Governance, Risk & Compliance (GRC)
SRG Advisory Group’s assessment professionals are highly certified having extensive cybersecurity and industry verticle experience. We have performed assesments for orgainzations of all sizes from larger multi-national companies to smaller mid-market businesses. Regardless of your size or industry focus our team works with you to design an assessment strategy to meet your individual needs. Due to the context in which we perform these assessments, we deliver the highest quality work in a very cost-effective manner, to provide you with the assurance you need when it comes to securing your critical business systems and assets.
Additional Services Offerings
Cybersecurity Program Readiness (CPR) Assessments
Continuous Cybersecurity Program Maturity
Cybersecurity Program Review & Development
Cybersecurity Program Mapping
Risk Management & Assessment
Regulatory Compliance & Advisory Services
Audits & Assessments
Third-Party Risk Management
Risk Assessment and Audits
Cybersecurity audits and assessments are critical when looking to understand how your current cybersecurity program is performing against stated program objectives and/or regulatory compliance frameworks. Unfortunately, most companies lack the experience and staff needed to accurately assess their standing against these and other industry mandated security requirements.
SRG Advisory Group LLC can help, our team offers decades of experience performing audits and assessments with all our auditors maintaining high-level certifications such as CISA (Certified Information Systems Auditor) and CISSP (Certified Information Systems Security Professional) among others.
Our experience doesn’t stop with industry certifications, our team is comprised of experienced auditors who have worked as auditors and audit managers for accounting and audit firms, hospitals, major healthcare providers and financial services firms. Our audit experience extends to several industry recognized frameworks, including:
International Organization for Standardization (ISO 27001)
Health Insurance Portability and Accountability Act (HIPAA)
National Institute of Standards and Technology - Cybersecurity Framework (NIST CSF)
National Institute of Standards and Technology (NIST 800-53)
Outsourced internal audit
Program design audit
Letters of attestation
User access audit
Data Privacy and General Data Protection Regulation (GDPR) audits
Our audit team is here to help with all your audit, compliance and assessment needs - from outsourced/co-managed/internal IT audits, content specific letters of attestation to emergency audit staffing, SRG Advisory Group LLC is here to help you.
Third-Party Risk Managment
SRG Advisory Group LLC offers a unique approach to third-party risk management. While most TPRM programs utilize an “audit-based” approach relying largely on questionnaires and policy analysis, SRG Advisory Group takes a different approach. Our process utilizes is built upon a “Threat Modeling” approach (as outlined in NIST SP 800-154) to identify potential attack vectors that are most likely to pose a threat to your data or systems. SRG Advisory Group's TPRM process was designed to help you identify and manage all of your third-party related risks in a secure and cost effective manner. Our Third Party Risk Managment (TPRM) solution provides: