Risk Advisory

Linking strategy with risk.

Today’s business environment is more complex than ever. A paradigm shift in risk management is currently underway. Risk influenced decision-making requires more than a basic grasp of risk management philosophies. It requires an appreciation of your organization’s unique industry, operations, technologies, and regulatory compliance requirements.

At Aronson, we believe that the risk and compliance disciplines are about creating tangible value that can drive robust investment decisions. We apply our extensive experience and deep understanding of your organization to deliver an insight-driven and performance-oriented approach to risk management.

We can help you focus on risks holistically, rather than identifying and measuring them in a silo.

Our Services

We offer a comprehensive suite of capabilities along with a collaborative approach to teaming. Our professionals are focused on developing solutions, tools, and next generation thought leadership to mirror the innovations and changes in the business landscape.

Our capabilities are structured in the following focus areas:


Given the crucial role IT plays for organizations, unmanaged cyber risks can jeopardize your organization’s profitability and survival.

The risk of a cyber attack is real and rapidly growing. The seemingly endless string of headline-grabbing data breaches, exploitative attacks such as ransomware, and IT related service disruptions such as denial-of-service (DoS) attacks only reinforce this notion.

This threat, when combined with other threat vectors, warrants that all organizations do everything they can to swiftly reinforce their cyber risk defenses.

We provide the following services:

  • Security strategy
  • Policies, procedures, and standards
  • Security assessments and remediation
  • Security awareness and training
  • Vulnerability Analysis and Penetration Testing
  • Payment Card Industry (PCI) readiness

Business Continuity

Business Continuity Planning (BCP) practices have been around for many years; however, unless required to by a specific management action, customer mandate, or applicable regulation, many have dragged their heels when it comes to implementing formal business continuity processes across their organization. Organizations that have not adequately planned for disasters are often forced into reactionary efforts and not able to prioritize clients, employees, and revenue-based focuses. Only after an earthquake, data breach, government shutdown, or similar disruptive event occurs do companies find themselves asking: “How can we verify safety of our personnel and assets? Who do we need to contact? What are our immediate next steps after the next 48-72 hours? How do we resume business as usual?”


Regulatory Compliance

Organizations today face unprecedented challenges in managing complex global regulations. We can help you achieve compliance—while also managing risk, improving day-to-day operations, achieving business objectives, and more.

We offer a range of regulatory-related services designed to keep you compliant. We provide readiness assessment and remediation services for the following:

  • General Data Protection Regulation (GDPR)
  • Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • The Federal Information Security Modernization Act of 2014 (FISMA)
  • Defense Federal Acquisition Regulation Supplement (DFARS)
  • The Sarbanes-Oxley Act of 2002 (SOX)
  • Other regulations

Enterprise Risk Management (ERM) Assessments & Transformations

Today’s organizations operate in an inherently risky environment with fluctuating levels of impact and likelihood.

ERM eliminates silos and provides a systematic approach to managing your organization’s risk universe. Our ERM methodology can help your organization align risk tolerance and strategy, address risk more strategically, anticipate emerging challenges, and more.

We provide the following services across the full program lifecycle:

  • ERM and IT risk management programs
  • Risk assessments and remediation
  • Governance, Risk, Compliance (GRC) technologies

Internal Audit

We work with senior executives and board members to enhance the effectiveness of internal audit programs. We partner with organizations of all sizes to drive value and improve operations.

Our services can be formal with a designated internal audit charter or be informal with ad-hoc risk reviews and reporting to your management team. We provide the following outsourcing and co-sourcing services:

  • IT audit
  • Operational audit
  • Compliance audit
  • Financial audit
  • Investigations

Project Management

Project management is fundamental to the success of any project. Successful projects do not happen by accident or happenstance. They are the result of clear vision, meticulous planning, and careful execution.

Our project management services can help take the risk out of your important initiatives and ensure your project’s successful completion.


Operation Continuity Whitepaper

Government shutdowns. Cyberattacks. Weather outages. These are just some examples of... more

Business Continuity Planning

Government shutdowns. Cyberattacks. Weather outages. These are just some examples of... more

Typical Construction Industry Cyber Breaches – And What You Should Have Already Done

Cybersecurity remains an ever-present topic of interest across all industries, as potential and... more

GDPR: A Practical Guide for U.S.-Based Organizations

The European Union (EU) Protection is aggressive about protecting consumer privacy and has been for... more
January 4, 2019

Related Industries

Learn more about our industry specialties related to risk advisory.