Risk & Resiliency
Our risk and security experts evaluate your environment and your controls to ensure your data, processes and people are protected from malicious activities. We partner with the business and IT to ensure the most critical controls are in place and operating effectively. We help to build and ensure governance processes are in place to ensure effective controls are in place to protect the business while ensuring it can continue to deliver results.
AREAS OF RISK EXPERTISE
We strive to understand your business current state, desired future state and overall goals. We create an actionable plan with measurable outcomes, and leverage a cross functional team to collaborate and coach clients through execution.
Business Continuity Planning (BCP)
We can assist you develop the key components of a Business Continuity Plan (BCP). These four areas are essential to ensure that an organization can continue its critical functions during and after a disaster or disruptive event.
- Business Impact Analysis (BIA)
We identify the essential business functions and the impact of a disruption on these functions - Security Audits & Risk Assessments
We conduct IT Security Audits and/or Risk Assessments based on national or state best practices to determine the effectiveness of the current control environment. - Incident Response & Disaster Recovery Development & Testing
We help to develop IR/DR plans for organizations as well as test the effectiveness of their current plans to determine the potential risk of loss during a catastrophic event. We can perform tabletop exercises to help inform and practice mitigation strategies. - Policy & Procedure Development & Documentation
We leverage national and state best practices to ensure the appropriate policies and procedures are in place to govern the organizations.
Fractional CISO and Security Staffing Support
We offer staff to bolster security teams, or work in the role of the Chief Information Security Officer on a part time basis.
3rd Party Risk Management Assessments
We conduct a third-party risk assessments which are crucial for ensuring that your organization is protected from potential risks associated with external vendors or service providers.
HIPAA Assessments
HIPAA (Health Insurance Portability and Accountability Act) We assess compliance and adherence to rules and regulations designed to protect the privacy and security of patients' health information.
Service Organizational Control 2 Readiness
We perform SOC2 audits using a framework for managing and protecting customer data based on five "trust service principles": security, availability, processing integrity, confidentiality, and privacy.
Penetration Testing
Offered through trusted partners.
- Broad IT Subject Matter Experts
- General IT Audit Experience
- Business Continuity Planning
- Disaster Recovery
- Information Security Governance
- General IT Audit Experience
- Information Security Compliance
- GAO Yellow Book Government Auditing Standards