IT Governance / Risk / Compliance

Our IT Risk management practice assists clients with the identification of the interdependencies between the business processes, information elements and technology services. The iterative process takes into consideration potential threats, the acceptable level of risk, associated changes in the technology landscape, and investments justifications.
Once we catalogue and classify the information asset, we assist our clients in identifying cost effective risk mitigation strategies, cross referenced with any applicable regulatory or statutory requirement affecting those assets. Our processes and techniques ensure that both the individual business unit and the enterprise as a whole have a complete understanding of what risks exist in their IT environment, and how those risks can be reduced or eliminated.
While we leverage our expertise in risk management frameworks like: CobiT, Prince, Trust Services Principles and Criteria, ISO27002, NIST 800-30 and ISO35800, each program solution we device is tightly fitted and integrated with the organization we partner with.