u/Fabulous-Art8963

I currently work at a top MNC as a GRC Engineer and recently cleared the ISO 27001 Lead Auditor exam.

I want to start freelancing in ISO 27001 consulting, but honestly not sure how people get their first real projects/clients in this space.

I understand the theory, controls, audits, documentation, etc. from my current role, but I’m looking to get actual hands-on consulting exposure — client interactions, implementation experience, audit prep, all that stuff.

If anyone here is already consulting independently:

* How did you start?
* Where do clients usually come from?
* Any advice for transitioning from corporate GRC into freelance consulting?

Also, if someone is open to letting me work alongside them on projects, I’d genuinely be happy to work for a small share just to learn the process properly and gain experience.

Would appreciate any guidance/tips from people already doing this.

I currently work at a top MNC as a GRC Engineer and recently cleared the ISO 27001 Lead Auditor exam.

I want to start freelancing in ISO 27001 consulting, but honestly not sure how people get their first real projects/clients in this space.

I understand the theory, controls, audits, documentation, etc. from my current role, but I’m looking to get actual hands-on consulting exposure — client interactions, implementation experience, audit prep, all that stuff.

If anyone here is already consulting independently:

• How did you start?
• Where do clients usually come from?
• Any advice for transitioning from corporate GRC into freelance consulting?

Also, if someone is open to letting me work alongside them on projects, I’d genuinely be happy to work for a small share just to learn the process properly and gain experience.

Would appreciate any guidance/tips from people already doing this.