top of page

Services

Person with Toolbox

Core financial controls 

All organisations need proper financial controls.  Use Pebl1 to assess the quality of your core financial controls, including standing data management, budgeting, payment and receipts. 

Governance 

Proper governance makes sure the right people are making the right decisions at the right times and helps ensure your directors are discharging their duties.  Use Pebl1 to assess your core governance controls.   

Outsourcing 

Different regulators have different requirements of outsourcing and how you should stay in controls of the outsourced activity.  Use Pebl1 to assess your compliance with the core measures you should have in place to control your outsourcing. 

Project review 

Projects have the potential to go wrong and may not deliver the business value you’re looking for.  Use Pebl1 to assess whether you’re controlling your projects properly. 

Resilience 

Your ability to withstand operational, technical and financial shocks is at the heart of the Pebl1 resilience review.  Take the test now to understand how you could improve. 

NIST Cyber Security 

Assess your compliance with some of the core requirements of NIST cyber security frameworks using our specially tailored product. 

IT controls for external audit 

IT control is at the heart of external audit.  However, the work is notoriously difficult to scope and do.  Use the Pebl1 product, designed by external IT audit specialist, to get a head start on putting the right measures in place. 

Application risk overview 

Some regulators expect you to perform a risk assessment of your IT application systems.  If this is you, try the Pebl1 Application Risk Overview to help complete this work. 

IT risk overview 

Some regulators expect you to perform an assessment of your IT risk.  If this is you, try the Pebl1 IT Risk Overview to help complete this work. 

BMA Cyber Operational Risk Management – Code of Conduct 

To reflect the changing cyber security risk, the Bermuda Monetary Authority has defined two codes of conduct: 

  • Insurance Sector Operational Cyber Risk Management Code of Conduct 

  • Operational Cyber Risk Management Code of Conduct Banks, Deposit Companies, Corporate Service Providers, Trust Companies, Money Service Businesses, Investment Businesses and Fund Administration Providers 

 

This assessment is structured using the same headings as the code of conduct. For each, the report outlines both findings and an action plan. The aim is to give an indication of compliance and present an action plan for improvement. 

Core Data Privacy 

Data protection is particularly difficult for small-to-medium sized businesses, who may not have the specialist resource or mature processes to help them manage the risk and weather the storm. 

Assess your data privacy compliance. We have taken the best of the international standards – and decades of experience – to produce our Data Privacy review. 

Core IT Controls 

Properly controlling IT is a challenge for small-to-medium sized businesses, who may not have the specialist resource or mature processes to help them manage the risk and weather the storm. 

Cyber threat assessment 

Many good cyber security approaches begin with an assessment of threats.  Use the Pebl1 Cyber Threat Assessment product to get a free indication of the threats facing your organisation, and what you should be protecting against. 

Core Cyber Security 

Assess your cyber security compliance. pebl1 has taken the best of the international standards – and decades of experience – to produce our Cyber Security Review. 

Digital readiness 

Small-to-medium sized entities realise there’s huge opportunities in adopting digital technologies.  They can improve efficiencies, embed corporate-scale compliance and open new markets. However, not every organisation will realise the benefits that come from this change.  Some don’t quite trust it – they are concerned about where the data resides, how it is controlled and shared.  Others want to adopt digital technologies, but don’t have the architecture and processes in place yet to make it a smooth transition. 

bottom of page