Strengthening Internal Control. Protecting Sensitive Data. Demonstrating Compliance.
VisibleGRC was founded on a clear principle:
Data Protection safeguards compliance and demonstrates trust.
In today’s regulatory environment, organisations must do more than publish policies. They must demonstrate structured internal controls, measurable risk management, and ongoing regulatory alignment.
VisibleGRC enhances your Cyber GRC Capability — the internal governance, risk management, and compliance framework that protects organisational and personal sensitive data.
We support:
EU-regulated organisations requiring GDPR-aligned control structures
Foreign companies operating in Israel
Israeli organisations requiring professional English policies and international-grade regulatory alignment
Founder & CEO
Background
Originally from Port Elizabeth, South Africa, Joss Bernstein began his professional career in finance after graduating from the University of Cape Town (UCT). He worked within some of Africa’s leading banking institutions before pivoting into the Data Protection and Compliance arena — where governance, risk, and structured internal control became his professional focus.
In 2010, Joss made Aliyah to Israel with his family and has since built nearly two decades of experience across Israeli and EU corporate environments.
Experience
With over 30 years of professional experience, Joss has held senior-level roles within multiple organisations, where he developed and strengthened internal control frameworks, regulatory alignment strategies, and governance structures.
Through this experience, he recognised a recurring challenge:
Many organisations require senior Cyber GRC expertise — but do not need or cannot justify a full-time in-house hire.
VisibleGRC was founded to address this gap.
Expertise
Under Joss’s leadership, VisibleGRC delivers English-language, EU-aligned advisory services through multidisciplinary professional teams specialising in:
Governance and Internal Controls
Information Security & Privacy Frameworks
Regulatory Compliance Monitoring
Risk Assessment & Gap Analysis
Supply Chain & Third-Party Risk Management
Beyond his professional work, Joss is an avid sports lover and former rugby and cricket player.
Beyond his professional work, Joss is an avid sports lover and former rugby and cricket player.
Our advisory services include:
Information Security & Privacy Framework Compliance Monitoring (CIS, NIST CSF, SOC2, PCI-DSS, ISO27001, GDPR, CCPA, HIPAA)
Org-Level Policies & Procedures Compliance Monitoring.
Role-Based Responsibility & Controls Awareness Programmes