Cybersecurity and Privacy Risk

We help clients protect their sensitive data and safeguard their critical systems.

New! Assess Your IT, Privacy and Third Party Risk

Download GRF’s IT Asset Protection, Privacy and Third Party Risk Management checklists to see if your organization is focused on the right issues during the COVID-19 pandemic.

Providing Peace of Mind

At GRF CPAs & Advisors (GRF), we are dedicated to safeguarding the integrity of our client’s information technology systems (IT) and the data they are responsible for protecting. Our service approach is systematic and is heavily focused on timely, responsive and clear communications.

Our cybersecurity and risk professionals assist clients with:

IT and Risk Assessments

  • IT Risk Assessment
  • IT Governance Assessment
  • IT Policy and Procedure Review
  • IT Internal Audit Co-Source & Full Outsource
  • AICPA System and Organization Controls – SOC Audits

Cybersecurity Posture

  • Open Source Cybersecurity Assessment Scorecard
  • Benchmarking Against Industry Recognized Frameworks
  • Vulnerability Scanning, Penetration Testing and Simulated Social Engineering Services
  • Chief Information Security Officer (CISO) Advisory
  • Third Party Vendor Management (TPRM) Advisory
  • Payment Card Industry (PCI) Readiness
  • IT Strategic Plan and Digital Transformation Advisory
  • Business Continuity/Disaster Recovery Advisory

Fraud, Data Security and SOX Compliance

  • System Access Assessment
  • Data Analytics and Visualization
  • Privacy Data Definitions and Data Mapping
  • Privacy Policy and Procedure Review
  • IT Sox Compliance and Optimizations

GRF Supervisor, Mac Lillard, CPA, CFE, CISA, CRISC, CITP, PCIP demonstrating the Cybersecurity Scorecard at the NYSSCPA Nonprofit Conference.

Customized Solutions

We evaluate each client’s cybersecurity posture and overall IT risk against changes relating to digital transformation, emerging threats, and the increasing regulatory environment. Our practical right-sized solutions are based on your organizational context to address your most important issues.

GRF CPAs & Advisors offers clients access to CISA-certified auditors and the expertise of a Participating Organization in the PCI Security Standards Council (PCI SSC).


Aug 11
May 20
Nonprofit, Risk Advisory, Seminar, Workshop

2021 ERM in Nonprofit Organizations 2-Day Workshop

Contact Us

Melissa Musser, CPA, CITP, CISA

Principal, Risk & Advisory Services

Visit our COVID-19 Response page for the latest news and resources.