branco/CE
Information Security Policy development – SESC/CE
Information Security Awareness campaign- SESC/CE
Information Security Risk Analysis – Sangatti Berga/CE
Information Security Risk Analysis – DURAMETAL/CE
Information Security Risk Analysis – Santana Textiles/CE
Information Security Risk Analysis – Hotel HolidayInn Fortaleza/CE
Information Security Risk Analysis – VITARELLA/PE
Wi-Fi Vulnerability assessment – BANESECARD/SE
Wi-Fi Vulnerability assessment – Refrescos Guararapes/PE
Risk Assessment and Contingency Plan implementation – CIALNE/CE
Disaster Recovery Plan implementation – NUFARM/CE
Pentest – BANESE/SE
ISO 27001 certification project – BANESE/SE
Active Directory Security implementation – IBYTE/CE

Leave a Reply