Introducing CISOLabs Integrated Risk Controls Assessment (iRCA)

+ CISOLabs Enhanced Governance, Risk and Controls (eGRC)

+ Integrated Regulations and Compliance Wizard (iRCW)

+ Cybersecurity Maturity Model Certification (CMMC) readiness

Learn More ↓

Principal Consultant

Mr. Alfred is an accomplished leader in operational risk management, with exceptional achievement in delivering solutions and project deliverables to meet business needs and exceed objectives and has served in various virtual C-suite roles over the past 7 years.

Mr. Alfred is generally knowledgeable in all areas of Risk Management & Operations including risk controls implementations and remediation, and strategic enterprise-wide risk program development and implementation. Mr. Alfred is equipped with decades of working experience in Banking and Finance, Retail, Intergovernmental and consulting companies with an extensive track record in enterprise risk management ensuring compliance and regulatory risk management of GDPR, EU Data Privacy, SOX and many other regulations. Companies include Allergan Pharmaceuticals, Chico’s White House Black Market, L’OREAL, BNP Paribas, Bank of New York Melon, USAA, the International Monetary Fund (IMF) and Fannie Mae, where Mr. Alfred trained exclusively in enterprise risk management under Dr. Zhiwei Fu, an expert developer of CObIT 4.1 for ISACA. Mr. Alfred was responsible for US Treasury (Fed Wire Systems) risk management, including supporting the development of the suite of controls for US HAMP program leveraging CObIT/COSO controls and maturity attributes.

With this experience Mr. Alfred has led various initiatives including developing scalable SaaS Enterprise GRC and risk/control maturity solutions for a variety of regulations such as FFIEC compliance, SOX Compliance, CMMC, PCI DSS, GDPR and many others.

Further, Mr. Alfred has global regulatory risk management expertise and consent order remediation activities for BNP Paribas banking and finance regulatory coverage, Grupo Cisneros to include global assessments consumer products, media and real estate in addition to Allergan Pharmaceuticals and International Monetary Fund (IMF) global privacy, enterprise risk management requirements in the EU.

Mr. Alfred holds an advanced degree (MBA) from Cornell University with a strong focus on business management.

About CISO Labs Cybersecurity Risk Tools

CISO Labs specializes in Information Technology consulting and Management, Risk Management, Cyber Security, Software Development, Data Science and Privacy. Founded in 2013, CISO Labs mission is to provide end-to-end quality of service for Information Systems and Technology and Business Operations deliverables in a controlled environment.

CISO Labs provides cybersecurity and compliance tools for organizations small, medium and large, including startups to manage their risks. CISO Labs Cybersecurity and Compliance tools allow organizations to assess the risk of best / leading practices of general but comprehensive cybersecurity controls across multiple disciplines in your enterprise, assess regulatory compliance to FFIEC, FISMA, GDPR, HIPAA, SOX, GLBA, CMMC and many others.

Additionally CISO Labs provides tools for Enterprise Governance, Risk and Controls for developing policies and standards and measuring and monitoring compliance, tracking control deficiencies and reporting in a automated dashboard on the status of IT and Business control maturity, IT controls risk and Business controls risks, IT controls compliance and business controls compliance.

CISOLabs Integrated Risk & Controls Assessment (iRCA) + Enhanced Governance, Risk and Controls (eGRC) are a set of enterprise risk management tools for managing operational risks of small, medium and large businesses, including startups.

The Integrated Regulatory and Compliance Wizard (iRCW) allows organizations to determine which regulations apply to them and reports on the regulatory exposure of that regulation after assessment.

The Cybersecurity Maturity Model Certification (CMMC) readiness tool allows government contractors to prepare for CMMC audits and self assess against CMMC compliance.

Our proprietary cybersecurity risks tools allows your organization to:

Determine which regulations apply.
Assess Operational and cybersecurity risks.
Assess cybersecurity and compliance to a single policy or standard.
Perform evidenced based risk and control audits & assessments.
Assess control maturity.
Generate appropriate Risk and Controls Matrix.
Perform policy and standard remediation managemment.
Policy and Standard Generation and Documentation Management

Our proprietary platform uses COSO, CObIT(TM), and NIST controls and methodologies to offer comprehensive regulatory compliance, cybersecurity readiness, privacy compliance and operational risk rediness for audits and regulatory oversight.


CISO Labs iRCA + eGRC tool provides you with the following services to managing your risks.

As an organization you may elect one of two assessment classifications:

Self Assessment

Internally perform management assessment and testing for risk management readiness.

Independent Assessment

Allows CISOLabs to perform the assessment as an independent third party so as to provide objectivity to the assessment of your organizations operational risks.

As an organization you may elect to perform the following assessment types as provided by our proprietary tools.


Have you implemented and how mature are your organizational policies and practices with regards to leading best practices?

  • Assess the risk of best leading practices of general but comprehensive controls across multiple disciplines in your enterprise

How do you stack up against your industry regulations?

  • Regulations specific assessments offering a prescriptive approach to meeting industry or specific government regulations
  • You can assess multiple regulations at the same time.

Key Regulations:

Other (Custom)

Have a very specific risk/control area that you need to build from the ground up for assessment?

  • Customize and build you own risk assessment from the ground up to include custom risks, custom controls and custom control requirements
Benefits of using CISO Labs Cybersecurity Risks Tools
Internal audit readiness
External audit readiness
Regulatory readiness
Know your risks
Executive Risk Dashboard
Easy Reporting for remediation planing

Advanced Features

The iRCA + eGRC tool is extensible, with this scalability capability, your organization may add or remove risks or controls and control requirements as needed at the start of the assessment process. eGRC tool allows for customizable risk/controls, maturity attributes and regulatory compliance control requirements


View assessment results online, including historical assessments and view non-compliance areas for remediation planning.

View and track your risk and maturity over time to monitor your improvement levels and provide roadmaps and historical context to your risks and maturity management performance.

Export draft reports from completed assessments for further drafting and dissemination.

CISOLabs iRCA + eGRC allows any company, small, medium or large to manage their operational risk and to think of risk differently by creating a unified platform for Independent Risk Control Assessments and Risk and Controls Self Assessments.

Contact Us