Written by WIB
Thursday, 09 April 2009 01:00
In the last years GRC (Governance/Risk/Compliance) has been recognised as a central part of Corporate Governance. In 2009 more corporates will have to establish and run efficient GRC structures. We are helping top stakeholders like Executive Boards and Board of Directors (BoD) to comply with these and other requirements by adding our international expertise.
We are a team of IT and business experts, auditors and lawyers advising BoD and executive management on how to deal with information technology governance, that's why we call it:
Corporate Governance of Information Technology
Our services include:
- Information Governance (ECM & Records Management): Projects, architectures and education (using Moreq2, ISO 15489 and national standards)
- Compliance & E-Discovery: Audits, Processes, Tools, Certifications
- Risk Management: Establish and run Risk Management systems on board and project level
- Information Security: ISMS setup, maintenance and audit (ISO 27001)
- Training and Education: Train and create awareness how to deal with technology risk
- Technology Compliance: Build, review and evaluate compliance structures
- ECM/RM project/program management and assurance
- Independent evaluation and review of technology projects
- Project assurance
- Project Owner coaching
Statement of competence
Governance & Control
- Mediation and consulting for technology teams
- Support for contract structuring and negotiation
- Large project co-ordination, and provision of a unified compliance understanding through instructional measures and project accompaniment
- Identification and support in choosing partners
- Conflict resolution procedures and restarts for endangered projects
- Preparation for audits and due diligence
- Establishment of risk management systems
- Evaluation and gap analysis in accordance with SOX and other legal regulations and frameworks
- Establishment, implementation, and audit of management and control systems for IT valuation and compliance at the stakeholder and management levels.
- Development and Implementation of IT Governance frameworks based on CobitTM.
- Creation of records management concepts, quality management, and analysis of all phases of Records Management plans and projects.
- IT Security & Privacy
- Design and Implementation of Information Management Security Systems (ISMS) based on ISO 27001 and its predecessors.
- Development of Data Privacy organisations
- Compliance verification, reports and certifications
- Transaction and opinions of Cyberlaw with an emphasis on signature laws, data protection, IT liability, and security systems.
- Risk Management
- Creation, implementation and management of IT security management and governance or- ganisations.
- Corporate Development
- Strategic enterprise development for IT companies, support of M&A deals through valuation and due diligence and management of high tech companies.
Last Updated on Thursday, 08 April 2010 08:36