Risk Advisory and Compliance

Risk Advisory Services

 IT Assurance

  • SOC 1 SSAE 18 / SOC 2 / SOX readiness assistance
  • IT infrastructure, processes and governance structure review

Risk Assessment

  • Identification, analysis and evaluation of IT risks
  • Recommend / implement risk mitigation techniques

Cyber Strategy and Governance

  • Review and implementation of global standards / frameworks such as – ISO 27001, ISO 22301, NIST and COBIT
  • Customized cyber program development

 Cyber Maturity Assessment

  • Holistic assessment and benchmarking of business, IT and security compliances vis – a – vis global standards, industry best practices and competitors etc.

Cyber Metrics Development

  • Cyber security ’Key Performance and Risk Indicators’ (KPI / KRI) development
  • Cyber security scoreboard development

 Data Privacy

  • Review and implementation assistance for data privacy requisites such as – GDPR, HIPAA and RFPA.
  • Privacy strategy and governance framework development

Resilience Services

  • BCP and DR framework development 
  • Cyber incident investigation and forensics
  • Cyber threat intelligence

Third Party Risk Management

  • TPRM governance framework / program development
  • Periodic vendor assessments
  • TPRM automation advisory

Policy and Procedures

  • Development of policy and procedures of the highest standards based on our understanding of the business and in line with the industry standards and best practices

Compliance Services


  • Identification of key global regulations / laws


  • Identifying relevant requirements as per organizational context


  • Current state assessment of compliance level


  • Converting requirements into comprehensible controls


  • On-going monitoring for changing regulations


  • Periodic compliance assessment and reporting