Risk Assessments and Regulatory Compliance Testing Services

Technology and cloud assessments, penetration testing and vulnerability assessments, and cyber exams

We offer a variety of risk assessment services to help companies identify gaps in their cybersecurity and regulatory posture and identify technology-related risks. We can also conduct penetration testing and identify network vulnerabilities.

Our solutions

Risk Assessments and Testing

We can conduct an assessment across 700+ topics to identify technology-related risks and provide recommendations for improvement.

Mock Regulatory Cyber Exams

We can help your firm prepare for an SEC, NFA, or FINRA cyber exam by reviewing your information security program from a regulator’s perspective.

Cyber threats are constantly evolving, so it’s important to stay on top of new threats and address them as quickly as possible. We provide regulatory and cyber alerts, paste site and domain registration monitoring, and staff phishing testing to help protect your company from cyber attacks

We can help identify network vulnerabilities that could be exploited by a hacker and lead to a breach through vulnerability scanning or penetration testing. 

 

We can help your firm better understand payment flow and fraud risk mitigation opportunities with payment flow review, risk analysis, and reporting.

Microsoft Office 365 Security and Cloud Assessments

Companies are increasingly moving to cloud-based services such as Microsoft® Office 365®. Many companies do not take full advantage of the available security settings, which can dramatically impact the security and regulatory posture of your environment. This is also true of other cloud environments. Our assessment can help determine whether your company’s cloud environment is configured to protect user identities, enable compliance oversight obligations, and identify data loss. Based on our findings, we can assist your company with developing a practical action plan to address key risks.

1 of

Latest insights

abstract blue shapes connected by dots of light

Personal Information Protection Law (PIPL) FAQs

The People’s Republic of China (PRC) has passed robust data privacy regulation that governs data security and personal information processing. This FAQ addresses questions firms may have about the nature of this legislation and its requirements.

Article
  • Cybersecurity
  • Privacy
Being smart about your smart phone

Being Smart About Your Smartphone

The more information you allow your smartphone apps to share, the easier it will be for hackers to steal this information and use it for malicious purposes. This post discusses best practices for securing your mobile device and the apps you install.

Article
  • Cybersecurity
  • Cybersecurity Resources
abstract blue shapes connected by dots of light

October is Cybersecurity Awareness Month

During the month of October, businesses across the globe will focus on educating their employees on how to stay diligent and safe online. As we prepare for Cybersecurity Awareness Month, we’d like to share some resources you can use to help promote privacy and online safety at your firm.

Article
  • Cybersecurity
  • Cybersecurity Resources
ACA's Password Best Practices

Password Reset Best Practices

From work-related accounts to online banking or shopping to gym memberships, passwords have long been our golden ticket to accessing the online world and keeping our accounts safe. With so many accounts and passwords, it is no surprise that account users often dread when their passwords expire, forcing them to add to their ever-expanding alphabet soup of passwords. 

Article
  • Cybersecurity Resources
  • Cybersecurity
ACA's Password Best Practices

Password Strength Best Practices

Passwords are the most common method of authentication, but remembering a unique password for each account you have can be a pain. Here are ACA Aponix's best practices for creating and managing passwords to help protect your accounts from a cyber-attack.

Article
  • Cybersecurity
  • Cybersecurity Resources
Protect Your Data at Home

Protecting Your Home's Smart Devices

Our homes are becoming increasingly connected to the outside world through "smart" devices, which work together over your Wi-Fi network to make your home more comfortable, safe, and convenient. Common smart devices include thermostats, televisions, light bulbs, and surveillance systems.

Article
  • Cybersecurity
  • Cybersecurity Resources
Solution Spotlight

Aponix Protect™ comprehensive cybersecurity and technology risk solution

Aponix Protect helps firms address evolving cyber risks and threats to ensure that their cybersecurity needs are covered year-round. This solution is available in three tiers, each one designed to provide firms with a flexible, robust, responsive, and cost-effective cybersecurity program.

News

Michael Borts joins ACA Group as the new Chief Technology Officer

Michael Borts has joined the firm as Chief Technology Officer (CTO) to lead ACA’s technology development, vision, and strategy. In his role, he will oversee all product development for ACA’s award-winning ComplianceAlpha® regulatory technology platform and technology enablement at the firm.

ACA Group Acquires Catelas to Create Industry-first 360 Surveillance Offering

The acquisition of Catelas further enhances the holistic surveillance capabilities of ACA’s RegTech platform. Catelas’ patented technology automates the mapping of how people connect and form groups within a firm, isolates collusion risk, and detects high-risk behaviors.

ACA Group and the Investment Adviser Association Announce Strategic Partnership

ACA Group (ACA), a leading provider of governance, risk, and compliance (GRC) advisory services and technology solutions, today announced that it has entered into a strategic partnership with the Investment Adviser Association (IAA), a leading organization dedicated to advancing the interests of investment advisers.

Upcoming events

Lessons Learned from 2021's Scariest Cyber Breaches

The dramatic increase in sophistication and global reach of cyber incidents in 2021 has led cybersecurity to be a growing concern for organizations of all sizes. Join us for the horrifying retelling of the scariest cyber incidents of the past year.

Webcast

Get Ready to Comply: SEC Marketing Rule Preparation Timeline

The compliance date for the SEC's New Marketing Rule is November 4, 2022. With 1 year to go, ACA’s team of experts have put together a suggested preparation timeline guide to help firms prepare to implement the changes necessary to comply.

Webcast