Our Mission
We understand the challenges of pursuing industry mandated compliance initiatives….skills shortage, decoding requirements, and core business distraction are a few big ones. Both companies as well as advisors are caught in tough spot because many firms need a significant amount of help and there are not enough advisors to go around. Plus, all those person-hours start to add up way too fast. With Rizkly, we set out help both dilemmas through a collaborative compliance app that gives you an option to purchase dedicated advisory on a monthly basis so you have the expert guidance to achieve faster success. Thus, Rizkly aims to:
-
Deliver a cutting edge solution that enables companies, large and small, to achieve and sustain cybersecurity and data privacy compliance efficiently and effectively
- Offer a complete solution. Today’s cybersecurity compliance requirements extend beyond technology remediation. Companies are now responsible for incident response, evidence collection, awareness training, risk management, reporting and much more. Rizkly addresses these evolving requirements so you’re not stuck shopping and signing-in to five tools.
-
Partner with advisors & MSPs that want to scale and bring cybersecurity compliance services to their customer base
Rizkly simplifies continuous compliance activities and gradually instills security and compliance acumen into your business. Our Guided Security and Compliance (GSC) service lets you demonstrate compliance with less disruption to your core business and budget. Peace of Mind.
Our People
Chor-Ching Fan
President & CEO
David Trout
Chief Strategy & BD Officer
Alex Shevchenko
Technical Lead
Celia Baker
Security & Compliance Guide
David Hall
Security & Compliance Guide
Mike Lyons
Partner Manager
Mitchell Pittman
Client Engagement Manager
Michael Drohan
Client Engagement Manager
Will Albert
Support Engineer
Rizkly experts will advise, guide and review hardware and software technology changes to ensure that they address specific compliance controls but we do not perform the actual implementation work. Over the years, we have a developed a trusted ecosystem of partners who offer effective and affordable solutions to expedite remediation of security and compliance gaps. We will gladly refer you to appropriate partners if and when the need arises. Creating policies, procedures and other artifacts are also a key part of compliance remediation efforts and these are activities that our advisors do perform using powerful Rizkly features for policies and procedures.
Rizkly cybersecurity compliance advisors will work with you through the entire lifecycle of your compliance initiative. We will scale up/down depending on specific need, and we co-create our involvement in the early stages of the project. Typical project activities include:
- Gain an understanding of your business, your clients, your system(s), and your anticipated compliance requirements
- Educate your team members on compliance requirements, how to leverage the Rizkly app and what will be expected throughout the effort
- Develop the system ‘boundary’, and what will be in scope for compliance purposes
- Draft a system architecture diagram that clearly depicts the system boundary
- Review existing documentation and work with your team members to understand system and process specifics
- Perform a high level gap assessment to determine what controls are in place and operating effectively, and where there are gaps
- For each gap determine a detailed plan of action to remediate
- Collaborate as needed with personnel (staff and/or your vendors) during remediation.
- Provide advisory support, develop documentation, design controls, review evidence, audit prep, etc.
- Ensure that all artifacts and control implementation statements are effectively captured in Rizkly
- Educate your team on how to leverage Rizkly to generate audit-ready documentation such as SSPs, POAM reports and SPRS scoring
- Post-remediation ensure that all controls are in place and operating effectively
