IT Compliance & Security

Information security management continues to be critical for agencies dealing with confidential, private, or sensitive data. Security breaches, fraud, and unintentional misrepresentation of information can have significant consequences. Maintaining a strong IT governance, risk, and compliance (GRC) posture is more important than ever.

Why MorganFranklin?

MorganFranklin has a proven track record of helping agencies at the highest levels of government meet IT governance, audit, and cybersecurity requirements. By leveraging government and industry best practices, we work with clients to clearly define IT risks, establish controls to mitigate them, and provide frameworks for demonstrating compliance. Our IT and technology risk solutions also help agencies maintain the integrity of critical data and infrastructure including networks, operating systems, databases, and applications.

We help ensure the consistent administration of system users, configuration changes, and data center operations. We do this while balancing the costs associated with stronger governance, risk, and control measures and the need to drive performance.


  • IT risk assessment and remediation
  • IT audit and audit readiness services
  • IT security policy development
  • IT internal control assessment and remediation
  • Data security and privacy
  • OMB A-123 compliance
  • Entity-level, application, and general controls support
  • SAS 70/SSAE16 IT audit support
  • Security assessment for interfacing systems
  • Independent assistance with IT tool selection and implementation
  • Continuous controls monitoring solutions

Impact & Value

    • Bridge the gap between finance and IT
    • Implement repeatable and continuous processes that deliver sustainable value
    • Establish and enhance efficient and effective IT governance and control
    • Actively monitor processes for compliance issues
    • Develop a common framework and risk language

Related Services