Services

Our Core Business Competencies Include:

• Information Technology Security
• Risk Management
• Audit Services
• Data Protection and Privacy Consulting Program  

Data Privacy:

Privacy continues to be a significant business issue. We can help organizations effectively manage the business risk and compliance issues relating to data privacy and compliance issues. Some legislation of key importance includes HIPAA, Gramm-Leach-Bliley Act (GLB), Children’s Online Privacy Protection Act (COPPA), and Safe Harbor.

Our Privacy Services Include:

• Policy Development
• Breach Notification Procedures
• Safe Harbor Program 
• Privacy Awareness and Training
• Compliance with COPPA, PCI, GLBA, & HIPAA Privacy
• Risk Assessments Privacy Audits

Privacy Risk Assessment and Strategy:

Evisa can help your organization develop a formal privacy strategy by  

• Identifying privacy issues and opportunities
• Develop mechanisms for embedding a culture of privacy within an organization

Privacy Impact Assessment (PIA):

Evisa can help your organization conduct a privacy impact assessment (PIA) to enable it anticipate and address the likely impacts of new initiatives, problems, and negotiate possible solutions. Our approach goes beyond mere compliance with privacy laws, we look to wider privacy challenges, opportunities, risks and look for solutions to ensure information flows are appropriate.

Data Breach Procedures:

We advise organizations on how to manage data breach incidents and privacy complaints including how to respond appropriately.

Privacy Audits:

We can help conduct privacy audits for organizations to ensure their current processes and procedures are in compliance with privacy laws. We provide the following services.

• Privacy practices assessments and strategy development.
• Personal information data flow mapping and analysis 
• Information technology systems privacy requirements
• Cross border data transfers planning and reviews
• Regulatory compliance assessments
• Privacy policy creation and reviews

Information Technology:

Business today depends on technology as never before to drive transformation, productivity and business operations. As more value is needed from IT, our program management office have trained and certified professionals that help our clients improve and manage their information technology security programs.  Our practices include IT security governance, risk management, change management, disaster recovery and business continuity planning, pre and post implementation reviews of new systems.

Controlling access to systems and protecting the confidentiality, integrity and availability of information is a critical concern of any organization. To ensure data protection, organizations need to employ individuals who are highly skilled in information security, and in support of this demand, we have experienced individuals that can help provide advisory services to prevent potentially costly and embarrassing security lapses.

We provide detailed assessments of our client’s entire security infrastructures to identify and eliminate any vulnerability by identifying weaknesses in your organization information security systems. We are dedicated to helping our clients develop and maintain an integrated security infrastructure that can prevent and minimize the effect of security lapses. 

Disaster Recovery - Business Continuity Planning:

Most businesses will experience threats to their critical systems — power outage, fire, flood or a computer virus. Critical systems disruptions may cause severe financial losses and threaten the survival of your organization. We provide organization wide business continuity planning. Developing a business continuity plan is a difficult and complex process. Our advisors can work with you to develop a plan that you will have confidence in and this include the following:

• Evaluation and prioritization of critical needs 
• A comprehensive written plan addressing the key operations in each functional area
• Identification of high-risk threats, their impact and prevention techniques
• Prioritization of processing and operations to determine the recovery timeframe
• Review of potential recovery facilities and off-site procedures

Risk Management:

Our expert practices encompass all areas of risk management.  We are committed to continually enhancing and building upon our capabilities to ensure comprehensive resources for financial management. We provide personal advisory services in a wide range of personal investment strategies.   We combine outstanding risk management techniques with superior analytical tools to profit handsomely from today's market environment. We can help our clients identify growth opportunities and solve most complex business issues.

Let us know how we can help you grow. We offer a customized, flexible approach that’s based on your personal needs combining in-depth industry knowledge and a longstanding commitment to your financial growth. We take a value-added approach to risk management looking for opportunities to improve your productivity and performance and suggesting improvements where appropriate.

Audit Services:

We provide audit services in financial, operational and information technology audits. We specialize in crafting a comprehensive audit program unique to your needs, developing industry-specific specialized audit programs. We also provide SOX compliance services. We can assist organizations that need help improving the quality and effectiveness of their internal audit processes in a number of ways by advising and assisting in the development of internal audit and risk management methodologies, including assessing whether the internal audit function is delivering effectively to stakeholders.

Financial Audits:

The passage of the Sarbanes-Oxley Act of 2002 (SOX) has raised the profile and responsibility of internal auditors. Internal auditors are now being asked to assume a more strategic role one that is tied to the overall assessment of risk.

Auditors are being asked to take on new responsibilities and leadership roles that not only require additional staff but different skill sets as well. These specialists typically possess expertise related to large project management, logical security, fraud and specific software packages. In either case, choosing the right firm and model to address your internal audit needs is a complex decision.

Evisa Consortium has qualified internal audit resources to assist you in whatever extent you desire. There are several benefits from working with our internal audit professionals:

• Enables organizations leverage their in-house resources more effectively
• Allows management to focus on business operations
• Raises the awareness of management's support for a sound internal control structure

Our integrated risk management methodology begins by performing a comprehensive business risk assessment. This assessment helps to align our audit plan with the risk factors within your organization

Quality Assurance Reviews:

Internal audit function is expected to add value to an organization and a quality assurance review (QAR) provides senior management with the confidence that the internal audit department is functioning as intended, as well as helps pinpoint areas for improvement. We use the latest engagement technology, data mining and analysis tools to deliver our internal audit services in a cost effective manner.

Compliance Audits:

Our experienced professionals can help your organization develop a plan to assess and document your company’s internal controls. Our approach is tailored to the specific needs and complexities of your organization including:

• Planning
• Design assessment and operating effectiveness
• Monitoring

IT Audits:

Sarbanes-Oxley (SOX) regulations affect several aspects of a business, including its IT systems. As part of our extended SOX-related services, we offer IT Auditing services designed specifically to help your organization comply with SOX regulations and compliance. Our approach is designed to assess and document your company’s internal controls using the IT Governance Institute's Control Objectives for Information and related Technology (CobiT) model.