Our Services

WHO ARE WE

FOCUS Risk Management Specialists is a locally private owned firm, founded in 2013, which specializes on risk management and information technology services. Our commitment is focusing on maximizing the benefits of business model, with our team’s vast experience to offer you higher level of efficiency with and unparalleled level of service.

All our plans and recommendations consider industry’s best practices, standards and frameworks, and compliance such as: ISO 31000, ISO 27001, ISO 27002, ISO 31010, NIST, COBIT 2019, HIPAA, HITECH, GLBA, SOX404, and PCI DSS.

Information Technology Risk Management Consulting:

We help you identify your most important risks, design processes and controls to manage them and improve the effectiveness and efficiency of ITRM through technology assistance. Our independent position and assessment capabilities provide clients with a candid and reliable overview of their IT risk landscape and the controls in place.

  • Risk Management Program development, implementation and management
  • Risk Assessments
  • Risk Analysis
  • Vulnerability Assessments
  • Penetration Testing
OURSERVICES
Focus Risk Management Specialists

ASSURANCE AND COMPLIANCE

Our IT controls services focuses on the design, implementation and rationalization of controls that potentially reduce the risks in the application, infrastructure and data layer of your IT function. Risk Management and Information Security key areas of focus in the current landscape of mobile technology, social media and cloud computing:

  • Internal Controls revision, design and implementation
  • PCI DSS, SOX 404, HIPAA, SSAE18 SOC Reports, IT Compliance Gap Analysis
  • SOX 404, HIPAA, PCI DSS Management testing and Compliance Assessments
  • COBIT implementation, development and management
  • Internal Controls Risks and Controls Assessments
  • Programs, Standards, Guidelines, Policies and Procedures design, development, implementation and revision

INFORMATION SECURITY AND CYBERSECURITY

  • Program development and management
  • Policies and Procedures development and revision
  • Standard and Guidelines revision and development
  • PCI Data Discovery Assessment
  • PCI DSS compliance and implementation
  • Gap Analysis
  • Controls development and implementation
  • Trainings revision and development
  • Awareness Program development and management
  • ISO 27001, 27002 implementation and management
  • Risk and Control Assessments

IT SERVICES

Infrastructure, Network, Systems Development, IT Operations, IT Strategy, Systems Analysis, Business Analysis, Tools Implementation, Cabling, IT Management, IT Security, Servers Administration, WiFi Networks, LAN, WAN and others.

BUSINESS CONTINUITY AND IT DISASTER RECOVERY

  • Program development and management
  • Policy and Procedures revision and development
  • Plan revision, development, implementation and management
  • Standard and Guidelines revision and development
  • Gap Analysis
  • Controls development and implementation
  • Trainings revision and development
  • Awareness Program development and management
  • Analysis revision, development, implementation and management
  • Disaster Recovery Testing Assistance/Audit
  • BC & DR Controls Evaluation