Maturity Models and Frameworks
Our team utilizes a proprietary risk assessment methodology and software that is developed based on highly recognized risk assessment guidance and industry standards. The methodology which has been proven effective incorporates the most relevant elements of the following:
- COSO – Committee of Sponsoring Organization’s Standards of Enterprise Risk Management
- CobiT – Information Systems Audit and Control Association (ISACA)’s Control Objectives for IT
- ISO 20000/27000 – International Standards Organization’s IT Service Management and IT Security Risks and Controls Standards
- ITIL – IT Service Management
- Capability Maturity Model (CMM)
- Generally Accepted Privacy and Security Principles (GAPP)
- NIST / FISMA Security Standards and Risk Frameworks
Baseline Builder ®
Our team utilizes this proprietary software in conjunction with providing advisory services. Baseline Builder promotes effective and practical internal controls while helping to support efficient governance, risk management and compliance (“GRC”) processes. Baseline Builder has also allowed many organizations to significantly improve the efficiency of GRC tasks, and the accuracy and the retention of documentation. Customer reviews and feedback help confirm that the application is streamlined, clean and very responsive.
By leveraging the latest technology including ASP.net and SQL Server, the application provides one of the most effective processes for implementing and maintaining a governance, risk and compliance program. Unlike typical in house solutions, data and documentation is centrally managed in a database that allows for intuitive IT general, application, financial and operational control activity tracking, maintenance and reporting.