IT Advisory | Riskpro India - Connect with Risk Professionals

End User Computing (EUC)

Riskpro develops EUC/ IPE Framework and Gap Assessment against best practices relating to EUC/IPE using Control policy.
We help with EUC Risk Assessment by testing of majors EUCs and preparing audit report with results and recommendations.
We develop critical risk reporting templates for various committees and senior management.

Business Continuity / Disaster Recovery

Riskpro helps with,
- project initiation and management.
- risk evaluation & control.
We develop continuity strategies and help in the disaster stages & process management by developing and implementing The Business Continuity Plan.

CMMC

Cyber Security Maturity Model Certification (CMMC) Framework is the latest development in IT Security in USA.
It provides assurance to the DoD that a DIB contractor can adequately protect CUI. Mandatory for any organization/ company who wants to do business with DoD.
Riskpro assist companies with expertise and guidance in achieving CMMC. Riskpro can support an organization through implementation to certification and continuous work with security.

21 CFR Part 11

Riskpro helps with the 21 CFR Part 11 requirements for Electronic records and Electronic signatures to the companies related to Life science community and other FDA regulated industries to ensure adequate maintaining of document security and authenticity.
We can help with the 21 CFR compliances like GAP assessment, Computer System Validation (CSV), Auditing services, Healthcare and Life Science Offerings like HIPAA, ISO 27001, SOC etc, Recruitment, Training & awareness.

NIST Compliance

NIST guidance provides the set of standards for recommended security controls for information systems at federal agencies. The NIST guidelines and recommendations will help federal agencies ensure compliance with other regulations, such as HIPAA, FISMA, or SOX.
We can help with the Gap Assessment against NIST / FISMA Framework, Consulting/ implementation support and Report / Compliance Letter issued by Riskpro.

Microsoft SSPA

The Supplier Security and Privacy Assurance (SSPA) is an assessment for Microsoft suppliers/vendors who process their data on their behalf.
Riskpro provides assistance in consulting as well as responding to the DPR questionnaire.
Riskpro has an inhouse CPA that performs DPR audits incase you are in high risk profile and independent audits are required.

We create an implementation plan for a business associate located in India. Business associates have to comply with security rules and breach reporting rule. Privacy rule may be applicable depending on the BAA agreement with the client (another BA or covered entity).

PCI DSS

PCI Security Standards Council (PCI SSC) maintains data security standards for the payment card industry under a single framework of Payment Card Industry Data Security Standard (PCI DSS).
PCI DSS requirements include security management, policies, procedures, network architecture, software design, and other critical protective measures.
Riskpro can help with Scope Definition, PCI DSS Gap Assessment, Security Check, Remediation Support, PCI DSS Assessment And Certification, PCI DSS Annual Maintenance and PCI DSS Awareness Training

IT General Controls (ITGC)

Riskpro assists organizations in designing ITGC frameworks and provides operating effectiveness assurance through ITGC audits.
We have dedicated IT audit professionals having experience working with a wide variety of industries of all sizes to mitigate ITGC risks within your IT environment.
Our ITGC services are tailored to the organizations risk appetite and compliance requirements.

Data Analytics

Data analytics refers to qualitative and quantitative techniques and processes used to enhance productivity and business gain.
Riskpro offers comprehensive data analytics services to convert historical and real-time, traditional and big data into actionable insights for you to take timely corrective actions if necessary.
We proactively identify the indicators of frauds and trigger automatic resolution.

DSCI DPF Consulting Services & Training

To protect the privacy of personal information from unauthorized use, disclosure, modification, or misuse, DSCI has conceptualized its approach towards privacy in the DSCI Privacy Framework (DPF©) which is based on the global privacy best practices and frameworks.

SOC 1 and SOC 2 Audits: End to End Consulting and Attestation

Organizations continue to outsource parts of their business to realize potential cost benefits, to alleviate the need for hiring or retaining internal specialists and/or to create more flexibility to realize their business strategy.
Assurance reports play an important role as a management control. In the USA, the new SSAE 18 standard was introduced in 2016 and implemented in 2017.
Riskpro has done more than 900+ SSAE engagements and we have an inhouse CPA to perform these attestations.