About Our Cybersecurity Data Governance Practice

Law & Forensics Cybersecurity Governance practice recognizes that organizations today are confronting new cybersecurity statutes, regulations, and controls on a near-daily basis and our practice assists companies in this process.

Law & Forensics has a great deal of experience working with companies to protect against threats, but we also recognize that a company must know what data to protect.

Law & Forensics recognizes that securing data is at the core of cybersecurity, but that it is impossible for an organization to protect it’s data if it does not know what data it has, where it is, how it is used, who it is shared with, etc. Our Data Governance Cybersecurity practice has decades of experience assisting companies in creating a data governance program that allows them to secure and manage their data in a structured, responsible, and legal fashion.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Cybersecurity Data Governance

  • Review companies existing data governance programs focusing on controls, processes, SOPs, and work instructions from a cybersecurity lens.
  • Analyze the alignment of the data governance program cybersecurity controls with the cyber program implemented by the company.
  • Perform a gap analysis of existing data governance programs focused on cybersecurity regulatory requirements.
  • Draft and edit SOPs, work instruction, controls, and processes to account for cybersecurity in the context of the overall data governance and risk programs at a company.

Independent Assessment of Organizations Third Party Vendor Cyber Program

  • Working with organization cybersecurity, audit and legal stakeholders to independently review the third-party vendor cybersecurity program,
  • Ascertain alignment of data governance policies and controls with on the ground implementation,
  • Review existing controls to manage the cyber risk presented by third-party vendors to determine the effectiveness of controls and correlate these risks to an underlying data governance program.

Case Studies by Industry

Industry/Sector: Banking

Type of Service: FFIEC Data Governance Audit

Description: Review global financial institution data governance program and identify any gaps with Federal Financial Institutions Examination Council (FFIEC) cybersecurity assessment tool. Efforts included:

    • Working with senior technology and audit/compliance stakeholders to review cybersecurity controls and program alignment.
    • Assessing cybersecurity controls against FFIEC program requirements.
    • Documenting any gaps identified in the course of engagement.
    • Creating and executing a project plan to remediate issues identified during the course of the engagement.
44+ Data Governance

programs reviewed

59+ Internal Audits


67+ Third Party Programs


233+ Training Engagements


11+ Data Governance

programs created

49+ Privacy Programs

created, reviewed, analyzed, or updated

Cyber Security Data Governance Practice Edge


Providing data governance solutions that leverage integrated teams of lawyers, technologists, and data governance consultants with legal and technology skills and experience and subject matter expertise in the company, industry or sector. Proven track record of delivering data governance programs with training to ensure that our clients can maintain and support the data governance solutions delivered.

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.


Created and updated data governance programs to address cybersecurity issues for small, medium, and large organizations in a fashion that our clients can maintain and support the solution delivered. Our Cybersecurity Data Governance practice has worked on creating, reviewing, and assessing hundreds of companies with operations all over the globe.

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.