Produce a timeline and delegate tasks (compliance automation software could make this activity a lot less time consuming) Create firewalls and router requirements, which set guidelines for letting and denying entry to your systems. Firewall configurations needs to be reviewed bi-each year to ensure there won't be any faulty entry https://www.nathanlabsadvisory.com/blog/nathan/vapt-solutions-in-uae-enhancing-cybersecurity-and-resilience-for-businesses/