Rook's Risk Advisory Services practice is designed to help clients with certified IT systems security and risk professionals. We have professionals throughout the United States that possess, as part of our firm requirements, certifications like CISSP, CISM, CISA, CPA, etc. These professionals are dedicated to providing information technology-related control audits, risk assessments and security advisory services. To assist our professionals in staying current in the ever-changing area of information technology, we provide our specialists with a minimum of 80 hours of technical training each year in courses ranging from computer control issues to emerging technologies. The skills you are requesting of the service provider's team require consultants to have deep subject matter knowledge and expertise. The Rook team maintains skills in the following areas:

  • Certified risk and security professionals with deep business, health care, finance, health insurance, technical skills and knowledge of regulatory requirements.
  • Regulatory compliance and risk management for HITRUST, AICPA GAPP, ISO 27002, Microsoft VPA / DPR, HIPAA, HITECH, FISMA, Sarbanes-Oxley, PCI-DSS, GLBA, other privacy standards, regulations and guidelines, etc.
  • Operations management services including IT operations and cost optimization, asset management, data analytics, internal audit teaming, and project assurance.
  • Technical competencies around the following areas: Attack and Penetration testing of systems, network devices, and customizing tests of medical devices, Source Code Review, Incident Response, Forensics, Compliance reviews, Security Architecture Assessment, Design and Validation, Solution Acceleration, Product Assessments, Emulation of Live Environments, Network Vulnerability Assessments, Internet and Intranet Discovery, Vulnerability Analysis and Exploitation. System and network vulnerability assessments are performed at dedicated facilities with flexible scheduling of security analysis events, and local presentation.
  • Certified Professionals(CISSP, CISM, SANS/GIAC, CPA, CISA, CBCP, etc.)

Rook is prepared to assess the risk of important systems and data. We are committed to working closely with you to provide you with the independent review and advice required to bring forth sustainable and measurable improvement in your IT control environment.



What's it like to work at Rook? Do you have what it takes to be a Rook Rockstar?

read more

Rook TV


Indianapolis, IN
San Jose, CA

+1 888 712 9531
+1 866 416 6477