Our practitioners carry multiple profession designations across the business and technology risk landscape:
Deficiency Remediation - for years one of our financial institution clients struggled with remediating IT control deficiencies in the area of logging and monitoring. Our team worked closely with all stakeholders to holistically develop a solution that included people, process and technology. We were able to help remediate the gap, satisfy the auditors and regulators and ultimately help reduce risk.
Adding Value - technology scale-ups are the leading the way of our innovation ecosystem, our unique experience has assisted scale-ups for resilience in meeting the rigors of increasing client demands for cyber security and third-party risk and controls. Scale-ups often have to respond to security questionnaires and undergo a SOC 2 audit to provide client's with visibility into the design, implementation and operating effectiveness of their controls. We have assisted several scale-ups to operationalize governance, risk and controls in a pragmatic approach to mitigate risk and build client confidence that the services they are subscribing to are safe.
Risk Management and Governance - pulling together experts in the energy sector, privacy and cyber security, we helped the Ontario Energy Board develop a Cyber Security Framework for the energy sector in Ontario. Leveraging NIST CSF as the baseline, we worked closely with stakeholder to customize the framework to meet the needs of Ontario's energy sector.
See the cyber security framework for yourself:
Risk Management and Governance – Bringing ample subject matter expertise in the data governance and transformation domains, our team helped a leading multination manufacturer of consumer packaged goods leverage technology to fundamentally change how they deliver value to their customers around the world. Throughout the transformation, our team worked alongside business and IT stakeholders, who had an intimate knowledge of existing processes and daily operations, to develop and implement a solution that aligned with the overall business strategy and larger data governance initiative while fundamentally changing the way business is done.
Maintaining Compliance - our team has been engaged to help operators in the Lottery and Gaming industry to demonstrate compliance with jurisdictional regulations and contractual obligations. We have assisted several client's securing gaming management systems, providing vulnerability assessments, penetration testing, and security / internal control maturity assessments to meet regulatory requirements. We have also operated as an outsourced internal audit function for a state licensed operator, where we plan and execute an annual internal audit plan, with reporting to the audit committee and state regulator.