Enterprise Risk

Management

Risk management is an ongoing process of identifying, assessing, prioritizing and responding to risk.

How We Solve Your Problems

• ERM is all about Governance. We’ll design a governance reporting structure that maximize communication with all stakeholders —Taking a top-down approach to guarantee buy-in from the BOD and Sr Management to auditors and regulators.

• Then we’ll review and document existing controls and threats to identify any gaps, so you’ll be making the most informed decisions that is data driven and not based on guesswork.

• Finally, we’ll streamline a process that is easy to use and focused on business initiatives and strategic goals—prioritizing the risks and putting “Business first.”

Cybersecurity

Program

Cybersecurity regulatory requirements are increasingly creating compliance stress.

You want to protect your company and your customers but it takes time and energy to research and implement the most cost-effective solutions.

How We Solve Your Problems

• We’ll leverage industry best practice frameworks such as the NIST Cybersecurity Framework and customize a solution that maximizes resources and is right for your organization.

• Focus on the controls. We’ll risk assess and recommend solutions and actions that find the weak links in your security and strengthens your system of internal controls.

• Our program will be scalable and grow with your organization. From advanced end-point threat detection to interactive security awareness training. We’ll make it right.

How do I know what I don’t know? We trust third-party vendors, often with confidential data.

But are they keeping it safe? And will they notify me if they have a breach?

Vendor Management is a lifecycle process and critical to your organization’s cybersecurity and Enterprise risk management programs. You can’t have a strong Cybersecurity program without a strong Vendor Management program.

How We Solve Your Problems

• You are only as strong as your weakest link. We’ll assess all of your vendors and design an onboarding process that asks all the right questions of your vendors before you sign the contract
• We’ll review existing vendors and classify them based on criticality so that you can keep a closer eye on providers that present the greatest risk.
• Lastly, we’ll automate the process to make document due diligence collection and risk assessments easier. All stakeholders from IT to Audit will be “in the know” on the status of your vendors.

CONTROLS & FRAMEWORK

Effective governance begins with structure. Black Swan Technologies will create effective controls and framework for organizations to secure their success.

RISK ASSESSMENT

Risk Assessment is both the science and the art of determining risks, identifying threats, prioritizing actions, and implementing the correct response process.

SECURITY AWARENESS

Knowledge and guidance are provided to ensure the understanding of potential threats and the actions that should be taken in direct response.

AUDITS

A system of internal controls must be validated and gaps must be identified. Findings are communicated and remediation methods are recommended.

“We‘ve worked with Brian on several different client initiatives and his subject matter expertise in Enterprise Risk Management proved to be invaluable. He approached the engagements by focusing on strategic goals and drivers and using the language of business, not technical jargon, to simplify the decision-making process.

He not only right-sized the program but designed it to be scalable and future-proof which gained buy-in from stakeholders and ensured the program’s success.  I highly recommend Brian to any company wanting to make smarter business decisions and looking to simplify the management of risk.”

—Tom Rogers CEO, Vendor Centric