Cybersecurity & Information Assurance

DNH has recently expanded its portfolio of offerings to include IT Security Risk and Compliance. Current projects are focused on the development of information security programs, conducting IT risk and compliance assessments, and advising on risk mitigation best practices globally through audits, assessments, and policy-making.

IT Risk and compliance assessments

Worried about your organization’s cyber exposure? Our team will create and perform a customized, global IT Risk and Compliance assessment, tailored to meet your organization’s unique needs. The DNH cyber team will assist you in ensuring documented business requirements are developed and implemented to support the processes and procedures for applications already in place. We can also help your organization start off on the right security footing for any new application implementation. 

e-grc platform development and support

Want to make sure your leadership team understands your business risks and is able to prioritize the right remediation / mitigation strategies to address them? Are you looking for a way to make more informed, risk-based decisions? DNH’s IT Security team will conduct a targeted risk assessment, and then work with you to develop a 2-3-year roadmap of the eGRC platform supporting various GRC processes in the areas of information security, incidents, policy, compliance, and risk management; including annual reviews, the import of new authoritative sources, and data integrity monitoring and clean up. 

IT program and vendor risk assessments

Does your organization have a risk-based vendor management program? Our team will assist you in designing, executing, and maturing your Risk Assessment process, including developing all necessary charters, processes, methodologies, and reports. We will partner with you to lead cross-functional workgroups and planning meetings to promote ideal solutions that meet the objectives of both the business client and the IT Risk, Compliance, and Information Security team. Where ideal solutions cannot be found, our team will support the identification and reporting of enterprise level risks and improvement opportunities to executive leadership for escalation. We can help you communicate the value of IT Risk, Compliance, and Information Security within your organization and continuously validate the organization against additional mandates, as developed, to ensure full and ongoing compliance. Our team provides a support structure that promotes sharing of expertise through consulting, presentation, and documentation; and coordinating cross-functionally to ensure a holistic approach to security and compliance across the client organization. We will provide the level of support needed to evaluate, monitor, and help you ensure compliance with IT Risk and Information Security policies, standards, guidelines and relevant legal and regulatory requirements. DNH’s experts conduct IT Risk and Information Security due diligence activities relative to vendors and third parties, and creates risk remediation plans with business owners. Our project support team can provide follow-through in the implementation of changes. We develop custom internal control testing and documentation processes (and update applicable internal control matrices where necessary) to support continuously changing risk environments. The DNH team is also experienced in serving as the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering.