Business Problem

The client intended to perform a risk assessment of their current practices, documentation, infrastructure, and software to determine if any business and/or regulatory compliance risks existed, and to develop a mitigation plan. The assessment was to be conducted with respect to US and EU regulatory requirements (for example, GDPR, Annex 11, HIPAA, FDA predicate rules, and 21 CFR Part 11).

Hawkins Point Solution

Hawkins Point Partners leveraged our IT Quality Framework and accelerators to perform the desired risk assessment and mitigation strategy. We performed discovery sessions with client personnel to understand current and planned processes and practices. We reviewed procedures, vendor agreements, and evidence documents for business and/or compliance risks. We also analyzed the current infrastructure and security, networking, server, and storage devices for business and/or compliance risks. In addition, software platforms were assessed for business and/or compliance risks.


  • Holistic ViewOf the defined scope, not just a gap analysis
  • RemediationRecommendations and Roadmap
  • A Clear UnderstandingOf current business and/or regulatory compliance risks