Overview:
INTRODUCTION
We believe that the journey with our clients is just as important as the destination. Through our People, Process, Technology philosophy and either one or a combination of each of our Service Areas, our aim is to leverage these collective capabilities by applying our ‘GRC in 5 Steps' thinking to create sustainable business success and true client partnerships.
SIMPLIFYING GRC IN 5 STEPS
1. Understanding the organisation and its risk and compliance profile.
2. Understanding the people, governance, risk, and compliance structure in the organisation.
3. Asking the right questions.
4. Recommending best fit GRC management systems and technology solutions.
5. Moving the business forward with intuitive and predictive information analytics.
MANAGEMENT SYSTEMS TECHNOLOGY SERVICES
Working with Clients that wish to move from manual to automated technologies we assist in the analysis of the business processes that enables us to
recommend a suitable “best of breed” and “fit for purpose” technology solution
Assisting with the transition from a manual to a user based, automated technology solution.
Delivery of immediate, purpose fit solutions as opposed to long-term, high-cost implementations.
The combination of consultancy and advisory assistance with the implementation of process-based management systems aligned to best of breed technology solutions.
The provision of technology solutions that are scalable, reliable, and cost-effective with built in
intuitive and predictive information analytics.
RISK AND COMPLIANCE SERVICES
Facilitation, advice and consultancy on governance, risk and compliance management systems including implementation and compliance to several
international Standards and Guidelines.
Principle Service Areas
ISO 27001 Information Security Management
ISO 22301 Business Resilience & Continuity Management
ISO 37001 Bribery and Corruption Management
COSO/SOC2 and COBIT5 –Sarbanes Oxley
Data Classification Frameworks
NIST Security Control Compliance and ITIL Best Practices
ISO 19600 Compliance Management
ISO 31000 Enterprise Risk Management
AS 9100 Aviation, Space and Defence Management
Legal and Regulatory Requirements Framework
Sustainability & ESG Monitoring, Management & Reporting Services
Integrated Reporting – Facilitating collation & review of strategy and governance performance data
GRC ADVISORY
Facilitation and guidance on strategies for managing an organisations overall governance and risk management processes and compliance requirements including any change management interventions identified.
Business Strategy Development – Assisting clients with the development of sustainable business strategies, goals, and objectives for the benefit of both internal and external stakeholders.
Business Process Gap Analysis – Visualizing the client’s business by mapping the processes in place by considering the roles, responsibilities, standards, and guidelines.
Business Process Modelling – To further develop ‘gap analysis’ results business process improvements are discussed, and the enhancements suggested tested through to implementation.
Business Impact Analysis – Conducting of Business Impact Analysis of processes, products and services and activities and development of recovery strategies.
Threat and Risk Assessments (TRA) – Conducting of TRA’s and recommending requirements for the development of Business Continuity and Disaster Recovery Plans.
Organizational Change Management – Assisting clients with business process changes impacting resources and budget allocations needed to reshape company or organisation.