Governance, Risk & Compliance

Better manage your cyber security risks, compliance and governance frameworks by teaming with our security consultants

Assess, manage and mitigate your risks

IT Governance, Risk and Compliance (GRC) continues to be a challenge for enterprises and government agencies. Directors need to ensure that robust GRC processes are in place and are followed or face the potential personal liability due to a data breach.

An effective IT GRC program must ensure that the investment made in IT and IT security controls is optimal to support the business and IT strategy. A pragmatic approach must be followed to secure sensitive data and personal information.

Understanding your organisation’s appetite for risk and assessing maturity against your industry and compliance requirements is an essential part of any security strategy. The Dragonfly team has the in-depth knowledge in local governance developments and regulations to assist you with your GRC programs.

Trusted by

Our GRC Services

Essential Eight

Security Assessment aligning to Australian CyberSecurity Centre (ACSC) Essential Eight maturity model. Automated dashboards available to provide real-time maturity status

CPS 234

Cyber Security Assessments for APRA's Information Security Prudential Standard (CPS) 234

NIST Cybersecurity Framework

Determine your organisations cyber security posture against the 5 key areas of the NIST Cyber Security Framework (Identify, Protect, Detect, Respond, Recover)


Meet compliance requirements Protect the confidentiality, integrity and availability of your business information with alignment to ISO27001 standards

Supplier & Third-Party Security Assessments

Third parties are a growing cause of data breaches. Understand and measure your supply chain risk exposure and implement appropriate mitigations

External API Security Assessments

Map security controls and assess the risk of external APIs

OT / SCADA / Critical Infrastructure Security Assessment

With critical infrastructure cyber attacks on the rise, Dragonfly brings decades of OT cyber security experience to ensure your mission critical infrastructure is secure and aligned to industry best practice.

Automated Security Dashboards and Reporting

Reduce compliance effort and accelerate remediation activity with Dragonfly automated cyber security dashboard and reporting capability.

Require something bespoke?

Contact our experts and we can work through your unique security requirements

Our team have helped many companies measure and mitigate cyber security risks.

Experienced industry leaders and technical experts to secure your mission critical systems and support your business objectives.