Cyber Security

IT SOX Program:

  • Provide SOX testing program with testing templates
  • Perform SOX testing
  • Train resources in SOX testing

GRC Tool Selection & Deployment:

  • Provide strategy and guidance for GRC tool selection
  • Program management for requirements and architecture for GRC tool
  • Integrate, deploy and maintain GRC tool

Third Party Risk Management:

  • Leverage “Follow The Data” TM model to create sensitive data matrix
  • Program manage third party (supplier risk management) risk assessment
  • Perform On-Site assessments based on supplier risk ranking and following ISO27k or NIST framework
  • Evaluate Service Organization Controls SSAE16/18  SOC1/SOC2/SOC3 reviews for internal audit readiness
  • Provide RCSA (Risk Control Self-Assessments) from suppliers and provide risk summary reports

IT Security Training & Awareness and ISACA Certifications:

  • Offer ISACA CSX, CISA, CRISC certification programs.
  • Provide web based or classroom training and awareness program.

IT Policy:

  • Provide collaborative support to technology organization in formulating the enterprise IT policies and standards
  • Provide IT policies and standards documentation
  • Review current IT policy documentation and provide GAP analysis to meet industry best practice and regulatory requirements
  • Enhance IT policy documentation

IT Audit:

  • Program manage IT audit
  • Work with internal and external audit (inclusive of regulatory and examiners) to provide required collaboration for audit documents and process
  • Remediation requirements to close audit findings