Information Risk & Compliance

We’re inspired to help you minimize risk and remain compliant.

Understand your risks, implement effective controls, and ensure compliance with industry regulations.

Information technologies and their associated controls are pervasive across every industry and should be regularly audited or evaluated to identify opportunities for improvement and mitigate potential risks.

Our team of professionals has deep industry experience and can help you design and execute an IT audit or controls review to minimize risk and meet potential regulatory burdens.

The following offerings are designed from a combination of frameworks, best practices, and specific industry requirements:

  • IT Controls Review/IT Audit: Assess current controls related to the management, application, and implementation of IT and security controls. Results can be used for internal self-assessment or for external reporting and regulatory and contract requirements.
  • CMMC: Ensure all aspects of the Defense Industrial Base (DIB) are secured through the Cybersecurity Maturity Model Certification (CMMC). Eide Bailly is a Certified Registered Provider Organization and can assist in preparing you for your CMMC.
  • HITRUST: Demonstrate systems within your environment meet the HITRUST framework’s rigorous standards and regulations. As a HITRUST authorized external assessor, we perform assessments and produce detailed reports to help organizations understand and improve their maturity levels.

In addition, we also offer the following information risk and compliance services:

  • HIPAA Security Risk Assessment
  • NIST Security/Control Frameworks
  • ISO 2700x
  • IT SOX
  • Privacy

HIPAA Compliance and Beyond: How to Keep Patient Data Secure

Doctor reviewing guidance
While organizations that are HIPAA compliant have met the minimum standards for security, it does not mean they are protected against cyberattacks.
Read the Article

Why the CMMC Certification is Vital to Department of Defense Contractors

The U.S. Department of Defense has established a series of appropriate safeguards to protect data. This is known as the Cybersecurity Maturity Model Certification (CMMC).
Read the Article
We didn’t realize the amount of risk we had in our environment until we had Eide Bailly do a security assessment. It was eye opening.
Security Assessment Customer

We’ll help you protect sensitive data and remain in compliance.

Our team of experienced professionals will work with you to minimize information risk, protect sensitive data, and ensure compliance with applicable laws and regulations.

Information Risk & Compliance Leadership

Eric Pulse


Principal/Risk Advisory Practice Leader

Eric joined Eide Bailly in 2013 and has over 25 years of experience in public accounting and consulting. He leads Eide Bailly’s Risk Advisory Services practice and specializes in providing information technology, risk advisory and cybersecurity consulting services to a variety of industries, including banking, credit unions, healthcare, insurance, retail, manufacturing and governments. He advises Eide Bailly clients on how to keep their valuable data secure in a world of increasingly sophisticated cyber threats. With his many years of experience, Eric has become a true thought leader in the culture of cybersecurity.