• Image1
  • image2
  • inner1
  • home slide 2


IT Governance, Risk Management and Compliance are our Core Business


ITGRC (Pvt) Ltd. is a proud Sri Lankan born provider of consulting and training services in the domains of IT governance, risk management and complaince. Founded by Information Security professionals and enthusiasts who are pioneers in the industry, we have delivered a premium service to our clientele for more than a decade. Since its inception, ITGRC has experienced strong and consistent growth and has now become a nationally and internationally recognized trademark. 

The Company was established in 2001, as CISCO Information Security Services (Pvt) Ltd. which offered Information Security services to the Banking and Finance sectors. It was re-established as ITGRC (Pvt) Ltd. with a new vision and expanded its business into a broader spectrum of IT Governance, Risk and Compliance (GRC) consulting and training services.

Our broad base GRC services are dedicated to Banking and Financial services industries (BFSIs). We are specialized in IT governance, Enterprise Risk Management (ERM), IT assurance and Advisory services, Information Security services, Operational Risk Management, Business Continuity Planning, ERP/ ERM system implementation and GRC solution evaluation and implementation services.

As a committed and passionate company ITGRC is ready to deliver world-class GRC expertise to ensure your business risks and governance requirements are identified and managed. This allows you to leverage your investments in IT infrastructure and risk management measures to their fullest potential.

Our Values

We bring value to our customers by:

  • Providing product or technology independent expertise without being bias towards a specific vendor. 
  • Providing resources that understand both technical and business requirements, and can communicate effectively with all levels of an organization.
  • Ensuring that we understand the business and therefore our recommendations address risks related to that business.
  • Providing value adding support to maximize the value of a project to a business.
  • Taking a realistic and pragmatic approach to IT governance, Risk Management and Compliance.

We believe our expertise and experience is critical in every single engagement to effectively perform and add much value to our clients. Presently, our resource team consists of five core consultants including professionals having over 30 years’ of experience in Banking and Financial sector, university professors, practicing Chartered Accountants, financial risk professionals, qualified Information System auditors and security professionals. All of them are professionally qualified either with PHD, MBA, MSc, CA, FCMA, CISI, CISA, CISM, CISSP, CGEIT, CRISC, ITIL, CBCP, CEH etc.

We are backed by strategic partnerships such as Control Case USA, EXIN Netherland, Adopt Technology India and many other industry leading professional bodies. ITGRC has won may national and international awards in its performance on training and consultancy services including "Best IT Security Training Provider" in Sri Lanka, since year 2008. 


How You Benefit From Our Core Values

The values integral to ITGRC's culture are:

  • Trust- No compromise on our trusted relationships and quality of services
  • Passion – Enthusiasm and Commitment.
  • Competency-– Capability and Credibility.
  • Integrity – Respect and Honesty.
  • Accountability – Responsibility and Openness. 

ITGRC Service Portfolio

ITGRC has three specialist domains streams - IT Governance, Risk Management and Compliance which encompass a range of services to address our clients' various Information Security needs. The business focus of our methodology and approach shall improve the value of our services to our clients. We serve our clients through a range of services offerings which can be tailored to suit a client's requirements and budget. Due to this flexibility, our clients can be confident that the deliverables will be specifically designed and implemented for each of them. We can offer these specialist services because of the unrivalled expertise of our team and the strong methodologies in use.

Our major clients who have been benefitted from our consulting and training services include Banks and Financial companies and other major industry players. In providing our services, we ensure timely execution and more importantly, a business-oriented approach based on clear understanding of your business goals and mission. We have been assisting numerous clients to improve their business processes and enhance efficiency through better IT Governance, Risk Management, Compliance and Training services. Our expertise and knowledge will be an important resource available to our clients in their business transformation journey. All our services are delivered using sound methodologies in line with the industry standards and best practices.


The Swirl logoTMis a trade mark of AXELOS Limited.
ITIL®is a registered trade mark of AXELOS Limited.
PRINCE2®is a Registered Trade Mark of AXELOS Limited.
COBIT®is a trademark of ISACA®registered in the United States and other countries.
CISM CRISC CGEIT CISA® are Registered Trade Marks of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute
CISSP is a registered mark of The International Information Systems Security Certification Consortium ((ISC)2)