BUSINESS CONSULTING
With Russell Bedford Ecuador, you gain a trusted consultant who will guide you in elevating your achievements. We help you rethink and critically assess your current organizational structure, offering innovative ideas that challenge and motivate you to step beyond your comfort zones. In today’s dynamic and multifaceted business environment, we empower you to adapt, grow, and thrive.
Risk | Governance | Compliance
A firm specialized in operational and strategic risk, corporate governance, and compliance. We provide support in diagnosis, design, implementation, maintenance, improvement, and auditing. We identify the root causes of your problems and offer solutions that add value to your organization. We have certified personnel in each of our areas of expertise.
Risk Management
- Design and implementation of strategic and operational risk management systems aligned with ISO 31000
- Diagnostics of risk management models based on ISO 31000, COSO ERM, or proprietary models
- Design of risk management manuals
- Support in the identification, analysis, and evaluation of risks
- Design and implementation of enterprise risk management aligned with the COSO ERM framework
Information Security and Cybersecurity
- Support in defining cybersecurity strategies
- Diagnostics of information security models and cybersecurity models
- Design and implementation of information security management systems aligned with ISO 27001
- Support in defining the scope of the ISMS
- Identification and prioritization of information assets
- Support in internal and external audits of information security management systems
- Support in the creation of information security and cybersecurity risk matrices
- Design of incident management plans for information security and cybersecurity
- Identification and analysis of vulnerabilities
Business Continuity and Disaster Recovery
- Diagnostics of business continuity and technology recovery schemes
- Support in creating Business Impact Analysis (BIA)
- Evaluation of business continuity and technology recovery risks
- Definition of continuity strategies
- Design and implementation of contingency and operational continuity plans
- Support in identifying RTO (Recovery Time Objective), RPO (Recovery Point Objective)
- Design and implementation of business continuity management systems aligned with ISO 22301
- Support in internal and external audits of existing continuity models
- Design of crisis management plans and war games with senior management
- Support in business continuity and technology recovery tests
Technology and Business Processes
- Support in creating technology risk matrices and business process risks
- Review, improvement, and documentation of technology and business processes
- Current diagnostic of system implementation and/or migration
- Support in the implementation and/or migration of an application system (PQA – Project Quality Assurance)
- Risk-based audits
- Shared services center – review of general controls of technology and business processes
- Internal and external audits of systems based on risk
- Compliance audits
- Operational audits (agreed procedures)
- Review of software licensing
- Support in the creation of work plans for internal audits
Corporate Governance
- Design and implementation of internal control models aligned with COSO 2013
- Gap analysis to measure the maturity level of COSO 2013 implementation
- Best practices in corporate governance
- Fraud control and prevention models
- Design and implementation of anti-bribery management models aligned with ISO 37001
- Gap analysis for ISO 37001 compliance
Compliance
- Design and implementation of compliance management systems aligned with ISO 37301
- Diagnostics of compliance models
- Internal and external compliance audits
- Design and implementation of personal data protection programs
- Diagnostics of data protection models applying current law
Executive and Certification Courses in:
- International ISO 22301 Certification – Business Continuity (Lead Implementer and Lead Auditor)
- International ISO 27001 Certification – Information Security (Lead Implementer and Lead Auditor)
- International ISO 27005 Certification – Information Security Risk Manager
- International ISO 31000 Certification – Risk Manager
- International ISO 37001 Certification – Anti-bribery (Lead Implementer and Lead Auditor)
- International ISO 37301 Certification – Compliance (Lead Implementer and Lead Auditor)
- Support in in-house courses based on specialized subject needs
To request our services, you can contact directly:
- Raúl V. González Carrión | Partner, Consulting | Russell Bedford Ecuador
- Email: rgonzalez@rbecuador.com