top of page
GRC Consultant
TH77_edited.jpg

We're Here to Help 

Our mission is to ensure our clients' security controls and processes protect their systems, networks, and data.  

 Our Governance, Risk, and Compliance (GRC) services include control advisory services, control gap analysis, audit readiness reviews, writing security polices, and designing security controls that align to policies and regulatory or compliance obligations.  

Additionally, we deliver strategies for security risk management and help you assess 3rd party risk.

Tired of big consulting firms delivering PowerPoints and no real results? Try us! We provide short term targeted engagements that produce the results you need. Let us help you build and mature your IT security practice.

keyboard_edited.jpg

Governance and Compliance Services

​​

  • We can apply our expertise in Commercial, Cloud, and Corporate domains

  • We'll write your policies for you:  Security policy development aligned to ISO27001, NIST, COBIT, ITIL 

  • We can define effective security control strategies: End Point Protection, Advanced Threat Protection, Security Response Process, GRC Tools, SIEM Tooling, etc.

  • We conduct control reviews, audit readiness, and suggested control improvement via rapid gap analysis  in support of your compliance obligations  or needs: ISO27001, SOC1, SOC2, PCI​, SOX

  • We can deliver control models aligned to standard control frameworks: ISO27001, NIST, COBIT and ITIL 

  •  We are experts in aligning People, Process, and Technolgy and can help ensure that your Controls, Processes, and Technology work together

  • We provide advisory services for implementing and utilizing standard GRC technology (OnSpring, OneTrust, Archer, ServiceNow, etc.) 

Security Risk  Management Services

  • We can build or mature your Cybersecurity Risk Program.

  • We can conduct fast and reliable risk assessments on your products, infrastructure, data centers, vendors, and service providers. We will identify potential security risks and provide actionable remediation recommendations.

  • We will help you risk assess your 3rd party service providers and can do so via risk assessment templates or 3rd party auditing tools like Archer, Prevalent, Allgress, TrueSite, CyberGRX, etc. 

  • We can help you complete industry frameworks  (CAIQ, SIG, etc.) or use those frameworks to evaluate your 3rd party providers. 

  • We can help you write or review standard security contract language and/or standard terms & conditions.

th5.JPG

Why Trust Hawk?

  • We work rapidly to assess your needs and deliver results. We come prepared with templates and tools to get the job done quickly. 

  • Our staff has 25+ years of experience in cybersecurity, Governance, Risk, and Compliance

  • Proven results in implementing security control processes utilizing standard frameworks (ISO27001, NIST, COBIT, ITIL) to satisfy compliance requirements (SOC1/2, ISO27001, PCI, SOX)

  • Six Sigma Certified Black Belts​​ and improvement techniques
     

Get in Touch

Contact Us

Thanks for submitting!

  • Facebook
  • Twitter
  • LinkedIn

©2022 by Trust Hawk Cybersecurity Advisory Services. Proudly created with Wix.com

bottom of page