Providing Superior Risk Management, Cyber Security and Corporate Governance Solutions

Assurance ∙ Audit ∙ Compliance ∙ Governance ∙ Risk Management ∙ Vendor Management


Riskcop Advisory LLC is a full-service risk management firm, specializing in governance, risk and compliance services (GRC), fraud investigation services, internal audit consulting, and control readiness reviews. We cater to large, medium, and start-up control environments.

Our team takes pride in having integrated risk accessory experience in cyber technology, IT general controls (ITGC), and operational, compliance, and financial risk. We have experience working with Fortune 500 companies. You can rely on us for quality service at all times.

Learn More About Us

Providing Superior Risk Management, Operational Risk, Cyber Risk, Project Management and Forensic Examinations.

Out Professionals perform assessment in all security standards including NIST 800-171, ISO 27001, HI-TECH, SOC1 and SOC2 readiness reviews, COBIT and COSO for Internal Audit Co-Sourcing and full Outsourcing.

We have Certified Public Accountants (CPAs), Certified Information Systems Auditors (CISAs), Certified Financial Services Auditors (CFSAs), and Certified Fraud Examiners (CFEs). Our team has more than 25 years of experience in the finance industry and a combined 100 years of experience in the following:

  • Financial Services (Retail and Wholesale)
  • Insurance (Property and Casualty, Life, Health, and Specialty)
  • Health Care
  • Defense and Manufacturing Industries
  • Government (Military, Social Security, Inspector General, DOD)
  • Law Firms
  • Manufacturing
  • Higher Education

Areas We Serve

United States




Our Values

We believe that we should have fun and enjoy what we do, or we can stop doing it at all. Since our establishment, it has become our passion and source of happiness to help companies, big or small, in their decision making.

Our people are the source of our company’s strength. We have a team that is highly committed to catering to your different risk management needs—supporting each other to provide quality service at all times.

Here are some of the things we value at Riskcop Advisory LLC:

  • Integrity – Upholding ethical values with our team, clients, and all stakeholders we encounter
  • Open Communication – Promoting direct and honest communication with our people, customers, and all shareholders we meet
  • Unwavering Commitment – Going the extra mile to get the job done
  • Product Quality and Reliability – Never cutting corners and sacrificing quality
  • Continual Self-Improvement – Seeking feedback from our clients, doing self-renewal of our knowledge and talent

What We Do

We perform risk, System and Organization Controls 1 (SOC 1), System and Organization Controls 2 (SOC 2) assessments, control readiness reviews, and security assessments. These include process walkthroughs, control design evaluation, and operational effectiveness testing. We carry these out under the following security standards:

  • National Institute of Standards and Technology (NIST) 800-171
  • International Organization for Standardization (ISO)
  • Sarbanes-Oxley Act Section 404

Our team has worked with the following standards in an operational, risks, and security capacity for security and operations:

  • Committee of Sponsoring Organizations (COSO)
  • Control Objectives for Information and Related Technologies (COBIT)
  • ISO 27001
  • National Institute of Standards and Technology (NIST)
  • Information Technology Infrastructure Library (ITIL)
  • Payment Card Industry Data Security Standard (PCI DSS)

For privacy and vendor risk assessments, we use the Standardized Information Gathering (SIG) approach and work with these standards:

  • Gramm-Leach-Bliley Act (GLB Act)
  • Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • Family Educational Rights and Privacy Act of 1974 (FERPA)
  • EU General Data Protection Regulation (GDPR)

Potential data in scope:

  • Personally Identifiable Information (PII)
  • E-Mail
  • Customer Relationship Management (CRM)
  • Credit Card Data (PCI)
  • Protected Health Information (PHI)
  • Merger / Acquisition Information (Secret)

Areas in scope include:

  • Risk Assessment
  • Physical Security
  • Logical Security
  • Application Security
  • Database Security
  • Website Considerations
  • Encryption
  • Data Leakage Protection
  • Backup and Recovery
  • Disaster Recovery
  • Business Continuity
  • Customer Service
  • Cloud Considerations
    (Public or Private)
  • Change Control
  • Operational Control
  • Internet Monitoring Controls
  • And Many More

Who We Service

We proudly serve companies of all sizes. Our team caters to small, middle-market companies (Fortune 100 companies that are starting), financial services, retail industries, and insurance companies.

Trust Our Team

Reach out to us to secure a confidential consultation. With our risk management services, you can:

  • Scope your IT, cyber, compliance or operational risk project or determine a needs analysis for any of these areas
  • Discuss changing compliance or regulatory need with one of our experts
  • Determine how to handle a customer complaint, alleged whistleblower fraud, or employee hotline tip
  • Learn if your organization has been breached and what tools or solutions can be employed to ensure you are kept aware of future illicit activity should it occur
  • Find a consulting firm that can outsource or co-source certain key business, security, or compliance activity
  • Discover a firm that can work hand in hand with key leaders to ensure you are equipped for your next executive leader, audit committee, or board meeting