Risk & Compliance


Service Offerings

  • Asset management
  • Enterprise risk and regulatory advisory
  • Program development, review and management
  • Regulatory compliance
  • Risk and compliance maturity assessments
  • Supply chain risk management
  • Third-party risk management

Successful application of governance, risk and compliance practices means integrating critical models into all facets of your organization, from building out new facilities, to planning asset inventory and management, to developing new programs or processes. Creating this culture of compliance upfront helps you avoid costly change within your organization.

We combine our vast risk management knowledge with critical design thinking, as well as industry-proven standards, toolsets and methodologies to deliver an integrated risk and compliance framework that further enhances that culture. We examine the enterprise risks you face and the compliance cycle for your industry, identifying where you can grow your compliance programs.

Safety and reliable operations are the cornerstones of risk management and resiliency for critical infrastructure environments. We apply a three-pronged approach to achieve risk management and resiliency, balancing regulatory compliance, system reliability and cyber risk management. Our team is made up of consultants with experience in all three sectors, and they focus on improving the safety, security and reliability of critical infrastructure. Our goal is delivering the people, process and technology that support risk and resiliency, preparedness and situational awareness. 

As we help you examine your critical infrastructure compliance program, we emphasize:

  • Greater risk visibility
  • Automation opportunities
  • Plans for recoverability
  • Advanced detection

Mind the Gap: Resilience Goes Beyond Compliance

Critical infrastructure industries are implementing connectivity and data systems that open them up to new threats that require cybersecurity mitigations.
Read more

Achieving Compliance Across Your Organization

By leveraging the maturity, integration and stakeholder engagement models we’ve developed, we gain an understanding of the risks associated with your business and assets. We implement a collaborative risk model that is built, adapted and managed within your organization. Our team helps you recognize and counter risks from broken systems and bulky manual processes. We identify and break down siloed operations through controls, integration and automation.

We partner with you to nurture and expand your risk operations and advance your program management, giving your team the edge it needs to deliver on compliance, risk and board commitments.

Blog Post
Bridging the Gap: Benefits of a Business Continuity Plan
Risk is a constant. Preparing for disruptions is difficult, but a business continuity plan can help an organization stay afloat during and after an event.
Read more
Blog Post
Automating Security Operations: SOAR Supports Integrated Cybersecurity
Security Orchestration, Automation & Remediation (SOAR) can help teams automate and integrate processes for increased security amid increased remote work.
Read more
Blog Post
Order 843 and CIP-003-7: How They Will Impact Low Sites
New standards from the Federal Energy Regulatory Commission were published in Order 843 and go into effect on Jan. 1, 2020. These new standards affect low sites and electronic access controls, as well as requiring transient cyberassets to have updated anti-virus software.
Read more
Blog Post
Low-Impact Requirements: Counting Down to Enforcement of CIP-003-6
Before enforcement of CIP-003-6 low-impact requirements for Physical Security Controls and Electronic Access Controls, new documentation and tools are critical.
Read more
Matt Morris, 1898 & Co., Part of Burns & McDonnell
Matt Morris
Director, Cyber, Risk & Reliability

Send Us a Note

*Denotes Required Field

1898 & Co. needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.

Because the future won’t wait.