Cyber Security
IT SOX Program:
- Provide SOX testing program with testing templates
- Perform SOX testing
- Train resources in SOX testing
GRC Tool Selection & Deployment:
- Provide strategy and guidance for GRC tool selection
- Program management for requirements and architecture for GRC tool
- Integrate, deploy and maintain GRC tool
Third Party Risk Management:
- Leverage “Follow The Data” TM model to create sensitive data matrix
- Program manage third party (supplier risk management) risk assessment
- Perform On-Site assessments based on supplier risk ranking and following ISO27k or NIST framework
- Evaluate Service Organization Controls SSAE16/18 SOC1/SOC2/SOC3 reviews for internal audit readiness
- Provide RCSA (Risk Control Self-Assessments) from suppliers and provide risk summary reports
IT Security Training & Awareness and ISACA Certifications:
- Offer ISACA CSX, CISA, CRISC certification programs.
- Provide web based or classroom training and awareness program.
IT Policy:
- Provide collaborative support to technology organization in formulating the enterprise IT policies and standards
- Provide IT policies and standards documentation
- Review current IT policy documentation and provide GAP analysis to meet industry best practice and regulatory requirements
- Enhance IT policy documentation
IT Audit:
- Program manage IT audit
- Work with internal and external audit (inclusive of regulatory and examiners) to provide required collaboration for audit documents and process
- Remediation requirements to close audit findings