Cyber Security

Cyber Security

IT SOX Program:
  • Provide SOX testing program with testing templates
  • Perform SOX testing
  • Train resources in SOX testing
GRC Tool Selection & Deployment:
  • Provide strategy and guidance for GRC tool selection
  • Program management for requirements and architecture for GRC tool
  • Integrate, deploy and maintain GRC tool
Third Party Risk Management:
  • Leverage “Follow The Data” TM model to create sensitive data matrix
  • Program manage third party (supplier risk management) risk assessment
  • Perform On-Site assessments based on supplier risk ranking and following ISO27k or NIST framework
  • Evaluate Service Organization Controls SSAE16/18  SOC1/SOC2/SOC3 reviews for internal audit readiness
  • Provide RCSA (Risk Control Self-Assessments) from suppliers and provide risk summary reports
IT Security Training & Awareness and ISACA Certifications:
  • Offer ISACA CSX, CISA, CRISC certification programs.
  • Provide web based or classroom training and awareness program.
IT Policy:
  • Provide collaborative support to technology organization in formulating the enterprise IT policies and standards
  • Provide IT policies and standards documentation
  • Review current IT policy documentation and provide GAP analysis to meet industry best practice and regulatory requirements
  • Enhance IT policy documentation
IT Audit:
  • Program manage IT audit
  • Work with internal and external audit (inclusive of regulatory and examiners) to provide required collaboration for audit documents and process
  • Remediation requirements to close audit findings