Risk Advisory

Linking strategy with risk.

Today’s business environment is more complex than ever. A paradigm shift in risk management is currently underway. Risk influenced decision-making requires more than a basic grasp of risk management philosophies. It requires an appreciation of your organization’s unique industry, operations, technologies, and regulatory compliance requirements.

At Aronson, we believe that the risk and compliance disciplines are about creating tangible value that can drive robust investment decisions. We apply our extensive experience and deep understanding of your organization to deliver an insight-driven and performance-oriented approach to risk management.

We can help you focus on risks holistically, rather than identifying and measuring them in a silo.

Our Services

We offer a comprehensive suite of capabilities along with a collaborative approach to teaming. Our professionals are focused on developing solutions, tools, and next generation thought leadership to mirror the innovations and changes in the business landscape.

Our capabilities are structured in the following focus areas:


Given the crucial role IT plays for organizations, unmanaged cyber risks can jeopardize your organization’s profitability and survival.

The risk of a cyber attack is real and rapidly growing. The seemingly endless string of headline-grabbing data breaches, exploitative attacks such as ransomware, and IT related service disruptions such as denial-of-service (DoS) attacks only reinforce this notion.

This threat, when combined with other threat vectors, warrants that all organizations do everything they can to swiftly reinforce their cyber risk defenses.

We provide the following services:

  • Security strategy
  • Policies, procedures, and standards
  • Security assessments and remediation
  • Security awareness and training
  • Vulnerability Analysis and Penetration Testing
  • Payment Card Industry (PCI) readiness

Business Continuity

Business Continuity Planning (BCP) practices have been around for many years; however, unless required to by a specific management action, customer mandate, or applicable regulation, many have dragged their heels when it comes to implementing formal business continuity processes across their organization. Organizations that have not adequately planned for disasters are often forced into reactionary efforts and not able to prioritize clients, employees, and revenue-based focuses. Only after an earthquake, data breach, government shutdown, or similar disruptive event occurs do companies find themselves asking: “How can we verify safety of our personnel and assets? Who do we need to contact? What are our immediate next steps after the next 48-72 hours? How do we resume business as usual?”


Regulatory Compliance

Organizations today face unprecedented challenges in managing complex global regulations. We can help you achieve compliance—while also managing risk, improving day-to-day operations, achieving business objectives, and more.

We offer a range of regulatory-related services designed to keep you compliant. We provide readiness assessment and remediation services for the following:

  • General Data Protection Regulation (GDPR)
  • Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • The Federal Information Security Modernization Act of 2014 (FISMA)
  • Defense Federal Acquisition Regulation Supplement (DFARS)
  • The Sarbanes-Oxley Act of 2002 (SOX)
  • Other regulations

Enterprise Risk Management (ERM) Assessments & Transformations

Today’s organizations operate in an inherently risky environment with fluctuating levels of impact and likelihood.

ERM eliminates silos and provides a systematic approach to managing your organization’s risk universe. Our ERM methodology can help your organization align risk tolerance and strategy, address risk more strategically, anticipate emerging challenges, and more.

We provide the following services across the full program lifecycle:

  • ERM and IT risk management programs
  • Risk assessments and remediation
  • Governance, Risk, Compliance (GRC) technologies

Internal Audit

We work with senior executives and board members to enhance the effectiveness of internal audit programs. We partner with organizations of all sizes to drive value and improve operations.

Our services can be formal with a designated internal audit charter or be informal with ad-hoc risk reviews and reporting to your management team. We provide the following outsourcing and co-sourcing services:

  • IT audit
  • Operational audit
  • Compliance audit
  • Financial audit
  • Investigations

Project Management

Project management is fundamental to the success of any project. Successful projects do not happen by accident or happenstance. They are the result of clear vision, meticulous planning, and careful execution.

Our project management services can help take the risk out of your important initiatives and ensure your project’s successful completion.


Proper Planning for Tracking COVID-19 Related Claims

The circumstances presented by the COVID-19 crisis are unprecedented and have left many... more
April 24, 2020
Apr 08
On-Demand Webinar

SBA Disaster Loans Webinar

Within the last several weeks, millions of businesses have been adversely impacted by the... more

COVID-19: Keep Your (Cyber) Guard Up!

Wake up, brush your teeth, say, “Good morning,” get cup of coffee, log into computer. This is... more
April 6, 2020
  • By:
  • Aronson

Contractors Should Prepare for DPAS Rated Orders Due to COVID-19

The Defense Priorities and Allocations System (DPAS) is used to prioritize national defense-related... more
March 27, 2020

Related Industries

Learn more about our industry specialties related to risk advisory.