YOU SHOULD REVIEW THE FOLLOWING STATEMENT PRIOR TO SUBMITTING ANY PERSONAL INFORMATION TO THIS WEBSITE. This Website is hosted and operated by The IT Governance and Risk Consulting Pvt.) Ltd, 1/1 Melder Place Nugegoda, Colombo. Sri Lanka (in the following "The ITGRC").

The ITGRC respects the privacy of our customers, partners and suppliers of products or services, clients, and their customers. The purpose of this Privacy Statement is to provide you with information concerning our services, the types of information we are provided by third parties or obtain ourselves through your visits to our Website, how we use that information, whether we disclose the information provided to us to others, and the options you have with regard to the use and correction of that information. Although privacy laws can, from jurisdiction to jurisdiction, directly conflict with each other, our goal in handling personal information provided to us is to comply with applicable data protection and privacy laws worldwide and to offer users of our Website notice, choice, the ability to consent, security, data integrity, access, and enforcement with regard to personal identifiable information(PII). The ITGRC's strives to provide protection for your personal information no matter where that information is collected, transferred, or retained.

Collection of Personal Information


IT Governance and Risk Consulting (ITGRC) was established in 2008 with a key objective of providing high quality IT Governance, risk and Security Consulting and Training services that reliable, cost effective and sustainable solutions for public and private sector Banking and Financial Sector Service organizations. We are based in Colombo and employ 6 people.

Quality is important to our business because we value our customers. We strive to provide our customers with services which meet and even exceed their expectations. We are committed to continuous improvement and have established ISO9001 based Quality Management System which provides a framework for measuring and improving our performance. A cost effective Quality Management System is the means adopted to ensure that quality and business objectives are met and to provide objective evidence to substantiate that goal.

The Company is fully committed to the principles of Quality Assurance, Health & Safety and safeguard of the environment and recognizes the necessity for the involvement of all employees to achieve quality goals. A culture of continuous improvement in all services offered to clients and to all internal operations is communicated and promoted throughout the organization. The Quality Management System Requirements:

  • We gain satisfactory understanding of the requirement for each s assignment that we undertake to ensure that the solution we deliver meet our customer expectations
  • Our work is properly planned and managed to ensure that our services are delivered in a manner which enhance our professional standing
  • Competent staff are assigned to undertake the work and that opportunities are provided to allow staff to broaden their skills and achieve job satisfactions through training and by undertaking more complex and challenging work under proper supervision.
  • Feed back is sought on the service and Training that we deliver and the operation of the system to allow continuous improvement of our services.
  • Develop and maintain quality consciousness amongst all management and staff employed by the company;
  • Develop and maintain a culture of continuous improvement in the quality of services
  • We comply with statuary obligations, standards and code of practices relevant to the quality management.
  • Management reviews the quality objectives on a regular basis to ensure the continuous suitability of ITGRC Quality Management System.
The assurance of quality is fundamental to all work undertaken by ITGRC and the members of the staff are adhere to the requirement of the Quality Management Systems for all assignment undertaken by the Company and to maintained records to demonstrates that the Quality Management System has been followed
We have the following systems and procedures in place to support us in our aim of total customer satisfaction and continuous improvement throughout our business:-
  • regular gathering and monitoring of customer feedback
  • a customer complaints review
  • selection and performance monitoring of suppliers against set criteria
  • training and development for our employees
  • regular audit of our internal processes
  • measurable quality objectives which reflect our business aims
  • management reviews of audit results, customer feedback and complaints

Our internal procedures are reviewed regularly and are build into in a Quality Manual which is in progress at present.

ITGRC is an equal opportunity company with a culture that provides for training to staff to ensure that everyone has equal opportunity to develop in line with our aims and objectives.

This policy is posted on the Company web site. The company Board consists of Industry experts, university professionals and prominent experts in the diverse professions. Though the Managing Director has ultimate responsibility for Quality all employees have a responsibility within their own areas of work thereby helping to ensure that Quality is embedded within the whole of the company.

Signed by:
Thilak Pathirage
Position: DIR/CEO

This revision dated: 12th Jan 2012 .
Latest review dated:

The Swirl logoTMis a trade mark of AXELOS Limited.
ITIL®is a registered trade mark of AXELOS Limited.
PRINCE2®is a Registered Trade Mark of AXELOS Limited.
COBIT®is a trademark of ISACA®registered in the United States and other countries.
CISM CRISC CGEIT CISA® are Registered Trade Marks of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute
CISSP is a registered mark of The International Information Systems Security Certification Consortium ((ISC)2)