• Image1
  • image2
  • inner1
  • home slide 2

IT Governance, Risk Management and Compliance are our Core Business


ITGRC Ltd. a wholly Sri Lankan-owned and provider of an independent consulting and training services nationally and internationally for over a decade. Founded by information security professionals who previously worked for multinational corporations we have experienced strong and consistent growth.

The company initially operated under the umbrella of CISCO Information Security Services Ltd. specialized in Banking and financial sectors and it was re-established in 2008 with the new vision and expanded its business with a new vision into broader spectrum of IT Governance, Risk and Compliance (GRC) consulting and training services.

Our broad base GRC services are dedicated to Banking and financial services industries(BFSIs). We are specialized in IT Governance, Enterprise Risk Management(ERM), IT Assurance and Advisory Services, Information Security Services, Operational Risk Management, Business Continuity Planning, ERP/ERM system implementation and GRC solution evaluation and implementation services.

As a committed and passionate company ITGRC has the world-class IT Governance, Risk management and information security expertise to ensure business risks and governance requirements are identified and managed. This allows you to leverage your investments in information and technology infrastructures and risk technologies to their full potential, whilst simultaneously managing business risks, Information risk and compliance risks.

Our Values:

We bring value to our customers by:

  • Product or technology independent expertise in our team with no bias towards specific vendors or solutions.
  • Providing resources that understand both the technical and business requirements and can communicate effectively with all levels of the organization.
  • Ensuring we understand the business and therefore ensure our projects reflect the appropriate risks critical to the business.
  • Providing value adding support to maximize the value of the project to the business.
  • Taking a realistic and practical pragmatic approach to IT governance, Information Security and Risk Management.

We believe our expertise and experience is critical in every single engagement for effectively perform and add much value to our Clients. Presently our resource team consists of five core consultants including professionals having over 30 years’ of experience in Banking and Financial Sector, University Professors, Practicing Chartered Accountants, Financial Risk professionals and qualified and industry leading information System Auditors, Security Professionals. All of them are professionally qualified either with PHD, MBA, MSCs IT, CA, FCMA, CISI, CISA, CISM, CISSP, CGEIT, CRISC, ITIL ,CBCP,CEH etc.

We are backed by the strategic partnership with Control Case USA, EXIN Netherland Adopt technology India and many other industry leading professional bodies. ITGRC Ltd. has won may national and international award in its performance on training and consultancy services including Best IT Security Training provider in Sri Lanka since year 2008.

How You Benefit From Our Core Values:

The values integral to ITGRC's culture are:

  • Trust- No compromise on our trusted relationships and quality of services
  • Passion – Enthusiasm and Commitment.
  • Competency-– Capability and Credibility.
  • Integrity – Respect and Honesty.
  • Accountability – Responsibility and Openness.

ITGRC Service Portfolio

ITGRC has three specialist domains streams - IT Governance, Risk Management and Compliance which encompass a range of services to address our clients' various governance and risk management and information security needs. The business focus of our methodology and approaches shall improve the value of our services to our clients. We trust the success of our clients through our range of services offerings which can be tailored to suit the client requirements and budget. This flexibility ensures our clients can be confident that the outcomes delivered will have been specifically designed and implemented for each individual project. We can offer these specialist services because of the unrivalled expertise of our people and our strong methodologies and approaches which are tested for quality.

Our major clients who have been benefitted from our Consulting and Training services include Banks and financial Companies and other major industry players. In providing our services, we ensure timely execution and more importantly, a business-oriented approach based on clear understanding of your business goals and mission. We have been assisting numerous clients to improve their business and enhance value through better IT Governance, Risk Management, Assurance and Training Services during last several years. Our expertise and knowledge will be an important resource available to our clients in their business transformation journey. All our services are performed using the sound methodologies in line with the industry standards and best practices.


The Swirl logoTMis a trade mark of AXELOS Limited.
ITIL®is a registered trade mark of AXELOS Limited.
PRINCE2®is a Registered Trade Mark of AXELOS Limited.
COBIT®is a trademark of ISACA®registered in the United States and other countries.
CISM CRISC CGEIT CISA® are Registered Trade Marks of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute
CISSP is a registered mark of The International Information Systems Security Certification Consortium ((ISC)2)