Riskpro's 21 CFR Part 11 services include gap assessment, reviewing and validating your software/systems for compliance and providing you necessary policies and procedures.
The DSCI has introduced a Data Privacy Framework Certification for Indian companies who have implemented the 9 privacy practice areas within their systems and processes to protect the data or information of their customers and clients.
The frameworks borrows key controls from various industry level cybersecurity standards such as NIST, ISF, ISO, Basel and PCI DSS. The purpose of the CSF is to ) to enable Financial Institutions regulated by
SAMA (“the Member Organizations”) to effectively identify and address risks related to cyber security.
SEBI circular on cybersecurity and cyber resilience framework for regulated entities requires mandatory cyber security and resilience audits. With the recent amendments in May and June 2022, such audits are to be done twice a year. SEBI also requires entities to identify critical assets in their organisation and also maintain an updated list of the same.
Organizations continue to outsource parts of their business to realize potential cost benefits, to alleviate the need for hiring or retaining internal specialists and/or to create more flexibility to realize their business strategy.
Assurance reports play an important role as a management control. In the USA, the new SSAE 18 standard was introduced in 2016 and implemented in 2017.
Riskpro has done more than 900+ SSAE engagements and we have an inhouse CPA to perform these attestations.
GDPR is a sweeping change. Effective May 2018, if you are not ready, you will not be able to do business, if you hold Personal data of any EU citizen and are not GDPR compliant.
This may be as simple as an email in a marketing email list. You will not be able to send marketing mailers unless there is explicit consent or a lawful purpose/ legitimate business purpose.
If you are recruiters, you will not be able to forward the CVs, download and save candidate data without their consent.
Riskpro has a strong team of experienced and certified data privacy and data protection professionals who have thorough industry and technical knowledge and can assist you with:
Highlighting gaps in your framework/ policies/ processes and suggest an effective mitigation plan.
Define/review procedures to ensure updates in the bill are identified timely.
Ensure the controls/ framework defined are adequate and in accordance with PDP Bill requirements.
Define and/or implement a bill compliant data protection governance framework.
In 2002, the United States Congress passed the Sarbanes-Oxley Act (SOX) to protect shareholders and the general public from accounting errors and fraudulent practices in enterprises, and to improve the accuracy of corporate disclosures.
An Audit of Internal Control over Financial Reporting performed in conjunction with an audit of financial statements.
All public companies now must comply with SOX, both on the financial side and on the IT side.