(609) 921-3551 Home | Contact

We help businesses make sound risk decisions, providing safety and peace of mind for our clients, their customers, and stakeholders.

Churchill & Harriman Churchill & Harriman Churchill & Harriman Churchill & Harriman Churchill & Harriman Churchill & Harriman

Churchill & Harriman leads the industry in enterprise risk identification, assessment, and management consulting solutions. C&H works in partnership with you. Our focus is on ensuring that your enterprise risk posture is in alignment with your corporate objectives and responsibilities, while lowering your compliance costs year-over-year. Our industry leadership is founded on proven methodologies, techniques, and developing and implementing evidence based strategy plans that are customized for each client.

Since 1997, a broad range of clients including Fortune 500 corporations, industry governing bodies, and industry-wide associations have engaged C&H to employ our institutional risk management competencies. We provide solutions within the following core disciplines, each of which we believe is a component that should be addressed as an integrated element of enterprise risk governance to achieve your objectives:

Churchill & Harriman (C&H) Presentation to the NH-ISAC:

Best Practices for your Third Party Risk Governance and Assessments Program

Executives from Churchill & Harriman recently presented unique insights on how healthcare organizations can proactively manage potential business, technology and security risks when engaging with third party vendors. This special Webinar details common areas of vulnerability and important steps for safeguarding critical data for healthcare organizations and across industry.

For more information on C&H’s Third Party Risk Governance and Assessments Program, please click here


Cost Optimization for the Global Life Sciences Community

"Thank you for Churchill & Harriman’s notable contributions to both the SAFE Bio-Pharma Association and its member companies. C&H’s validated business process development expertise, coupled with your institutional identity and authentication management competencies, has all been successfully applied for the good of the entire SAFE community. Churchill & Harriman has exceeded my very high expectations in propelling this challenging initiative forward. Please accept my gratitude on behalf of the SAFE Bio-Pharma Association."

Gary W. Secrest, Chairman,
SAFE Bio-Pharma Association

SAFE Mollie Shields-Uehling, President and CEO,
SAFE Bio-Pharma Association

Cost Optimization for the Global Financial Services Community

"Through its membership and contributions to the Shared Assessments Program, Churchill & Harriman has demonstrated its leadership in global vendor management innovation. The Shared Assessments tools contribute to the differentiation of C&H’s program, maximizing risk assessment cost optimization while raising the bar on global information security and privacy protection."

Shared ASsessments / BITS Catherine Allen, Chairman and CEO, The Santa Fe Group
Founder, Shared Assessments Program
BITS, A Division of The Financial Services Roundtable

Case Studies

Compliance Consulting for a Fortune 20 Financial Services Company

Our client's objective was to become certified to ISO 27001 within their Global IT Infrastructure function. They turned to Churchill & Harriman. While consulting our client through the achievement process of certification to ISO 27001, C&H helped the organization harmonize two of five global IT processes into one, crossing departmental boundaries. In addition to resultant cost savings and process efficiencies, our work enabled our client to successfully address a Federal regulatory finding.... read more > >

Global Risk Assessments for a BPO

A publicly traded Business Process Outsourcing Service Provider (BPO) needed to meet security and privacy contractual requirements on a $1B contract with a new customer. Churchill & Harriman was chosen to develop risk (security, privacy, and compliance) criteria upon which our client's vendors were subsequently assessed. Employing the new risk criteria, C&H then conducted several onsite risk assessments on the BPO's vendors located around the globe, enabling the BPO to meet the security and privacy requirements their customer had of them.... read more > >

Vendor Management Program Optimization

A major global financial services corporation that provides custody and asset servicing wanted to improve their internal and external risk posture. Churchill & Harriman was engaged for a series of projects. Existing vendor risk assessment criteria were mapped to ISO 27001/2 and BITS Shared Assessments Program elements, thus ensuring our client's compliance with FFIEC guidelines and industry best practices. A new classification system for vendors was established that simplified and reduced the cost to both our client and their vendors. Additionally, a new approach to conducting information security and compliance assessments of the vendor base was developed, resulting in further and significant cost savings for both our client and its vendors.... read more > >

Business Continuity Plan Development for a Global Life Sciences Company

The largest division of a Fortune 50 client engaged Churchill & Harriman to develop and successfully test a comprehensive Business Continuity Plan for them. In addition to delivering the new BC Plan, C&H provided recommendations for improvement in planning, process and Plan execution, leveraging industry best practices including BS 25999. Our recommendations were subsequently provided to our client's Corporate Governance function so that they could be leveraged across their global enterprise.... read more > >

Information Security Services for a Global Life Science Corporation

To improve their risk posture, a Fortune 50 client determined to rigorously assess their global information security policies and practices. Churchill & Harriman was enlisted to conduct an ISO 27001-based Gap Analysis. C&H's work revealed numerous opportunities for our client to optimize cost, controls, and processes within their global information security function.... read more > >

Enterprise Privacy Program Strategy and Implementation for an International Pharmaceutical Corporation

Churchill & Harriman's ongoing contributions have better positioned this Fortune 50 client to meet its global privacy compliance requirements, including Safe Harbor for all of its U.S.-based companies. C&H provides recommendations to our client on addressing the dynamic global landscape of privacy challenges, providing analysis and input on their Enterprise Privacy Program. C&H works in conjunction with other Compliance stakeholders within the enterprise to ensure that our client's Privacy Program investments are optimized, and to lower our client's overall annual cost of compliance.... read more > >

Read All Case Studies