top of page


  • Expertise in providing cyber security and audit services to global financial institutions and central banks

  • Identify any gaps within the SWIFT CSCF requirements and propose a timely remediation for the independent assessment results to be compliant

  • Review companies documented policies, processes, business practices, and technical controls

  • Conduct stakeholder meetings with security and technology run teams

  • Provide final documentation


  • Building and assessing  effective and efficient enterprise-wide control mechanisms to ensure corporate compliance with COSO 2017 ERM framework

  • Establishing corporate focus on business risk identification, definition of key control initiatives, enterprise systems review, business data security, process control measures and policy administration

  • Translation of integrated risk ranking into annual S-OX scoping for focus testing

  • Set-up and compilation of regular S-OX Certification Committee reporting  & Management Letters of Representation

Sarbanes Oxley (S-OX)

  • Designing and implementing of internal controls for SOC 1 reporting.

  • Testing effectiveness of controls

  • Facilitating Management with attestation of compliance.

  • Assessing Trust Service Principles (Security, Confidentiality, Processing Integrity, Availability & Privacy) to support SOC 2 certification.

ISAE 3402

    Information Technology




  • Assessment of the information risks to people, processes, technology, and determining the likelihood and impact of the risk events, tolerance, and the threat environment

  • Audit the implementation, adequacy, and effectiveness of the security controls, existing safeguards and vulnerabilities,

  • Advisory to management on risk management matters, and as an independent reviewer to provide assurance on management’s capability and performance in risk management.


Data Privacy & 


  • Establishing and implementing security-related policies

  • Overseeing regulatory compliance and ensuring data privacy

  • Establishing and overseeing the organization's security architecture

  • Supervising identity and access management

  • Establishing business continuity and disaster recovery

  • Conducting electronic discovery and digital forensic investigations

Cybersecurity &


  • Creating organizational Cybersecurity awareness

  • Improving mechanisms for Authentication and Authorization

  • Strengthening End-Point protection (desktops, laptops, mobile devices, PDAs)

  • Conducting Penetration Tests

  • Improving Patch Management, Log Monitoring and Security Incident Response processes

bottom of page