IT Consulting

IT Risk Assessment

The performance of IT risk assessments is a required step in meeting many compliance obligations. Our information security professionals have extensive experience in assessing risk and designing a framework of controls to mitigate organizational, business process, and system level risks.

Security Assessment, Penetration Testing, and Vulnerability Scanning

Security threats, vulnerabilities, and privacy risks have become a top priority for businesses around the world. The sophistication of attackers and the complexity of threats require organizations to invest in robust controls on information security and implement sound security technologies. Our team has significant experience advising clients in a variety of information security and privacy areas, including:

  • IT Risk Management
  • Identity and Access Management
  • Network Architecture
  • Data Security and Privacy
  • Change Management
  • Vulnerability Management
  • Incident Response
  • Business Continuity and Disaster Recovery
  • Regulatory Compliance

Compliance Readiness

Between regulations, standards, and contractual obligations, IT requirements are unavoidable in the technology-centered world we live in. We are prepared to assist you in your efforts to comply with a variety of IT requirements.

We are ready to help you comply with:

  • Payment Card Industry Data Security Standard (PCI-DSS)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health Act (HITECH)
  • International Organization for Standardization (ISO) 270001
  • National Institute of Standards and Technology (NIST) Special Publication 800-53
  • Gramm Leach Bliley Act (GLBA)
  • Federal Financial Institutions Examination Council (FFIEC)

Our Compliance Assessment Services Include:

  • Determining the scope of your compliance requirements and data environment
  • Assessing the current state of your control environment and making recommendations for improving to meet your compliance goals
  • Evaluating and selecting systems and service providers

System Evaluation and Selection

Whitley Penn will help you evaluate and select the right IT system for your company. We work directly with IT executives and other decision makers in order to focus on the design and implementation of controls to deliver improved business processes by comprehensively addressing the IT and business needs of your organization.

Meet the team

John Williamson

Risk Advisory Partner

Jesus Vega

Cybersecurity Managing Director

Charles Sulak

Risk Advisory Managing Director

We look forward to
working together

Submit the form to the right and a member of the team will reach out.

Questions? Contact an advisor.

Contact an Advisor

Get started today. Submit the form below to get in touch with an advisor. For all other inquires not service related, click here.
Skip to content