The Augusta Group and 327 Solutions announce their education partnership

The Augusta Group
  • Home
  • Our Work
    • The Augusta Plan 1.0
    • The Augusta Plan 2.0
    • The Augusta Plan 3.0
    • Small Business Cyber
    • FISMA, OMB and the RMF
    • DoDi 5000.90, FISMA, SCRM
    • Is cyber insurable?
    • SEC cyber-risk proposal
    • Left of bang cyber
    • Board cyber education
  • Services
    • Cyber and Risk Advisory
    • Non-Executive Director
    • Training and Compliance
  • The Augusta Blog
  • Meet the team
  • Contact Us
  • More
    • Home
    • Our Work
      • The Augusta Plan 1.0
      • The Augusta Plan 2.0
      • The Augusta Plan 3.0
      • Small Business Cyber
      • FISMA, OMB and the RMF
      • DoDi 5000.90, FISMA, SCRM
      • Is cyber insurable?
      • SEC cyber-risk proposal
      • Left of bang cyber
      • Board cyber education
    • Services
      • Cyber and Risk Advisory
      • Non-Executive Director
      • Training and Compliance
    • The Augusta Blog
    • Meet the team
    • Contact Us
The Augusta Group
  • Home
  • Our Work
    • The Augusta Plan 1.0
    • The Augusta Plan 2.0
    • The Augusta Plan 3.0
    • Small Business Cyber
    • FISMA, OMB and the RMF
    • DoDi 5000.90, FISMA, SCRM
    • Is cyber insurable?
    • SEC cyber-risk proposal
    • Left of bang cyber
    • Board cyber education
  • Services
    • Cyber and Risk Advisory
    • Non-Executive Director
    • Training and Compliance
  • The Augusta Blog
  • Meet the team
  • Contact Us

Cybersecurity and risk management governance, strategy and

Cyber is a regulatory issue requiring boards to implement, oversight and attest cybersecurity and ri

Legislative and regulatory regimes proposed by U.S, EU and APAC regulators, are bringing cybersecurity risk management requirements to corporate boards in the form of continuous monitoring and attestation of cybersecurity risk management.  Regulators seek to address the gaps and failures of public and private sector cybersecurity and risk management compliance, as demonstrated by critical infrastructure cyber-attacks and ransomware. Boards will be held accountable for the oversight and assurance of their supply chain risks and their cybersecurity risk management strategy, governance, and incident disclosure, increasing their legal and compliance risks.


Globally regulators are setting baseline standards for cybersecurity risk management oversight, assurance and compliance for boards of public registrants, Critical National Infrastructure (CNI) providers, Financial Institutions (FI) and their third-party suppliers.  EU Network and Information Security Act 2.0, EU Digital Operational Resilience Act (DORA), EU Cybersecurity Resilience ACT (CRA), and the SEC cybersecurity risk management proposal and the U.S Department of Defense DFARS/ CMMC program set strict requirements for cybersecurity governance, compliance disclosure, reporting and attestation.  That are backed by regulatory enforcement regimes.

What we do

Board cyber advisory

Cyber regulatory compliance

Cyber regulatory compliance

Cybersecurity risk management is a complex enterprise wide risk to manage.  A risk that most board members are unfamiliar with but one that if they are a public company in the U.S or a Critical national Infrastructure provider in the EU that will have to become familiar with very quickly.


We work with leadership teams to evaluating current cybersecurity  governance, risk management and cybersecurity capabilities in line with regulatory regimes.  Address gaps in compliance where required and creating appropriate board governance, education and reporting.  To improve board oversight, assurance and attestation of cybersecurity risk management

Cyber regulatory compliance

Cyber regulatory compliance

Cyber regulatory compliance

Cybersecurity risk management is rapidly becoming a regulatory requirement by the U.S and EU.


Regulatory requirements that set out strict compliance requirements.  We work with leadership teams to help them evaluate their regulatory requirements across all the global regulations and harmonise the approach that organisations should adopt to ensure that compliance is the most efficient and effective for themselves and across their supply chains.

Cyber risk management

Cyber regulatory compliance

Cybersecurity Strategy and programs

Board are increasingly begin asked to attest their organisations compliance to cybersecurity risk management.  We work with leadership teams and senior management to develop cybersecurity risk management programs.  Cybersecurity risk management programs that are aligned to regulatory standards in the U.S and EU including NIST SP 800-30, NIST SP 800-37 and NIST SP 800-39 required by U.S Federal regulations OMB A 130 and FISMA.


We have worked with significant financial institutions to develop global cyber risk management programs.  Programs that align with Basel Accords and RCSA processes.

Cybersecurity Strategy and programs

Cybersecurity Strategy and programs

Cybersecurity Strategy and programs

Cybersecurity strategy and programs are critical requirement for cybersecurity risk management compliance.  We work with organisations to evaluate current cybersecurity programs and close compliance gaps in line with international cybersecurity standards including ISO 27001, NIST SP 800-53, NIST SP 800-171 and NIST Cybersecurity Framework profiles.

DFARS and CMMC programs

Cybersecurity Strategy and programs

DFARS and CMMC programs

We are all founding members of the U.S DoD CMMC program and developed the assessment methodology. An assessment methodology that is used for compliance to DFARS 252.204-7012, -7019, -7020 and NIST SP 800-171.


We work with organisations that are required to comply with DFARS 252.204-7012, -7019 and -7020 to assess their compliance as required using the DoD DAM methodology and make recommendations for remediation and compliance.

Copyright © 2021 Augusta GRC, LLC - All Rights Reserved.

The Augusta Group

  • Home
  • Small Business Cyber
  • FISMA, OMB and the RMF
  • DoDi 5000.90, FISMA, SCRM
  • Is cyber insurable?
  • SEC cyber-risk proposal
  • Left of bang cyber
  • Board cyber education
  • Cyber and Risk Advisory
  • Non-Executive Director

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept