Cybersecurity Assessments and Audits

Expert independent validation of the security and privacy environment is the optimal first step to setting a course to achieve the appropriate level of security. Ankura helps organizations better understand the current state of their cybersecurity hygiene and effectiveness posture with independent expert assessments of their security programs. We look at elements like governance; organization and staffing; controls, training and awareness; infrastructure, third-party security, and response preparation; incident management, and operational recovery. We audit internal or other third-party risk assessments and validate findings and remediation.

Solutions include:

  • Current state security and privacy assessments
  • Risk, threat, and vulnerability assessments
  • 23 NYCRR Part 500 regulation (and other state laws and regulations based on the NAIC model law)
  • PCI gap analysis
  • HIPAA and HITRUST compliance and OCR audit readiness
  • Meaningful use audits
  • Assessments against leading security frameworks – NIST, ISO, COBIT, CIS Top 20 Controls
  • NIST 800-171 (FARS and DFARS guidance)
  • Assessments of risks to industrial control systems (ICS) and field sensors, actuators and PLCs
  • Assessments supporting buyers and private equity firms in the merger and acquisition due diligence process
  • Technology platform audits, such as Office 365