Public Accounting Firms & CPA’s

A key relationship for our firm, leveraging our lifetime experience with Big 4 and alumni companies, is the ability to offer cyber-risk services as an add-on for the public accounting firm or as a standalone service through a referral.  Our level of service is extremely adaptable and addresses compliance requirements for industry/market-specific requirements along with human capital needs.

Additionally, we perform a detailed assessment of policy and process to marry the technology and human capital component to ensure the lowest level of risk is achieved.

hoytNIVA Defender Services

  • Risk Assessment
    • Detailed Assessment, Reporting & Advising for Technology, Human Capital & Policy and Process
  • Audit
    • Audit for Trusts, Private Companies, Family Exchanges and Public Companies
      • Extensive Experience with SOX, IFRS & FINRA
  • Compliance
    • Establish HIPAA Compliance for Health Care Clients
      • Doctor’s Offices/Groups, Speciality Care, Hospital Groups
    • Banks, Credit Unions & Credit Card Processors
      • FFIEC for Banks/Credit Unions, PCI for Credit Card Processors
  • Valuation & Risk Assessment
    • Perform Due-Diligence Pre-M&A, Post M&A, Technology & Human Capital
    • Support for Forecasting with Technology Trends
  • Business Advisory
    • Assessing Risk of Client’s External Exposures with their Clients, Vendors, Suppliers & Partners
    • Technology Consulting for Future Growth, Business Goals & Objectives
    • Technology Support for Client R&D, Assessing Current Products & Services, Support of New Products & Services
  • Training
    • Perform Training for CPA Firm and/or their Clients for Technology Usage, Cyber-Protection & Overall Best Practices
  • Implementation & Integration
    • Supporting the Implementation and/or Integration of ERP’s & Other Software/Hardware Solutions

Private Equity & Venture Capital

hoytNIVA’s pre-M&A and post-M&A Cyber-Risk Assessment is the most comprehensive assessment available.  Leveraging tier-1 experience from the U.S. Government in addition to tier-1 corporate, we provide the full level of detail necessary to assess this potential investment’s risk.

We’re proud of our base of expertise and we understand the importance of only providing the full strength of our team to protect your investment.

Insurance Providers & Brokers

Cyber-liability for an organization is a very challenging area since there are so many variables that make the underwriting difficult. Many organizations simply do not understand what exposures they have.

At hoytNIVA we act as the engine and due-diligence partner to support the underwriting of insurance.  Leveraging extensive experience in mitigating risk we provide a point-in-time assessment along with intermittent updates to ensure the risk is known today and tomorrow.  Further, in support of insurers’ clients, we work with organizations across the U.S. and abroad to reduce their risk exposure and, in turn, lower their risk to the insurer.

Additionally, as a cost-savings measure, a lowered risk rating by hoytNIVA can support a reduced premium going forward.

Health Care

The healthcare system is increasingly under scrutiny and risks abound, especially for smaller practices that have not yet been gobbled up by the giants of the industry. When was the last time you took a comprehensive look at your people, processes, and systems? Chances are there are immediate opportunities to reduce risk, and we have helped local providers do just that.

For example, consider HIPAA compliance. Are all of your addressable concerns well documented? Have you identified all third parties considered business associates for the purposes of HIPAA? Have you undergone a technical evaluation within the last year? We can help you answer these questions and, more importantly, reduce your risk of incurring fines based on the wrong answers.

In addition to handling electronic protected health information (ePHI), most healthcare providers process payments and handle cardholder data that is governed by the PCI-DSS standard. There are many different levels of PCI-DSS compliance and they vary by merchant. Providers with smaller volumes often self-report and accuracy is critical here. One only has to scan the news to see that handling credit card data is a significant source of risk.