Services...Compliance & Risk Management

GRC - Governance, Risk and Compliance

ATIBA provides information security and risk management consulting services for the Banking, Financial Services, Insurance, Healthcare, Manufacturing, Government, Retail and Telecom industries. Our compliance professionals have years of focused experience and hold CPA, CISA, CITP and CISSP certifications. As a result, we are able to provide cost-effective, risk based compliance solutions to our clients

Information risk management is a growing concern for most business executives, regardless of industry. Compliance mandates such as SOX, HIPAA, GLBA, SEC and PCI impact many organizations, compliance requirements are becoming more onerous and non-compliance penalties are becoming increasingly more expensive. In order to stay viable, businesses of all sizes must  proactively mitigate their risk exposure.

Whether you are an organization that must adhere to regulatory compliance or are a small to medium size business interested in mitigating your business risk by ensuring that you have a viable business continuity and disaster recovery plan, putting in place the appropriate strategies, processes, procedures and controls makes good business sense.

ATIBA can help you develop security policies and implement security frameworks that are sustainable, repeatable and manageable. We can act as an independent assessor to review the existing controls you have in place, identify gaps, remediate deficiencies and produce the documentation and reports required for regulatory compliance audit preparedness. We can provide manual and automated attestation services to determine point-in-time conformance with formalized, predefined requirements and standards.


  • Compliance Readiness Assessments

  • Compliance Readiness Testing and Remediation

  • Business Continuity Planning

  • Disaster Recovery Planning

  • Implementing Quality Frameworks (ISO 27001 / 17799, SAS 70, Six Sigma, ITIL)

  • Information Security Risk Management

  • Mapping Organization Controls to Framework Standards: CobiT, COSO, NIST

  • Risk Management Strategy, Policy and Procedure Development

  • 'Virtual' Compliance Officer Services

Compliance, Risk and Readiness Assessments

  • AML - Anti-Money Laundering

  • Basel II / III - Basel Committee on Banking Supervision

  • BSA - Bank Secrecy Act

  • FFIEC - Federal Financial Institutions Examination Council

  • GLBA - Gramm,-Leech-Bliley Act

  • HIPAA - Health Insurance Portability and Accountability

  • ISO - International Organization for Standardization - ISO 27001 / 17799

  • I.T. Security

  • MSB/BSA/AML Compliance Program Review & Testing

  • NIST - National Institute Standards & Technology - NIST-800-53 Security Controls

  • NCUA -  National Credit Unions Association

  • PCI - Payment Card Industry

  • SOX - Sarbanes-Oxley

  • Red Flags Rule - Identify Theft

  • SAS 70 - Statement on Auditing Standards

  • SEC - Securities & Exchange Commission - SEC 17a-3, 17-a4

Compliance & Risk Management Marketing Collateral 

Site Map  |  Contact

Top of Page